-
| Name: | |
| Zeit: | |
| Applikation: | |
| Geschäftsbereich: | |
| Anmeldeserver: |
-
| Name: | |
| Zeit: | |
| Applikation: | |
| Geschäftsbereich: | |
| Anmeldeserver: |
-
| - Name: - | -
- |
-
| - Zeit: - | -
- |
-
| - Applikation: - | -
- |
-
| - Geschäftsbereich: - | -
- |
-
| - Anmeldeserver: - | -
- |
-
MOA ID Auth Sample Login - customized
- - - \ No newline at end of file diff --git a/id.server/data/abnahme-test/xmldata/A100/A102/htmlForm.html b/id.server/data/abnahme-test/xmldata/A100/A102/htmlForm.html deleted file mode 100644 index 7ba249f98..000000000 --- a/id.server/data/abnahme-test/xmldata/A100/A102/htmlForm.html +++ /dev/null @@ -1,177 +0,0 @@ - - - -MOA ID Auth Sample Login - customized
- - - \ No newline at end of file diff --git a/id.server/data/abnahme-test/xmldata/A100/AuthTemplate.html b/id.server/data/abnahme-test/xmldata/A100/AuthTemplate.html deleted file mode 100644 index 2ecfe9cfd..000000000 --- a/id.server/data/abnahme-test/xmldata/A100/AuthTemplate.html +++ /dev/null @@ -1,30 +0,0 @@ - - -MOA ID Auth Sample Login - customized
- - - \ No newline at end of file diff --git a/id.server/data/abnahme-test/xmldata/A200/A201/CreateXMLSignatureRequest.xml b/id.server/data/abnahme-test/xmldata/A200/A201/CreateXMLSignatureRequest.xml deleted file mode 100644 index 3877f0950..000000000 --- a/id.server/data/abnahme-test/xmldata/A200/A201/CreateXMLSignatureRequest.xml +++ /dev/null @@ -1,88 +0,0 @@ - --
| - Name: - | -
- |
-
| - Zeit: - | -
- |
-
| - Applikation: - | -
- |
-
| - Geschäftsbereich: - | -
- |
-
| - Anmeldeserver: - | -
- |
-
-
| Name: | |
| Zeit: | |
| Applikation: | |
| Geschäftsbereich: | |
| Anmeldeserver: |
-
| Name: | |
| Zeit: | |
| Applikation: | |
| Geschäftsbereich: | |
| Anmeldeserver: |
-
| Name: | |
| Zeit: | |
| Applikation: | |
| Geschäftsbereich: | |
| Anmeldeserver: |
-
| Name: | |
| Zeit: | |
| Applikation: | |
| Geschäftsbereich: | |
| Anmeldeserver: |
-
| Name: | |
| Zeit: | |
| Applikation: | |
| Geschäftsbereich: | |
| Anmeldeserver: |
-
| Name: | |
| Zeit: | |
| Applikation: | |
| Geschäftsbereich: | |
| Anmeldeserver: |
-
| Name: | |
| Zeit: | |
| Applikation: | |
| Geschäftsbereich: | |
| Anmeldeserver: |
-
| Name: | |
| Zeit: | |
| Applikation: | |
| Geschäftsbereich: | |
| Anmeldeserver: |
-
| Name: | |
| Zeit: | |
| Applikation: | |
| Geschäftsbereich: | |
| Anmeldeserver: |
-
| Name: | |
| Zeit: | |
| Applikation: | |
| Geschäftsbereich: | |
| Anmeldeserver: |
-
| Name: | |
| Zeit: | |
| Applikation: | |
| Geschäftsbereich: | |
| Anmeldeserver: |
-
| Name: | |
| Zeit: | |
| Applikation: | |
| Geschäftsbereich: | |
| Anmeldeserver: |
-
| - Name: - | -
- |
-
| - Zeit: - | -
- |
-
| - Applikation: - | -
- |
-
| - Geschäftsbereich: - | -
- |
-
| - Anmeldeserver: - | -
- |
-
MOA ID Auth Sample Login - customized
- - - \ No newline at end of file diff --git a/id.server/data/abnahme-test/xmldata/A700/A701/BKUSelectionTemplate.html b/id.server/data/abnahme-test/xmldata/A700/A701/BKUSelectionTemplate.html deleted file mode 100644 index 92b3f04cd..000000000 --- a/id.server/data/abnahme-test/xmldata/A700/A701/BKUSelectionTemplate.html +++ /dev/null @@ -1,14 +0,0 @@ - - -BKU Auswahl - customized
--
- - - \ No newline at end of file diff --git a/id.server/data/abnahme-test/xmldata/A700/A701/SelectBKUForm.html b/id.server/data/abnahme-test/xmldata/A700/A701/SelectBKUForm.html deleted file mode 100644 index a473a689b..000000000 --- a/id.server/data/abnahme-test/xmldata/A700/A701/SelectBKUForm.html +++ /dev/null @@ -1,20 +0,0 @@ - - -BKU Auswahl - customized
--
- - - \ No newline at end of file diff --git a/id.server/data/abnahme-test/xmldata/A700/A702/SelectBKUForm.html b/id.server/data/abnahme-test/xmldata/A700/A702/SelectBKUForm.html deleted file mode 100644 index a213d9de0..000000000 --- a/id.server/data/abnahme-test/xmldata/A700/A702/SelectBKUForm.html +++ /dev/null @@ -1,20 +0,0 @@ - - - --
| Name: | |
| Zeit: | |
| Applikation: | |
| Geschäftsbereich: | |
| Anmeldeserver: |
-
| - Name: - | -
- |
-
| - Zeit: - | -
- |
-
| - Applikation: - | -
- |
-
| - Geschäftsbereich: - | -
- |
-
| - Anmeldeserver: - | -
- |
-
-
| - Name: - | -
- |
-
| - Zeit: - | -
- |
-
| - Applikation: - | -
- |
-
| - Geschäftsbereich: - | -
- |
-
| - Anmeldeserver: - | -
- |
-
Signatur der Anmeldedaten
- -Mit meiner elektronischen Signatur beantrage ich
-
-Datum und Uhrzeit:
-
-
- -
| Name: | |
| Zeit: | |
| Applikation: | |
| Geschäftsbereich: | |
| Anmeldeserver: |
Signatur der Anmeldedaten
- -Mit meiner elektronischen Signatur beantrage ich
-
-Datum und Uhrzeit:
-
-
- -
| - Name: - | -
- |
-
| - Zeit: - | -
- |
-
| - Applikation: - | -
- |
-
| - Geschäftsbereich: - | -
- |
-
| - Anmeldeserver: - | -
- |
-
-
| Name: | |
| Zeit: | |
| Applikation: | |
| Geschäftsbereich: | |
| Anmeldeserver: |
-
| Name: | |
| Zeit: | |
| Applikation: | |
| Geschäftsbereich: | |
| Anmeldeserver: |
BMOLS-IKT111- -
| AuthenticationData
- -AuthenticationException - -AuthenticationServer - -ConnectionBuilder - -LoginParameterResolver - -OAConfiguration - - |
-
-
-
|
-- - | -|||||||
| - PREV CLASS - NEXT CLASS | -- FRAMES - NO FRAMES | -|||||||
| - SUMMARY: INNER | FIELD | CONSTR | METHOD | --DETAIL: FIELD | CONSTR | METHOD | -|||||||
- -
-
-at.gv.egovernment.moa.id
-
-Class AuthenticationException
--at.gv.egovernment.moa.id.AuthenticationException --
-
-
-
- public class AuthenticationException
-Exception thrown during handling of AuthenticationSession -
-
- -
| -Constructor Summary | -|
AuthenticationException(String messageId,
- Object[] parameters)
-
-- Constructor for AuthenticationException. |
-|
| -Constructor Detail | -
-AuthenticationException
--public AuthenticationException(String messageId, - Object[] parameters)-
-
-
- Constructor for AuthenticationException.
-
-
- Parameters:
messageId-
- - - -
-
-
|
-- - | -|||||||
| - PREV CLASS - NEXT CLASS | -- FRAMES - NO FRAMES | -|||||||
| - SUMMARY: INNER | FIELD | CONSTR | METHOD | --DETAIL: FIELD | CONSTR | METHOD | -|||||||
- - - diff --git a/id.server/doc/api-doc/at/gv/egovernment/moa/id/auth/AuthenticationServer.html b/id.server/doc/api-doc/at/gv/egovernment/moa/id/auth/AuthenticationServer.html deleted file mode 100644 index 7aaad7c68..000000000 --- a/id.server/doc/api-doc/at/gv/egovernment/moa/id/auth/AuthenticationServer.html +++ /dev/null @@ -1,259 +0,0 @@ - - - - - -
-
-
|
-- - | -|||||||
| - PREV CLASS - NEXT CLASS | -- FRAMES - NO FRAMES | -|||||||
| - SUMMARY: INNER | FIELD | CONSTR | METHOD | --DETAIL: FIELD | CONSTR | METHOD | -|||||||
- -
-
-at.gv.egovernment.moa.id.auth
-
-Class AuthenticationServer
--java.lang.Object - | - +--at.gv.egovernment.moa.id.auth.AuthenticationServer --
-
-
-
- public class AuthenticationServer
- extends Object
-API for MOA ID Authentication Service.
- AuthenticationSession is stored in a session store and retrieved
- by giving the session ID.
-
-
- -
| -Field Summary | -
| -Constructor Summary | -|
AuthenticationServer()
-
-- Constructor for AuthenticationServer. |
-|
| -Method Summary | -|
- AuthenticationData |
-getAuthenticationData(String samlArtifact)
-
-- Retrieves AuthenticationData indexed by the SAML artifact.
- |
-
-static AuthenticationServer |
-getInstance()
-
-- Returns the single instance of AuthenticationServer. |
-
| Methods inherited from class java.lang.Object | -
clone,
-equals,
-finalize,
-getClass,
-hashCode,
-notify,
-notifyAll,
-toString,
-wait,
-wait,
-wait |
-
| -Field Detail | -
| -Constructor Detail | -
-AuthenticationServer
--public AuthenticationServer()-
-
-
- Constructor for AuthenticationServer.
| -Method Detail | -
-getInstance
--public static AuthenticationServer getInstance()-
-
-
- Returns the single instance of
AuthenticationServer.-
-
- Returns:
- the single instance of
AuthenticationServer
- -
-getAuthenticationData
--public AuthenticationData getAuthenticationData(String samlArtifact) - throws AuthenticationException-
-
-
- Retrieves
AuthenticationDataindexed by the SAML artifact. - TheAuthenticationDatais deleted from the store upon end of this call.-
-
- Returns:
AuthenticationData
- - -
- - - -
-
-
|
-- - | -|||||||
| - PREV CLASS - NEXT CLASS | -- FRAMES - NO FRAMES | -|||||||
| - SUMMARY: INNER | FIELD | CONSTR | METHOD | --DETAIL: FIELD | CONSTR | METHOD | -|||||||
- - - diff --git a/id.server/doc/api-doc/at/gv/egovernment/moa/id/auth/class-use/AuthenticationServer.html b/id.server/doc/api-doc/at/gv/egovernment/moa/id/auth/class-use/AuthenticationServer.html deleted file mode 100644 index ece0242d9..000000000 --- a/id.server/doc/api-doc/at/gv/egovernment/moa/id/auth/class-use/AuthenticationServer.html +++ /dev/null @@ -1,114 +0,0 @@ - - - - - -
-
-
|
-- - | -|||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES | -|||||||
-
-Uses of Class
at.gv.egovernment.moa.id.auth.AuthenticationServer
-| -Uses of AuthenticationServer in at.gv.egovernment.moa.id.auth | -
- -
| Methods in at.gv.egovernment.moa.id.auth that return AuthenticationServer | -|
-static AuthenticationServer |
-AuthenticationServer.getInstance()
-
-- Returns the single instance of AuthenticationServer. |
-
-
- - - -
-
-
|
-- - | -|||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES | -|||||||
- - - diff --git a/id.server/doc/api-doc/at/gv/egovernment/moa/id/class-use/AuthenticationException.html b/id.server/doc/api-doc/at/gv/egovernment/moa/id/class-use/AuthenticationException.html deleted file mode 100644 index 96ff7f4af..000000000 --- a/id.server/doc/api-doc/at/gv/egovernment/moa/id/class-use/AuthenticationException.html +++ /dev/null @@ -1,194 +0,0 @@ - - - - - -
-
-
|
-- - | -|||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES | -|||||||
-
-Uses of Class
at.gv.egovernment.moa.id.AuthenticationException
-| -Uses of AuthenticationException in at.gv.egovernment.moa.id.auth | -
- -
| Methods in at.gv.egovernment.moa.id.auth that throw AuthenticationException | -|
- String |
-AuthenticationServer.selectBKU(String authURL,
- String target,
- String oaURL,
- String bkuSelectionTemplateURL,
- String templateURL)
-
-- Processes request to select a BKU. - |
-
- String |
-AuthenticationServer.startAuthentication(String authURL,
- String target,
- String oaURL,
- String templateURL,
- String bkuURL,
- String sessionID)
-
-- Processes the beginning of an authentication session. - |
-
- String |
-AuthenticationServer.verifyIdentityLink(String sessionID,
- String xmlInfoboxReadResponse)
-
-- Processes an <InfoboxReadResponse> sent by the
- security layer implementation.- - Validates given <InfoboxReadResponse>
- Parses identity link enclosed in <InfoboxReadResponse>
- Verifies identity link by calling the MOA SP component
- Checks certificate authority of identity link
- Stores identity link in the session
- Creates an authentication block to be signed by the user
- Creates and returns a <CreateXMLSignatureRequest>
- containg the authentication block, meant to be returned to the
- security layer implementation
- |
-
- String |
-AuthenticationServer.verifyAuthenticationBlock(String sessionID,
- String xmlCreateXMLSignatureReadResponse)
-
-- Processes a <CreateXMLSignatureResponse> sent by the
- security layer implementation.- - Validates given <CreateXMLSignatureResponse>
- Parses <CreateXMLSignatureResponse> for error codes
- Parses authentication block enclosed in
- <CreateXMLSignatureResponse>
- Verifies authentication block by calling the MOA SP component
- Creates authentication data
- Creates a corresponding SAML artifact
- Stores authentication data in the authentication data store
- indexed by the SAML artifact
- Deletes authentication session
- Returns the SAML artifact, encoded BASE64
- |
-
- AuthenticationData |
-AuthenticationServer.getAuthenticationData(String samlArtifact)
-
-- Retrieves AuthenticationData indexed by the SAML artifact.
- |
-
-static at.gv.egovernment.moa.id.auth.data.AuthenticationSession |
-AuthenticationServer.getSession(String id)
-
-- Retrieves a session from the session store. |
-
-
- - - -
-
-
|
-- - | -|||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES | -|||||||
- - - diff --git a/id.server/doc/api-doc/at/gv/egovernment/moa/id/config/proxy/OAConfiguration.html b/id.server/doc/api-doc/at/gv/egovernment/moa/id/config/proxy/OAConfiguration.html deleted file mode 100644 index ec020b79d..000000000 --- a/id.server/doc/api-doc/at/gv/egovernment/moa/id/config/proxy/OAConfiguration.html +++ /dev/null @@ -1,526 +0,0 @@ - - - - - -
-
-
|
-- - | -|||||||
| - PREV CLASS - NEXT CLASS | -- FRAMES - NO FRAMES | -|||||||
| - SUMMARY: INNER | FIELD | CONSTR | METHOD | --DETAIL: FIELD | CONSTR | METHOD | -|||||||
- -
-
-at.gv.egovernment.moa.id.config.proxy
-
-Class OAConfiguration
--java.lang.Object - | - +--at.gv.egovernment.moa.id.config.proxy.OAConfiguration --
-
-
-
- public class OAConfiguration
- extends Object
-Holds configuration data concerning an online application for use by the MOA-ID Proxy component. - These include the login type (stateful or stateless), the HTTP authentication type, - and information needed to add authentication parameters or headers for a URL connection - to the remote online application. -
-
-
-
- See Also:
MOAIDConfiguration-1.1.xsd, elementConfiguration
- -
| -Field Summary | -|
-static String |
-BASIC_AUTH
-
-- |
-
-static String |
-HEADER_AUTH
-
-- |
-
-static String |
-LOGINTYPE_STATEFUL
-
-- |
-
-static String |
-LOGINTYPE_STATELESS
-
-- |
-
-static String |
-PARAM_AUTH
-
-- |
-
| -Constructor Summary | -|
OAConfiguration()
-
-- |
-|
| -Method Summary | -|
- String |
-getAuthType()
-
-- Returns the authType. |
-
- String |
-getBasicAuthPasswordMapping()
-
-- Returns the basicAuthPasswordMapping. |
-
- String |
-getBasicAuthUserIDMapping()
-
-- Returns the basicAuthUserIDMapping. |
-
- Map |
-getHeaderAuthMapping()
-
-- Returns the headerAuthMapping. |
-
- String |
-getLoginType()
-
-- Returns the loginType. |
-
- Map |
-getParamAuthMapping()
-
-- Returns the paramAuthMapping. |
-
- void |
-setAuthType(String authLoginType)
-
-- Sets the authType. |
-
- void |
-setBasicAuthPasswordMapping(String basicAuthPassword)
-
-- Sets the basicAuthPasswordMapping. |
-
- void |
-setBasicAuthUserIDMapping(String basicAuthUserID)
-
-- Sets the basicAuthUserIDMapping. |
-
- void |
-setHeaderAuthMapping(HashMap headerAuth)
-
-- Sets the headerAuthMapping. |
-
- void |
-setLoginType(String loginType)
-
-- Sets the loginType. |
-
- void |
-setParamAuthMapping(HashMap paramAuth)
-
-- Sets the paramAuthMapping. |
-
| Methods inherited from class java.lang.Object | -
clone,
-equals,
-finalize,
-getClass,
-hashCode,
-notify,
-notifyAll,
-toString,
-wait,
-wait,
-wait |
-
| -Field Detail | -
-LOGINTYPE_STATEFUL
--public static final String LOGINTYPE_STATEFUL-
-
-
- -
-LOGINTYPE_STATELESS
--public static final String LOGINTYPE_STATELESS-
-
-
- -
-BASIC_AUTH
--public static final String BASIC_AUTH-
-
-
- -
-HEADER_AUTH
--public static final String HEADER_AUTH-
-
-
- -
-PARAM_AUTH
--public static final String PARAM_AUTH-
-
-
| -Constructor Detail | -
-OAConfiguration
--public OAConfiguration()-
-
-
| -Method Detail | -
-getBasicAuthPasswordMapping
--public String getBasicAuthPasswordMapping()-
-
-
- Returns the basicAuthPasswordMapping.
-
-
- Returns:
- String
- -
-getBasicAuthUserIDMapping
--public String getBasicAuthUserIDMapping()-
-
-
- Returns the basicAuthUserIDMapping.
-
-
- Returns:
- String
- -
-getHeaderAuthMapping
--public Map getHeaderAuthMapping()-
-
-
- Returns the headerAuthMapping.
-
-
- Returns:
- HashMap
- -
-getLoginType
--public String getLoginType()-
-
-
- Returns the loginType.
-
-
- Returns:
- String
- -
-getParamAuthMapping
--public Map getParamAuthMapping()-
-
-
- Returns the paramAuthMapping.
-
-
- Returns:
- HashMap
- -
-setBasicAuthPasswordMapping
--public void setBasicAuthPasswordMapping(String basicAuthPassword)-
-
-
- Sets the basicAuthPasswordMapping.
-
-
- Parameters:
basicAuthPasswordMapping- The basicAuthPasswordMapping to set
- -
-setBasicAuthUserIDMapping
--public void setBasicAuthUserIDMapping(String basicAuthUserID)-
-
-
- Sets the basicAuthUserIDMapping.
-
-
- Parameters:
basicAuthUserIDMapping- The basicAuthUserIDMapping to set
- -
-setHeaderAuthMapping
--public void setHeaderAuthMapping(HashMap headerAuth)-
-
-
- Sets the headerAuthMapping.
-
-
- Parameters:
headerAuthMapping- The headerAuthMapping to set
- -
-setLoginType
--public void setLoginType(String loginType)-
-
-
- Sets the loginType.
-
-
- Parameters:
loginType- The loginType to set
- -
-setParamAuthMapping
--public void setParamAuthMapping(HashMap paramAuth)-
-
-
- Sets the paramAuthMapping.
-
-
- Parameters:
paramAuthMapping- The paramAuthMapping to set
- -
-getAuthType
--public String getAuthType()-
-
-
- Returns the authType.
-
-
- Returns:
- String
- -
-setAuthType
--public void setAuthType(String authLoginType)-
-
-
- Sets the authType.
-
-
- Parameters:
authType- The authType to set
- - - -
-
-
|
-- - | -|||||||
| - PREV CLASS - NEXT CLASS | -- FRAMES - NO FRAMES | -|||||||
| - SUMMARY: INNER | FIELD | CONSTR | METHOD | --DETAIL: FIELD | CONSTR | METHOD | -|||||||
- - - diff --git a/id.server/doc/api-doc/at/gv/egovernment/moa/id/config/proxy/class-use/OAConfiguration.html b/id.server/doc/api-doc/at/gv/egovernment/moa/id/config/proxy/class-use/OAConfiguration.html deleted file mode 100644 index c41742f7a..000000000 --- a/id.server/doc/api-doc/at/gv/egovernment/moa/id/config/proxy/class-use/OAConfiguration.html +++ /dev/null @@ -1,126 +0,0 @@ - - - - - -
-
-
|
-- - | -|||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES | -|||||||
-
-Uses of Class
at.gv.egovernment.moa.id.config.proxy.OAConfiguration
-| -Uses of OAConfiguration in at.gv.egovernment.moa.id.proxy | -
- -
| Methods in at.gv.egovernment.moa.id.proxy with parameters of type OAConfiguration | -|
- Map |
-LoginParameterResolver.getAuthenticationHeaders(OAConfiguration oaConf,
- AuthenticationData authData,
- String clientIPAddress)
-
-- Returns authentication headers to be added to a URLConnection. |
-
- Map |
-LoginParameterResolver.getAuthenticationParameters(OAConfiguration oaConf,
- AuthenticationData authData,
- String clientIPAddress)
-
-- Returns request parameters to be added to a URLConnection. |
-
-
- - - -
-
-
|
-- - | -|||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES | -|||||||
- - - diff --git a/id.server/doc/api-doc/at/gv/egovernment/moa/id/data/AuthenticationData.html b/id.server/doc/api-doc/at/gv/egovernment/moa/id/data/AuthenticationData.html deleted file mode 100644 index 0a0906e25..000000000 --- a/id.server/doc/api-doc/at/gv/egovernment/moa/id/data/AuthenticationData.html +++ /dev/null @@ -1,751 +0,0 @@ - - - - - -
-
-
|
-- - | -|||||||
| - PREV CLASS - NEXT CLASS | -- FRAMES - NO FRAMES | -|||||||
| - SUMMARY: INNER | FIELD | CONSTR | METHOD | --DETAIL: FIELD | CONSTR | METHOD | -|||||||
- -
-
-at.gv.egovernment.moa.id.data
-
-Class AuthenticationData
--java.lang.Object - | - +--at.gv.egovernment.moa.id.data.AuthenticationData --
-
-
-
- public class AuthenticationData
- extends Object
-Encapsulates authentication data contained in a <saml:Assertion>.
-
-
- -
| -Constructor Summary | -|
AuthenticationData()
-
-- Constructor for AuthenticationData. |
-|
| -Method Summary | -|
- String |
-getAssertionID()
-
-- Returns the assertionID. |
-
- String |
-getDateOfBirth()
-
-- Returns the dateOfBirth. |
-
- String |
-getFamilyName()
-
-- Returns the familyName. |
-
- String |
-getGivenName()
-
-- Returns the givenName. |
-
- String |
-getIdentificationValue()
-
-- Returns the identificationValue. |
-
- String |
-getIssueInstant()
-
-- Returns the issueInstant. |
-
- String |
-getIssuer()
-
-- Returns the issuer. |
-
- int |
-getMajorVersion()
-
-- Returns the majorVersion. |
-
- int |
-getMinorVersion()
-
-- Returns the minorVersion. |
-
- String |
-getPublicAuthorityCode()
-
-- Returns the publicAuthorityCode. |
-
- String |
-getSamlAssertion()
-
-- Returns the samlAssertion. |
-
- Date |
-getTimestamp()
-
-- Returns the timestamp. |
-
- String |
-getVPK()
-
-- Returns the vpk. |
-
- boolean |
-isPublicAuthority()
-
-- Returns the publicAuthority. |
-
- boolean |
-isQualifiedCertificate()
-
-- Returns the qualifiedCertificate. |
-
- void |
-setAssertionID(String assertionID)
-
-- Sets the assertionID. |
-
- void |
-setDateOfBirth(String dateOfBirth)
-
-- Sets the dateOfBirth. |
-
- void |
-setFamilyName(String gamilyName)
-
-- Sets the familyName. |
-
- void |
-setGivenName(String givenName)
-
-- Sets the givenName. |
-
- void |
-setIdentificationValue(String identificationValue)
-
-- Sets the identificationValue. |
-
- void |
-setIssueInstant(String issueInstant)
-
-- Sets the issueInstant. |
-
- void |
-setIssuer(String issuer)
-
-- Sets the issuer. |
-
- void |
-setMajorVersion(int majorVersion)
-
-- Sets the majorVersion. |
-
- void |
-setMinorVersion(int minorVersion)
-
-- Sets the minorVersion. |
-
- void |
-setPublicAuthority(boolean publicAuthority)
-
-- Sets the publicAuthority. |
-
- void |
-setPublicAuthorityCode(String publicAuthorityIdentification)
-
-- Sets the publicAuthorityCode. |
-
- void |
-setQualifiedCertificate(boolean qualifiedCertificate)
-
-- Sets the qualifiedCertificate. |
-
- void |
-setSamlAssertion(String samlAssertion)
-
-- Sets the samlAssertion. |
-
- void |
-setVPK(String vpk)
-
-- Sets the vpk. |
-
| Methods inherited from class java.lang.Object | -
clone,
-equals,
-finalize,
-getClass,
-hashCode,
-notify,
-notifyAll,
-toString,
-wait,
-wait,
-wait |
-
| -Constructor Detail | -
-AuthenticationData
--public AuthenticationData()-
-
-
- Constructor for AuthenticationData.
| -Method Detail | -
-getMinorVersion
--public int getMinorVersion()-
-
-
- Returns the minorVersion.
-
-
- Returns:
- int
- -
-isPublicAuthority
--public boolean isPublicAuthority()-
-
-
- Returns the publicAuthority.
-
-
- Returns:
- boolean
- -
-getPublicAuthorityCode
--public String getPublicAuthorityCode()-
-
-
- Returns the publicAuthorityCode.
-
-
- Returns:
- String
- -
-isQualifiedCertificate
--public boolean isQualifiedCertificate()-
-
-
- Returns the qualifiedCertificate.
-
-
- Returns:
- boolean
- -
-getVPK
--public String getVPK()-
-
-
- Returns the vpk.
-
-
- Returns:
- String
- -
-setMinorVersion
--public void setMinorVersion(int minorVersion)-
-
-
- Sets the minorVersion.
-
-
- Parameters:
minorVersion- The minorVersion to set
- -
-setPublicAuthority
--public void setPublicAuthority(boolean publicAuthority)-
-
-
- Sets the publicAuthority.
-
-
- Parameters:
publicAuthority- The publicAuthority to set
- -
-setPublicAuthorityCode
--public void setPublicAuthorityCode(String publicAuthorityIdentification)-
-
-
- Sets the publicAuthorityCode.
-
-
- Parameters:
publicAuthorityCode- The publicAuthorityCode to set
- -
-setQualifiedCertificate
--public void setQualifiedCertificate(boolean qualifiedCertificate)-
-
-
- Sets the qualifiedCertificate.
-
-
- Parameters:
qualifiedCertificate- The qualifiedCertificate to set
- -
-setVPK
--public void setVPK(String vpk)-
-
-
- Sets the vpk.
-
-
- Parameters:
vpk- The vpk to set
- -
-getAssertionID
--public String getAssertionID()-
-
-
- Returns the assertionID.
-
-
- Returns:
- String
- -
-getDateOfBirth
--public String getDateOfBirth()-
-
-
- Returns the dateOfBirth.
-
-
- Returns:
- String
- -
-getFamilyName
--public String getFamilyName()-
-
-
- Returns the familyName.
-
-
- Returns:
- String
- -
-getGivenName
--public String getGivenName()-
-
-
- Returns the givenName.
-
-
- Returns:
- String
- -
-getIdentificationValue
--public String getIdentificationValue()-
-
-
- Returns the identificationValue.
-
-
- Returns:
- String
- -
-getIssueInstant
--public String getIssueInstant()-
-
-
- Returns the issueInstant.
-
-
- Returns:
- String
- -
-getIssuer
--public String getIssuer()-
-
-
- Returns the issuer.
-
-
- Returns:
- String
- -
-getMajorVersion
--public int getMajorVersion()-
-
-
- Returns the majorVersion.
-
-
- Returns:
- int
- -
-setAssertionID
--public void setAssertionID(String assertionID)-
-
-
- Sets the assertionID.
-
-
- Parameters:
assertionID- The assertionID to set
- -
-setDateOfBirth
--public void setDateOfBirth(String dateOfBirth)-
-
-
- Sets the dateOfBirth.
-
-
- Parameters:
dateOfBirth- The dateOfBirth to set
- -
-setFamilyName
--public void setFamilyName(String gamilyName)-
-
-
- Sets the familyName.
-
-
- Parameters:
familyName- The familyName to set
- -
-setGivenName
--public void setGivenName(String givenName)-
-
-
- Sets the givenName.
-
-
- Parameters:
givenName- The givenName to set
- -
-setIdentificationValue
--public void setIdentificationValue(String identificationValue)-
-
-
- Sets the identificationValue.
-
-
- Parameters:
identificationValue- The identificationValue to set
- -
-setIssueInstant
--public void setIssueInstant(String issueInstant)-
-
-
- Sets the issueInstant.
-
-
- Parameters:
issueInstant- The issueInstant to set
- -
-setIssuer
--public void setIssuer(String issuer)-
-
-
- Sets the issuer.
-
-
- Parameters:
issuer- The issuer to set
- -
-setMajorVersion
--public void setMajorVersion(int majorVersion)-
-
-
- Sets the majorVersion.
-
-
- Parameters:
majorVersion- The majorVersion to set
- -
-getSamlAssertion
--public String getSamlAssertion()-
-
-
- Returns the samlAssertion.
-
-
- Returns:
- String
- -
-setSamlAssertion
--public void setSamlAssertion(String samlAssertion)-
-
-
- Sets the samlAssertion.
-
-
- Parameters:
samlAssertion- The samlAssertion to set
- -
-getTimestamp
--public Date getTimestamp()-
-
-
- Returns the timestamp.
-
-
- Returns:
- Date
- - - -
-
-
|
-- - | -|||||||
| - PREV CLASS - NEXT CLASS | -- FRAMES - NO FRAMES | -|||||||
| - SUMMARY: INNER | FIELD | CONSTR | METHOD | --DETAIL: FIELD | CONSTR | METHOD | -|||||||
- - - diff --git a/id.server/doc/api-doc/at/gv/egovernment/moa/id/data/class-use/AuthenticationData.html b/id.server/doc/api-doc/at/gv/egovernment/moa/id/data/class-use/AuthenticationData.html deleted file mode 100644 index 1822504b5..000000000 --- a/id.server/doc/api-doc/at/gv/egovernment/moa/id/data/class-use/AuthenticationData.html +++ /dev/null @@ -1,152 +0,0 @@ - - - - - -
-
-
|
-- - | -|||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES | -|||||||
-
-Uses of Class
at.gv.egovernment.moa.id.data.AuthenticationData
-| -Uses of AuthenticationData in at.gv.egovernment.moa.id.auth | -
- -
| Methods in at.gv.egovernment.moa.id.auth that return AuthenticationData | -|
- AuthenticationData |
-AuthenticationServer.getAuthenticationData(String samlArtifact)
-
-- Retrieves AuthenticationData indexed by the SAML artifact.
- |
-
| -Uses of AuthenticationData in at.gv.egovernment.moa.id.proxy | -
- -
| Methods in at.gv.egovernment.moa.id.proxy with parameters of type AuthenticationData | -|
- Map |
-LoginParameterResolver.getAuthenticationHeaders(OAConfiguration oaConf,
- AuthenticationData authData,
- String clientIPAddress)
-
-- Returns authentication headers to be added to a URLConnection. |
-
- Map |
-LoginParameterResolver.getAuthenticationParameters(OAConfiguration oaConf,
- AuthenticationData authData,
- String clientIPAddress)
-
-- Returns request parameters to be added to a URLConnection. |
-
-
- - - -
-
-
|
-- - | -|||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES | -|||||||
- - - diff --git a/id.server/doc/api-doc/at/gv/egovernment/moa/id/proxy/ConnectionBuilder.html b/id.server/doc/api-doc/at/gv/egovernment/moa/id/proxy/ConnectionBuilder.html deleted file mode 100644 index 7d9bcef1d..000000000 --- a/id.server/doc/api-doc/at/gv/egovernment/moa/id/proxy/ConnectionBuilder.html +++ /dev/null @@ -1,204 +0,0 @@ - - - - - -
-
-
|
-- - | -|||||||
| - PREV CLASS - NEXT CLASS | -- FRAMES - NO FRAMES | -|||||||
| - SUMMARY: INNER | FIELD | CONSTR | METHOD | --DETAIL: FIELD | CONSTR | METHOD | -|||||||
- -
-
-at.gv.egovernment.moa.id.proxy
-
-Interface ConnectionBuilder
--
-
-
- public interface ConnectionBuilder
-Builder for URLConnection objects used to forward requests
- to the remote online application.
-
-
- -
| -Method Summary | -|
- HttpURLConnection |
-buildConnection(javax.servlet.http.HttpServletRequest request,
- String publicURLPrefix,
- String realURLPrefix,
- javax.net.ssl.SSLSocketFactory sslSocketFactory)
-
-- Builds an HttpURLConnection to a URL which is derived
- from an HttpServletRequest URL, by substitution of a
- public URL prefix for the real URL prefix.- The HttpURLConnection has been created by URL.openConnection(), but
- it has not yet been connected to by URLConnection.connect().- The field settings of the HttpURLConnection are: - - allowUserInteraction = false
- doInput = true
- doOutput = true
- requestMethod = request.getMethod()
- useCaches = false
- |
-
| -Method Detail | -
-buildConnection
--public HttpURLConnection buildConnection(javax.servlet.http.HttpServletRequest request, - String publicURLPrefix, - String realURLPrefix, - javax.net.ssl.SSLSocketFactory sslSocketFactory) - throws IOException-
-
-
- Builds an HttpURLConnection to a
URLwhich is derived - from anHttpServletRequestURL, by substitution of a - public URL prefix for the real URL prefix.
- The HttpURLConnection has been created byURL.openConnection(), but - it has not yet been connected to byURLConnection.connect().
- The field settings of the HttpURLConnection are: --
-
allowUserInteraction = false
- doInput = true
- doOutput = true
- requestMethod = request.getMethod()
- useCaches = false
-
-
-
- Parameters:
request- the incoming request which shall be forwardedpublicURLPrefix- the public URL prefix to be substituted by the real URL prefixrealURLPrefix- the URL prefix to substitute the public URL prefixsslSocketFactory- factory to be used for creating an SSL socket in case - of a URL for scheme"https:"; -
ifnull, the default SSL socket factory would be used- Returns:
- a URLConnection created by
URL.openConnection(), connecting to - the requested URL withpublicURLPrefixsubstituted byrealURLPrefix - Throws:
- IOException - if an I/O exception occurs during opening the connection
- See Also:
URL.openConnection(), -com.sun.net.ssl.HttpsURLConnection#getDefaultSSLSocketFactory()
- - - -
-
-
|
-- - | -|||||||
| - PREV CLASS - NEXT CLASS | -- FRAMES - NO FRAMES | -|||||||
| - SUMMARY: INNER | FIELD | CONSTR | METHOD | --DETAIL: FIELD | CONSTR | METHOD | -|||||||
- - - diff --git a/id.server/doc/api-doc/at/gv/egovernment/moa/id/proxy/LoginParameterResolver.html b/id.server/doc/api-doc/at/gv/egovernment/moa/id/proxy/LoginParameterResolver.html deleted file mode 100644 index 717ab1ee6..000000000 --- a/id.server/doc/api-doc/at/gv/egovernment/moa/id/proxy/LoginParameterResolver.html +++ /dev/null @@ -1,364 +0,0 @@ - - - - - -
-
-
|
-- - | -|||||||
| - PREV CLASS - NEXT CLASS | -- FRAMES - NO FRAMES | -|||||||
| - SUMMARY: INNER | FIELD | CONSTR | METHOD | --DETAIL: FIELD | CONSTR | METHOD | -|||||||
- -
-
-at.gv.egovernment.moa.id.proxy
-
-Interface LoginParameterResolver
--
-
-
- public interface LoginParameterResolver
-Determines authentication parameters and headers to be added to a URLConnection
- to the remote online application.
- Utilizes OAConfiguration and AuthenticationData.
-
-
- -
| -Field Summary | -|
-static String |
-MOABKZ
-
-- |
-
-static String |
-MOADateOfBirth
-
-- |
-
-static String |
-MOAFamilyName
-
-- |
-
-static String |
-MOAGivenName
-
-- Constants used in MOAIDConfiguration-1.1.xsd, type MOAAuthDataType,
- naming predicates used by the LoginParameterResolver. |
-
-static String |
-MOAIPAddress
-
-- |
-
-static String |
-MOAPublicAuthority
-
-- |
-
-static String |
-MOAQualifiedCertificate
-
-- |
-
-static String |
-MOAVPK
-
-- |
-
-static String |
-MOAZMRZahl
-
-- |
-
| -Method Summary | -|
- Map |
-getAuthenticationHeaders(OAConfiguration oaConf,
- AuthenticationData authData,
- String clientIPAddress)
-
-- Returns authentication headers to be added to a URLConnection. |
-
- Map |
-getAuthenticationParameters(OAConfiguration oaConf,
- AuthenticationData authData,
- String clientIPAddress)
-
-- Returns request parameters to be added to a URLConnection. |
-
| -Field Detail | -
-MOAGivenName
--public static final String MOAGivenName-
-
-
- Constants used in
MOAIDConfiguration-1.1.xsd, typeMOAAuthDataType, - naming predicates used by theLoginParameterResolver.
- -
-MOAFamilyName
--public static final String MOAFamilyName-
-
-
- -
-MOADateOfBirth
--public static final String MOADateOfBirth-
-
-
- -
-MOAVPK
--public static final String MOAVPK-
-
-
- -
-MOAPublicAuthority
--public static final String MOAPublicAuthority-
-
-
- -
-MOABKZ
--public static final String MOABKZ-
-
-
- -
-MOAQualifiedCertificate
--public static final String MOAQualifiedCertificate-
-
-
- -
-MOAZMRZahl
--public static final String MOAZMRZahl-
-
-
- -
-MOAIPAddress
--public static final String MOAIPAddress-
-
-
| -Method Detail | -
-getAuthenticationHeaders
--public Map getAuthenticationHeaders(OAConfiguration oaConf, - AuthenticationData authData, - String clientIPAddress)-
-
-
- Returns authentication headers to be added to a URLConnection.
-
-
- Parameters:
authConf- configuration dataauthData- authentication dataclientIPAddress- client IP address- Returns:
- A map, the keys being header names and values being corresponding header values.
-
In case of authentication type"basic-auth", header fields -usernameandpassword. -
In case of authentication type"header-auth", header fields - derived from parameter mapping and authentication data provided. -
Otherwise, an empty map.
- -
-getAuthenticationParameters
--public Map getAuthenticationParameters(OAConfiguration oaConf, - AuthenticationData authData, - String clientIPAddress)-
-
-
- Returns request parameters to be added to a URLConnection.
-
-
- Parameters:
authConf- configuration dataauthData- authentication dataclientIPAddress- client IP address- Returns:
- A map, the keys being parameter names and values being corresponding parameter values.
-
In case of authentication type"param-auth", parameters - derived from parameter mapping and authentication data provided. -
Otherwise, an empty map.
- - - -
-
-
|
-- - | -|||||||
| - PREV CLASS - NEXT CLASS | -- FRAMES - NO FRAMES | -|||||||
| - SUMMARY: INNER | FIELD | CONSTR | METHOD | --DETAIL: FIELD | CONSTR | METHOD | -|||||||
- - - diff --git a/id.server/doc/api-doc/at/gv/egovernment/moa/id/proxy/class-use/ConnectionBuilder.html b/id.server/doc/api-doc/at/gv/egovernment/moa/id/proxy/class-use/ConnectionBuilder.html deleted file mode 100644 index c40b34e9f..000000000 --- a/id.server/doc/api-doc/at/gv/egovernment/moa/id/proxy/class-use/ConnectionBuilder.html +++ /dev/null @@ -1,91 +0,0 @@ - - - - - -
-
-
|
-- - | -|||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES | -|||||||
-
-Uses of Interface
at.gv.egovernment.moa.id.proxy.ConnectionBuilder
--
- - - -
-
-
|
-- - | -|||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES | -|||||||
- - - diff --git a/id.server/doc/api-doc/at/gv/egovernment/moa/id/proxy/class-use/LoginParameterResolver.html b/id.server/doc/api-doc/at/gv/egovernment/moa/id/proxy/class-use/LoginParameterResolver.html deleted file mode 100644 index 9bad43a2a..000000000 --- a/id.server/doc/api-doc/at/gv/egovernment/moa/id/proxy/class-use/LoginParameterResolver.html +++ /dev/null @@ -1,91 +0,0 @@ - - - - - -
-
-
|
-- - | -|||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES | -|||||||
-
-Uses of Interface
at.gv.egovernment.moa.id.proxy.LoginParameterResolver
--
- - - -
-
-
|
-- - | -|||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES | -|||||||
- - - diff --git a/id.server/doc/api-doc/deprecated-list.html b/id.server/doc/api-doc/deprecated-list.html deleted file mode 100644 index 78f7d881f..000000000 --- a/id.server/doc/api-doc/deprecated-list.html +++ /dev/null @@ -1,89 +0,0 @@ - - - - - -
-
-
|
-- - | -|||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES | -|||||||
-
-Deprecated API
-- - - -
-
-
|
-- - | -|||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES | -|||||||
- - - diff --git a/id.server/doc/api-doc/help-doc.html b/id.server/doc/api-doc/help-doc.html deleted file mode 100644 index 79438069d..000000000 --- a/id.server/doc/api-doc/help-doc.html +++ /dev/null @@ -1,142 +0,0 @@ - - - - - -
-
-
|
-- - | -|||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES | -|||||||
-
-How This API Document Is Organized
--Package
-- ---Each package has a page that contains a list of its classes and interfaces, with a summary for each. This page can contain four categories:
-
-- Interfaces (italic)
- Classes
- Exceptions
- Errors
-Class/Interface
-- ---Each class, interface, inner class and inner interface has its own separate page. Each of these pages has three sections consisting of a class/interface description, summary tables, and detailed member descriptions:
-
-Each summary entry contains the first sentence from the detailed description for that item. The summary entries are alphabetical, while the detailed descriptions are in the order they appear in the source code. This preserves the logical groupings established by the programmer.- Class inheritance diagram
- Direct Subclasses
- All Known Subinterfaces
- All Known Implementing Classes
- Class/interface declaration
- Class/interface description -
-
- Inner Class Summary
- Field Summary
- Constructor Summary
- Method Summary -
-
- Field Detail
- Constructor Detail
- Method Detail
-Use
--Each documented package, class and interface has its own Use page. This page describes what packages, classes, methods, constructors and fields use any part of the given class or package. Given a class or interface A, its Use page includes subclasses of A, fields declared as A, methods that return A, and methods and constructors with parameters of type A. You can access this page by first going to the package, class or interface, then clicking on the "Use" link in the navigation bar.-
-Tree (Class Hierarchy)
--There is a Class Hierarchy page for all packages, plus a hierarchy for each package. Each hierarchy page contains a list of classes and a list of interfaces. The classes are organized by inheritance structure starting with-java.lang.Object. The interfaces do not inherit fromjava.lang.Object.-
-- When viewing the Overview page, clicking on "Tree" displays the hierarchy for all packages.
- When viewing a particular package, class or interface page, clicking "Tree" displays the hierarchy for only that package.
-Deprecated API
--The Deprecated API page lists all of the API that have been deprecated. A deprecated API is not recommended for use, generally due to improvements, and a replacement API is usually given. Deprecated APIs may be removed in future implementations.-
-Index
--The Index contains an alphabetic list of all classes, interfaces, constructors, methods, and fields.-
-Prev/Next
-These links take you to the next or previous class, interface, package, or related page.-Frames/No Frames
-These links show and hide the HTML frames. All pages are available with or without frames. --
-Serialized Form
-Each serializable or externalizable class has a description of its serialization fields and methods. This information is of interest to re-implementors, not to developers using the API. While there is no link in the navigation bar, you can get to this information by going to any serialized class and clicking "Serialized Form" in the "See also" section of the class description. -
-
-
-This help file applies to API documentation generated using the standard doclet.
-
-
-
- - - -
-
-
|
-- - | -|||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES | -|||||||
- - - diff --git a/id.server/doc/api-doc/index-all.html b/id.server/doc/api-doc/index-all.html deleted file mode 100644 index a66b0252e..000000000 --- a/id.server/doc/api-doc/index-all.html +++ /dev/null @@ -1,422 +0,0 @@ - - - - - -
-
-
|
-- - | -|||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES | -|||||||
-
-A
--
-
- AuthenticationData - class at.gv.egovernment.moa.id.data.AuthenticationData.
- Encapsulates authentication data contained in a
<saml:Assertion>. - AuthenticationData() - -Constructor for class at.gv.egovernment.moa.id.data.AuthenticationData -
- Constructor for AuthenticationData. -
- AuthenticationException - class at.gv.egovernment.moa.id.AuthenticationException.
- Exception thrown during handling of AuthenticationSession
- AuthenticationException(String, Object[]) - -Constructor for class at.gv.egovernment.moa.id.AuthenticationException -
- Constructor for AuthenticationException. -
- AuthenticationServer - class at.gv.egovernment.moa.id.auth.AuthenticationServer.
- API for MOA ID Authentication Service.
-AuthenticationSessionis stored in a session store and retrieved - by giving the session ID. - AuthenticationServer() - -Constructor for class at.gv.egovernment.moa.id.auth.AuthenticationServer -
- Constructor for AuthenticationServer. -
-
-B
--
-
- BASIC_AUTH - -Static variable in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration -
- -
- buildConnection(HttpServletRequest, String, String, SSLSocketFactory) - -Method in interface at.gv.egovernment.moa.id.proxy.ConnectionBuilder -
- Builds an HttpURLConnection to a
URLwhich is derived - from anHttpServletRequestURL, by substitution of a - public URL prefix for the real URL prefix.
- The HttpURLConnection has been created byURL.openConnection(), but - it has not yet been connected to byURLConnection.connect().
- The field settings of the HttpURLConnection are: - -allowUserInteraction = false-doInput = true-doOutput = true-requestMethod = request.getMethod()-useCaches = false- -
-
-C
--
-
- cleanup() - -Method in class at.gv.egovernment.moa.id.auth.AuthenticationServer -
- Cleans up expired session and authentication data stores. -
- ConnectionBuilder - interface at.gv.egovernment.moa.id.proxy.ConnectionBuilder.
- Builder for
URLConnectionobjects used to forward requests - to the remote online application.
-
-G
--
-
- getAssertionID() - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Returns the assertionID. -
- getAuthenticationData(String) - -Method in class at.gv.egovernment.moa.id.auth.AuthenticationServer -
- Retrieves
AuthenticationDataindexed by the SAML artifact. - - - getAuthenticationHeaders(OAConfiguration, AuthenticationData, String) - -Method in interface at.gv.egovernment.moa.id.proxy.LoginParameterResolver -
- Returns authentication headers to be added to a URLConnection. -
- getAuthenticationParameters(OAConfiguration, AuthenticationData, String) - -Method in interface at.gv.egovernment.moa.id.proxy.LoginParameterResolver -
- Returns request parameters to be added to a URLConnection. -
- getAuthType() - -Method in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration -
- Returns the authType. -
- getBasicAuthPasswordMapping() - -Method in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration -
- Returns the basicAuthPasswordMapping. -
- getBasicAuthUserIDMapping() - -Method in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration -
- Returns the basicAuthUserIDMapping. -
- getDateOfBirth() - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Returns the dateOfBirth. -
- getFamilyName() - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Returns the familyName. -
- getGivenName() - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Returns the givenName. -
- getHeaderAuthMapping() - -Method in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration -
- Returns the headerAuthMapping. -
- getIdentificationValue() - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Returns the identificationValue. -
- getInstance() - -Static method in class at.gv.egovernment.moa.id.auth.AuthenticationServer -
- Returns the single instance of
AuthenticationServer. - - getIssueInstant() - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Returns the issueInstant. -
- getIssuer() - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Returns the issuer. -
- getLoginType() - -Method in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration -
- Returns the loginType. -
- getMajorVersion() - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Returns the majorVersion. -
- getMinorVersion() - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Returns the minorVersion. -
- getParamAuthMapping() - -Method in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration -
- Returns the paramAuthMapping. -
- getPublicAuthorityCode() - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Returns the publicAuthorityCode. -
- getSamlAssertion() - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Returns the samlAssertion. -
- getSession(String) - -Static method in class at.gv.egovernment.moa.id.auth.AuthenticationServer -
- Retrieves a session from the session store. -
- getTimestamp() - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Returns the timestamp. -
- getVPK() - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Returns the vpk. -
-
-H
--
-
- HEADER_AUTH - -Static variable in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration -
- -
-
-I
--
-
- isPublicAuthority() - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Returns the publicAuthority. -
- isQualifiedCertificate() - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Returns the qualifiedCertificate. -
-
-L
--
-
- LoginParameterResolver - interface at.gv.egovernment.moa.id.proxy.LoginParameterResolver.
- Determines authentication parameters and headers to be added to a
URLConnection- to the remote online application. - - LOGINTYPE_STATEFUL - -Static variable in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration -
- -
- LOGINTYPE_STATELESS - -Static variable in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration -
- -
-
-M
--
-
- MOABKZ - -Static variable in interface at.gv.egovernment.moa.id.proxy.LoginParameterResolver -
- -
- MOADateOfBirth - -Static variable in interface at.gv.egovernment.moa.id.proxy.LoginParameterResolver -
- -
- MOAFamilyName - -Static variable in interface at.gv.egovernment.moa.id.proxy.LoginParameterResolver -
- -
- MOAGivenName - -Static variable in interface at.gv.egovernment.moa.id.proxy.LoginParameterResolver -
- Constants used in
MOAIDConfiguration-1.1.xsd, typeMOAAuthDataType, - naming predicates used by theLoginParameterResolver. - - MOAIPAddress - -Static variable in interface at.gv.egovernment.moa.id.proxy.LoginParameterResolver -
- -
- MOAPublicAuthority - -Static variable in interface at.gv.egovernment.moa.id.proxy.LoginParameterResolver -
- -
- MOAQualifiedCertificate - -Static variable in interface at.gv.egovernment.moa.id.proxy.LoginParameterResolver -
- -
- MOAVPK - -Static variable in interface at.gv.egovernment.moa.id.proxy.LoginParameterResolver -
- -
- MOAZMRZahl - -Static variable in interface at.gv.egovernment.moa.id.proxy.LoginParameterResolver -
- -
-
-O
--
-
- OAConfiguration - class at.gv.egovernment.moa.id.config.proxy.OAConfiguration.
- Holds configuration data concerning an online application for use by the MOA-ID Proxy component. -
- OAConfiguration() - -Constructor for class at.gv.egovernment.moa.id.config.proxy.OAConfiguration -
- -
-
-P
--
-
- PARAM_AUTH - -Static variable in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration -
- -
-
-R
--
-
- REQ_START_AUTHENTICATION - -Static variable in class at.gv.egovernment.moa.id.auth.AuthenticationServer -
- Request name
at.gv.egovernment.moa.id.auth.servlet.StartAuthenticationServletis mapped to - - REQ_VERIFY_AUTH_BLOCK - -Static variable in class at.gv.egovernment.moa.id.auth.AuthenticationServer -
- Request name
at.gv.egovernment.moa.id.auth.servlet.VerifyAuthenticationBlockServletis mapped to - - REQ_VERIFY_IDENTITY_LINK - -Static variable in class at.gv.egovernment.moa.id.auth.AuthenticationServer -
- Request name
at.gv.egovernment.moa.id.auth.servlet.VerifyIdentityLinkServletis mapped to -
-
-S
--
-
- selectBKU(String, String, String, String, String) - -Method in class at.gv.egovernment.moa.id.auth.AuthenticationServer -
- Processes request to select a BKU. - -
- setAssertionID(String) - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Sets the assertionID. -
- setAuthType(String) - -Method in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration -
- Sets the authType. -
- setBasicAuthPasswordMapping(String) - -Method in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration -
- Sets the basicAuthPasswordMapping. -
- setBasicAuthUserIDMapping(String) - -Method in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration -
- Sets the basicAuthUserIDMapping. -
- setDateOfBirth(String) - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Sets the dateOfBirth. -
- setFamilyName(String) - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Sets the familyName. -
- setGivenName(String) - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Sets the givenName. -
- setHeaderAuthMapping(HashMap) - -Method in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration -
- Sets the headerAuthMapping. -
- setIdentificationValue(String) - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Sets the identificationValue. -
- setIssueInstant(String) - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Sets the issueInstant. -
- setIssuer(String) - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Sets the issuer. -
- setLoginType(String) - -Method in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration -
- Sets the loginType. -
- setMajorVersion(int) - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Sets the majorVersion. -
- setMinorVersion(int) - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Sets the minorVersion. -
- setParamAuthMapping(HashMap) - -Method in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration -
- Sets the paramAuthMapping. -
- setPublicAuthority(boolean) - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Sets the publicAuthority. -
- setPublicAuthorityCode(String) - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Sets the publicAuthorityCode. -
- setQualifiedCertificate(boolean) - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Sets the qualifiedCertificate. -
- setSamlAssertion(String) - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Sets the samlAssertion. -
- setSecondsAuthDataTimeOut(long) - -Method in class at.gv.egovernment.moa.id.auth.AuthenticationServer -
- Sets the authDataTimeOut. -
- setSecondsSessionTimeOut(long) - -Method in class at.gv.egovernment.moa.id.auth.AuthenticationServer -
- Sets the sessionTimeOut. -
- setVPK(String) - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Sets the vpk. -
- startAuthentication(String, String, String, String, String, String) - -Method in class at.gv.egovernment.moa.id.auth.AuthenticationServer -
- Processes the beginning of an authentication session. - -
-
-V
--
-
- verifyAuthenticationBlock(String, String) - -Method in class at.gv.egovernment.moa.id.auth.AuthenticationServer -
- Processes a
<CreateXMLSignatureResponse>sent by the - security layer implementation.
- - Validates given<CreateXMLSignatureResponse>- Parses<CreateXMLSignatureResponse>for error codes - Parses authentication block enclosed in -<CreateXMLSignatureResponse>- Verifies authentication block by calling the MOA SP component - Creates authentication data - Creates a corresponding SAML artifact - Stores authentication data in the authentication data store - indexed by the SAML artifact - Deletes authentication session - Returns the SAML artifact, encoded BASE64 - - - verifyIdentityLink(String, String) - -Method in class at.gv.egovernment.moa.id.auth.AuthenticationServer -
- Processes an
<InfoboxReadResponse>sent by the - security layer implementation.
- - Validates given<InfoboxReadResponse>- Parses identity link enclosed in<InfoboxReadResponse>- Verifies identity link by calling the MOA SP component - Checks certificate authority of identity link - Stores identity link in the session - Creates an authentication block to be signed by the user - Creates and returns a<CreateXMLSignatureRequest>- containg the authentication block, meant to be returned to the - security layer implementation - -
-A B C G H I L M O P R S V - - -
-
-
|
-- - | -|||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES | -|||||||
- - - diff --git a/id.server/doc/api-doc/index.html b/id.server/doc/api-doc/index.html deleted file mode 100644 index 7eb5deff7..000000000 --- a/id.server/doc/api-doc/index.html +++ /dev/null @@ -1,22 +0,0 @@ - - - - - -
-
-
|
-- - | -|||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES | -|||||||
-
-Hierarchy For All Packages
--Class Hierarchy -
--
-
- class java.lang.Object
-
-
- class at.gv.egovernment.moa.id.data.AuthenticationData
- class at.gv.egovernment.moa.id.auth.AuthenticationServer
- class at.gv.egovernment.moa.id.config.proxy.OAConfiguration
- class at.gv.egovernment.moa.id.AuthenticationException
-Interface Hierarchy -
--
-
- interface at.gv.egovernment.moa.id.proxy.ConnectionBuilder
- interface at.gv.egovernment.moa.id.proxy.LoginParameterResolver
- - - -
-
-
|
-- - | -|||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES | -|||||||
- - - diff --git a/id.server/doc/api-doc/package-list b/id.server/doc/api-doc/package-list deleted file mode 100644 index e69de29bb..000000000 diff --git a/id.server/doc/api-doc/packages.html b/id.server/doc/api-doc/packages.html deleted file mode 100644 index f5dd01736..000000000 --- a/id.server/doc/api-doc/packages.html +++ /dev/null @@ -1,26 +0,0 @@ - - - - - -
- -
- -
-
- Frame version -
- Non-frame version.
-
-
|
-- - | -|||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES | -|||||||
-
-Serialized Form
-- - - -
-
-
|
-- - | -|||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES | -|||||||
- - - diff --git a/id.server/doc/api-doc/stylesheet.css b/id.server/doc/api-doc/stylesheet.css deleted file mode 100644 index 74a3534ae..000000000 --- a/id.server/doc/api-doc/stylesheet.css +++ /dev/null @@ -1,29 +0,0 @@ -/* Javadoc style sheet */ - -/* Define colors, fonts and other style attributes here to override the defaults */ - -/* Page background color */ -body { background-color: #FFFFFF } - -/* Table colors */ -#TableHeadingColor { background: #CCCCFF } /* Dark mauve */ -#TableSubHeadingColor { background: #EEEEFF } /* Light mauve */ -#TableRowColor { background: #FFFFFF } /* White */ - -/* Font used in left-hand frame lists */ -#FrameTitleFont { font-size: normal; font-family: normal } -#FrameHeadingFont { font-size: normal; font-family: normal } -#FrameItemFont { font-size: normal; font-family: normal } - -/* Example of smaller, sans-serif font in frames */ -/* #FrameItemFont { font-size: 10pt; font-family: Helvetica, Arial, sans-serif } */ - -/* Navigation bar fonts and colors */ -#NavBarCell1 { background-color:#EEEEFF;}/* Light mauve */ -#NavBarCell1Rev { background-color:#00008B;}/* Dark Blue */ -#NavBarFont1 { font-family: Arial, Helvetica, sans-serif; color:#000000;} -#NavBarFont1Rev { font-family: Arial, Helvetica, sans-serif; color:#FFFFFF;} - -#NavBarCell2 { font-family: Arial, Helvetica, sans-serif; background-color:#FFFFFF;} -#NavBarCell3 { font-family: Arial, Helvetica, sans-serif; background-color:#FFFFFF;} - diff --git a/id.server/doc/bku-auswahl.20030408.pdf b/id.server/doc/bku-auswahl.20030408.pdf deleted file mode 100644 index 39efe315f..000000000 Binary files a/id.server/doc/bku-auswahl.20030408.pdf and /dev/null differ diff --git a/id.server/doc/cs-sstc-schema-assertion-01.xsd b/id.server/doc/cs-sstc-schema-assertion-01.xsd deleted file mode 100644 index 8bc5af147..000000000 --- a/id.server/doc/cs-sstc-schema-assertion-01.xsd +++ /dev/null @@ -1,194 +0,0 @@ - - -
- -
- -
-
-
|
-- - | -||||||||||
| - PREV CLASS - NEXT CLASS | -- FRAMES - NO FRAMES - - - - | -||||||||||
| - SUMMARY: NESTED | FIELD | CONSTR | METHOD | --DETAIL: FIELD | CONSTR | METHOD | -||||||||||
- -
-
-at.gv.egovernment.moa.id
-
-Class AuthenticationException
--java.lang.Object --MOAIDException -
-
-
-
- public class AuthenticationException
- extends MOAIDException
-Exception thrown during handling of AuthenticationSession -
- -
-
-
-
- See Also:
- Serialized Form
- -
| -Constructor Summary | -|
AuthenticationException(String messageId,
- Object[] parameters)
-
-- Constructor for AuthenticationException. |
-|
AuthenticationException(String messageId,
- Object[] parameters,
- Throwable wrapped)
-
-- Constructor for AuthenticationException. |
-|
| Methods inherited from class java.lang.Object | -
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
-
| -Constructor Detail | -
-AuthenticationException
--public AuthenticationException(String messageId, - Object[] parameters)-
-
-
- Constructor for AuthenticationException.
-
-
- Parameters:
messageId-
- -
-AuthenticationException
--public AuthenticationException(String messageId, - Object[] parameters, - Throwable wrapped)-
-
-
- Constructor for AuthenticationException.
-
-
- Parameters:
messageId-parameters-wrapped-
- - - - - -
-
-
|
-- - | -||||||||||
| - PREV CLASS - NEXT CLASS | -- FRAMES - NO FRAMES - - - - | -||||||||||
| - SUMMARY: NESTED | FIELD | CONSTR | METHOD | --DETAIL: FIELD | CONSTR | METHOD | -||||||||||
- - - diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/auth/AuthenticationServer.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/auth/AuthenticationServer.html deleted file mode 100644 index b5be8a054..000000000 --- a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/auth/AuthenticationServer.html +++ /dev/null @@ -1,631 +0,0 @@ - - - - - -
-
-
|
-- - | -||||||||||
| - PREV CLASS - NEXT CLASS | -- FRAMES - NO FRAMES - - - - | -||||||||||
| - SUMMARY: NESTED | FIELD | CONSTR | METHOD | --DETAIL: FIELD | CONSTR | METHOD | -||||||||||
- -
-
-at.gv.egovernment.moa.id.auth
-
-Class AuthenticationServer
--java.lang.Object --at.gv.egovernment.moa.id.auth.AuthenticationServer -
-
-
-
- public class AuthenticationServer
- extends Object
-API for MOA ID Authentication Service.
- AuthenticationSession is stored in a session store and retrieved
- by giving the session ID.
-
- -
-
- -
| -Constructor Summary | -|
AuthenticationServer()
-
-- Constructor for AuthenticationServer. |
-|
| -Method Summary | -|
- void |
-cleanup()
-
-- Cleans up expired session and authentication data stores. |
-
-static void |
-debugOutputXMLFile(String filename,
- org.w3c.dom.Element rootElem)
-
-- Writes an XML structure to file for debugging purposes, encoding UTF-8. |
-
-static void |
-debugOutputXMLFile(String filename,
- String xmlString)
-
-- Writes an XML structure to file for debugging purposes, encoding UTF-8. |
-
- AuthenticationData |
-getAuthenticationData(String samlArtifact)
-
-- Retrieves AuthenticationData indexed by the SAML artifact.
- |
-
-static AuthenticationServer |
-getInstance()
-
-- Returns the single instance of AuthenticationServer. |
-
-static AuthenticationSession |
-getSession(String id)
-
-- Retrieves a session from the session store. |
-
- String |
-selectBKU(String authURL,
- String target,
- String oaURL,
- String bkuSelectionTemplateURL,
- String templateURL)
-
-- Processes request to select a BKU. - |
-
- void |
-setSecondsAuthDataTimeOut(long seconds)
-
-- Sets the authDataTimeOut. |
-
- void |
-setSecondsSessionTimeOut(long seconds)
-
-- Sets the sessionTimeOut. |
-
- String |
-startAuthentication(String authURL,
- String target,
- String oaURL,
- String templateURL,
- String bkuURL,
- String sessionID)
-
-- Processes the beginning of an authentication session. - |
-
- String |
-verifyAuthenticationBlock(String sessionID,
- String xmlCreateXMLSignatureReadResponse)
-
-- Processes a <CreateXMLSignatureResponse> sent by the
- security layer implementation. |
-
- String |
-verifyIdentityLink(String sessionID,
- String xmlInfoboxReadResponse)
-
-- Processes an <InfoboxReadResponse> sent by the
- security layer implementation. |
-
| Methods inherited from class java.lang.Object | -
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
-
| -Constructor Detail | -
-AuthenticationServer
--public AuthenticationServer()-
-
-
- Constructor for AuthenticationServer.
-
-
| -Method Detail | -
-getInstance
--public static AuthenticationServer getInstance()-
-
-
- Returns the single instance of
AuthenticationServer. --
-
-
-
- Returns:
- the single instance of
AuthenticationServer
- -
-selectBKU
--public String selectBKU(String authURL, - String target, - String oaURL, - String bkuSelectionTemplateURL, - String templateURL) - throws WrongParametersException, - AuthenticationException, - ConfigurationException, - BuildException-
-
-
- Processes request to select a BKU.
-
Processing depends on value ofAuthConfigurationProvider#getBKUSelectionType. -
ForbkuSelectionType==HTMLComplete, areturnURIfor the - "BKU Auswahl" service is returned. -
ForbkuSelectionType==HTMLSelect, an HTML form for BKU selection is returned. --
-
-
- Parameters:
authURL- base URL of MOA-ID Auth componenttarget- "Geschäftsbereich"oaURL- online application URL requestedbkuSelectionTemplateURL- template for BKU selection form to be used - in case ofHTMLSelect; may be nulltemplateURL- URL providing an HTML template for the HTML form to be used - for callstartAuthentication-- Returns:
- for
bkuSelectionType==HTMLComplete, thereturnURIfor the - "BKU Auswahl" service; - forbkuSelectionType==HTMLSelect, an HTML form for BKU selection - - Throws: -
WrongParametersException- upon missing parameters -AuthenticationException- when the configured BKU selection service cannot be reached, - and when the given bkuSelectionTemplateURL cannot be reached -ConfigurationException- on missing configuration data -BuildException- while building the HTML form
- -
-startAuthentication
--public String startAuthentication(String authURL, - String target, - String oaURL, - String templateURL, - String bkuURL, - String sessionID) - throws WrongParametersException, - AuthenticationException, - ConfigurationException, - BuildException-
-
-
- Processes the beginning of an authentication session.
-
-
-
- Starts an authentication session -
- Creates an
<InfoboxReadRequest>
- - Creates an HTML form for querying the identity link from the
- security layer implementation.
-
Form parameters include --
-
- the
<InfoboxReadRequest>
- - the data URL where the security layer implementation sends it response to -
- the
-
-
-
- Parameters:
authURL- URL of the servlet to be used as data URLtarget- "Geschäftsbereich" of the online application requestedoaURL- online application URL requestedbkuURL- URL of the "Bürgerkartenumgebung" to be used; - may benull; in this case, the default location will be usedtemplateURL- URL providing an HTML template for the HTML form generated -- Returns:
- HTML form -
- Throws: -
AuthenticationException-WrongParametersException-ConfigurationException-BuildException- See Also:
GetIdentityLinkFormBuilder, -InfoboxReadRequestBuilder
- -
-verifyIdentityLink
--public String verifyIdentityLink(String sessionID, - String xmlInfoboxReadResponse) - throws AuthenticationException, - ParseException, - ConfigurationException, - ValidateException, - ServiceException-
-
-
- Processes an
<InfoboxReadResponse>sent by the - security layer implementation.
--
-
- Validates given
<InfoboxReadResponse>
- - Parses identity link enclosed in
<InfoboxReadResponse>
- - Verifies identity link by calling the MOA SP component -
- Checks certificate authority of identity link -
- Stores identity link in the session -
- Creates an authentication block to be signed by the user -
- Creates and returns a
<CreateXMLSignatureRequest>- containg the authentication block, meant to be returned to the - security layer implementation
-
-
-
-
- Parameters:
sessionID- ID of associated authentication session dataxmlInfoboxReadResponse- String representation of the -<InfoboxReadResponse>-- Returns:
- String representation of the
<CreateXMLSignatureRequest>- - Throws: -
AuthenticationException-ParseException-ConfigurationException-ValidateException-ServiceException
- Validates given
- -
-verifyAuthenticationBlock
--public String verifyAuthenticationBlock(String sessionID, - String xmlCreateXMLSignatureReadResponse) - throws AuthenticationException, - BuildException, - ParseException, - ConfigurationException, - ServiceException, - ValidateException-
-
-
- Processes a
<CreateXMLSignatureResponse>sent by the - security layer implementation.
--
-
- Validates given
<CreateXMLSignatureResponse>
- - Parses
<CreateXMLSignatureResponse>for error codes
- - Parses authentication block enclosed in
-
<CreateXMLSignatureResponse>
- - Verifies authentication block by calling the MOA SP component -
- Creates authentication data -
- Creates a corresponding SAML artifact -
- Stores authentication data in the authentication data store - indexed by the SAML artifact -
- Deletes authentication session -
- Returns the SAML artifact, encoded BASE64 -
-
-
-
- Parameters:
sessionID- session ID of the running authentication sessionxmlCreateXMLSignatureReadResponse- String representation of the -<CreateXMLSignatureResponse>-- Returns:
- SAML artifact needed for retrieving authentication data, encoded BASE64 -
- Throws: -
AuthenticationException-BuildException-ParseException-ConfigurationException-ServiceException-ValidateException
- Validates given
- -
-getAuthenticationData
--public AuthenticationData getAuthenticationData(String samlArtifact) - throws AuthenticationException-
-
-
- Retrieves
AuthenticationDataindexed by the SAML artifact. - TheAuthenticationDatais deleted from the store upon end of this call. --
-
-
-
- Returns:
AuthenticationData-- Throws: -
AuthenticationException
- -
-getSession
--public static AuthenticationSession getSession(String id) - throws AuthenticationException-
-
-
- Retrieves a session from the session store.
-
-
-
-
- Parameters:
id- session ID -- Returns:
AuthenticationSessionstored with given session ID, -nullif session ID unknown -- Throws: -
AuthenticationException
- -
-cleanup
--public void cleanup()-
-
-
- Cleans up expired session and authentication data stores.
-
-
-
-
- -
-setSecondsSessionTimeOut
--public void setSecondsSessionTimeOut(long seconds)-
-
-
- Sets the sessionTimeOut.
-
-
-
-
- -
-setSecondsAuthDataTimeOut
--public void setSecondsAuthDataTimeOut(long seconds)-
-
-
- Sets the authDataTimeOut.
-
-
-
-
- -
-debugOutputXMLFile
--public static void debugOutputXMLFile(String filename, - org.w3c.dom.Element rootElem)-
-
-
- Writes an XML structure to file for debugging purposes, encoding UTF-8.
-
-
-
-
- Parameters:
filename- file namerootElem- root element in DOM tree
- -
-debugOutputXMLFile
--public static void debugOutputXMLFile(String filename, - String xmlString)-
-
-
- Writes an XML structure to file for debugging purposes, encoding UTF-8.
-
-
-
-
- Parameters:
filename- file namexmlString- XML string
- - - - - -
-
-
|
-- - | -||||||||||
| - PREV CLASS - NEXT CLASS | -- FRAMES - NO FRAMES - - - - | -||||||||||
| - SUMMARY: NESTED | FIELD | CONSTR | METHOD | --DETAIL: FIELD | CONSTR | METHOD | -||||||||||
- - - diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/auth/class-use/AuthenticationServer.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/auth/class-use/AuthenticationServer.html deleted file mode 100644 index 53f0912b1..000000000 --- a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/auth/class-use/AuthenticationServer.html +++ /dev/null @@ -1,172 +0,0 @@ - - - - - -
-
-
|
-- - | -||||||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES - - - - | -||||||||||
-
-Uses of Class
at.gv.egovernment.moa.id.auth.AuthenticationServer
-| -Packages that use AuthenticationServer | -|
| at.gv.egovernment.moa.id.auth | -- |
| -Uses of AuthenticationServer in at.gv.egovernment.moa.id.auth | -
- -
| Methods in at.gv.egovernment.moa.id.auth that return AuthenticationServer | -|
-static AuthenticationServer |
-AuthenticationServer.getInstance()
-
-- Returns the single instance of AuthenticationServer. |
-
-
- - - - - -
-
-
|
-- - | -||||||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES - - - - | -||||||||||
- - - diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/auth/package-frame.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/auth/package-frame.html deleted file mode 100644 index 013ac6e16..000000000 --- a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/auth/package-frame.html +++ /dev/null @@ -1,32 +0,0 @@ - - - - - -
|
-Classes
-
- -AuthenticationServer |
-
-
-
|
-- - | -||||||||||
| - PREV PACKAGE - NEXT PACKAGE | -- FRAMES - NO FRAMES - - - - | -||||||||||
-
-Package at.gv.egovernment.moa.id.auth -
- -| -Class Summary | -|
| AuthenticationServer | -API for MOA ID Authentication Service. | -
-
- - - - - -
-
-
|
-- - | -||||||||||
| - PREV PACKAGE - NEXT PACKAGE | -- FRAMES - NO FRAMES - - - - | -||||||||||
- - - diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/auth/package-tree.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/auth/package-tree.html deleted file mode 100644 index ed050ad9e..000000000 --- a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/auth/package-tree.html +++ /dev/null @@ -1,145 +0,0 @@ - - - - - -
-
-
|
-- - | -||||||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES - - - - | -||||||||||
-
-Hierarchy For Package at.gv.egovernment.moa.id.auth -
--
-
- Package Hierarchies:
- All Packages
-
-Class Hierarchy -
--
-
- class java.lang.Object
-
-
- class at.gv.egovernment.moa.id.auth.AuthenticationServer
- - - - - -
-
-
|
-- - | -||||||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES - - - - | -||||||||||
- - - diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/auth/package-use.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/auth/package-use.html deleted file mode 100644 index 54bd8b9fb..000000000 --- a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/auth/package-use.html +++ /dev/null @@ -1,162 +0,0 @@ - - - - - -
-
-
|
-- - | -||||||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES - - - - | -||||||||||
-
-Uses of Package
at.gv.egovernment.moa.id.auth
-| -Packages that use at.gv.egovernment.moa.id.auth | -|
| at.gv.egovernment.moa.id.auth | -- |
| -Classes in at.gv.egovernment.moa.id.auth used by at.gv.egovernment.moa.id.auth | -|
| AuthenticationServer
-
- - API for MOA ID Authentication Service. |
-|
-
- - - - - -
-
-
|
-- - | -||||||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES - - - - | -||||||||||
- - - diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/class-use/AuthenticationException.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/class-use/AuthenticationException.html deleted file mode 100644 index d844f1ac0..000000000 --- a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/class-use/AuthenticationException.html +++ /dev/null @@ -1,228 +0,0 @@ - - - - - -
-
-
|
-- - | -||||||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES - - - - | -||||||||||
-
-Uses of Class
at.gv.egovernment.moa.id.AuthenticationException
-| -Packages that use AuthenticationException | -|
| at.gv.egovernment.moa.id.auth | -- |
| -Uses of AuthenticationException in at.gv.egovernment.moa.id.auth | -
- -
| Methods in at.gv.egovernment.moa.id.auth that throw AuthenticationException | -|
- String |
-AuthenticationServer.selectBKU(String authURL,
- String target,
- String oaURL,
- String bkuSelectionTemplateURL,
- String templateURL)
-
-- Processes request to select a BKU. - |
-
- String |
-AuthenticationServer.startAuthentication(String authURL,
- String target,
- String oaURL,
- String templateURL,
- String bkuURL,
- String sessionID)
-
-- Processes the beginning of an authentication session. - |
-
- String |
-AuthenticationServer.verifyIdentityLink(String sessionID,
- String xmlInfoboxReadResponse)
-
-- Processes an <InfoboxReadResponse> sent by the
- security layer implementation. |
-
- String |
-AuthenticationServer.verifyAuthenticationBlock(String sessionID,
- String xmlCreateXMLSignatureReadResponse)
-
-- Processes a <CreateXMLSignatureResponse> sent by the
- security layer implementation. |
-
- AuthenticationData |
-AuthenticationServer.getAuthenticationData(String samlArtifact)
-
-- Retrieves AuthenticationData indexed by the SAML artifact.
- |
-
-static AuthenticationSession |
-AuthenticationServer.getSession(String id)
-
-- Retrieves a session from the session store. |
-
-
- - - - - -
-
-
|
-- - | -||||||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES - - - - | -||||||||||
- - - diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/config/proxy/OAConfiguration.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/config/proxy/OAConfiguration.html deleted file mode 100644 index afeb1a482..000000000 --- a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/config/proxy/OAConfiguration.html +++ /dev/null @@ -1,613 +0,0 @@ - - - - - -
-
-
|
-- - | -||||||||||
| - PREV CLASS - NEXT CLASS | -- FRAMES - NO FRAMES - - - - | -||||||||||
| - SUMMARY: NESTED | FIELD | CONSTR | METHOD | --DETAIL: FIELD | CONSTR | METHOD | -||||||||||
- -
-
-at.gv.egovernment.moa.id.config.proxy
-
-Class OAConfiguration
--java.lang.Object --at.gv.egovernment.moa.id.config.proxy.OAConfiguration -
-
-
-
- public class OAConfiguration
- extends Object
-Holds configuration data concerning an online application for use by the MOA-ID Proxy component. - These include the login type (stateful or stateless), the HTTP authentication type, - and information needed to add authentication parameters or headers for a URL connection - to the remote online application. -
- -
-
-
-
- See Also:
MOAIDConfiguration-1.1.xsd, elementConfiguration
- -
| -Field Summary | -|
-static String |
-BASIC_AUTH
-
-- Constant for an auth method |
-
-static String |
-HEADER_AUTH
-
-- Constant for an auth method |
-
-static String |
-LOGINTYPE_STATEFUL
-
-- Constant for an login method |
-
-static String |
-LOGINTYPE_STATELESS
-
-- Constant for an login method |
-
-static String |
-PARAM_AUTH
-
-- Constant for an auth method |
-
| -Constructor Summary | -|
OAConfiguration()
-
-- |
-|
| -Method Summary | -|
- String |
-getAuthType()
-
-- Returns the authType. |
-
- String |
-getBasicAuthPasswordMapping()
-
-- Returns the basicAuthPasswordMapping. |
-
- String |
-getBasicAuthUserIDMapping()
-
-- Returns the basicAuthUserIDMapping. |
-
- Map |
-getHeaderAuthMapping()
-
-- Returns the headerAuthMapping. |
-
- String |
-getLoginType()
-
-- Returns the loginType. |
-
- Map |
-getParamAuthMapping()
-
-- Returns the paramAuthMapping. |
-
- void |
-setAuthType(String authLoginType)
-
-- Sets the authType. |
-
- void |
-setBasicAuthPasswordMapping(String basicAuthPassword)
-
-- Sets the basicAuthPasswordMapping. |
-
- void |
-setBasicAuthUserIDMapping(String basicAuthUserID)
-
-- Sets the basicAuthUserIDMapping. |
-
- void |
-setHeaderAuthMapping(HashMap headerAuth)
-
-- Sets the headerAuthMapping. |
-
- void |
-setLoginType(String loginType)
-
-- Sets the loginType. |
-
- void |
-setParamAuthMapping(HashMap paramAuth)
-
-- Sets the paramAuthMapping. |
-
| Methods inherited from class java.lang.Object | -
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
-
| -Field Detail | -
-LOGINTYPE_STATEFUL
--public static final String LOGINTYPE_STATEFUL-
-
-
- Constant for an login method
-
-
-
-
- See Also:
- Constant Field Values
- -
-LOGINTYPE_STATELESS
--public static final String LOGINTYPE_STATELESS-
-
-
- Constant for an login method
-
-
-
-
- See Also:
- Constant Field Values
- -
-BASIC_AUTH
--public static final String BASIC_AUTH-
-
-
- Constant for an auth method
-
-
-
-
- See Also:
- Constant Field Values
- -
-HEADER_AUTH
--public static final String HEADER_AUTH-
-
-
- Constant for an auth method
-
-
-
-
- See Also:
- Constant Field Values
- -
-PARAM_AUTH
--public static final String PARAM_AUTH-
-
-
- Constant for an auth method
-
-
-
-
- See Also:
- Constant Field Values
| -Constructor Detail | -
-OAConfiguration
--public OAConfiguration()-
-
-
| -Method Detail | -
-getBasicAuthPasswordMapping
--public String getBasicAuthPasswordMapping()-
-
-
- Returns the basicAuthPasswordMapping.
-
-
-
-
-
- Returns:
- String
- -
-getBasicAuthUserIDMapping
--public String getBasicAuthUserIDMapping()-
-
-
- Returns the basicAuthUserIDMapping.
-
-
-
-
-
- Returns:
- String
- -
-getHeaderAuthMapping
--public Map getHeaderAuthMapping()-
-
-
- Returns the headerAuthMapping.
-
-
-
-
-
- Returns:
- HashMap
- -
-getLoginType
--public String getLoginType()-
-
-
- Returns the loginType.
-
-
-
-
-
- Returns:
- String
- -
-getParamAuthMapping
--public Map getParamAuthMapping()-
-
-
- Returns the paramAuthMapping.
-
-
-
-
-
- Returns:
- HashMap
- -
-setBasicAuthPasswordMapping
--public void setBasicAuthPasswordMapping(String basicAuthPassword)-
-
-
- Sets the basicAuthPasswordMapping.
-
-
-
-
- -
-setBasicAuthUserIDMapping
--public void setBasicAuthUserIDMapping(String basicAuthUserID)-
-
-
- Sets the basicAuthUserIDMapping.
-
-
-
-
- -
-setHeaderAuthMapping
--public void setHeaderAuthMapping(HashMap headerAuth)-
-
-
- Sets the headerAuthMapping.
-
-
-
-
- -
-setLoginType
--public void setLoginType(String loginType)-
-
-
- Sets the loginType.
-
-
-
-
- Parameters:
loginType- The loginType to set
- -
-setParamAuthMapping
--public void setParamAuthMapping(HashMap paramAuth)-
-
-
- Sets the paramAuthMapping.
-
-
-
-
- -
-getAuthType
--public String getAuthType()-
-
-
- Returns the authType.
-
-
-
-
-
- Returns:
- String
- -
-setAuthType
--public void setAuthType(String authLoginType)-
-
-
- Sets the authType.
-
-
-
-
- - - - - -
-
-
|
-- - | -||||||||||
| - PREV CLASS - NEXT CLASS | -- FRAMES - NO FRAMES - - - - | -||||||||||
| - SUMMARY: NESTED | FIELD | CONSTR | METHOD | --DETAIL: FIELD | CONSTR | METHOD | -||||||||||
- - - diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/config/proxy/class-use/OAConfiguration.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/config/proxy/class-use/OAConfiguration.html deleted file mode 100644 index 5e33084ad..000000000 --- a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/config/proxy/class-use/OAConfiguration.html +++ /dev/null @@ -1,184 +0,0 @@ - - - - - -
-
-
|
-- - | -||||||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES - - - - | -||||||||||
-
-Uses of Class
at.gv.egovernment.moa.id.config.proxy.OAConfiguration
-| -Packages that use OAConfiguration | -|
| at.gv.egovernment.moa.id.proxy | -- |
| -Uses of OAConfiguration in at.gv.egovernment.moa.id.proxy | -
- -
| Methods in at.gv.egovernment.moa.id.proxy with parameters of type OAConfiguration | -|
- Map |
-LoginParameterResolver.getAuthenticationHeaders(OAConfiguration oaConf,
- AuthenticationData authData,
- String clientIPAddress)
-
-- Returns authentication headers to be added to a URLConnection. |
-
- Map |
-LoginParameterResolver.getAuthenticationParameters(OAConfiguration oaConf,
- AuthenticationData authData,
- String clientIPAddress)
-
-- Returns request parameters to be added to a URLConnection. |
-
-
- - - - - -
-
-
|
-- - | -||||||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES - - - - | -||||||||||
- - - diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/config/proxy/package-frame.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/config/proxy/package-frame.html deleted file mode 100644 index 442356ce1..000000000 --- a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/config/proxy/package-frame.html +++ /dev/null @@ -1,32 +0,0 @@ - - - - - -
|
-Classes
-
- -OAConfiguration |
-
-
-
|
-- - | -||||||||||
| - PREV PACKAGE - NEXT PACKAGE | -- FRAMES - NO FRAMES - - - - | -||||||||||
-
-Package at.gv.egovernment.moa.id.config.proxy -
- -| -Class Summary | -|
| OAConfiguration | -Holds configuration data concerning an online application for use by the MOA-ID Proxy component. - | -
-
- - - - - -
-
-
|
-- - | -||||||||||
| - PREV PACKAGE - NEXT PACKAGE | -- FRAMES - NO FRAMES - - - - | -||||||||||
- - - diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/config/proxy/package-tree.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/config/proxy/package-tree.html deleted file mode 100644 index e66568757..000000000 --- a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/config/proxy/package-tree.html +++ /dev/null @@ -1,145 +0,0 @@ - - - - - -
-
-
|
-- - | -||||||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES - - - - | -||||||||||
-
-Hierarchy For Package at.gv.egovernment.moa.id.config.proxy -
--
-
- Package Hierarchies:
- All Packages
-
-Class Hierarchy -
--
-
- class java.lang.Object
-
-
- class at.gv.egovernment.moa.id.config.proxy.OAConfiguration
- - - - - -
-
-
|
-- - | -||||||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES - - - - | -||||||||||
- - - diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/config/proxy/package-use.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/config/proxy/package-use.html deleted file mode 100644 index 184fcb226..000000000 --- a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/config/proxy/package-use.html +++ /dev/null @@ -1,163 +0,0 @@ - - - - - -
-
-
|
-- - | -||||||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES - - - - | -||||||||||
-
-Uses of Package
at.gv.egovernment.moa.id.config.proxy
-| -Packages that use at.gv.egovernment.moa.id.config.proxy | -|
| at.gv.egovernment.moa.id.proxy | -- |
| -Classes in at.gv.egovernment.moa.id.config.proxy used by at.gv.egovernment.moa.id.proxy | -|
| OAConfiguration
-
- - Holds configuration data concerning an online application for use by the MOA-ID Proxy component. - |
-|
-
- - - - - -
-
-
|
-- - | -||||||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES - - - - | -||||||||||
- - - diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/data/AuthenticationData.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/data/AuthenticationData.html deleted file mode 100644 index d6bc30647..000000000 --- a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/data/AuthenticationData.html +++ /dev/null @@ -1,906 +0,0 @@ - - - - - -
-
-
|
-- - | -||||||||||
| - PREV CLASS - NEXT CLASS | -- FRAMES - NO FRAMES - - - - | -||||||||||
| - SUMMARY: NESTED | FIELD | CONSTR | METHOD | --DETAIL: FIELD | CONSTR | METHOD | -||||||||||
- -
-
-at.gv.egovernment.moa.id.data
-
-Class AuthenticationData
--java.lang.Object --
-
-
-
- public class AuthenticationData
- extends Object
-Encapsulates authentication data contained in a <saml:Assertion>.
-
- -
-
- -
| -Constructor Summary | -|
AuthenticationData()
-
-- Constructor for AuthenticationData. |
-|
| -Method Summary | -|
- String |
-getAssertionID()
-
-- Returns the assertionID. |
-
- String |
-getDateOfBirth()
-
-- Returns the dateOfBirth. |
-
- String |
-getFamilyName()
-
-- Returns the familyName. |
-
- String |
-getGivenName()
-
-- Returns the givenName. |
-
- String |
-getIdentificationType()
-
-- Returns the identificationType |
-
- String |
-getIdentificationValue()
-
-- Returns the identificationValue. |
-
- String |
-getIssueInstant()
-
-- Returns the issueInstant. |
-
- String |
-getIssuer()
-
-- Returns the issuer. |
-
- int |
-getMajorVersion()
-
-- Returns the majorVersion. |
-
- int |
-getMinorVersion()
-
-- Returns the minorVersion. |
-
- String |
-getPBK()
-
-- Returns the bPK. |
-
- String |
-getPublicAuthorityCode()
-
-- Returns the publicAuthorityCode. |
-
- String |
-getSamlAssertion()
-
-- Returns the samlAssertion. |
-
- Date |
-getTimestamp()
-
-- Returns the timestamp. |
-
- boolean |
-isPublicAuthority()
-
-- Returns the publicAuthority. |
-
- boolean |
-isQualifiedCertificate()
-
-- Returns the qualifiedCertificate. |
-
- void |
-setAssertionID(String assertionID)
-
-- Sets the assertionID. |
-
- void |
-setDateOfBirth(String dateOfBirth)
-
-- Sets the dateOfBirth. |
-
- void |
-setFamilyName(String gamilyName)
-
-- Sets the familyName. |
-
- void |
-setGivenName(String givenName)
-
-- Sets the givenName. |
-
- void |
-setIdentificationType(String identificationType)
-
-- Sets the identificationType. |
-
- void |
-setIdentificationValue(String identificationValue)
-
-- Sets the identificationValue. |
-
- void |
-setIssueInstant(String issueInstant)
-
-- Sets the issueInstant. |
-
- void |
-setIssuer(String issuer)
-
-- Sets the issuer. |
-
- void |
-setMajorVersion(int majorVersion)
-
-- Sets the majorVersion. |
-
- void |
-setMinorVersion(int minorVersion)
-
-- Sets the minorVersion. |
-
- void |
-setPBK(String bPK)
-
-- Sets the bPK. |
-
- void |
-setPublicAuthority(boolean publicAuthority)
-
-- Sets the publicAuthority. |
-
- void |
-setPublicAuthorityCode(String publicAuthorityIdentification)
-
-- Sets the publicAuthorityCode. |
-
- void |
-setQualifiedCertificate(boolean qualifiedCertificate)
-
-- Sets the qualifiedCertificate. |
-
- void |
-setSamlAssertion(String samlAssertion)
-
-- Sets the samlAssertion. |
-
| Methods inherited from class java.lang.Object | -
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
-
| -Constructor Detail | -
-AuthenticationData
--public AuthenticationData()-
-
-
- Constructor for AuthenticationData.
-
-
| -Method Detail | -
-getMinorVersion
--public int getMinorVersion()-
-
-
- Returns the minorVersion.
-
-
-
-
-
- Returns:
- int
- -
-isPublicAuthority
--public boolean isPublicAuthority()-
-
-
- Returns the publicAuthority.
-
-
-
-
-
- Returns:
- boolean
- -
-getPublicAuthorityCode
--public String getPublicAuthorityCode()-
-
-
- Returns the publicAuthorityCode.
-
-
-
-
-
- Returns:
- String
- -
-isQualifiedCertificate
--public boolean isQualifiedCertificate()-
-
-
- Returns the qualifiedCertificate.
-
-
-
-
-
- Returns:
- boolean
- -
-getPBK
--public String getPBK()-
-
-
- Returns the bPK.
-
-
-
-
-
- Returns:
- String
- -
-setMinorVersion
--public void setMinorVersion(int minorVersion)-
-
-
- Sets the minorVersion.
-
-
-
-
- Parameters:
minorVersion- The minorVersion to set
- -
-setPublicAuthority
--public void setPublicAuthority(boolean publicAuthority)-
-
-
- Sets the publicAuthority.
-
-
-
-
- Parameters:
publicAuthority- The publicAuthority to set
- -
-setPublicAuthorityCode
--public void setPublicAuthorityCode(String publicAuthorityIdentification)-
-
-
- Sets the publicAuthorityCode.
-
-
-
-
- -
-setQualifiedCertificate
--public void setQualifiedCertificate(boolean qualifiedCertificate)-
-
-
- Sets the qualifiedCertificate.
-
-
-
-
- Parameters:
qualifiedCertificate- The qualifiedCertificate to set
- -
-setPBK
--public void setPBK(String bPK)-
-
-
- Sets the bPK.
-
-
-
-
- Parameters:
bPK- The bPK to set
- -
-getAssertionID
--public String getAssertionID()-
-
-
- Returns the assertionID.
-
-
-
-
-
- Returns:
- String
- -
-getDateOfBirth
--public String getDateOfBirth()-
-
-
- Returns the dateOfBirth.
-
-
-
-
-
- Returns:
- String
- -
-getFamilyName
--public String getFamilyName()-
-
-
- Returns the familyName.
-
-
-
-
-
- Returns:
- String
- -
-getGivenName
--public String getGivenName()-
-
-
- Returns the givenName.
-
-
-
-
-
- Returns:
- String
- -
-getIdentificationValue
--public String getIdentificationValue()-
-
-
- Returns the identificationValue.
-
-
-
-
-
- Returns:
- String
- -
-getIdentificationType
--public String getIdentificationType()-
-
-
- Returns the identificationType
-
-
-
-
-
- Returns:
- String
- -
-getIssueInstant
--public String getIssueInstant()-
-
-
- Returns the issueInstant.
-
-
-
-
-
- Returns:
- String
- -
-getIssuer
--public String getIssuer()-
-
-
- Returns the issuer.
-
-
-
-
-
- Returns:
- String
- -
-getMajorVersion
--public int getMajorVersion()-
-
-
- Returns the majorVersion.
-
-
-
-
-
- Returns:
- int
- -
-setAssertionID
--public void setAssertionID(String assertionID)-
-
-
- Sets the assertionID.
-
-
-
-
- Parameters:
assertionID- The assertionID to set
- -
-setDateOfBirth
--public void setDateOfBirth(String dateOfBirth)-
-
-
- Sets the dateOfBirth.
-
-
-
-
- Parameters:
dateOfBirth- The dateOfBirth to set
- -
-setFamilyName
--public void setFamilyName(String gamilyName)-
-
-
- Sets the familyName.
-
-
-
-
- -
-setGivenName
--public void setGivenName(String givenName)-
-
-
- Sets the givenName.
-
-
-
-
- Parameters:
givenName- The givenName to set
- -
-setIdentificationValue
--public void setIdentificationValue(String identificationValue)-
-
-
- Sets the identificationValue.
-
-
-
-
- Parameters:
identificationValue- The identificationValue to set
- -
-setIdentificationType
--public void setIdentificationType(String identificationType)-
-
-
- Sets the identificationType.
-
-
-
-
- Parameters:
identificationType- The identificationType to set
- -
-setIssueInstant
--public void setIssueInstant(String issueInstant)-
-
-
- Sets the issueInstant.
-
-
-
-
- Parameters:
issueInstant- The issueInstant to set
- -
-setIssuer
--public void setIssuer(String issuer)-
-
-
- Sets the issuer.
-
-
-
-
- Parameters:
issuer- The issuer to set
- -
-setMajorVersion
--public void setMajorVersion(int majorVersion)-
-
-
- Sets the majorVersion.
-
-
-
-
- Parameters:
majorVersion- The majorVersion to set
- -
-getSamlAssertion
--public String getSamlAssertion()-
-
-
- Returns the samlAssertion.
-
-
-
-
-
- Returns:
- String
- -
-setSamlAssertion
--public void setSamlAssertion(String samlAssertion)-
-
-
- Sets the samlAssertion.
-
-
-
-
- Parameters:
samlAssertion- The samlAssertion to set
- -
-getTimestamp
--public Date getTimestamp()-
-
-
- Returns the timestamp.
-
-
-
-
-
- Returns:
- Date
- - - - - -
-
-
|
-- - | -||||||||||
| - PREV CLASS - NEXT CLASS | -- FRAMES - NO FRAMES - - - - | -||||||||||
| - SUMMARY: NESTED | FIELD | CONSTR | METHOD | --DETAIL: FIELD | CONSTR | METHOD | -||||||||||
- - - diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/data/class-use/AuthenticationData.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/data/class-use/AuthenticationData.html deleted file mode 100644 index 44c47942a..000000000 --- a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/data/class-use/AuthenticationData.html +++ /dev/null @@ -1,214 +0,0 @@ - - - - - -
-
-
|
-- - | -||||||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES - - - - | -||||||||||
-
-Uses of Class
at.gv.egovernment.moa.id.data.AuthenticationData
-| -Packages that use AuthenticationData | -|
| at.gv.egovernment.moa.id.auth | -- |
| at.gv.egovernment.moa.id.proxy | -- |
| -Uses of AuthenticationData in at.gv.egovernment.moa.id.auth | -
- -
| Methods in at.gv.egovernment.moa.id.auth that return AuthenticationData | -|
- AuthenticationData |
-AuthenticationServer.getAuthenticationData(String samlArtifact)
-
-- Retrieves AuthenticationData indexed by the SAML artifact.
- |
-
| -Uses of AuthenticationData in at.gv.egovernment.moa.id.proxy | -
- -
| Methods in at.gv.egovernment.moa.id.proxy with parameters of type AuthenticationData | -|
- Map |
-LoginParameterResolver.getAuthenticationHeaders(OAConfiguration oaConf,
- AuthenticationData authData,
- String clientIPAddress)
-
-- Returns authentication headers to be added to a URLConnection. |
-
- Map |
-LoginParameterResolver.getAuthenticationParameters(OAConfiguration oaConf,
- AuthenticationData authData,
- String clientIPAddress)
-
-- Returns request parameters to be added to a URLConnection. |
-
-
- - - - - -
-
-
|
-- - | -||||||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES - - - - | -||||||||||
- - - diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/data/package-frame.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/data/package-frame.html deleted file mode 100644 index b3be4f39a..000000000 --- a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/data/package-frame.html +++ /dev/null @@ -1,32 +0,0 @@ - - - - - -
|
-Classes
-
- -AuthenticationData |
-
-
-
|
-- - | -||||||||||
| - PREV PACKAGE - NEXT PACKAGE | -- FRAMES - NO FRAMES - - - - | -||||||||||
-
-Package at.gv.egovernment.moa.id.data -
- -| -Class Summary | -|
| AuthenticationData | -Encapsulates authentication data contained in a <saml:Assertion>. |
-
-
- - - - - -
-
-
|
-- - | -||||||||||
| - PREV PACKAGE - NEXT PACKAGE | -- FRAMES - NO FRAMES - - - - | -||||||||||
- - - diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/data/package-tree.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/data/package-tree.html deleted file mode 100644 index 6911edcdb..000000000 --- a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/data/package-tree.html +++ /dev/null @@ -1,145 +0,0 @@ - - - - - -
-
-
|
-- - | -||||||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES - - - - | -||||||||||
-
-Hierarchy For Package at.gv.egovernment.moa.id.data -
--
-
- Package Hierarchies:
- All Packages
-
-Class Hierarchy -
--
-
- class java.lang.Object
-
-
- class at.gv.egovernment.moa.id.data.AuthenticationData
- - - - - -
-
-
|
-- - | -||||||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES - - - - | -||||||||||
- - - diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/data/package-use.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/data/package-use.html deleted file mode 100644 index c90a703c9..000000000 --- a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/data/package-use.html +++ /dev/null @@ -1,181 +0,0 @@ - - - - - -
-
-
|
-- - | -||||||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES - - - - | -||||||||||
-
-Uses of Package
at.gv.egovernment.moa.id.data
-| -Packages that use at.gv.egovernment.moa.id.data | -|
| at.gv.egovernment.moa.id.auth | -- |
| at.gv.egovernment.moa.id.proxy | -- |
| -Classes in at.gv.egovernment.moa.id.data used by at.gv.egovernment.moa.id.auth | -|
| AuthenticationData
-
- - Encapsulates authentication data contained in a <saml:Assertion>. |
-|
| -Classes in at.gv.egovernment.moa.id.data used by at.gv.egovernment.moa.id.proxy | -|
| AuthenticationData
-
- - Encapsulates authentication data contained in a <saml:Assertion>. |
-|
-
- - - - - -
-
-
|
-- - | -||||||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES - - - - | -||||||||||
- - - diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/package-frame.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/package-frame.html deleted file mode 100644 index 9c4352356..000000000 --- a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/package-frame.html +++ /dev/null @@ -1,32 +0,0 @@ - - - - - -
|
-Classes
-
- -AuthenticationException |
-
-
-
|
-- - | -||||||||||
| - PREV PACKAGE - NEXT PACKAGE | -- FRAMES - NO FRAMES - - - - | -||||||||||
-
-Package at.gv.egovernment.moa.id -
- -| -Class Summary | -|
| AuthenticationException | -Exception thrown during handling of AuthenticationSession | -
-
- - - - - -
-
-
|
-- - | -||||||||||
| - PREV PACKAGE - NEXT PACKAGE | -- FRAMES - NO FRAMES - - - - | -||||||||||
- - - diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/package-tree.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/package-tree.html deleted file mode 100644 index ebf3b1498..000000000 --- a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/package-tree.html +++ /dev/null @@ -1,147 +0,0 @@ - - - - - -
-
-
|
-- - | -||||||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES - - - - | -||||||||||
-
-Hierarchy For Package at.gv.egovernment.moa.id -
--
-
- Package Hierarchies:
- All Packages
-
-Class Hierarchy -
--
-
- class java.lang.Object
-
-
- class MOAIDException
-
-
- class at.gv.egovernment.moa.id.AuthenticationException
- class MOAIDException
- - - - - -
-
-
|
-- - | -||||||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES - - - - | -||||||||||
- - - diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/package-use.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/package-use.html deleted file mode 100644 index bc895c974..000000000 --- a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/package-use.html +++ /dev/null @@ -1,162 +0,0 @@ - - - - - -
-
-
|
-- - | -||||||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES - - - - | -||||||||||
-
-Uses of Package
at.gv.egovernment.moa.id
-| -Packages that use at.gv.egovernment.moa.id | -|
| at.gv.egovernment.moa.id.auth | -- |
| -Classes in at.gv.egovernment.moa.id used by at.gv.egovernment.moa.id.auth | -|
| AuthenticationException
-
- - Exception thrown during handling of AuthenticationSession |
-|
-
- - - - - -
-
-
|
-- - | -||||||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES - - - - | -||||||||||
- - - diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/ConnectionBuilder.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/ConnectionBuilder.html deleted file mode 100644 index 398be7e71..000000000 --- a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/ConnectionBuilder.html +++ /dev/null @@ -1,249 +0,0 @@ - - - - - -
-
-
|
-- - | -||||||||||
| - PREV CLASS - NEXT CLASS | -- FRAMES - NO FRAMES - - - - | -||||||||||
| - SUMMARY: NESTED | FIELD | CONSTR | METHOD | --DETAIL: FIELD | CONSTR | METHOD | -||||||||||
- -
-
-at.gv.egovernment.moa.id.proxy
-
-Interface ConnectionBuilder
--
-
-
- public interface ConnectionBuilder
-Builder for URLConnection objects used to forward requests
- to the remote online application.
-
- -
-
- -
| -Method Summary | -|
- HttpURLConnection |
-buildConnection(javax.servlet.http.HttpServletRequest request,
- String publicURLPrefix,
- String realURLPrefix,
- javax.net.ssl.SSLSocketFactory sslSocketFactory,
- Map parameters)
-
-- Builds an HttpURLConnection to a URL which is derived
- from an HttpServletRequest URL, by substitution of a
- public URL prefix for the real URL prefix. |
-
| -Method Detail | -
-buildConnection
--public HttpURLConnection buildConnection(javax.servlet.http.HttpServletRequest request, - String publicURLPrefix, - String realURLPrefix, - javax.net.ssl.SSLSocketFactory sslSocketFactory, - Map parameters) - throws IOException-
-
-
- Builds an HttpURLConnection to a
URLwhich is derived - from anHttpServletRequestURL, by substitution of a - public URL prefix for the real URL prefix.
- The HttpURLConnection has been created byURL.openConnection(), but - it has not yet been connected to byURLConnection.connect().
- The field settings of the HttpURLConnection are: --
-
allowUserInteraction = false
- doInput = true
- doOutput = true
- requestMethod = request.getMethod()
- useCaches = false
-
-
-
-
- Parameters:
request- the incoming request which shall be forwardedpublicURLPrefix- the public URL prefix to be substituted by the real URL prefixrealURLPrefix- the URL prefix to substitute the public URL prefixsslSocketFactory- factory to be used for creating an SSL socket in case - of a URL for scheme"https:"; -
ifnull, the default SSL socket factory would be usedparameters- parameters to be forwarded -- Returns:
- a URLConnection created by
URL.openConnection(), connecting to - the requested URL withpublicURLPrefixsubstituted byrealURLPrefix- - Throws: -
IOException- if an I/O exception occurs during opening the connection- See Also:
URL.openConnection(), -com.sun.net.ssl.HttpsURLConnection#getDefaultSSLSocketFactory()
- - - - - -
-
-
|
-- - | -||||||||||
| - PREV CLASS - NEXT CLASS | -- FRAMES - NO FRAMES - - - - | -||||||||||
| - SUMMARY: NESTED | FIELD | CONSTR | METHOD | --DETAIL: FIELD | CONSTR | METHOD | -||||||||||
- - - diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/LoginParameterResolver.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/LoginParameterResolver.html deleted file mode 100644 index 0b2926e55..000000000 --- a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/LoginParameterResolver.html +++ /dev/null @@ -1,506 +0,0 @@ - - - - - -
-
-
|
-- - | -||||||||||
| - PREV CLASS - NEXT CLASS | -- FRAMES - NO FRAMES - - - - | -||||||||||
| - SUMMARY: NESTED | FIELD | CONSTR | METHOD | --DETAIL: FIELD | CONSTR | METHOD | -||||||||||
- -
-
-at.gv.egovernment.moa.id.proxy
-
-Interface LoginParameterResolver
--
-
-
- public interface LoginParameterResolver
-Determines authentication parameters and headers to be added to a URLConnection
- to the remote online application.
- Utilizes OAConfiguration and AuthenticationData.
-
- -
-
- -
| -Field Summary | -|
-static String |
-MOABKZ
-
-- Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType |
-
-static String |
-MOABPK
-
-- Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType |
-
-static String |
-MOADateOfBirth
-
-- Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType |
-
-static String |
-MOAFamilyName
-
-- Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType |
-
-static String |
-MOAGivenName
-
-- Constants used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType,
- naming predicates used by the LoginParameterResolver. |
-
-static String |
-MOAIdentificationValueType
-
-- Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType |
-
-static String |
-MOAIPAddress
-
-- Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType |
-
-static String |
-MOAPublicAuthority
-
-- Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType |
-
-static String |
-MOAQualifiedCertificate
-
-- Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType |
-
-static String |
-MOAStammzahl
-
-- Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType |
-
| -Method Summary | -|
- void |
-configure(String configuration)
-
-- |
-
- Map |
-getAuthenticationHeaders(OAConfiguration oaConf,
- AuthenticationData authData,
- String clientIPAddress)
-
-- Returns authentication headers to be added to a URLConnection. |
-
- Map |
-getAuthenticationParameters(OAConfiguration oaConf,
- AuthenticationData authData,
- String clientIPAddress)
-
-- Returns request parameters to be added to a URLConnection. |
-
| -Field Detail | -
-MOAGivenName
--public static final String MOAGivenName-
-
-
- Constants used in
MOAIDConfiguration-1.2.xsd, typeMOAAuthDataType, - naming predicates used by theLoginParameterResolver. --
-
-
- See Also:
- Constant Field Values
- -
-MOAFamilyName
--public static final String MOAFamilyName-
-
-
- Constant used in
MOAIDConfiguration-1.2.xsd, typeMOAAuthDataType--
-
-
- See Also:
- Constant Field Values
- -
-MOADateOfBirth
--public static final String MOADateOfBirth-
-
-
- Constant used in
MOAIDConfiguration-1.2.xsd, typeMOAAuthDataType--
-
-
- See Also:
- Constant Field Values
- -
-MOABPK
--public static final String MOABPK-
-
-
- Constant used in
MOAIDConfiguration-1.2.xsd, typeMOAAuthDataType--
-
-
- See Also:
- Constant Field Values
- -
-MOAPublicAuthority
--public static final String MOAPublicAuthority-
-
-
- Constant used in
MOAIDConfiguration-1.2.xsd, typeMOAAuthDataType--
-
-
- See Also:
- Constant Field Values
- -
-MOABKZ
--public static final String MOABKZ-
-
-
- Constant used in
MOAIDConfiguration-1.2.xsd, typeMOAAuthDataType--
-
-
- See Also:
- Constant Field Values
- -
-MOAQualifiedCertificate
--public static final String MOAQualifiedCertificate-
-
-
- Constant used in
MOAIDConfiguration-1.2.xsd, typeMOAAuthDataType--
-
-
- See Also:
- Constant Field Values
- -
-MOAStammzahl
--public static final String MOAStammzahl-
-
-
- Constant used in
MOAIDConfiguration-1.2.xsd, typeMOAAuthDataType--
-
-
- See Also:
- Constant Field Values
- -
-MOAIdentificationValueType
--public static final String MOAIdentificationValueType-
-
-
- Constant used in
MOAIDConfiguration-1.2.xsd, typeMOAAuthDataType--
-
-
- See Also:
- Constant Field Values
- -
-MOAIPAddress
--public static final String MOAIPAddress-
-
-
- Constant used in
MOAIDConfiguration-1.2.xsd, typeMOAAuthDataType--
-
-
- See Also:
- Constant Field Values
| -Method Detail | -
-getAuthenticationHeaders
--public Map getAuthenticationHeaders(OAConfiguration oaConf, - AuthenticationData authData, - String clientIPAddress) - throws LoginParameterResolverException, - NotAllowedException-
-
-
- Returns authentication headers to be added to a URLConnection.
-
-
-
-
- Parameters:
oaConf- configuration dataauthData- authentication dataclientIPAddress- client IP address -- Returns:
- A map, the keys being header names and values being corresponding header values.
-
In case of authentication type"basic-auth", header fields -usernameandpassword. -
In case of authentication type"header-auth", header fields - derived from parameter mapping and authentication data provided. -
Otherwise, an empty map. - - Throws: -
LoginParameterResolverException-NotAllowedException
- -
-getAuthenticationParameters
--public Map getAuthenticationParameters(OAConfiguration oaConf, - AuthenticationData authData, - String clientIPAddress) - throws LoginParameterResolverException-
-
-
- Returns request parameters to be added to a URLConnection.
-
-
-
-
- Parameters:
oaConf- configuration dataauthData- authentication dataclientIPAddress- client IP address -- Returns:
- A map, the keys being parameter names and values being corresponding parameter values.
-
In case of authentication type"param-auth", parameters - derived from parameter mapping and authentication data provided. -
Otherwise, an empty map. - - Throws: -
LoginParameterResolverException
- -
-configure
--public void configure(String configuration) - throws LoginParameterResolverException, - NotAllowedException-
-
-
-
-
-
- Throws: -
LoginParameterResolverException-NotAllowedException
-
- - - - - -
-
-
|
-- - | -||||||||||
| - PREV CLASS - NEXT CLASS | -- FRAMES - NO FRAMES - - - - | -||||||||||
| - SUMMARY: NESTED | FIELD | CONSTR | METHOD | --DETAIL: FIELD | CONSTR | METHOD | -||||||||||
- - - diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/LoginParameterResolverException.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/LoginParameterResolverException.html deleted file mode 100644 index fd4dd84d2..000000000 --- a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/LoginParameterResolverException.html +++ /dev/null @@ -1,251 +0,0 @@ - - - - - -
-
-
|
-- - | -||||||||||
| - PREV CLASS - NEXT CLASS | -- FRAMES - NO FRAMES - - - - | -||||||||||
| - SUMMARY: NESTED | FIELD | CONSTR | METHOD | --DETAIL: FIELD | CONSTR | METHOD | -||||||||||
- -
-
-at.gv.egovernment.moa.id.proxy
-
-Class LoginParameterResolverException
--java.lang.Object --
-
-
-
- public class LoginParameterResolverException
- extends MOAIDException
-Exception thrown while proxying a request to the online application -
- -
-
-
-
- See Also:
- Serialized Form
- -
| -Constructor Summary | -|
LoginParameterResolverException(String messageId,
- Object[] parameters)
-
-- Constructor for LoginParameterResolverException. |
-|
LoginParameterResolverException(String messageId,
- Object[] parameters,
- Throwable wrapped)
-
-- Constructor for LoginParameterResolverException. |
-|
| Methods inherited from class java.lang.Object | -
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
-
| -Constructor Detail | -
-LoginParameterResolverException
--public LoginParameterResolverException(String messageId, - Object[] parameters)-
-
-
- Constructor for LoginParameterResolverException.
-
-
- Parameters:
messageId-parameters-
- -
-LoginParameterResolverException
--public LoginParameterResolverException(String messageId, - Object[] parameters, - Throwable wrapped)-
-
-
- Constructor for LoginParameterResolverException.
-
-
- Parameters:
messageId-parameters-wrapped-
- - - - - -
-
-
|
-- - | -||||||||||
| - PREV CLASS - NEXT CLASS | -- FRAMES - NO FRAMES - - - - | -||||||||||
| - SUMMARY: NESTED | FIELD | CONSTR | METHOD | --DETAIL: FIELD | CONSTR | METHOD | -||||||||||
- - - diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/NotAllowedException.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/NotAllowedException.html deleted file mode 100644 index 7c01bd12f..000000000 --- a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/NotAllowedException.html +++ /dev/null @@ -1,253 +0,0 @@ - - - - - -
-
-
|
-- - | -||||||||||
| - PREV CLASS - NEXT CLASS | -- FRAMES - NO FRAMES - - - - | -||||||||||
| - SUMMARY: NESTED | FIELD | CONSTR | METHOD | --DETAIL: FIELD | CONSTR | METHOD | -||||||||||
- -
-
-at.gv.egovernment.moa.id.proxy
-
-Class NotAllowedException
--java.lang.Object --
-
-
-
- public class NotAllowedException
- extends MOAIDException
-Exception thrown while proxying a request to the online application - Reason for this exception: the dedicated LoginParameterResolver does - not allow access to the desired ressource. -
- -
-
-
-
- See Also:
- Serialized Form
- -
| -Constructor Summary | -|
NotAllowedException(String messageId,
- Object[] parameters)
-
-- Constructor for NotAllowedException. |
-|
NotAllowedException(String messageId,
- Object[] parameters,
- Throwable wrapped)
-
-- Constructor for NotAllowedException. |
-|
| Methods inherited from class java.lang.Object | -
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
-
| -Constructor Detail | -
-NotAllowedException
--public NotAllowedException(String messageId, - Object[] parameters)-
-
-
- Constructor for NotAllowedException.
-
-
- Parameters:
messageId-parameters-
- -
-NotAllowedException
--public NotAllowedException(String messageId, - Object[] parameters, - Throwable wrapped)-
-
-
- Constructor for NotAllowedException.
-
-
- Parameters:
messageId-parameters-wrapped-
- - - - - -
-
-
|
-- - | -||||||||||
| - PREV CLASS - NEXT CLASS | -- FRAMES - NO FRAMES - - - - | -||||||||||
| - SUMMARY: NESTED | FIELD | CONSTR | METHOD | --DETAIL: FIELD | CONSTR | METHOD | -||||||||||
- - - diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/class-use/ConnectionBuilder.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/class-use/ConnectionBuilder.html deleted file mode 100644 index 69af13810..000000000 --- a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/class-use/ConnectionBuilder.html +++ /dev/null @@ -1,136 +0,0 @@ - - - - - -
-
-
|
-- - | -||||||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES - - - - | -||||||||||
-
-Uses of Interface
at.gv.egovernment.moa.id.proxy.ConnectionBuilder
--
- - - - - -
-
-
|
-- - | -||||||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES - - - - | -||||||||||
- - - diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/class-use/LoginParameterResolver.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/class-use/LoginParameterResolver.html deleted file mode 100644 index aca06fa02..000000000 --- a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/class-use/LoginParameterResolver.html +++ /dev/null @@ -1,136 +0,0 @@ - - - - - -
-
-
|
-- - | -||||||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES - - - - | -||||||||||
-
-Uses of Interface
at.gv.egovernment.moa.id.proxy.LoginParameterResolver
--
- - - - - -
-
-
|
-- - | -||||||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES - - - - | -||||||||||
- - - diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/class-use/LoginParameterResolverException.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/class-use/LoginParameterResolverException.html deleted file mode 100644 index ccd7d50cf..000000000 --- a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/class-use/LoginParameterResolverException.html +++ /dev/null @@ -1,192 +0,0 @@ - - - - - -
-
-
|
-- - | -||||||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES - - - - | -||||||||||
-
-Uses of Class
at.gv.egovernment.moa.id.proxy.LoginParameterResolverException
-| -Packages that use LoginParameterResolverException | -|
| at.gv.egovernment.moa.id.proxy | -- |
| -Uses of LoginParameterResolverException in at.gv.egovernment.moa.id.proxy | -
- -
| Methods in at.gv.egovernment.moa.id.proxy that throw LoginParameterResolverException | -|
- Map |
-LoginParameterResolver.getAuthenticationHeaders(OAConfiguration oaConf,
- AuthenticationData authData,
- String clientIPAddress)
-
-- Returns authentication headers to be added to a URLConnection. |
-
- Map |
-LoginParameterResolver.getAuthenticationParameters(OAConfiguration oaConf,
- AuthenticationData authData,
- String clientIPAddress)
-
-- Returns request parameters to be added to a URLConnection. |
-
- void |
-LoginParameterResolver.configure(String configuration)
-
-- |
-
-
- - - - - -
-
-
|
-- - | -||||||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES - - - - | -||||||||||
- - - diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/class-use/NotAllowedException.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/class-use/NotAllowedException.html deleted file mode 100644 index fa0e1f24e..000000000 --- a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/class-use/NotAllowedException.html +++ /dev/null @@ -1,182 +0,0 @@ - - - - - -
-
-
|
-- - | -||||||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES - - - - | -||||||||||
-
-Uses of Class
at.gv.egovernment.moa.id.proxy.NotAllowedException
-| -Packages that use NotAllowedException | -|
| at.gv.egovernment.moa.id.proxy | -- |
| -Uses of NotAllowedException in at.gv.egovernment.moa.id.proxy | -
- -
| Methods in at.gv.egovernment.moa.id.proxy that throw NotAllowedException | -|
- Map |
-LoginParameterResolver.getAuthenticationHeaders(OAConfiguration oaConf,
- AuthenticationData authData,
- String clientIPAddress)
-
-- Returns authentication headers to be added to a URLConnection. |
-
- void |
-LoginParameterResolver.configure(String configuration)
-
-- |
-
-
- - - - - -
-
-
|
-- - | -||||||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES - - - - | -||||||||||
- - - diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/package-frame.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/package-frame.html deleted file mode 100644 index a8afe874e..000000000 --- a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/package-frame.html +++ /dev/null @@ -1,47 +0,0 @@ - - - - - -
|
-Interfaces
-
- -ConnectionBuilder - -LoginParameterResolver |
-
|
-Classes
-
- -LoginParameterResolverException - -NotAllowedException |
-
-
-
|
-- - | -||||||||||
| - PREV PACKAGE - NEXT PACKAGE | -- FRAMES - NO FRAMES - - - - | -||||||||||
-
-Package at.gv.egovernment.moa.id.proxy -
- -| -Interface Summary | -|
| ConnectionBuilder | -Builder for URLConnection objects used to forward requests
- to the remote online application. |
-
| LoginParameterResolver | -Determines authentication parameters and headers to be added to a URLConnection
- to the remote online application.
- |
-
- -
| -Class Summary | -|
| LoginParameterResolverException | -Exception thrown while proxying a request to the online application | -
| NotAllowedException | -Exception thrown while proxying a request to the online application - Reason for this exception: the dedicated LoginParameterResolver does - not allow access to the desired ressource. | -
-
- - - - - -
-
-
|
-- - | -||||||||||
| - PREV PACKAGE - NEXT PACKAGE | -- FRAMES - NO FRAMES - - - - | -||||||||||
- - - diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/package-tree.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/package-tree.html deleted file mode 100644 index 90e057ebc..000000000 --- a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/package-tree.html +++ /dev/null @@ -1,154 +0,0 @@ - - - - - -
-
-
|
-- - | -||||||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES - - - - | -||||||||||
-
-Hierarchy For Package at.gv.egovernment.moa.id.proxy -
--
-
- Package Hierarchies:
- All Packages
-
-Class Hierarchy -
--
-
- class java.lang.Object
-
-
- class MOAIDException
-
-
- class at.gv.egovernment.moa.id.proxy.NotAllowedException
- class MOAIDException
-
-
- class at.gv.egovernment.moa.id.proxy.LoginParameterResolverException
- class MOAIDException
-Interface Hierarchy -
--
-
- interface at.gv.egovernment.moa.id.proxy.ConnectionBuilder
- interface at.gv.egovernment.moa.id.proxy.LoginParameterResolver
- - - - - -
-
-
|
-- - | -||||||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES - - - - | -||||||||||
- - - diff --git a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/package-use.html b/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/package-use.html deleted file mode 100644 index a8c6c026b..000000000 --- a/id.server/doc/moa_id/api-doc/at/gv/egovernment/moa/id/proxy/package-use.html +++ /dev/null @@ -1,170 +0,0 @@ - - - - - -
-
-
|
-- - | -||||||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES - - - - | -||||||||||
-
-Uses of Package
at.gv.egovernment.moa.id.proxy
-| -Packages that use at.gv.egovernment.moa.id.proxy | -|
| at.gv.egovernment.moa.id.proxy | -- |
| -Classes in at.gv.egovernment.moa.id.proxy used by at.gv.egovernment.moa.id.proxy | -|
| LoginParameterResolverException
-
- - Exception thrown while proxying a request to the online application |
-|
| NotAllowedException
-
- - Exception thrown while proxying a request to the online application - Reason for this exception: the dedicated LoginParameterResolver does - not allow access to the desired ressource. |
-|
-
- - - - - -
-
-
|
-- - | -||||||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES - - - - | -||||||||||
- - - diff --git a/id.server/doc/moa_id/api-doc/constant-values.html b/id.server/doc/moa_id/api-doc/constant-values.html deleted file mode 100644 index bc145c359..000000000 --- a/id.server/doc/moa_id/api-doc/constant-values.html +++ /dev/null @@ -1,262 +0,0 @@ - - - - - -
-
-
|
-- - | -||||||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES - - - - | -||||||||||
-
-Constant Field Values
--Contents
-
-
- at.gv.* -
| -at.gv.* | -
- -
| at.gv.egovernment.moa.id.config.proxy.OAConfiguration | -||
-public static final String |
-BASIC_AUTH |
-"basic" |
-
-public static final String |
-HEADER_AUTH |
-"header" |
-
-public static final String |
-LOGINTYPE_STATEFUL |
-"stateful" |
-
-public static final String |
-LOGINTYPE_STATELESS |
-"stateless" |
-
-public static final String |
-PARAM_AUTH |
-"param" |
-
- -
- -
| at.gv.egovernment.moa.id.proxy.LoginParameterResolver | -||
-public static final String |
-MOABKZ |
-"MOABKZ" |
-
-public static final String |
-MOABPK |
-"MOABPK" |
-
-public static final String |
-MOADateOfBirth |
-"MOADateOfBirth" |
-
-public static final String |
-MOAFamilyName |
-"MOAFamilyName" |
-
-public static final String |
-MOAGivenName |
-"MOAGivenName" |
-
-public static final String |
-MOAIdentificationValueType |
-"MOAIdentificationValueType" |
-
-public static final String |
-MOAIPAddress |
-"MOAIPAddress" |
-
-public static final String |
-MOAPublicAuthority |
-"MOAPublicAuthority" |
-
-public static final String |
-MOAQualifiedCertificate |
-"MOAQualifiedCertificate" |
-
-public static final String |
-MOAStammzahl |
-"MOAStammzahl" |
-
- -
-
- - - - - -
-
-
|
-- - | -||||||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES - - - - | -||||||||||
- - - diff --git a/id.server/doc/moa_id/api-doc/deprecated-list.html b/id.server/doc/moa_id/api-doc/deprecated-list.html deleted file mode 100644 index d760f28ee..000000000 --- a/id.server/doc/moa_id/api-doc/deprecated-list.html +++ /dev/null @@ -1,134 +0,0 @@ - - - - - -
-
-
|
-- - | -||||||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES - - - - | -||||||||||
-
-Deprecated API
-- - - - - -
-
-
|
-- - | -||||||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES - - - - | -||||||||||
- - - diff --git a/id.server/doc/moa_id/api-doc/help-doc.html b/id.server/doc/moa_id/api-doc/help-doc.html deleted file mode 100644 index bbdccd6b5..000000000 --- a/id.server/doc/moa_id/api-doc/help-doc.html +++ /dev/null @@ -1,193 +0,0 @@ - - - - - -
-
-
|
-- - | -||||||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES - - - - | -||||||||||
-
-How This API Document Is Organized
--Overview
-- ---The Overview page is the front page of this API document and provides a list of all packages with a summary for each. This page can also contain an overall description of the set of packages.
-Package
-- ---Each package has a page that contains a list of its classes and interfaces, with a summary for each. This page can contain four categories:
-
-- Interfaces (italic)
- Classes
- Exceptions
- Errors
-Class/Interface
-- ---Each class, interface, nested class and nested interface has its own separate page. Each of these pages has three sections consisting of a class/interface description, summary tables, and detailed member descriptions:
-
-Each summary entry contains the first sentence from the detailed description for that item. The summary entries are alphabetical, while the detailed descriptions are in the order they appear in the source code. This preserves the logical groupings established by the programmer.- Class inheritance diagram
- Direct Subclasses
- All Known Subinterfaces
- All Known Implementing Classes
- Class/interface declaration
- Class/interface description -
-
- Nested Class Summary
- Field Summary
- Constructor Summary
- Method Summary -
-
- Field Detail
- Constructor Detail
- Method Detail
-Use
--Each documented package, class and interface has its own Use page. This page describes what packages, classes, methods, constructors and fields use any part of the given class or package. Given a class or interface A, its Use page includes subclasses of A, fields declared as A, methods that return A, and methods and constructors with parameters of type A. You can access this page by first going to the package, class or interface, then clicking on the "Use" link in the navigation bar.-
-Tree (Class Hierarchy)
--There is a Class Hierarchy page for all packages, plus a hierarchy for each package. Each hierarchy page contains a list of classes and a list of interfaces. The classes are organized by inheritance structure starting with-java.lang.Object. The interfaces do not inherit fromjava.lang.Object.-
-- When viewing the Overview page, clicking on "Tree" displays the hierarchy for all packages.
- When viewing a particular package, class or interface page, clicking "Tree" displays the hierarchy for only that package.
-Deprecated API
--The Deprecated API page lists all of the API that have been deprecated. A deprecated API is not recommended for use, generally due to improvements, and a replacement API is usually given. Deprecated APIs may be removed in future implementations.-
-Index
--The Index contains an alphabetic list of all classes, interfaces, constructors, methods, and fields.-
-Prev/Next
-These links take you to the next or previous class, interface, package, or related page.-Frames/No Frames
-These links show and hide the HTML frames. All pages are available with or without frames. --
-Serialized Form
-Each serializable or externalizable class has a description of its serialization fields and methods. This information is of interest to re-implementors, not to developers using the API. While there is no link in the navigation bar, you can get to this information by going to any serialized class and clicking "Serialized Form" in the "See also" section of the class description. -
-
-
-This help file applies to API documentation generated using the standard doclet.
-
-
-
- - - - - -
-
-
|
-- - | -||||||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES - - - - | -||||||||||
- - - diff --git a/id.server/doc/moa_id/api-doc/index-all.html b/id.server/doc/moa_id/api-doc/index-all.html deleted file mode 100644 index b6ccf5c68..000000000 --- a/id.server/doc/moa_id/api-doc/index-all.html +++ /dev/null @@ -1,462 +0,0 @@ - - - - - -
-
-
|
-- - | -||||||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES - - - - | -||||||||||
-
-A
--
-
- AuthenticationData - class at.gv.egovernment.moa.id.data.AuthenticationData.
- Encapsulates authentication data contained in a
<saml:Assertion>. - AuthenticationData() - -Constructor for class at.gv.egovernment.moa.id.data.AuthenticationData -
- Constructor for AuthenticationData. -
- AuthenticationException - class at.gv.egovernment.moa.id.AuthenticationException.
- Exception thrown during handling of AuthenticationSession
- AuthenticationException(String, Object[]) - -Constructor for class at.gv.egovernment.moa.id.AuthenticationException -
- Constructor for AuthenticationException. -
- AuthenticationException(String, Object[], Throwable) - -Constructor for class at.gv.egovernment.moa.id.AuthenticationException -
- Constructor for AuthenticationException. -
- AuthenticationServer - class at.gv.egovernment.moa.id.auth.AuthenticationServer.
- API for MOA ID Authentication Service.
- AuthenticationServer() - -Constructor for class at.gv.egovernment.moa.id.auth.AuthenticationServer -
- Constructor for AuthenticationServer. -
- at.gv.egovernment.moa.id - package at.gv.egovernment.moa.id
- at.gv.egovernment.moa.id.auth - package at.gv.egovernment.moa.id.auth
- at.gv.egovernment.moa.id.config.proxy - package at.gv.egovernment.moa.id.config.proxy
- at.gv.egovernment.moa.id.data - package at.gv.egovernment.moa.id.data
- at.gv.egovernment.moa.id.proxy - package at.gv.egovernment.moa.id.proxy
-
-B
--
-
- BASIC_AUTH - -Static variable in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration -
- Constant for an auth method -
- buildConnection(HttpServletRequest, String, String, SSLSocketFactory, Map) - -Method in interface at.gv.egovernment.moa.id.proxy.ConnectionBuilder -
- Builds an HttpURLConnection to a
URLwhich is derived - from anHttpServletRequestURL, by substitution of a - public URL prefix for the real URL prefix. -
-
-C
--
-
- ConnectionBuilder - interface at.gv.egovernment.moa.id.proxy.ConnectionBuilder.
- Builder for
URLConnectionobjects used to forward requests - to the remote online application. - cleanup() - -Method in class at.gv.egovernment.moa.id.auth.AuthenticationServer -
- Cleans up expired session and authentication data stores. -
- configure(String) - -Method in interface at.gv.egovernment.moa.id.proxy.LoginParameterResolver -
- -
-
-D
--
-
- debugOutputXMLFile(String, Element) - -Static method in class at.gv.egovernment.moa.id.auth.AuthenticationServer -
- Writes an XML structure to file for debugging purposes, encoding UTF-8. -
- debugOutputXMLFile(String, String) - -Static method in class at.gv.egovernment.moa.id.auth.AuthenticationServer -
- Writes an XML structure to file for debugging purposes, encoding UTF-8. -
-
-G
--
-
- getAssertionID() - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Returns the assertionID. -
- getAuthType() - -Method in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration -
- Returns the authType. -
- getAuthenticationData(String) - -Method in class at.gv.egovernment.moa.id.auth.AuthenticationServer -
- Retrieves
AuthenticationDataindexed by the SAML artifact. - - - getAuthenticationHeaders(OAConfiguration, AuthenticationData, String) - -Method in interface at.gv.egovernment.moa.id.proxy.LoginParameterResolver -
- Returns authentication headers to be added to a URLConnection. -
- getAuthenticationParameters(OAConfiguration, AuthenticationData, String) - -Method in interface at.gv.egovernment.moa.id.proxy.LoginParameterResolver -
- Returns request parameters to be added to a URLConnection. -
- getBasicAuthPasswordMapping() - -Method in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration -
- Returns the basicAuthPasswordMapping. -
- getBasicAuthUserIDMapping() - -Method in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration -
- Returns the basicAuthUserIDMapping. -
- getDateOfBirth() - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Returns the dateOfBirth. -
- getFamilyName() - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Returns the familyName. -
- getGivenName() - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Returns the givenName. -
- getHeaderAuthMapping() - -Method in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration -
- Returns the headerAuthMapping. -
- getIdentificationType() - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Returns the identificationType -
- getIdentificationValue() - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Returns the identificationValue. -
- getInstance() - -Static method in class at.gv.egovernment.moa.id.auth.AuthenticationServer -
- Returns the single instance of
AuthenticationServer. - - getIssueInstant() - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Returns the issueInstant. -
- getIssuer() - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Returns the issuer. -
- getLoginType() - -Method in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration -
- Returns the loginType. -
- getMajorVersion() - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Returns the majorVersion. -
- getMinorVersion() - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Returns the minorVersion. -
- getPBK() - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Returns the bPK. -
- getParamAuthMapping() - -Method in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration -
- Returns the paramAuthMapping. -
- getPublicAuthorityCode() - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Returns the publicAuthorityCode. -
- getSamlAssertion() - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Returns the samlAssertion. -
- getSession(String) - -Static method in class at.gv.egovernment.moa.id.auth.AuthenticationServer -
- Retrieves a session from the session store. -
- getTimestamp() - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Returns the timestamp. -
-
-H
--
-
- HEADER_AUTH - -Static variable in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration -
- Constant for an auth method -
-
-I
--
-
- isPublicAuthority() - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Returns the publicAuthority. -
- isQualifiedCertificate() - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Returns the qualifiedCertificate. -
-
-L
--
-
- LOGINTYPE_STATEFUL - -Static variable in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration -
- Constant for an login method -
- LOGINTYPE_STATELESS - -Static variable in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration -
- Constant for an login method -
- LoginParameterResolver - interface at.gv.egovernment.moa.id.proxy.LoginParameterResolver.
- Determines authentication parameters and headers to be added to a
URLConnection- to the remote online application. - - LoginParameterResolverException - class at.gv.egovernment.moa.id.proxy.LoginParameterResolverException.
- Exception thrown while proxying a request to the online application
- LoginParameterResolverException(String, Object[]) - -Constructor for class at.gv.egovernment.moa.id.proxy.LoginParameterResolverException -
- Constructor for LoginParameterResolverException. -
- LoginParameterResolverException(String, Object[], Throwable) - -Constructor for class at.gv.egovernment.moa.id.proxy.LoginParameterResolverException -
- Constructor for LoginParameterResolverException. -
-
-M
--
-
- MOABKZ - -Static variable in interface at.gv.egovernment.moa.id.proxy.LoginParameterResolver -
- Constant used in
MOAIDConfiguration-1.2.xsd, typeMOAAuthDataType- - MOABPK - -Static variable in interface at.gv.egovernment.moa.id.proxy.LoginParameterResolver -
- Constant used in
MOAIDConfiguration-1.2.xsd, typeMOAAuthDataType- - MOADateOfBirth - -Static variable in interface at.gv.egovernment.moa.id.proxy.LoginParameterResolver -
- Constant used in
MOAIDConfiguration-1.2.xsd, typeMOAAuthDataType- - MOAFamilyName - -Static variable in interface at.gv.egovernment.moa.id.proxy.LoginParameterResolver -
- Constant used in
MOAIDConfiguration-1.2.xsd, typeMOAAuthDataType- - MOAGivenName - -Static variable in interface at.gv.egovernment.moa.id.proxy.LoginParameterResolver -
- Constants used in
MOAIDConfiguration-1.2.xsd, typeMOAAuthDataType, - naming predicates used by theLoginParameterResolver. - - MOAIPAddress - -Static variable in interface at.gv.egovernment.moa.id.proxy.LoginParameterResolver -
- Constant used in
MOAIDConfiguration-1.2.xsd, typeMOAAuthDataType- - MOAIdentificationValueType - -Static variable in interface at.gv.egovernment.moa.id.proxy.LoginParameterResolver -
- Constant used in
MOAIDConfiguration-1.2.xsd, typeMOAAuthDataType- - MOAPublicAuthority - -Static variable in interface at.gv.egovernment.moa.id.proxy.LoginParameterResolver -
- Constant used in
MOAIDConfiguration-1.2.xsd, typeMOAAuthDataType- - MOAQualifiedCertificate - -Static variable in interface at.gv.egovernment.moa.id.proxy.LoginParameterResolver -
- Constant used in
MOAIDConfiguration-1.2.xsd, typeMOAAuthDataType- - MOAStammzahl - -Static variable in interface at.gv.egovernment.moa.id.proxy.LoginParameterResolver -
- Constant used in
MOAIDConfiguration-1.2.xsd, typeMOAAuthDataType-
-
-N
--
-
- NotAllowedException - class at.gv.egovernment.moa.id.proxy.NotAllowedException.
- Exception thrown while proxying a request to the online application - Reason for this exception: the dedicated LoginParameterResolver does - not allow access to the desired ressource.
- NotAllowedException(String, Object[]) - -Constructor for class at.gv.egovernment.moa.id.proxy.NotAllowedException -
- Constructor for NotAllowedException. -
- NotAllowedException(String, Object[], Throwable) - -Constructor for class at.gv.egovernment.moa.id.proxy.NotAllowedException -
- Constructor for NotAllowedException. -
-
-O
--
-
- OAConfiguration - class at.gv.egovernment.moa.id.config.proxy.OAConfiguration.
- Holds configuration data concerning an online application for use by the MOA-ID Proxy component. -
- OAConfiguration() - -Constructor for class at.gv.egovernment.moa.id.config.proxy.OAConfiguration -
- -
-
-P
--
-
- PARAM_AUTH - -Static variable in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration -
- Constant for an auth method -
-
-S
--
-
- selectBKU(String, String, String, String, String) - -Method in class at.gv.egovernment.moa.id.auth.AuthenticationServer -
- Processes request to select a BKU. - -
- setAssertionID(String) - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Sets the assertionID. -
- setAuthType(String) - -Method in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration -
- Sets the authType. -
- setBasicAuthPasswordMapping(String) - -Method in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration -
- Sets the basicAuthPasswordMapping. -
- setBasicAuthUserIDMapping(String) - -Method in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration -
- Sets the basicAuthUserIDMapping. -
- setDateOfBirth(String) - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Sets the dateOfBirth. -
- setFamilyName(String) - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Sets the familyName. -
- setGivenName(String) - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Sets the givenName. -
- setHeaderAuthMapping(HashMap) - -Method in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration -
- Sets the headerAuthMapping. -
- setIdentificationType(String) - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Sets the identificationType. -
- setIdentificationValue(String) - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Sets the identificationValue. -
- setIssueInstant(String) - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Sets the issueInstant. -
- setIssuer(String) - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Sets the issuer. -
- setLoginType(String) - -Method in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration -
- Sets the loginType. -
- setMajorVersion(int) - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Sets the majorVersion. -
- setMinorVersion(int) - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Sets the minorVersion. -
- setPBK(String) - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Sets the bPK. -
- setParamAuthMapping(HashMap) - -Method in class at.gv.egovernment.moa.id.config.proxy.OAConfiguration -
- Sets the paramAuthMapping. -
- setPublicAuthority(boolean) - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Sets the publicAuthority. -
- setPublicAuthorityCode(String) - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Sets the publicAuthorityCode. -
- setQualifiedCertificate(boolean) - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Sets the qualifiedCertificate. -
- setSamlAssertion(String) - -Method in class at.gv.egovernment.moa.id.data.AuthenticationData -
- Sets the samlAssertion. -
- setSecondsAuthDataTimeOut(long) - -Method in class at.gv.egovernment.moa.id.auth.AuthenticationServer -
- Sets the authDataTimeOut. -
- setSecondsSessionTimeOut(long) - -Method in class at.gv.egovernment.moa.id.auth.AuthenticationServer -
- Sets the sessionTimeOut. -
- startAuthentication(String, String, String, String, String, String) - -Method in class at.gv.egovernment.moa.id.auth.AuthenticationServer -
- Processes the beginning of an authentication session. - -
-
-V
--
-
- verifyAuthenticationBlock(String, String) - -Method in class at.gv.egovernment.moa.id.auth.AuthenticationServer -
- Processes a
<CreateXMLSignatureResponse>sent by the - security layer implementation. - - verifyIdentityLink(String, String) - -Method in class at.gv.egovernment.moa.id.auth.AuthenticationServer -
- Processes an
<InfoboxReadResponse>sent by the - security layer implementation. -
-A B C D G H I L M N O P S V - - - - -
-
-
|
-- - | -||||||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES - - - - | -||||||||||
- - - diff --git a/id.server/doc/moa_id/api-doc/index.html b/id.server/doc/moa_id/api-doc/index.html deleted file mode 100644 index 61c644160..000000000 --- a/id.server/doc/moa_id/api-doc/index.html +++ /dev/null @@ -1,26 +0,0 @@ - - - - - -
| - | -
| All Classes
-
-
-Packages
- |
-
- - - diff --git a/id.server/doc/moa_id/api-doc/overview-summary.html b/id.server/doc/moa_id/api-doc/overview-summary.html deleted file mode 100644 index 0d16ca82c..000000000 --- a/id.server/doc/moa_id/api-doc/overview-summary.html +++ /dev/null @@ -1,165 +0,0 @@ - - - -
- -
-
-
|
-- - | -||||||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES - - - - | -||||||||||
-
-MOA ID API
-
-| -Packages | -|
| at.gv.egovernment.moa.id | -- |
| at.gv.egovernment.moa.id.auth | -- |
| at.gv.egovernment.moa.id.config.proxy | -- |
| at.gv.egovernment.moa.id.data | -- |
| at.gv.egovernment.moa.id.proxy | -- |
-
- - - - - -
-
-
|
-- - | -||||||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES - - - - | -||||||||||
- - - diff --git a/id.server/doc/moa_id/api-doc/overview-tree.html b/id.server/doc/moa_id/api-doc/overview-tree.html deleted file mode 100644 index 583aeddde..000000000 --- a/id.server/doc/moa_id/api-doc/overview-tree.html +++ /dev/null @@ -1,155 +0,0 @@ - - - - - -
-
-
|
-- - | -||||||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES - - - - | -||||||||||
-
-Hierarchy For All Packages
--
-
- Package Hierarchies:
- at.gv.egovernment.moa.id, at.gv.egovernment.moa.id.auth, at.gv.egovernment.moa.id.config.proxy, at.gv.egovernment.moa.id.data, at.gv.egovernment.moa.id.proxy
-
-Class Hierarchy -
--
-
- class java.lang.Object
-
-
- class at.gv.egovernment.moa.id.data.AuthenticationData
- class at.gv.egovernment.moa.id.auth.AuthenticationServer
- class MOAIDException
-
-
- class at.gv.egovernment.moa.id.AuthenticationException
- class MOAIDException
-
-
- class at.gv.egovernment.moa.id.proxy.LoginParameterResolverException
- class MOAIDException
-
-
- class at.gv.egovernment.moa.id.proxy.NotAllowedException
- class at.gv.egovernment.moa.id.config.proxy.OAConfiguration
-Interface Hierarchy -
--
-
- interface at.gv.egovernment.moa.id.proxy.ConnectionBuilder
- interface at.gv.egovernment.moa.id.proxy.LoginParameterResolver
- - - - - -
-
-
|
-- - | -||||||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES - - - - | -||||||||||
- - - diff --git a/id.server/doc/moa_id/api-doc/package-list b/id.server/doc/moa_id/api-doc/package-list deleted file mode 100644 index 4cafbedb3..000000000 --- a/id.server/doc/moa_id/api-doc/package-list +++ /dev/null @@ -1,5 +0,0 @@ -at.gv.egovernment.moa.id -at.gv.egovernment.moa.id.auth -at.gv.egovernment.moa.id.config.proxy -at.gv.egovernment.moa.id.data -at.gv.egovernment.moa.id.proxy diff --git a/id.server/doc/moa_id/api-doc/packages.html b/id.server/doc/moa_id/api-doc/packages.html deleted file mode 100644 index dc4a5e004..000000000 --- a/id.server/doc/moa_id/api-doc/packages.html +++ /dev/null @@ -1,37 +0,0 @@ - - - - - -
- -
- -
-
- Frame version -
- Non-frame version.
-
-
|
-- - | -||||||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES - - - - | -||||||||||
-
-Serialized Form
-| -Class at.gv.egovernment.moa.id.AuthenticationException extends MOAIDException implements Serializable | -
- -
-
- -
| -Class at.gv.egovernment.moa.id.proxy.LoginParameterResolverException extends MOAIDException implements Serializable | -
- -
-
- -
| -Class at.gv.egovernment.moa.id.proxy.NotAllowedException extends MOAIDException implements Serializable | -
- -
-
- - - - - -
-
-
|
-- - | -||||||||||
| - PREV - NEXT | -- FRAMES - NO FRAMES - - - - | -||||||||||
- - - diff --git a/id.server/doc/moa_id/api-doc/stylesheet.css b/id.server/doc/moa_id/api-doc/stylesheet.css deleted file mode 100644 index 14c3737e8..000000000 --- a/id.server/doc/moa_id/api-doc/stylesheet.css +++ /dev/null @@ -1,29 +0,0 @@ -/* Javadoc style sheet */ - -/* Define colors, fonts and other style attributes here to override the defaults */ - -/* Page background color */ -body { background-color: #FFFFFF } - -/* Headings */ -h1 { font-size: 145% } - -/* Table colors */ -.TableHeadingColor { background: #CCCCFF } /* Dark mauve */ -.TableSubHeadingColor { background: #EEEEFF } /* Light mauve */ -.TableRowColor { background: #FFFFFF } /* White */ - -/* Font used in left-hand frame lists */ -.FrameTitleFont { font-size: 100%; font-family: Helvetica, Arial, sans-serif } -.FrameHeadingFont { font-size: 90%; font-family: Helvetica, Arial, sans-serif } -.FrameItemFont { font-size: 90%; font-family: Helvetica, Arial, sans-serif } - -/* Navigation bar fonts and colors */ -.NavBarCell1 { background-color:#EEEEFF;} /* Light mauve */ -.NavBarCell1Rev { background-color:#00008B;} /* Dark Blue */ -.NavBarFont1 { font-family: Arial, Helvetica, sans-serif; color:#000000;} -.NavBarFont1Rev { font-family: Arial, Helvetica, sans-serif; color:#FFFFFF;} - -.NavBarCell2 { font-family: Arial, Helvetica, sans-serif; background-color:#FFFFFF;} -.NavBarCell3 { font-family: Arial, Helvetica, sans-serif; background-color:#FFFFFF;} - diff --git a/id.server/doc/moa_id/examples/BKUSelectionTemplate.html b/id.server/doc/moa_id/examples/BKUSelectionTemplate.html deleted file mode 100644 index 5536226a8..000000000 --- a/id.server/doc/moa_id/examples/BKUSelectionTemplate.html +++ /dev/null @@ -1,52 +0,0 @@ - - - -
-Auswahl der Bürgerkartenumgebung
- -Sie haben sich für Anmeldung mit Ihrer Bürgerkarte entschieden. Da es verschiedene Formen der Bürgerkarte gibt, müssen Sie nun wählen, welche Sie bei der Anmeldung verwenden wollen.
-Auswahl der Bürgerkarte
- -- - - - - -
Hinweise:
--
-
-
-
Wollen Sie eine A-Trust Bürgerkarte erwerben? Hier finden Sie Informationen - dazu: A-Trust - Bürgerkarte. Bei der Anmeldung mit der A-Trust Bürgerkarte - benötigen Sie eine funktionsfähige Bürgerkartensoftware sowie - einen passenden Kartenleser.
-
- -
-
Wollen Sie ein A1-Signatur erwerben? Wenden Sie sich an 0800-664 680 um - Informationen zur A1-Signatur zu erhalten. - Hier finden Sie ebenfalls Informationen dazu: A1-Signatur. - Bei der Anmeldung mit der A1-Signatur wird keine Bürgerkartensoftware und - kein Kartenleser benötigt.
-
-
- - - - diff --git a/id.server/doc/moa_id/examples/ChainingModes.txt b/id.server/doc/moa_id/examples/ChainingModes.txt deleted file mode 100644 index 820b60d06..000000000 --- a/id.server/doc/moa_id/examples/ChainingModes.txt +++ /dev/null @@ -1,6 +0,0 @@ -
-Sicherer Zugang zur Online-Anwendung mit Bürgerkarte
- - -Der identifizierte Zugang erfolgt über die Module für Online Applikationen (MOA) unter Verwendung einer Bürgerkarte und deren Signaturfunktion. - - -Wenn Sie in Folge die Schaltfläche "Anmeldung mit Bürgerkarte" -aktivieren, so werden zur Signatur der Anmeldedaten aufgefordert. Wenn sie diese -signieren, so werden sie zur Online-Anwendung weitergeleitet und angemeldet.
- - - - - - - diff --git a/id.server/doc/moa_id/examples/TransformsInfoAuthBlock.txt b/id.server/doc/moa_id/examples/TransformsInfoAuthBlock.txt deleted file mode 100644 index d9cbec71d..000000000 --- a/id.server/doc/moa_id/examples/TransformsInfoAuthBlock.txt +++ /dev/null @@ -1,29 +0,0 @@ -Signatur der Anmeldedaten
- -Mit meiner elektronischen Signatur beantrage ich
-
-Datum und Uhrzeit:
-
-
- - - -
|
- FAQs
- - - - - |
-
- FAQs - Häufig gestellte Fragen
- Frage 1 - Mit dem Internet Explorer kommt es bei einer Anmeldung an der lokal - installierten Version von MOA-ID zu Fehlern beim Redirect. Warum? -Frage 2 - Wenn die Proxy-Komponente lokal läuft und per TLS/SSL aufgerufen - wird, kommt es zu einer Fehlermeldung. Wie kann dies verhindert werden? -Frage 3 - Es soll serverseitig lediglich starke TLS/SSL Verschlüsselung (>100 - Bit) unterstützt werden. Wie kann dies erzwungen werden? -Frage 4 Beim Starten von - MOA ID bzw. MOA SPSS tritt folgende Exception auf: java.lang.ClassCastException: - iaik.asn1.structures.Name. Was kann der Fehler sein? -Frage 5 Ich möchte - MOA in einer Umgebung betreiben, die einen Internet-Zugang nur über - einen Proxy erlaubt. Funktioniert das? -Frage 6 Tomcat: Wärend - des Betriebs kommt es zu org.apache.commons.logging.LogConfigurationException. - Wie kann dies verhindert werden? -- - - Q: Mit dem Internet Explorer kommt es bei einer Anmeldung - an der lokal installierten Version von MOA-ID zu Fehlern beim Redirect. - Warum? -A: Aufgrund eines Fehlers in Microsofts Internet - Explorer schlägt der (lokale) Redirect auf dem lokal installierten - Tomcat fehl. -Als Workaround empfiehlt es sich, zum lokalen Testen einen - alternativen Browser wie Opera, - Mozilla oder Netscape - zu verwenden, da diese Probleme dort nicht auftreten. Von einem anderen - Rechner aus kann jedoch die Anmeldung an MOA-ID auch mit dem Internet - Explorer erfolgen. -- - Q: Wenn die Proxy-Komponente lokal läuft und - per TLS/SSL aufgerufen wird, kommt es zu einer Fehlermeldung. Wie kann - dies verhindert werden? - A: Wenn in der Konfiguration statt 'localhost' der
- eigene Rechnername verwendet wird, funktioniert die Proxy-Komponente
- wie gewohnt. - - Q: Es soll serverseitig lediglich starke TLS/SSL - Verschlüsselung (>100 Bit) unterstützt werden. Wie kann - dies erzwungen werden? -A: Tomcat bietet (bis dato) keine einfache Möglichkeit - die serverseitig verwendeten TLS/SSL Verschlüsselungsalgorithmen - zu konfigurieren. Daher empfiehlt es sich in diesem Fall, einen Web-Server - wie Apache oder den Microsoft Internet-Information-Server für das - SSL-Handling vorzuschalten und dort in der jeweiligen Konfiguration - starke Verschlüsselung zu erzwingen. -- - - Q: Beim Starten von MOA SPSS tritt folgende Exception auf: java.lang.ClassCastException: - iaik.asn1.structures.Name. Was kann der Fehler sein? - A: Auf Grund einer mangelhaften Implementierung - in einigen Versionen des JDK 1.3.1 kann es beim Betrieb von MOA zu folgendem - Problem kommen: Sun macht in der Implementierung von PKCS7.getCertificate() - einen Downcast vom Interface java.security.Principal auf die eigene - Implementierung, was zu einer ClassCastException führt, wenn der JCE-Provider - von Sun nicht an erster Stelle in der List der Security-Provider installiert - ist. MOA geht nun aber so vor, dass der JCE-Provider des IAIK an die - erste Stelle installiert wird, wenn er zum Zeitpunkt der Konfiguration - noch nicht installiert war. Wird dann von irgendeinem ClassLoader der - jar-Verifier benützt, wird PKCS7.getCertificate() verwendet, und - es kommt zu einer ClassCastException. -Wird MOA über die API-Schnittstelle verwendet, ist ein - Workaround die manuelle Installation des IAIK-JCE-Providers nach dem - Sun JCE-Provider (etwa an die letzte Stelle), bevor die MOA-Konfiguration - aufgerufen wird. Bei Verwendung der Webservices ist die Möglichkeit - der statischen Konfiguration der JCE-Provider mittels Angabe in der - Datei $JAVA_HOME/jre/lib/security/java.security der einzige bekannte - Workaround. Hierzu müssen die Einträge - - security.provider.1=sun.security.provider.Sun - security.provider.2=com.sun.rsajca.Provider -- durch folgenden Eintrag ergänzt werden: - - security.provider.3=iaik.security.provider.IAIK -- - - - -
-
- Q: Ich möchte MOA in einer Umgebung betreiben, - die einen Internet-Zugang nur über einen Proxy erlaubt. Funktioniert - das? -A: Ja, zumindest für Zugriffe über HTTP. - Sie müssen dazu die nachfolgenden JAVA System-Properties setzen: --- <proxyhost> gibt den Namen oder die IP-Adresse des - Proxies an. -<proxyport> gibt den Port des Proxies an. -<exceptionhosts> enthält eine Liste von Rechnernamen, - die nicht über den Proxy laufen sollen. Jedenfalls müssen - sie hier localhost angeben. Einzelne Namen sind durch eine - Pipe (|) zu trennen. Bitte beachten Sie, dass IP-Addressen - nicht angegeben werden dürfen, sowie die verpflichtend zu verwendenen - Anführungszeichen. -- - Q: Tomcat: Wärend des Betriebs kommt es zu org.apache.commons.logging.LogConfigurationException. - Wie kann dies verhindert werden? -org.apache.commons.logging.LogConfigurationException: org.apache.commons.logging.LogConfigurationException:
- org.apache.commons.logging.LogConfigurationException A: Dies ist ein Fehler in tomcat in der Version 4.1.27. $CATALINA_HOME\server\lib\tomcat-util.jar muss gegen eine - gepatchte Version ausgetauscht werden, da ein BUG in der Originalversion - von tomcat 4.1.27. Diese gepatchte Version ist in der MOA-ID Distribution - im Verzeichnis $MOA_ID_INST_AUTH\tomcat\tomcat-util-4.1.27-patched\ - zu finden. -- |
-
| - | - |
- Zurück- |
-
- - © 2003
- |
- - -
- - -
|
- MOA-ID - 
- Übersicht- - - |
-
-
- MOA ID-Administration v.1.2
-
-Die Komponenten des Moduls Identifikation (MOA-ID), MOA-ID-AUTH und MOA-ID-PROXY, sind als plattformunabhängige Webapplikationen ausgelegt.
-MOA-ID-AUTH ist die Basiskomponente des Moduls, und MOA-ID-PROXY ist eine optionale Zusatzkomponente.
-Für den Betrieb dieser Webapplikationen wird eine Java Virtual Machine und ein Java Servlet Container vorausgesetzt.
- |
- Basis-Installation- - - - -
|
- - |
-
- Übersicht -
-Für den Betrieb von MOA-ID-AUTH sind unterschiedliche Szenarien möglich, die unterschiedliche Möglichkeiten bieten und die Installation unterschiedlicher Software- und Hardware-Komponenten erfordern. Dieser Abschnitt gibt einen kurzen Überblick über die notwendige Basis-Installation und optionale weitere Konfigurationsmöglichkeiten.
-
- |
- - -
|
- - |
-
- Basis-Installation von MOA-ID-AUTH
-
-Die Basis-Installation stellt einerseits die minimalen Anforderungen für den Betrieb von MOA-ID-AUTH dar, andererseits dient sie als Ausgangspunkt für weitere (optionale) Konfigurations-Möglichkeiten.
-
-Um möglichen Versionskonflikten aus dem Weg zu gehen sollten stets die neuesten Versionen von MOA-ID als auch von MOA-SP/SS verwendet werden.
--In diesem Betriebs-Szenario wird MOA-ID-AUTH in Tomcat deployt. Tomcat fungiert gleichzeitig als HTTP- und HTTPS-Endpunkt für MOA-ID-AUTH. Beide Protokolle werden direkt in Tomcat konfiguriert. - -Die Webapplikation verwendet Log4j als Logging Toolkit. - |
- - -
|
- - |
-
- Basis-Installation von MOA-ID-PROXY (optional) -
-Einer Online-Applikation, für die MOA-ID-AUTH die Authentisierung übernimmt, kann die Komponente MOA-ID-PROXY vorgeschaltet werden. Diese Komponente übernimmt die Anmeldedaten von MOA-ID-AUTH, führt die Anmeldung an der Online Applikation durch und schleust in der Folge Daten an die Online-Applikation und Daten an den Benutzer durch.
-
-Die Basis-Installation von MOA-ID-PROXY geschieht im Wesentlichen analog zur Basis-Installation von MOA-ID-AUTH.
-
--MOA-ID-AUTH und MOA-ID-PROXY können in verschiedenen Konstellationen zum Einsatz gebracht werden: -
-Ausgehend von der Basis-Installation können die optionalen Konfigurationen, die in den nachfolgenden Abschnitten beschrieben werden, unabhängig und in beliebiger Kombination aufgesetzt werden. - |
- - -
|
- - |
-
- Konfiguration mit vorgeschaltetem Webserver (optional) -
-Den MOA ID Webapplikationen kann jeweils optional ein Webserver vorgeschaltet sein. Unter Microsoft Windows ist das im Regelfall der Microsoft Internet Information Server (MS IIS), auf Unix-Systemen kommt üblicherweise der Apache Webserver zum Einsatz.
-
-- Folgende Software ist unter Windows Voraussetzung: -
Folgende Software ist unter Unix/Linux Voraussetzung:
-
In diesem Fall übernimmt der vorgeschaltete Webserver die Funktion des HTTP- und HTTPS-Endpunktes. Beide Protokolle werden im Webserver konfiguriert.
-
--Mittels mod_jk werden die Webservice-Aufrufe, die im vorgeschalteten Webserver eintreffen, an Tomcat weiter geleitet, bzw. die Antwort von Tomcat wieder an den Webserver zurück übermittelt. - |
- - -
|
- - |
-
- Konfiguration mit PostgreSQL (optional) -
-Das MOA ID Webservice kann eine PostgreSQL Datenbank nutzen, um:
-
-
Für den Zugriff auf PostgreSQL ist die Installation folgender Software Voraussetzung:
-
|
- - -
|
- - |
-
- Zusammenfassung -
-Notwendig für den Betrieb von MOA ID ist eine Basis-Installation. Weitere optionale Konfigurationen können unabhängig und in beliebiger Kombination miteinander durchgeführt werden, um eine bessere Integration der MOA ID Webapplikationen in die vorhandene Betriebs-Infrastruktur zu erreichen.
-
- |
- - - - -
|
- - |
-
- Referenzierte Software -
-Die Versionsangaben beziehen sich auf die Versionen, mit denen die MOA ID Webapplikationen entwickelt und getestet wurde. Geringfügig andere Software-Versionen stellen üblicherweise kein Problem dar.
-
--
-
-
- - - (**) passend zur Version des Apache Webservers
- |
- - -
|
- - © 2004
- |
- - -
- - -
|
- MOA-ID - -
- Basis-Installation- - -
-Installationsschritte:
-
--Vorbereitung -Tomcat Konfiguration -Deployment MOA-ID-AUTH -Deployment MOA-ID-PROXY -Tomcat Start/Stop -Logging - |
-
-
- Basis-Installation v.1.2 -Bei der Basis-Installation von MOA-ID-AUTH und von MOA-ID-PROXY ist grundsätzlich gleichartig vorzugehen. -Unterschiede sind in der Installationsanweisung angeführt. - -Vorbereitung -
-
-
-Installation des JDK - set CLASSPATH=%JAVA_HOME%\lib\tools.jar; - $MOA_ID_EXT\iaik_jce_full.jar; - $MOA_ID_EXT\iaik_ldap.jar; - $MOA_ID_EXT\jcert.jar; - $MOA_ID_EXT\jnet.jar; - $MOA_ID_EXT\jsse.jar -- ($MOA_ID_EXT ist durch den tatsächlichen Pfad zu ersetzen) Der Download für diese Dateien findet sich am unteren Ende - der Download-Seite des jeweiligen JDK 1.4.x in der Sektion "Other - Downloads". D.h. JDK - hier für 1.4.1 bzw. das JDK hier - für 1.4.2. - |
|
- -
-
-- |
-
- Konfiguration von Tomcat -
-Minimale Konfiguration
--Die zentrale Konfigurations-Datei von Tomcat ist $CATALINA_HOME/conf/server.xml. Tomcat wird grundsätzlich mit -einer funktionierenden Default-Konfiguration ausgeliefert, die jedoch einiges an Ballast enthält und viele Ports -offen lässt. Die Datei $MOA_ID_INST_AUTH/tomcat/server.xml (bzw. $MOA_ID_INST_PROXY/tomcat/server.xml) enthält eine minimale -Tomcat-Konfiguration, die je einen Connector für HTTP und für HTTPS freischaltet. -SSL -Für den sicheren Betrieb von MOA-ID-AUTH ist die Verwendung von SSL Voraussetzung, sofern nicht ein vorgelagerter WebServer (Apache oder IIS) das SSL-Handling übernimmt. -Ebenso kann SSL auch für MOA-ID-PROXY verwendet werden. -Das Dokument Tomcat SSL Configuration HOW-TO gibt einen guten Überblick über die Konfiguration von SSL in Tomcat. Da die für SSL notwendigen Bibliotheken bereits im Abschnitt "Vorbereitung" eingebunden wurden, sind nur noch folgende Schritte notwendig: -
-MOA Administrator
--Der Aufruf der URL für die dynamische Konfiguration von MOA-ID-AUTH ist durch eine Passwort-Abfrage geschützt, und kann nur von Benutzern aufgerufen werden, die der Benutzer-Rolle moa-admin zugeordnet werden können. -Um diese Benutzer-Rolle und einen oder mehrere Benutzer einzurichten, müssen in der Datei $CATALINA_HOME/conf/tomcat-users.xml unter dem Element <tomcat-users> sinngemäß folgende Einträge hinzugefügt werden: - -<role rolename="moa-admin"/> -<user username="moa" password="moa" roles="moa-admin"/> -- |
|
- -
-
-- |
-
- Deployment von MOA-ID-AUTH in Tomcat -
-Um MOA-ID-AUTH in Tomcat für den Ablauf vorzubereiten, sind folgende Schritte notwendig:
--
|
|
- -
-
-- |
-
- Starten und Stoppen von Tomcat - Nach dem Deployment und der Konfiguration kann
- Tomcat aus seinem Wurzelverzeichnis ($CATALINA_HOME) mit
-- - startTomcat (unter Windows) oder - moa-id-env.sh - bin/catalina.sh start (unter Unix/Linux) --gestartet werden. Das Stoppen von Tomcat erfolgt analog mit - - bin\catalina stop (unter Windows) oder - bin/catalina.sh stop (unter Unix/Linux) --Ein erfolgreicher Startvorgang von MOA-ID-AUTH ist an folgender Log-Meldung ersichtlich: - - INFO | 08 13:33:38,497 | main | - MOA ID Authentisierung wurde - erfolgreich gestartet --Analog bei MOA-ID-PROXY: - - INFO | 08 13:35:49,876 | main | - MOA ID Proxy wurde erfolgreich gestartet -- -Nach dem erfolgreichen Starten von Tomcat steht MOA-ID-AUTH unter der URL - -http(s)://host:port/moa-id-auth/StartAuthentication --zur Verfügung. Der WebService ist unter - -http(s)://host:port/moa-id-auth/services/GetAuthenticationData --erreichbar. Die Verfügbarkeit der Anwendung kann überprüft werden, indem die URLs mit einem Web-Browser aufgerufen werden. - - -Dynamische Konfigurations-Updates -Dynamische Konfigurations-Updates können für MOA-ID-AUTH durch den Aufruf der URL http://hostname:port/moa-id-auth/ConfigurationUpdate (z.B. durch Eingabe in einem Browser) durchgeführt werden. Analog wird die Konfiguration von MOA-ID-PROXY mittels http://hostname:port/ConfigurationUpdate aktualisiert. -Hinweis: Konfigurationsänderungen für die Online-Applikationen betreffen grundsätzlich sowohl die Auth- als auch die Proxy-Komponente. -Wenn bspw. das publicURLPrefix der OA geändert wird, muss sowohl für die Auth- als auch für die Proxy-Komponente ein ConfigurationUpdate durchgeführt werden. -Konnte MOA-ID-AUTH bzw. MOA-ID-PROXY nicht ordnungsgemäß konfiguriert und gestartet werden, geht das aus der Log-Meldung hervor: - -FATAL | 03 13:19:06,924 | main | Fehler - beim Starten des Service MOA ID Authentisierung --bzw. - -FATAL | 03 13:19:06,924 | main | Fehler - beim Starten des Service MOA ID Proxy --In diesem Fall geben die WARN bzw. ERROR Log-Meldungen unmittelbar davor Aufschluss über den genaueren Grund. - |
|
- -
-
-- |
-
-
- Logging -
-Die MOA ID Webapplikation verwendet Jakarta Log4j für die Ausgabe von Log-Meldungen am Bildschirm bzw. in Log-Dateien. Log4j bietet zahlreiche Konfigurationsmöglichkeiten, die ausführlich im Log4j Handbuch beschrieben sind. Unter anderem gibt es die Möglichkeit, folgende Einstellungen vorzunehmen:
--
-Als Ausgangspunkt für die Logging-Konfiguration liegt die Datei $MOA_ID_INST_AUTH/conf/moa-id/log4j.properties (bzw. $MOA_ID_INST_PROXY/conf/moa-id/log4j.properties) bei.
-Wird diese Datei als Logging-Konfiguration verwendet, so werden alle Log-Meldungen sowohl in die Konsole, als auch in die Datei $CATALINA_HOME/logs/moa-id.log geschrieben.
-
--Format der Log-Meldungen -Anhand einer konkreten Log-Meldung wird das Format der MOA ID Log-Meldungen erläutert: - - INFO | 09 08:23:59,385 | Thread-8 | - Anmeldedaten zu MOASession -5468974113772848113 - angelegt, SAML Artifakt - AAF/BrdRfnMaQVGIbP/Gf9OwDUwwsXChb7nuT+VXQzOoHbV -- -Der Wert INFO besagt, dass die Log-Meldung im Log-Level INFO entstanden ist. Folgende Log-Levels existieren: -
-Der Rest der Zeile einer Log-Meldung ist der eigentliche Text, mit dem das System bestimmte Informationen anzeigt. Im Fehlerfall ist häufig ein Java Stack-Trace angefügt, der eine genauere Ursachen-Forschung ermöglicht. - - - -Wichtige Log-Meldungen -Neben den im Abschnitt "Starten und Stoppen von Tomcat" beschriebenen Log-Meldungen, die anzeigen, ob die Webapplikation -ordnungsgemäß gestartet wurde, geben nachfolgenden Log-Meldungen Aufschluss über die Abarbeitung von Anfragen. -Die Annahme einer Anfrage wird beispielsweise angezeigt durch: - - INFO | 09 08:37:17,663 | Thread-9 | - MOASession 6576509775379152205 angelegt - - INFO | 09 08:37:20,828 | Thread-9 | - Anmeldedaten zu MOASession 6576509775379152205 - angelegt, SAML Artifakt - AAF/BrdRfnMaQVGIbP/Gf9OwDUwwsXChb7nuT+VXQzOoHbV - -- -
-Die 1. Log-Meldung besagt, dass sich ein Benutzer an MOA-ID-AUTH angemeldet und eine eindeutige SessionID zugewiesen bekommen hat.
-Wenn nun versucht wird, eine Transaktion mit einer ungültigen SessionID fortzusetzen erhält man folgende Log-Meldung:-Die 2. Log-Meldung informiert darüber, dass die Anmeldedaten des Benutzers unter dem angezeigten SAML Artifakt abgeholt werden können. - - - ERROR | 09 09:34:27,105 | Thread-8 | - at.gv.egovernment.moa.id.AuthenticationException: - MOASessionID ist unbekannt - (MOASessionID=-8650403497547200032) -
-
-
-
-In diesem Fall gibt der mitgeloggte Stacktrace Auskunft
- über die Art des Fehlers. Der Aufrufer der MOA ID
- Webapplikation bekommt einen Fehlercode sowie eine kurze
- Beschreibung des Fehlers als Antwort zurück. - - |
- - - -
|
- - © 2004
- |
- - -
- - -
|
- MOA-ID - - -
- Konfiguration - - -
-Konfiguration
-
-von MOA-ID - -Konfigurationsdatei - -Parameter-übersicht -ConnectionParameter -AuthComponent - BKUSelection - SecurityLayer - MOA-SP - IdentityLinkSigners -ProxyComponent -OnlineApplication - AuthComponent - ProxyComponent -ChainingModes -TrustedCACertificates -GenericConfiguration - -Konfiguration der Online-Applikation - -Parameter-übersicht -LoginType -ParamAuth - ParamAuth/Parameter -BasicAuth -HeaderAuth - HeaderAuth/Header - -Konfiguration von MOA-SP - -VerifyTransformsInfoProfile -TrustProfile -Certstore - -änderung der Konfig. während des Betriebs - - - |
-
-
- Konfiguration von MOA ID v.1.2
-
- Konfiguration von MOA ID v.1.2 -Die Konfiguration von MOA ID wird mittels einer XML-basierten - Konfigurationsdatei, die dem Schema MOA-ID-Configuration-1.2.xsd - entspricht, durchgeführt. - Der Ort der Konfigurationsdatei wird im Abschnitt Deployment - der Web-Applikation in Tomcat beschrieben. - Die folgenden Abschnitte erläutern das Format der Konfigurationsdatei. - MOA-ID-Configuration.xml - zeigt ein Beispiel für eine umfassende Konfigurationsdatei. -Enthält die Konfigurationsdatei relative Pfadangaben, werden
- diese relativ zum Verzeichnis, in dem sich die MOA-ID Konfigurationsdatei
- befindet, interpretiert. ConnectionParameter
AuthComponent
AuthComponent/BKUSelection AuthComponent/SecurityLayer AuthComponent/MOA-SP Wird das Kind-Element ConnectionParameter - nicht angegeben so wird eine MOA-ID beiligende Version von - MOA-SP direkt über das Java-API angesprochen. In diesem - Fall muss das System-Property auf die verwendete Konfigurationsdatei - von MOA-SP gesetzt werden. Eine beispielhafte MOA-SP Konfigurationsdatei - ist in $MOA_ID_INST_AUTH/conf/moa-spss/SampleMOASPSSConfiguration.xml - enthalten. - - - - - - - - - - - - - -Hinweis: MOA-SP muss entsprechend konfiguriert
- werden - siehe hierzu Abschnitt Konfiguration
- von MOA-SP. Alle Details zur Konfiguration von MOA-SP
- finden sie in der Distribution von MOA-SP/SS beiligenden
- Dokumentation im Abschnitt 'Konfiguration'. AuthComponent/IdentityLinkSigners
- ProxyComponent OnlineApplication Das Attribut OnlineApplication/@keyBoxIdentifier
- gibt das Schlüsselpaar an, welches von der Bürgerkartenumgebung
- zum Signieren des Auth Blocks verwendet wird. Mögliche
- Werte: CertifiedKeypair sowie SecureSignatureKeypair. OnlineApplication/AuthComponent
- OnlineApplication/ProxyComponent
- Im optionelen Attribut loginParameterResolverConfiguration
- kann ein Configurationsstring für die
- Initialisierung der betreffenden loginParameterResolverImpl
- angegeben werden. ChainingModes TrustedCACertificates GenericConfiguration
|
-
- -
|
- -
-
-- |
-
- Konfiguration der Online-Applikation -
-Die Konfiguration der OA beschreibt die Art und Weise, wie die Proxykomponente die Anmeldung an der Online-Applikation
-durchführt.
-
-
-
--Der Name der Konfigurationsdatei wird in der Konfiguration von MOA-ID als Wert des Attributs -configFileURL des Elements MOA-IDConfiguration/OnlineApplication/ProxyComponent hinterlegt. - Ist dieses Attribut nicht gesetzt, dann wird die Datei von http://<realURLPrefix>/MOAConfig.xml geladen, -wobei <realURLPrefix> dem Konfigurationswert OnlineApplication/ProxyComponent/ConnectionParameter/@URL entspricht. - -Die Konfigurationsdatei ist eine XML-Datei, die dem Schema -MOA-ID-Configuration-1.2.xsd mit dem Wurzelelement -Configuration entspricht. -
-LoginType
-ParamAuth
-ParamAuth/Parameter
-
-
-
-Die <login-url> ergibt sich aus dem Parameter OA des Aufrufs von MOA-ID-AUTH,
-zusammen mit der Konfiguration von OnlineApplication/@publicURLPrefix und von OnlineApplication/ProxyComponent/ConnectionParameter/@URL.
-
-BasicAuth
-HeaderAuth
-HeaderAuth/Header -Der Wert resolvedValue wird in der Proxykomponente je nach Wert des Platzhalters eingesetzt. -Etwaige Header aus dem ursprünglichen Request an die Proxykomponente, die denselben Namen haben, müssen -überschrieben werden. - - --<h1.name>:<h1.resolvedValue> -<h2.name>:<h2.resolvedValue> -... - |
|
- -
-
-- |
-
- Konfiguration von MOA-SP -
-
-
-
-
- MOA-ID überprüft die Signaturen der Personenbindung und
- des AUTH-Blocks mit dem VerifyXMLSignatureRequest von
- MOA-SP. Dazu muss MOA-SP wie unten beschreiben konfiguriert werden.
-
-TrustProfile
-Certstore |
|
- -
-
-- |
-
- Änderung der Konfiguration während des Betriebs -
-Der Inhalt dieser Konfiguration, bzw. jene Teile, auf die indirekt verwiesen wird, können während des laufenden
-Betriebes des MOA-Servers geändert werden. Der Server selbst wird durch den Aufruf einer URL
-(im Applikationskontext von MOA ID) dazu veranlasst, die geänderte Konfiguration neu einzulesen.
-Im Falle einer fehlerhaften neuen Konfiguration wird die ursprüngliche Konfiguration beibehalten.
-
-
-
- |
- - - -
|
- - © 2004
- |
- - -
- - -
|
- MOA-ID - - - -
- OptionaleKomponenten - - - - |
-
-
-
- Konfiguration der optionalen Komponenten -Konfiguration des Microsoft Internet Information Server (optional) -
-Vor MOA-ID-AUTH oder MOA-ID-PROXY kann optional ein MS IIS vorgeschaltet sein. In diesem Fall übernimmt der MS IIS die HTTP bzw. HTTPS-Kommunikation mit dem Aufrufer des Webservices. Die Kommunikation zwischen MS IIS und dem in Tomcat deployten Webservice wird durch Jakarta mod_jk durchgeführt.
--Konfiguration von Jakarta mod_jk im MS IIS -Für die Kommunikation des MS IIS mit dem im Tomcat deployten Webservice wird das ISAPI-Modul von Jakarta mod_jk im MS IIS installiert und konfiguriert. Eine detaillierte Installations- und Konfigurationsanleitung gibt das mod_jk IIS HowTo. Beispiele für workers.properties und uriworkermap.properties Dateien liegen im ausgelieferten moa-id-auth-x.y.zip bzw. moa-id-proxy-x.y.zip, Verzeichnis tomcat bei. - -Konfiguration von Tomcat -Damit Tomcat die Aufrufe, die von MS IIS mittels Jakarta mod_jk weiterleitet, entgegennehmen kann, muss in $CATALINA_HOME/conf/server.xml der AJP 1.3 Connector aktiviert werden. Im Gegenzug können die Connectoren für HTTP und HTTPS deaktiviert werden. Das geschieht am einfachsten durch ein- bzw. auskommentieren der entsprechenden Connector Konfigurations-Elemente in dieser Datei. - -
-
-Konfiguration von SSL Konfiguration des zu verwendenden DATA-URL
- Präfix |
- - - -
|
- -
-
-- |
-
- Konfiguration des Apache Webservers (optional) -
-Vor MOA-ID-AUTH oder MOA-ID-PROXY kann ein Apache Webserver vorgeschaltet sein. Das Prinzip funktioniert wie bei MS IIS, auch hier wird Jakarta mod_jk für die Kommunikation zwischen Webserver und Tomcat eingesetzt.
-
--Konfiguration von Jakarta mod_jk im Apache Webserver - Um MOA-ID-AUTH oder MOA-ID-PROXY hinter einem Apache Webserver zu betreiben, ist die Konfiguration des Apache-Moduls mod_jk erforderlich. Eine detaillierte Installations- und Konfigurationsanleitung gibt das mod_jk Apache HowTo. Ein Beispiel für eine workers.properties Datei liegt im Verzeichnis $MOA_SPSS_INST/conf/moa bei. -Um MOA-ID-AUTH oder MOA-ID-PROXY dem Apache Webserver bekannt zu machen, muss folgender Eintrag in die Apache Konfigurationsdatei gemacht werden: - - JkMount /moa-id-auth/* moaworker --oder für die Proxy-Komponente - - JkMount /* moaworker -- -Konfiguration von Tomcat -Die Konfiguration von Tomcat ist analog wie im Abschnitt über den MS IIS durchzuführen. - - -Konfiguration von SSL mit mod_SSL -Apache kann in Verbindung mit mod_SSL als SSL-Endpunkt für das MOA-ID-AUTH Webservice fungieren. In diesem Fall entfällt die SSL-Konfiguration in Tomcat, da Apache und Tomcat auch im Fall von SSL Daten via mod_jk austauschen. Eine detaillierte Installations- und Konfigurationsanleitung von mod_SSL gibt die Online-Dokumentation. - -Bei der Verwendung von Client-Authentisierung muss darauf geachtet werden, dass mod_ssl die HTTP-Header mit den Informationen über das Client-Zertifikat exportiert. Dies wird durch Angabe der Option - - SSLOptions +ExportCertData +StdEnvVars --in der Apache-Konfiguration erreicht. -Weiters muss Jakarta mod_jk angewiesen werden, die SSL Schlüssellänge zu exportieren. Dies geschieht mit der Direktive: - - JkOptions +ForwardKeySize - +ForwardURICompat - -ForwardDirectories -- Konfiguration des zu verwendenden DATA-URL Präfix -siehe gleichnamige Überschrift - in Abschnitt "Konfiguration des Microsoft Internet Information - Server (optional)" - |
- - - -
|
- - |
-
- Konfiguration von PostgreSQL -
-MOA-ID-AUTH bzw. MOA-ID-PROXY kann PostgreSQL zum Abspeichern von Log-Meldungen verwenden. Hierfür wird eine installierte und konfigurierte Datenbank vorausgesetzt. Eine detaillierte Übersicht über die Installation und Konfiguration von PostgreSQL gibt die Online-Dokumentation.
-
--Logging -Für das Logging in eine PostgreSQL Datenbank mittels Jakarta Log4j muss zunächst eine Tabelle für die Log-Meldungen angelegt werden. Dies kann mit folgendem SQL-Statement erreicht werden: - - create table spss_log - (log_time timestamp, - log_level varchar(5), - log_msg varchar(256)); --Um das Logging in die Datenbank Log4j bekannt zu machen, muss die Log4j-Konfiguration adaptiert werden. Die Datei $MOA_SPSS_INST/conf/moa/log4.properties enthält bereits eine beispielhafte Jakarta Log4j-Konfiguration für das Logging in eine PostgreSQL Datenbank, die standardmäßig ausgeschaltet ist. Hinweis: Bei Tests hat sich das Logging in eine Datenbank mit Jakarta Log4j als Performance-Engpaß herausgestellt. Es wird deshalb empfohlen, auf dieses Feature zu verzichten. - - |
- - - -
|
- - © 2004
- |
- - -
- - -
|
- MOA-ID -
- Übersicht- - - |
-
-
- MOA ID-Anwendung
--MOA-ID führt für eine Online-Applikation (OA) die Benutzeridentifizierung und -authentisierung mit Hilfe der Bürgerkarte durch. - -Übersicht -Um diese Funktionalität verfügbar zu machen, ist folgendermaßen vorzugehen:- -
|
- - - -
|
- - © 2003
- |
- - -
- - -
|
- MOA-ID - - - - - - - |
-
- Aufruf von MOA-ID-AUTH -MOA-ID-AUTH wird immer durch eine andere (verweisende) Webseite aufgerufen. Diese Webseite kann z.B. Teil eines Portals sein.
-Der Aufruf erfolgt durch einen Verweis der Form:
-<a href="https://<moa-id-server-und-pfad>/ -StartAuthentication?Target=<geschäftsbereich> -&OA=<oa-url>&Template=<template-url>">-
- -
-Template
--Ein Template für die Anmeldeseite von MOA-ID-AUTH kann aus folgender Grundstruktur aufgebaut werden: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">- <form name="CustomizedForm" action="<BKU>" method="post"> <input type="hidden" value="Weitere Info"/> </body> Innerhalb dieser <form>-Elemente können Texte, Beschriftungen und Styles modifiziert werden, -und es können zusätzliche Elemente darin aufgenommen werden. - - -
-BKU-Auswahl
--MOA-ID-AUTH bietet die Möglichkeit, die Bürgerkartenumgebung (BKU) auszuwählen, über die in weiterer Folge die Bürgerkarte ausgelesen wird. Der Aufruf erfolgt dann durch einen Verweis der Form: <a href="https://<moa-id-server-und-pfad>/ -SelectBKU?Target=<geschäftsbereich> -&OA=<oa-url>&Template=<template-url> -&BKUSelectionTemplate=<bku-template-url>">-
- -
-BKUSelectionTemplate
--Ein Template für die BKU-Auswahl von MOA-ID-AUTH kann aus folgender Grundstruktur aufgebaut werden: -<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <form name="CustomizedForm" method="post" action="<StartAuth>"> <input type="hidden" value="Weitere Info"/> </body>
-
-
-Innerhalb dieser <form>-Elemente können Texte, Beschriftungen und Styles modifiziert werden,
-und es können zusätzliche Elemente darin aufgenommen werden. Wichtiger Hinweis: wenn die Templates über HTTPS geladen werden sollten, so muss das SSL/TLS Zertifikat des Servers in einem Java Truststore gespeichert werden und dieser beim Start von Tomcat angegeben werden. -Vorgeschlagene Vorgehensweise:- - - -1. Webserver SSL/TLS Zertifikat speichern im .cer Format speichern (z.B. mittels Internet Explorer).- -Im folgenden Beispiel wird in den Java Truststore "truststore.jks" mit dem Passwort "changeit" importiert. - keytool -import -trustcacerts -alias mytomcat -file tomcat_localhost.cer -keystore truststore.jks- 3. Truststore beim Starten von Tomcat angeben (über das Hinzufügen folgender Parameter in - die Variable CATALINA_OPTS im Tomcat Startskript). -- -Djavax.net.ssl.trustStore=<PFAD>\truststore.jks- |
-
|
- - © 2004
- |
- - -
- - -
|
- MOA-ID - - - - - - - - |
-
-
-
- Abfrage der Anmeldedaten von MOA-ID-AUTH -Nach erfolgter Authentisierung stehen in MOA-ID-AUTH Anmeldedaten zum Abholen bereit,
-und MOA-ID-AUTH veranlasst einen Redirect zur Online-Applikation (OA).
-
--In diesem Redirect werden der Geschäftsbereich und ein SAML-Artifact als Parameter übergeben. - <a href="https://<oa-url> -?Target=<geschäftsbereich> -&SAMLArtifact=<saml-artifact>">- -
- Grundsätzlich stehen einer OA mehrere Arten zum Abholen der Anmeldedaten von MOA-ID-AUTH zur Verfügung:
-
|
|
- -
-
-- |
-
-
- Aufruf des MOA-ID-AUTH Web Service -Das MOA-ID-AUTH Web Service wird über einen <samlp:Request> aufgerufen.
-Der <samlp:Request> enthält in einem <samlp:AssertionArtifact> das von MOA-ID-AUTH übergebene SAML-Artifact.
-
--MOA-ID-AUTH liefert als Antwort einen <samlp:Response>. Die Anmeldedaten sind im <samlp:Response> in Form einer <saml:Assertion> enthalten. - -SAML 1.0 Protocol Schema - -SAML 1.0 Assertion Schema - -Der detaillierte Aufbau der <saml:Assertion> zu den Anmeldedaten ist in der Spezifikation MOA-ID 1.2 beschrieben. - - Beispiel LoginServletExample-Das Abholen der Anmeldedaten durch Aufruf des Web Service von MOA-ID-AUTH wird anhand eines beispielhaften Java Servlet gezeigt. -Das LoginServletExample wird in einer Stateful OA von MOA-ID-AUTH nach erfolgter Authentisierung über Redirect aufgerufen. --Das Beispiel demonstriert insgesamt die Integration von MOA-ID-AUTH in die OA: -
- Die folgende Liste enthält die für das Beispiel erforderlichen Java-Bibliotheken. Die angeführten Versionsnummern bezeichnen jene Versionen dieser Java-Bibliotheken, mit denen das Beispiel getestet wurde.
--
-Code -LoginServletExample - - |
|
- -
-
-- |
-
- Einsatz von MOA-ID-PROXY zum Abfragen der Anmeldedaten von MOA-ID-AUTH -
-Anstatt den Aufruf des MOA-ID-AUTH Web Service in der OA zu implementieren, kann die MOA-ID-PROXY Webapplikation eingesetzt werden, um dies für die OA zu erledigen. MOA-ID-PROXY muss für die OA konfiguriert werden, so wie in MOA-ID-Administration beschrieben.
-
--Bei der Konfiguration ist speziell zu beachten: - -Konfigurationsdatei zur OA -Der LoginType (stateful oder stateless) ist gemäß dem Applikationstyp zu setzen. - -Die Übergabe der Anmeldedaten ist in Form und Inhalt zu konfigurieren. -
-LoginParameterResolver
--Das Übergabe der Anmeldedaten an die OA über Request Parameter oder Header geschieht in einer Standardimplementierung des Interface - at.gv.egovernment.moa.proxy.LoginParameterResolver-Falls die Erfordernisse der OA mittels Konfiguration nicht abgedeckt werden können, -so kann eine maßgeschneiderte Implementierung von LoginParameterResolver erstellt und zusammen mit MOA-ID-PROXY zum Einsatz gebracht werden -(siehe API). - -ConnectionBuilder -Das Herstellen einer URL-Verbindung von MOA-ID-PROXY zur OA geschieht einer Standardimplementierung des Interface - at.gv.egovernment.moa.proxy.ConnectionBuilder-Falls nötig, kann eine maßgeschneiderte Implementierung von ConnectionBuilder erstellt und zusammen mit MOA-ID-PROXY zum Einsatz gebracht werden -(siehe API). - |
|
- - © 2003
- |
- - -
- - -
|
- MOA Links - - - - - - - - - |
-
-
- MOA Links
-
-
-Externe Komponenten - -Apache
-
--http://httpd.apache.org/docs-2.0 Internet Information Server
-
-
-
--http://www.microsoft.com/windows2000/en/server/iis/default.asp Tomcat mod_SSL
-
--http://httpd.apache.org/docs-2.0/ssl Tomcat mod_jk
-
--http://jakarta.apache.org/tomcat/tomcat-4.1-doc/jk2 Logging Toolkit
-
-
-
--http://jakarta.apache.org/log4j/docs/ PostgreSQL
-
-
--http://techdocs.postgresql.org Spezifikationen -- - -E-Government
-
--http://reference.e-government.gv.at Security Layer Version 1.1
-
--http://www.buergerkarte.at/konzept/securitylayer/spezifikation/2002083 Personenbindung Version 1.1
-
--http://www.buergerkarte.at/konzept/personenbindung/spezifikation/20020506 Security Assertion Markup Language
-
--http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=security Auswahl von Bürgerkartenumgebungen Version 1.0.0
-
-
--bku-auswahl.20030408.pdf |
|
- - © 2003
- |
- - -
- - - - -
|
- MOA-ID -
- Allgemein- - -
-
- |
-
-
-
-Allgemein v.1.2
-
-Dieses Dokument enthält die Dokumentation für das Modul
|
|
- -
-
- |
-
-
-Das Modul Identifikation stellt Online-Applikationen Funktionalität zur Verfügung zu stellen, damit diese
-eine Benutzer-Identifikation und -Authentisierung mit Hilfe der Bürgerkarte und deren Signaturfunktion
-realisieren können.
-
-
--Das Modul besteht aus zwei Komponenten: -
-Die Funktionalität und der Aufbau der Schnittstelle zu MOA-ID ist in der -Spezifikation Version 1.2 detailliert beschrieben. - - -Für den Betrieb von MOA-ID ist der Einsatz von MOA-Signaturprüfung (MOA-SP) erforderlich. - - Ablauf einer Anmeldung
-- - 
-
-
|
- - -
|
- - © 2004
- |
- - -
Fehler bei der Anmeldung
-Bei der Anmeldung ist ein Fehler aufgetreten.
- -<% if (errorMessage != null) { %> -
-<%= errorMessage%>
-
-<%= exceptionThrown.getMessage()%> -
-<% } %> -<% if (wrongParameters != null) { %> -Die Angabe der Parameter ist unvollständig.
-
- Beispiele für korrekte Links zur MOA-ID Authentisierung sind: -
--<a href="https://<MOA-URL>/StartAuthentication?Target=<Geschäftsbereich>&OA=<OA-URL>&Template=<Template-URL>"> -
--<a href="https://<MOA-URL>/SelectBKU?Target=<Geschäftsbereich>&OA=<OA-URL>&Template=<Template-URL>&BKUSelectionTemplate=<BKU-Template-URL>"> -
-Die Angabe der Parameter "Template" und "BKUSelectionTemplate" ist optional.
-<% } %> - - \ No newline at end of file diff --git a/id.server/html/auth/index.jsp b/id.server/html/auth/index.jsp deleted file mode 100644 index 733ba317f..000000000 --- a/id.server/html/auth/index.jsp +++ /dev/null @@ -1,40 +0,0 @@ - - --Log in to sample application using custom form -
-Choose BKU (HTMLComplete or HTMLSelect) and log in -
-Choose BKU (HTMLSelect) using custom form and log in - - \ No newline at end of file diff --git a/id.server/html/auth/message-auth.jsp b/id.server/html/auth/message-auth.jsp deleted file mode 100644 index 0c28c1ba7..000000000 --- a/id.server/html/auth/message-auth.jsp +++ /dev/null @@ -1,20 +0,0 @@ - -<%@ page contentType="text/html; charset=UTF-8" %> - - -
MOA-ID AUTH
- -<% if (message != null) { %> -
-<%= message%>
-
Fehler bei der Anmeldung
-Bei der Anmeldung ist ein Fehler aufgetreten.
- -<% if (errorMessage != null) { %> -
-<%= errorMessage%>
-
-<%= exceptionThrown.getMessage()%> -
-<% } %> -<% if (wrongParameters != null) { %> -Die Angabe der Parameter ist unvollständig.
-
- Beispiele für korrekte Links zur MOA-ID Authentisierung sind: -
--<a href="https://<MOA-URL>/StartAuthentication?Target=<Geschäftsbereich>&OA=<OA-URL>&Template=<Template-URL>"> -
--<a href="https://<MOA-URL>/SelectBKU?Target=<Geschäftsbereich>&OA=<OA-URL>&Template=<Template-URL>&BKUSelectionTemplate=<BKU-Template-URL>"> -
-Die Angabe der Parameter "Template" und "BKUSelectionTemplate" ist optional.
-<% } %> - - \ No newline at end of file diff --git a/id.server/html/proxy/message-proxy.jsp b/id.server/html/proxy/message-proxy.jsp deleted file mode 100644 index 0d970898a..000000000 --- a/id.server/html/proxy/message-proxy.jsp +++ /dev/null @@ -1,20 +0,0 @@ - -<%@ page contentType="text/html; charset=UTF-8" %> - - -MOA-ID Proxy
- -<% if (message != null) { %> -
-<%= message%>
-
Hinweis: Bitte Dokumentation zu GenericConfiguration: "FrontendServlets.EnableHTTPConnection" beachten. -auth.08=In der Bürgerkartenumgebung ist ein Fehler aufgetreten:
Fehlercode {0}: {1} -auth.09=Zur Auswahlseite der Bürgertenumgebung (URL={0}) konnte keine Verbindung hergestellt werden. :
HTTP-Statuscode {1} -auth.10=Fehler beim Aufruf von "{0}": Parameter "{1}" fehlt - -init.00=MOA ID Authentisierung wurde erfolgreich gestartet -init.01=Fehler beim Aktivieren des IAIK-JCE/JSSE/JDK1.3 Workaround: SSL ist möglicherweise nicht verfügbar -init.02=Fehler beim Starten des Service MOA ID Authentisierung - -config.00=MOA ID Konfiguration erfolgreich geladen: {0} -config.01=Umgebungsvariable "moa.id.configuration" nicht gesetzt -config.02=Nicht klassifizierter Fehler in der Konfiguration (siehe Log-Datei für Details) -config.03=Fehler beim Einlesen der Konfiguration (siehe Log-Datei für Details) -config.04=Fehler beim Lesen der MOA ID Konfiguration; es wird weiterhin die ursprüngliche Konfiguration verwendet -config.05=Fehlerhafter Wert für "{0}" in der MOA ID Konfiguration -config.06=Doppelter Eintrag in der Konfiguration für die Online-Applikation gefunden: {0} -config.07=Klasse {0} kann nicht instanziert werden -config.08=Fehlender Wert für "{0}" in der MOA ID Konfiguration -config.09=Fehler beim Erstellen von X509IssuerSerial (IssuerName={0}, SerialNumber={1}) -config.10=Fehler in der MOA SPSS Konfiguration: {0} -config.11=LoginParameterResolver konnte nicht configuriert werden {0} -config.12=Standard DATA URL Prefix "{0}" wird anstatt des konfigurierten DATA URL Prefix verwendet -config.13=Konfiguriertes DATA URL Prefix "{0}" muss mit http:// bzw. https:// beginnen -config.14=LoginParameterResolver-Fehler: {0} - - -parser.00=Leichter Fehler beim Parsen: {0} -parser.01=Fehler beim Parsen: {0} -parser.02=Schwerer Fehler beim Parsen: {0} - -builder.00=Fehler beim Aufbau der Struktur "{0}": {1} -builder.01=Fehlerhaftes Template: Kennung "{0}" fehlt - -service.00=Fehler beim Aufruf des Web Service: {0} -service.01=Fehler beim Aufruf des Web Service: kein Endpoint -service.02=Fehler beim Aufruf des Web Service, Status {0}: {1} -service.03=Fehler beim Aufruf des SPSS-API: {0} - -cleaner.00=AuthenticationSessionCleaner wurde gestartet -cleaner.01=Fehler im AuthenticationSessionCleaner -cleaner.02=MOASession {0} ist abgelaufen -cleaner.03=Anmeldedaten zu SAML-Artifakt {0} sind abgelaufen - -proxy.00=MOA ID Proxy wurde erfolgreich gestartet -proxy.01=Unbekannter URL {0}, erwarteter URL auf {1} -proxy.02=Unbekannter URL {0}.
Es wurde keine Übereinstimmung zum Attribut publicURLPrefix im Element 'OnlineApplication' der verwendeten MOA-ID Konfigurationsdatei gefunden. -proxy.04=URL {0} : {1} -proxy.05=Fehler beim Aufbauen der SSLSocketFactory für {0} : {1} -proxy.06=Fehler beim Starten des Service MOA ID Proxy -proxy.07=Sie sind nicht bzw. nicht mehr angemeldet. Melden Sie sich bitte erneut an. -proxy.08=Kein URL-Mapping in der HttpSession verfügbar (URL {0}) -proxy.09=Fehler beim Aufruf des MOA-ID Auth API: {0} -proxy.10=Fehler beim Weiterleiten (MOA-ID Proxy) -proxy.11=Beim Weiterleiten der Verbindung zur Anwendung ist ein Fehler aufgetreten. -proxy.12=Fehler bei der Anmeldung.
Eine Anmeldung an der Anwendung {0} war nicht möglich.
Prüfen Sie bitte ihre Berechtigung. -proxy.13=Fehler beim Aufruf des LoginParameterResolvers zu URL-Präfix: {0} -proxy.14=
Folgende Ursachen können zu dem Fehler geführt haben:
- Sie sind nicht mehr angemeldet (Verbindungen werden aus Sicherheitsgründen bei längerer Inaktivität beendet.)
Melden Sie sich bitte erneut an. - Die Kommunikation mit dem Server schlug fehl.
{0} -validator.08=Das Manifest ist ungültig -validator.09=Die öffentlichen Schlüssel des Identitiy Link stimmen nicht mit dem retournierten Zertifikat überein - -validator.10=Anzahl der URLs zur Authentisierungskomponente ungültig {0} -validator.11="Geschäftsbereich" wurde nicht in den SAML-Attributen gefunden {0} -validator.12=Der Namespace des SAML-Attributs "Geschäftsbereich" ist ungültig {0} -validator.13=Das Target des 'Geschäftsbereichs' ist ungültig {0} -validator.14="OA" wurde nicht in den SAML-Attributen gefunden {0} -validator.15=Der Namespace des SAML-Attributs "OA" ist ungültig {0} -validator.16=Die vorkonfigurierte URL der OnlineApplikation ist fehlerhaft {0} - -validator.17= Der SubjectDN-Name des von MOA-SP retournierten Zertifikats ist ungültig {0} -validator.18= Der SubjectDN-Name des von MOA-SP retournierten Zertifikats ist nicht als gültiger SubjectDN-Name für eine Personenbindung konfiguriert. {0} wurde NICHT in der Konfiguration gefunden - -validator.19=Das verwendete Zertifikat zum Signieren ist ungültig.
{0} - -validator.21=Es konnte keine formal korrekte Zertifikatskette vom Signatorzertifikat zu einem vertrauenswürdigen Wurzelzertifikat konstruiert werden. -validator.22=Eine formal korrekte Zertifikatskette vom Signatorzertifikat zu einem vertrauenswürdigen Wurzelzertifikat konnte konstruiert werden. Für zumindest ein Zertifikat dieser Kette fällt der Prüfzeitpunkt nicht in das Gültigkeitsintervall. -validator.23=Eine formal korrekte Zertifikatskette vom Signatorzertifikat zu einem vertrauenswürdigen Wurzelzertifikat konnte konstruiert werden. Für alle Zertifikate dieser Kette fällt der Prüfzeitpunkt in das jeweilige Gültigkeitsintervall. Für zumindest ein Zertifikat konnte der Zertifikatstatus nicht festgestellt werden. -validator.24=Eine formal korrekte Zertifikatskette vom Signatorzertifikat zu einem vertrauenswürdigen Wurzelzertifikat konnte konstruiert werden. Für alle Zertifikate dieser Kette fällt der Prüfzeitpunkt in das jeweilige Gültigkeitsintervall. Zumindest ein Zertifikat ist zum Prüfzeitpunkt widerrufen. -validator.25=Eine formal korrekte Zertifikatskette vom Signatorzertifikat zu einem vertrauenswürdigen Wurzelzertifikat konnte konstruiert werden. Für alle Zertifikate dieser Kette fällt der Prüfzeitpunkt in das jeweilige Gültigkeitsintervall. Kein Zertifikat dieser Kette ist zum Prüfzeitpunkt widerrufen. Zumindest ein Zertifikat ist zum Prüfzeitpunkt gesperrt. - -ssl.01=Validierung des SSL-Server-Endzertifikates hat fehlgeschlagen \ No newline at end of file diff --git a/id.server/res/resources/wsdl/MOA-ID-1.0.wsdl b/id.server/res/resources/wsdl/MOA-ID-1.0.wsdl deleted file mode 100644 index 5751b3e58..000000000 --- a/id.server/res/resources/wsdl/MOA-ID-1.0.wsdl +++ /dev/null @@ -1,40 +0,0 @@ - -
Prüfung der Identität des MOA-ID Servers
- -Bevor Sie sich in den folgenden Schritten an eine Online-Applikation anmelden, -wird empfohlen den Namen des Anmelde-Servers zu überprüfen. -Zu diesem Zweck identifiziert Ihr Webbrowser den Anmelde-Server mit Hilfe eines Zertifikates. -Ihre Aufgabe ist es zu überprüfen, ob das Server-Zertifikat von einem Unternehmen ausgestellt -wurde, dem Sie vertrauen. --Die folgenden Absätze beschreiben, wie Sie diese Überprüfung durchführen können. -Führen Sie jene Arbeitsschritte durch, die für den von Ihnen verwendeten Webbrowser zutreffend sind. -
-Microsoft Internet Explorer 6.0
- --
-
- Öffnen Sie (durch Doppel-Klicken) das Symbol mit dem gelben Vorhangschloß am unteren Rand des Browsers. -
- Selektieren Sie im nun geöffnetem Fenster "Zertifikat" den Karteireiter "Zertifizierungspfad". -
- Öffnen Sie (durch Doppel-Klicken) das an oberster Stelle gereihte Zertifikat. -
- Überprüfen Sie ob als Aussteller dieses Zertifikat (Karteireiter "Details", Eintrag "Aussteller") -ein Unternehmen aufscheint, dem Sie vertrauen den Namen des Anmelde-Servers zu überprüfen. -
- Überprüfen Sie, ob dieses Zertifikat authentisch vom angegebene Unternehmen stammt. Dazu können Sie den
-Fingerabdruck (Karteireiter "Details", unterster Eintrag) des Zertifikats überprüfen. Am Ende dieses Dokuments ist
-eine von der IKT-Stabsstelle überprüfte Liste von Zertifikaten und deren Fingerabdruck aufgelistet.
-Überprüfen Sie ob das von Ihnen zu überprüfende Zertifikat
-in dieser Liste enthalten ist und der Fingerabruck mit dem Wert in der Liste übereinstimmt.
-
-
-
- Ist Ihr zu prüfendes Zertifikat in der Liste enthalten und stimmt der Wert des Fingerabdrucks mit dem Wert -in der Liste überein, dann ist das Zertifikat authentisch und der Anmeldevorgang kann fortgesetzt werden. -
- Ist Ihr zu prüfendes Zertifikat in der Liste enthalten aber stimmt der Wert des Fingerabdrucks nicht mit dem Wert -in der Liste überein, dann ist das Zertifikat nicht authentisch und der Anmeldevorgang muss abgebrochen werden. -
- Ist Ihr zu prüfendes Zertifikat nicht in der Liste enthalten müssen Sie eine andere verlässliche Quelle für den -Vergleich des Fingerabdrucks finden. Sofern das Zertifikat authentisch ist, kann der Anmeldevorgang fortgesetzt werden. -
- - Ist das in Schritt 3. geöffnete Zertifikat nicht im Internet Explorer installiert erscheint das Zertifikat mit -einem roten Kreuz. Sie können das Zertifikat installieren, indem Sie die Schaltfläche "Zertifikat installieren ..." -(Karteireiter "Allgemein") aktivieren. In der Folge werden alle von dieser Zertifizierungsstelle ausgestellten Zertifikate -vom Internet Explorer als vertrauenswürdig erkannt. -
Netscape Navigator 7.0
--
-
- Öffnen Sie (durch Klicken) das Symbol mit dem Vorhangschloss am rechten, unteren Rand des Browsers -
- Aktivieren Sie die Schaltfläche "Anzeigen" -
- Selektieren Sie im nun geöffnetem Fenster "Zertifikatsanzeige" den Karteireiter "Detail". -
- Aktivieren Sie (durch Klicken) das an oberster Stelle gereihte Zertifikat. -
- Überprüfen Sie ob als Aussteller dieses Zertifikat (Eintrag "Aussteller") -ein Unternehmen aufscheint, dem Sie vertrauen den Namen des Anmelde-Servers zu überprüfen. -
- Überprüfen Sie, ob dieses Zertifikat authentisch vom angegebene Unternehmen stammt. Dazu können Sie den
-Fingerabdruck des Zertifikats überprüfen. Am Ende dieses Dokuments ist
-eine von der IKT-Stabsstelle überprüfte Liste von Zertifikaten und deren Fingerabdruck aufgelistet.
-Überprüfen Sie ob das von Ihnen zu überprüfende Zertifikat
-in dieser Liste enthalten ist und der Fingerabruck mit dem Wert in der Liste übereinstimmt.
-
-
-
- Ist Ihr zu prüfendes Zertifikat in der Liste enthalten und stimmt der Wert des Fingerabdrucks mit dem Wert -in der Liste überein, dann ist das Zertifikat authentisch und der Anmeldevorgang kann fortgesetzt werden. -
- Ist Ihr zu prüfendes Zertifikat in der Liste enthalten aber stimmt der Wert des Fingerabdrucks nicht mit dem Wert -in der Liste überein, dann ist das Zertifikat nicht authentisch und der Anmeldevorgang muss abgebrochen werden. -
- Ist Ihr zu prüfendes Zertifikat nicht in der Liste enthalten müssen Sie eine andere verlässliche Quelle für den -Vergleich des Fingerabdrucks finden. Sofern das Zertifikat authentisch ist, kann der Anmeldevorgang fortgesetzt werden. -
- - Ist das Aussteller-Zertifikat nicht im Netscape Navigator installiert können Sie das Zertifikat installieren, -indem Sie die "*.cer" Datei mit Netscape Navigator öffnen. In der Folge werden alle von dieser Zertifizierungsstelle -ausgestellten Zertifikate vom Internet Explorer als vertrauenswürdig erkannt. -
Zertifikate und ihr Fingerabdruck
- -| Aussteller | CN=A-Trust-nQual-01,OU=A-Trust-nQual-01,O=A-Trust,C=AT | -
| Seriennummer | 111 (0x6f) | -
| Fingerabdruck | SHA-1: e6 e6 fc 88 71 91 77 c9 b7 42 18 25 75 7c 5e 47 bc ac 85 f6 | -
| Aussteller | CN=A-Trust-nQual-01,OU=A-Trust-nQual-01,O=A-Trust,C=AT | -
| Seriennummer | 531 (0x213) | -
| Fingerabdruck | SHA-1: 9e 05 12 dd 61 da 59 49 d1 d8 63 1c 3f 19 d7 5f 49 6c 37 33 | -
| Aussteller | CN=A-Trust-nQual-01,OU=A-Trust-nQual-01,O=A-Trust,C=AT | -
| Seriennummer | 536 (0x0218) | -
| Fingerabdruck | SHA-1: 0f 5a 03 42 f5 cd 44 87 99 c3 c6 d1 78 60 7e 3f 2b 5b cb 8f | -
MOAIDException.
- *
- * @param messageId The identifier of the message associated with this
- * exception.
- * @param parameters Additional message parameters.
- */
- public MOAIDException(String messageId, Object[] parameters) {
- super(MOAIDMessageProvider.getInstance().getMessage(messageId, parameters));
- this.messageId = messageId;
- }
-
- /**
- * Create a new MOAIDException.
- *
- * @param messageId The identifier of the message associated with this
- * MOAIDException.
- * @param parameters Additional message parameters.
- * @param wrapped The exception wrapped by this
- * MOAIDException.
- */
- public MOAIDException(
- String messageId,
- Object[] parameters,
- Throwable wrapped) {
-
- super(MOAIDMessageProvider.getInstance().getMessage(messageId, parameters));
- this.messageId = messageId;
- this.wrapped = wrapped;
- }
-
- /**
- * Print a stack trace of this exception to System.err.
- *
- * @see java.lang.Throwable#printStackTrace()
- */
- public void printStackTrace() {
- printStackTrace(System.err);
- }
-
- /**
- * Print a stack trace of this exception, including the wrapped exception.
- *
- * @param s The stream to write the stack trace to.
- * @see java.lang.Throwable#printStackTrace(java.io.PrintStream)
- */
- public void printStackTrace(PrintStream s) {
- if (getWrapped() == null)
- super.printStackTrace(s);
- else {
- s.print("Root exception: ");
- getWrapped().printStackTrace(s);
- }
- }
-
- /**
- * Print a stack trace of this exception, including the wrapped exception.
- *
- * @param s The stream to write the stacktrace to.
- * @see java.lang.Throwable#printStackTrace(java.io.PrintWriter)
- */
- public void printStackTrace(PrintWriter s) {
- if (getWrapped() == null)
- super.printStackTrace(s);
- else {
- s.print("Root exception: ");
- getWrapped().printStackTrace(s);
- }
- }
-
- /**
- * @return message ID
- */
- public String getMessageId() {
- return messageId;
- }
-
- /**
- * @return wrapped exception
- */
- public Throwable getWrapped() {
- return wrapped;
- }
-
- /**
- * Convert this MOAIDException to an ErrorResponse
- * element from the MOA namespace.
- *
- * @return An ErrorResponse element, containing the subelements
- * ErrorCode and Info required by the MOA schema.
- */
- public Element toErrorResponse() {
- DocumentBuilder builder;
- DOMImplementation impl;
- Document doc;
- Element errorResponse;
- Element errorCode;
- Element info;
-
- // create a new document
- try {
- builder = DocumentBuilderFactory.newInstance().newDocumentBuilder();
- impl = builder.getDOMImplementation();
- } catch (ParserConfigurationException e) {
- return null;
- }
-
- // build the ErrorResponse element
- doc = impl.createDocument(Constants.MOA_NS_URI, "ErrorResponse", null);
- errorResponse = doc.getDocumentElement();
-
- // add MOA namespace declaration
- errorResponse.setAttributeNS(
- Constants.XMLNS_NS_URI,
- "xmlns",
- Constants.MOA_NS_URI);
-
- // build the child elements
- errorCode = doc.createElementNS(Constants.MOA_NS_URI, "ErrorCode");
- errorCode.appendChild(doc.createTextNode(messageId));
- info = doc.createElementNS(Constants.MOA_NS_URI, "Info");
- info.appendChild(doc.createTextNode(toString()));
- errorResponse.appendChild(errorCode);
- errorResponse.appendChild(info);
- return errorResponse;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/ParseException.java b/id.server/src/at/gv/egovernment/moa/id/ParseException.java
deleted file mode 100644
index a5e0088d9..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/ParseException.java
+++ /dev/null
@@ -1,34 +0,0 @@
-package at.gv.egovernment.moa.id;
-
-
-/**
- * Exception thrown while parsing an XML structure.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class ParseException extends MOAIDException {
-
- /**
- * Constructor for ParseException.
- * @param messageId
- * @param parameters
- */
- public ParseException(String messageId, Object[] parameters) {
- super(messageId, parameters);
- }
-
- /**
- * Constructor for ParseException.
- * @param messageId
- * @param parameters
- * @param wrapped
- */
- public ParseException(
- String messageId,
- Object[] parameters,
- Throwable wrapped) {
- super(messageId, parameters, wrapped);
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/ServiceException.java b/id.server/src/at/gv/egovernment/moa/id/ServiceException.java
deleted file mode 100644
index 9e6ab2361..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/ServiceException.java
+++ /dev/null
@@ -1,34 +0,0 @@
-package at.gv.egovernment.moa.id;
-
-
-/**
- * Exception thrown while calling the MOA-SPSS web service.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class ServiceException extends MOAIDException {
-
- /**
- * Constructor for ServiceException.
- * @param messageId
- * @param parameters
- */
- public ServiceException(String messageId, Object[] parameters) {
- super(messageId, parameters);
- }
-
- /**
- * Constructor for ServiceException.
- * @param messageId
- * @param parameters
- * @param wrapped
- */
- public ServiceException(
- String messageId,
- Object[] parameters,
- Throwable wrapped) {
- super(messageId, parameters, wrapped);
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id.server/src/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
deleted file mode 100644
index 4c44e807c..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ /dev/null
@@ -1,699 +0,0 @@
-package at.gv.egovernment.moa.id.auth;
-
-import iaik.pki.PKIException;
-
-import java.io.IOException;
-import java.security.GeneralSecurityException;
-import java.util.Calendar;
-import java.util.Date;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.Map;
-import java.util.Set;
-
-import org.w3c.dom.Element;
-
-import at.gv.egovernment.moa.id.AuthenticationException;
-import at.gv.egovernment.moa.id.BuildException;
-import at.gv.egovernment.moa.id.ParseException;
-import at.gv.egovernment.moa.id.ServiceException;
-import at.gv.egovernment.moa.id.auth.builder.AuthenticationBlockAssertionBuilder;
-import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataAssertionBuilder;
-import at.gv.egovernment.moa.id.auth.builder.CertInfoVerifyXMLSignatureRequestBuilder;
-import at.gv.egovernment.moa.id.auth.builder.CreateXMLSignatureRequestBuilder;
-import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
-import at.gv.egovernment.moa.id.auth.builder.GetIdentityLinkFormBuilder;
-import at.gv.egovernment.moa.id.auth.builder.InfoboxReadRequestBuilder;
-import at.gv.egovernment.moa.id.auth.builder.PersonDataBuilder;
-import at.gv.egovernment.moa.id.auth.builder.SAMLArtifactBuilder;
-import at.gv.egovernment.moa.id.auth.builder.SelectBKUFormBuilder;
-import at.gv.egovernment.moa.id.auth.builder.BPKBuilder;
-import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder;
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
-import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse;
-import at.gv.egovernment.moa.id.auth.data.IdentityLink;
-import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse;
-import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker;
-import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser;
-import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser;
-import at.gv.egovernment.moa.id.auth.parser.SAMLArtifactParser;
-import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser;
-import at.gv.egovernment.moa.id.auth.servlet.AuthServlet;
-import at.gv.egovernment.moa.id.auth.validator.CreateXMLSignatureResponseValidator;
-import at.gv.egovernment.moa.id.auth.validator.IdentityLinkValidator;
-import at.gv.egovernment.moa.id.auth.validator.ValidateException;
-import at.gv.egovernment.moa.id.auth.validator.VerifyXMLSignatureResponseValidator;
-import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.ConfigurationProvider;
-import at.gv.egovernment.moa.id.config.ConnectionParameter;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
-import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
-import at.gv.egovernment.moa.id.data.AuthenticationData;
-import at.gv.egovernment.moa.id.util.HTTPUtils;
-import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
-import at.gv.egovernment.moa.id.util.Random;
-import at.gv.egovernment.moa.id.util.SSLUtils;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.BoolUtils;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.DateTimeUtils;
-import at.gv.egovernment.moa.util.FileUtils;
-import at.gv.egovernment.moa.util.OutputXML2File;
-
-/**
- * API for MOA ID Authentication Service.- * {@link AuthenticationSession} is stored in a session store and retrieved - * by giving the session ID. - * - * @author Paul Ivancsics - * @version $Id$ - */ -public class AuthenticationServer implements MOAIDAuthConstants { - - /** single instance */ - private static AuthenticationServer instance; - /** session data store (session ID -> AuthenticationSession) */ - private static Map sessionStore = new HashMap(); - /** authentication data store (assertion handle -> AuthenticationData) */ - private static Map authenticationDataStore = new HashMap(); - /** - * time out in milliseconds used by {@link cleanup} for session store - */ - private long sessionTimeOut = 10 * 60 * 1000; // default 10 minutes - /** - * time out in milliseconds used by {@link cleanup} for authentication data store - */ - private long authDataTimeOut = 2 * 60 * 1000; // default 2 minutes - - /** - * Returns the single instance of
AuthenticationServer.
- *
- * @return the single instance of AuthenticationServer
- */
- public static AuthenticationServer getInstance() {
- if (instance == null)
- instance = new AuthenticationServer();
- return instance;
- }
- /**
- * Constructor for AuthenticationServer.
- */
- public AuthenticationServer() {
- super();
- }
- /**
- * Processes request to select a BKU.
- * Processing depends on value of {@link AuthConfigurationProvider#getBKUSelectionType}. - *
For
bkuSelectionType==HTMLComplete, a returnURI for the
- * "BKU Auswahl" service is returned.
- * For
bkuSelectionType==HTMLSelect, an HTML form for BKU selection is returned.
- * @param authURL base URL of MOA-ID Auth component
- * @param target "Geschäftsbereich"
- * @param oaURL online application URL requested
- * @param bkuSelectionTemplateURL template for BKU selection form to be used
- * in case of HTMLSelect; may be null
- * @param templateURL URL providing an HTML template for the HTML form to be used
- * for call startAuthentication
- * @return for bkuSelectionType==HTMLComplete, the returnURI for the
- * "BKU Auswahl" service;
- * for bkuSelectionType==HTMLSelect, an HTML form for BKU selection
- * @throws WrongParametersException upon missing parameters
- * @throws AuthenticationException when the configured BKU selection service cannot be reached,
- * and when the given bkuSelectionTemplateURL cannot be reached
- * @throws ConfigurationException on missing configuration data
- * @throws BuildException while building the HTML form
- */
- public String selectBKU(
- String authURL,
- String target,
- String oaURL,
- String bkuSelectionTemplateURL,
- String templateURL)
- throws WrongParametersException, AuthenticationException, ConfigurationException, BuildException {
-
- //check if HTTP Connection may be allowed (through FRONTEND_SERVLETS_ENABLE_HTTP_CONNECTION_PROPERTY)
- String boolStr = AuthConfigurationProvider.getInstance().getGenericConfigurationParameter(
- AuthConfigurationProvider.FRONTEND_SERVLETS_ENABLE_HTTP_CONNECTION_PROPERTY);
- if ((!authURL.startsWith("https:")) && (false == BoolUtils.valueOf(boolStr)))
- throw new AuthenticationException("auth.07", new Object[] { authURL + "*" });
- if (isEmpty(authURL))
- throw new WrongParametersException("StartAuthentication", "AuthURL");
- if (isEmpty(target))
- throw new WrongParametersException("StartAuthentication", PARAM_TARGET);
- if (isEmpty(oaURL))
- throw new WrongParametersException("StartAuthentication", PARAM_OA);
-
- ConnectionParameter bkuConnParam =
- AuthConfigurationProvider.getInstance().getBKUConnectionParameter();
- if (bkuConnParam == null)
- throw new ConfigurationException(
- "config.08",
- new Object[] { "BKUSelection/ConnectionParameter" });
- OAAuthParameter oaParam =
- AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(oaURL);
- if (oaParam == null)
- throw new AuthenticationException("auth.00", new Object[] { oaURL });
- AuthenticationSession session = newSession();
- Logger.info("MOASession " + session.getSessionID() + " angelegt");
- session.setTarget(target);
- session.setOAURLRequested(oaURL);
- session.setPublicOAURLPrefix(oaParam.getPublicURLPrefix());
- session.setAuthURL(authURL);
- session.setTemplateURL(templateURL);
- String returnURL =
- new DataURLBuilder().buildDataURL(authURL, REQ_START_AUTHENTICATION, session.getSessionID());
- String bkuSelectionType = AuthConfigurationProvider.getInstance().getBKUSelectionType();
- if (bkuSelectionType.equals(AuthConfigurationProvider.BKU_SELECTION_TYPE_HTMLCOMPLETE)) {
- // bkuSelectionType==HTMLComplete
- String redirectURL = bkuConnParam.getUrl() + "?" + AuthServlet.PARAM_RETURN + "=" + returnURL;
- return redirectURL;
- } else {
- // bkuSelectionType==HTMLSelect
- String bkuSelectTag;
- try {
- //TODO full Plattform Support, test with different Templates
-
- bkuSelectTag = readBKUSelectTag(AuthConfigurationProvider.getInstance(), bkuConnParam);
- } catch (Throwable ex) {
- throw new AuthenticationException(
- "auth.03",
- new Object[] { bkuConnParam.getUrl(), ex.toString()},
- ex);
- }
- String bkuSelectionTemplate = null;
- if (bkuSelectionTemplateURL != null) {
- try {
- bkuSelectionTemplate = new String(FileUtils.readURL(bkuSelectionTemplateURL));
- } catch (IOException ex) {
- throw new AuthenticationException(
- "auth.03",
- new Object[] { bkuSelectionTemplateURL, ex.toString()},
- ex);
- }
- }
- String htmlForm =
- new SelectBKUFormBuilder().build(bkuSelectionTemplate, returnURL, bkuSelectTag);
- return htmlForm;
- }
- }
- /**
- * Method readBKUSelectTag.
- * @param conf the ConfigurationProvider
- * @param connParam the ConnectionParameter for that connection
- * @return String
- * @throws ConfigurationException on config-errors
- * @throws PKIException on PKI errors
- * @throws IOException on any data error
- * @throws GeneralSecurityException on security errors
- */
- private String readBKUSelectTag(ConfigurationProvider conf, ConnectionParameter connParam)
- throws ConfigurationException, PKIException, IOException, GeneralSecurityException {
-
- if (connParam.isHTTPSURL())
- return SSLUtils.readHttpsURL(conf, connParam);
- else
- return HTTPUtils.readHttpURL(connParam.getUrl());
- }
- /**
- * Processes the beginning of an authentication session.
- * -
- *
- Starts an authentication session - *
- Creates an
<InfoboxReadRequest>
- * - Creates an HTML form for querying the identity link from the
- * security layer implementation.
- *
Form parameters include - *-
- *
- the
<InfoboxReadRequest>
- * - the data URL where the security layer implementation sends it response to - *
- the
null; in this case, the default location will be used
- * @param templateURL URL providing an HTML template for the HTML form generated
- * @return HTML form
- * @throws AuthenticationException
- * @see GetIdentityLinkFormBuilder
- * @see InfoboxReadRequestBuilder
- */
- public String startAuthentication(
- String authURL,
- String target,
- String oaURL,
- String templateURL,
- String bkuURL,
- String sessionID)
- throws WrongParametersException, AuthenticationException, ConfigurationException, BuildException {
-
- if (isEmpty(sessionID)) {
- if (isEmpty(authURL))
- throw new WrongParametersException("StartAuthentication", "AuthURL");
-
- //check if HTTP Connection may be allowed (through FRONTEND_SERVLETS_ENABLE_HTTP_CONNECTION_PROPERTY)
- String boolStr =
- AuthConfigurationProvider.getInstance().getGenericConfigurationParameter(
- AuthConfigurationProvider.FRONTEND_SERVLETS_ENABLE_HTTP_CONNECTION_PROPERTY);
- if ((!authURL.startsWith("https:")) && (false == BoolUtils.valueOf(boolStr)))
- throw new AuthenticationException("auth.07", new Object[] { authURL + "*" });
- if (isEmpty(target))
- throw new WrongParametersException("StartAuthentication", PARAM_TARGET);
- if (isEmpty(oaURL))
- throw new WrongParametersException("StartAuthentication", PARAM_OA);
- }
- AuthenticationSession session;
- if (sessionID != null)
- session = getSession(sessionID);
- else {
- OAAuthParameter oaParam =
- AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(oaURL);
- if (oaParam == null)
- throw new AuthenticationException("auth.00", new Object[] { oaURL });
- session = newSession();
- Logger.info("MOASession " + session.getSessionID() + " angelegt");
- session.setTarget(target);
- session.setOAURLRequested(oaURL);
- session.setPublicOAURLPrefix(oaParam.getPublicURLPrefix());
- session.setAuthURL(authURL);
- session.setTemplateURL(templateURL);
- }
- String infoboxReadRequest = new InfoboxReadRequestBuilder().build();
- String dataURL =
- new DataURLBuilder().buildDataURL(
- session.getAuthURL(),
- REQ_VERIFY_IDENTITY_LINK,
- session.getSessionID());
- String template = null;
- if (session.getTemplateURL() != null) {
- try {
- template = new String(FileUtils.readURL(session.getTemplateURL()));
- } catch (IOException ex) {
- throw new AuthenticationException(
- "auth.03",
- new Object[] { session.getTemplateURL(), ex.toString()},
- ex);
- }
- }
- String certInfoRequest = new CertInfoVerifyXMLSignatureRequestBuilder().build();
- String certInfoDataURL =
- new DataURLBuilder().buildDataURL(
- session.getAuthURL(),
- REQ_START_AUTHENTICATION,
- session.getSessionID());
- String htmlForm =
- new GetIdentityLinkFormBuilder().build(
- template,
- bkuURL,
- infoboxReadRequest,
- dataURL,
- certInfoRequest,
- certInfoDataURL);
- return htmlForm;
- }
- /**
- * Processes an <InfoboxReadResponse> sent by the
- * security layer implementation.- *
-
- *
- Validates given
<InfoboxReadResponse>
- * - Parses identity link enclosed in
<InfoboxReadResponse>
- * - Verifies identity link by calling the MOA SP component - *
- Checks certificate authority of identity link - *
- Stores identity link in the session - *
- Creates an authentication block to be signed by the user - *
- Creates and returns a
<CreateXMLSignatureRequest>- * containg the authentication block, meant to be returned to the - * security layer implementation
- *
<InfoboxReadResponse>
- * @return String representation of the <CreateXMLSignatureRequest>
- */
- public String verifyIdentityLink(String sessionID, String xmlInfoboxReadResponse)
- throws
- AuthenticationException,
- ParseException,
- ConfigurationException,
- ValidateException,
- ServiceException {
-
- if (isEmpty(sessionID))
- throw new AuthenticationException("auth.10", new Object[] { REQ_VERIFY_IDENTITY_LINK, PARAM_SESSIONID});
- if (isEmpty(xmlInfoboxReadResponse))
- throw new AuthenticationException("auth.10", new Object[] { REQ_VERIFY_IDENTITY_LINK, PARAM_XMLRESPONSE});
- AuthenticationSession session = getSession(sessionID);
- if (session.getTimestampIdentityLink() != null)
- throw new AuthenticationException("auth.01", new Object[] { sessionID });
- session.setTimestampIdentityLink();
- AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance();
- // parses the <saml:Assertion> from given session data.
- * @param session authentication session
- * @return <saml:Assertion> as a String
- */
- private String buildAuthenticationBlock(AuthenticationSession session) {
- IdentityLink identityLink = session.getIdentityLink();
- String issuer = identityLink.getGivenName() + " " + identityLink.getFamilyName();
- String gebDat = identityLink.getDateOfBirth();
- String issueInstant = DateTimeUtils.buildDateTime(Calendar.getInstance());
- String authURL = session.getAuthURL();
- String target = session.getTarget();
- String oaURL = session.getPublicOAURLPrefix();
- String authBlock =
- new AuthenticationBlockAssertionBuilder().build(issuer, issueInstant, authURL, target, oaURL, gebDat);
- return authBlock;
- }
- /**
- * Processes a <CreateXMLSignatureResponse> sent by the
- * security layer implementation.- *
-
- *
- Validates given
<CreateXMLSignatureResponse>
- * - Parses
<CreateXMLSignatureResponse>for error codes
- * - Parses authentication block enclosed in
- *
<CreateXMLSignatureResponse>
- * - Verifies authentication block by calling the MOA SP component - *
- Creates authentication data - *
- Creates a corresponding SAML artifact - *
- Stores authentication data in the authentication data store - * indexed by the SAML artifact - *
- Deletes authentication session - *
- Returns the SAML artifact, encoded BASE64 - *
<CreateXMLSignatureResponse>
- * @return SAML artifact needed for retrieving authentication data, encoded BASE64
- */
- public String verifyAuthenticationBlock(
- String sessionID,
- String xmlCreateXMLSignatureReadResponse)
- throws
- AuthenticationException,
- BuildException,
- ParseException,
- ConfigurationException,
- ServiceException,
- ValidateException {
-
- if (isEmpty(sessionID))
- throw new AuthenticationException("auth.10", new Object[] { REQ_VERIFY_AUTH_BLOCK, PARAM_SESSIONID});
- if (isEmpty(xmlCreateXMLSignatureReadResponse))
- throw new AuthenticationException("auth.10", new Object[] { REQ_VERIFY_AUTH_BLOCK, PARAM_XMLRESPONSE});
- AuthenticationSession session = getSession(sessionID);
- AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance();
- // parses <saml:Assertion>
- * @param session authentication session
- * @param verifyXMLSigResp VerifyXMLSignatureResponse from MOA-SP
- * @return AuthenticationData object
- * @throws ConfigurationException while accessing configuration data
- * @throws BuildException while building the <saml:Assertion>
- */
- private AuthenticationData buildAuthenticationData(
- AuthenticationSession session,
- VerifyXMLSignatureResponse verifyXMLSigResp)
- throws ConfigurationException, BuildException {
-
- IdentityLink identityLink = session.getIdentityLink();
- AuthenticationData authData = new AuthenticationData();
- authData.setMajorVersion(1);
- authData.setMinorVersion(0);
- authData.setAssertionID(Random.nextRandom());
- authData.setIssuer(session.getAuthURL());
- authData.setIssueInstant(DateTimeUtils.buildDateTime(Calendar.getInstance()));
- String bpkBase64 =
- new BPKBuilder().buildBPK(
- identityLink.getIdentificationValue(),
- session.getTarget());
- authData.setIdentificationType(identityLink.getIdentificationType());
- authData.setPBK(bpkBase64);
- authData.setGivenName(identityLink.getGivenName());
- authData.setFamilyName(identityLink.getFamilyName());
- authData.setDateOfBirth(identityLink.getDateOfBirth());
- authData.setQualifiedCertificate(verifyXMLSigResp.isQualifiedCertificate());
- authData.setPublicAuthority(verifyXMLSigResp.isPublicAuthority());
- authData.setPublicAuthorityCode(verifyXMLSigResp.getPublicAuthorityCode());
- OAAuthParameter oaParam =
- AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(
- session.getPublicOAURLPrefix());
- String prPerson = new PersonDataBuilder().build(identityLink, oaParam.getProvideStammzahl());
-
- try {
- String ilAssertion =
- oaParam.getProvideIdentityLink()
- ? DOMUtils.serializeNode(identityLink.getSamlAssertion())
- : "";
- String authBlock = oaParam.getProvideAuthBlock() ? session.getAuthBlock() : "";
- String samlAssertion =
- new AuthenticationDataAssertionBuilder().build(authData, prPerson, authBlock, ilAssertion);
- authData.setSamlAssertion(samlAssertion);
- return authData;
- } catch (Throwable ex) {
- throw new BuildException(
- "builder.00",
- new Object[] { "AuthenticationData", ex.toString()},
- ex);
- }
- }
- /**
- * Retrieves AuthenticationData indexed by the SAML artifact.
- * The AuthenticationData is deleted from the store upon end of this call.
- *
- * @return AuthenticationData
- */
- public AuthenticationData getAuthenticationData(String samlArtifact)
- throws AuthenticationException {
- String assertionHandle;
- try {
- assertionHandle = new SAMLArtifactParser(samlArtifact).parseAssertionHandle();
- } catch (ParseException ex) {
- throw new AuthenticationException("1205", new Object[] { samlArtifact, ex.toString()});
- }
- AuthenticationData authData = null;
- synchronized (authenticationDataStore) {
- authData = (AuthenticationData) authenticationDataStore.get(assertionHandle);
- if (authData == null) {
- Logger.error("Assertion not found for SAML Artifact: " + samlArtifact);
- throw new AuthenticationException("1206", new Object[] { samlArtifact });
- }
- authenticationDataStore.remove(assertionHandle);
- }
- long now = new Date().getTime();
- if (now - authData.getTimestamp().getTime() > authDataTimeOut)
- throw new AuthenticationException("1207", new Object[] { samlArtifact });
- Logger.debug("Assertion delivered for SAML Artifact: " + samlArtifact);
- return authData;
- }
- /**
- * Stores authentication data indexed by the assertion handle contained in the
- * given saml artifact.
- * @param samlArtifact SAML artifact
- * @param authData authentication data
- * @throws AuthenticationException when SAML artifact is invalid
- */
- private void storeAuthenticationData(String samlArtifact, AuthenticationData authData)
- throws AuthenticationException {
-
- try {
- SAMLArtifactParser parser = new SAMLArtifactParser(samlArtifact);
- // check type code 0x0001
- byte[] typeCode = parser.parseTypeCode();
- if (typeCode[0] != 0 || typeCode[1] != 1)
- throw new AuthenticationException("auth.06", new Object[] { samlArtifact });
- String assertionHandle = parser.parseAssertionHandle();
- synchronized (authenticationDataStore) {
- Logger.debug("Assertion stored for SAML Artifact: " + samlArtifact);
- authenticationDataStore.put(assertionHandle, authData);
- }
- } catch (AuthenticationException ex) {
- throw ex;
- } catch (Throwable ex) {
- throw new AuthenticationException("auth.06", new Object[] { samlArtifact });
- }
- }
- /**
- * Creates a new session and puts it into the session store.
- *
- * @param id Session ID
- * @return AuthenticationSession created
- * @exception AuthenticationException
- * thrown when an AuthenticationSession is running
- * already for the given session ID
- */
- private static AuthenticationSession newSession() throws AuthenticationException {
- String sessionID = Random.nextRandom();
- AuthenticationSession newSession = new AuthenticationSession(sessionID);
- synchronized (sessionStore) {
- AuthenticationSession session = (AuthenticationSession) sessionStore.get(sessionID);
- if (session != null)
- throw new AuthenticationException("auth.01", new Object[] { sessionID });
- sessionStore.put(sessionID, newSession);
- }
- return newSession;
- }
- /**
- * Retrieves a session from the session store.
- *
- * @param id session ID
- * @return AuthenticationSession stored with given session ID,
- * null if session ID unknown
- */
- public static AuthenticationSession getSession(String id) throws AuthenticationException {
- AuthenticationSession session = (AuthenticationSession) sessionStore.get(id);
- if (session == null)
- throw new AuthenticationException("auth.02", new Object[] { id });
- return session;
- }
- /**
- * Cleans up expired session and authentication data stores.
- */
- public void cleanup() {
- long now = new Date().getTime();
- synchronized (sessionStore) {
- Set keys = new HashSet(sessionStore.keySet());
- for (Iterator iter = keys.iterator(); iter.hasNext();) {
- String sessionID = (String) iter.next();
- AuthenticationSession session = (AuthenticationSession) sessionStore.get(sessionID);
- if (now - session.getTimestampStart().getTime() > sessionTimeOut) {
- Logger.info(
- MOAIDMessageProvider.getInstance().getMessage(
- "cleaner.02",
- new Object[] { sessionID }));
- sessionStore.remove(sessionID);
- }
- }
- }
- synchronized (authenticationDataStore) {
- Set keys = new HashSet(authenticationDataStore.keySet());
- for (Iterator iter = keys.iterator(); iter.hasNext();) {
- String samlArtifact = (String) iter.next();
- AuthenticationData authData =
- (AuthenticationData) authenticationDataStore.get(samlArtifact);
- if (now - authData.getTimestamp().getTime() > authDataTimeOut) {
- Logger.info(
- MOAIDMessageProvider.getInstance().getMessage(
- "cleaner.03",
- new Object[] { samlArtifact }));
- authenticationDataStore.remove(samlArtifact);
- }
- }
- }
- }
-
- /**
- * Sets the sessionTimeOut.
- * @param sessionTimeOut time out in seconds
- */
- public void setSecondsSessionTimeOut(long seconds) {
- sessionTimeOut = 1000 * seconds;
- }
- /**
- * Sets the authDataTimeOut.
- * @param authDataTimeOut time out in seconds
- */
- public void setSecondsAuthDataTimeOut(long seconds) {
- authDataTimeOut = 1000 * seconds;
- }
-
- /**
- * Checks a parameter.
- * @param param parameter
- * @return true if the parameter is null or empty
- */
- private boolean isEmpty(String param) {
- return param == null || param.length() == 0;
- }
-
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/AuthenticationSessionCleaner.java b/id.server/src/at/gv/egovernment/moa/id/auth/AuthenticationSessionCleaner.java
deleted file mode 100644
index 7e5ed6ec7..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/AuthenticationSessionCleaner.java
+++ /dev/null
@@ -1,52 +0,0 @@
-package at.gv.egovernment.moa.id.auth;
-
-import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
-import at.gv.egovernment.moa.logging.Logger;
-
-/**
- * Thread cleaning the AuthenticationServer session store
- * and authentication data store from garbage.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class AuthenticationSessionCleaner implements Runnable {
-
- /** interval the AuthenticationSessionCleaner is run in */
- private static final long SESSION_CLEANUP_INTERVAL = 30 * 60; // 30 min
-
- /**
- * Runs the thread. Cleans the AuthenticationServer session store
- * and authentication data store from garbage, then sleeps for given interval, and restarts.
- */
- public void run() {
- while (true) {
- try {
- Logger.debug("AuthenticationSessionCleaner run");
- AuthenticationServer.getInstance().cleanup();
- }
- catch (Exception e) {
- Logger.error(MOAIDMessageProvider.getInstance().getMessage("cleaner.01", null), e);
- }
- try {
- Thread.sleep(SESSION_CLEANUP_INTERVAL * 1000);
- }
- catch (InterruptedException e) {
- }
- }
- }
-
- /**
- * start the sessionCleaner
- */
- public static void start() {
- // start the session cleanup thread
- Thread sessionCleaner =
- new Thread(new AuthenticationSessionCleaner());
- sessionCleaner.setName("SessionCleaner");
- sessionCleaner.setDaemon(true);
- sessionCleaner.setPriority(Thread.MIN_PRIORITY);
- sessionCleaner.start();
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java b/id.server/src/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java
deleted file mode 100644
index ddba20049..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java
+++ /dev/null
@@ -1,53 +0,0 @@
-package at.gv.egovernment.moa.id.auth;
-
-/**
- * Constants used throughout moa-id-auth component.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public interface MOAIDAuthConstants {
-
- /** servlet parameter "Target" */
- public static final String PARAM_TARGET = "Target";
- /** servlet parameter "OA" */
- public static final String PARAM_OA = "OA";
- /** servlet parameter "bkuURI" */
- public static final String PARAM_BKU = "bkuURI";
- /** servlet parameter "BKUSelectionTemplate" */
- public static final String PARAM_BKUTEMPLATE = "BKUSelectionTemplate";
- /** servlet parameter "returnURI" */
- public static final String PARAM_RETURN = "returnURI";
- /** servlet parameter "Template" */
- public static final String PARAM_TEMPLATE = "Template";
- /** servlet parameter "MOASessionID" */
- public static final String PARAM_SESSIONID = "MOASessionID";
- /** servlet parameter "XMLResponse" */
- public static final String PARAM_XMLRESPONSE = "XMLResponse";
- /** servlet parameter "SAMLArtifact" */
- public static final String PARAM_SAMLARTIFACT = "SAMLArtifact";
- /** Request name {@link at.gv.egovernment.moa.id.auth.servlet.StartAuthenticationServlet} is mapped to */
- public static final String REQ_START_AUTHENTICATION = "StartAuthentication";
- /** Request name {@link at.gv.egovernment.moa.id.auth.servlet.VerifyIdentityLinkServlet} is mapped to */
- public static final String REQ_VERIFY_IDENTITY_LINK = "VerifyIdentityLink";
- /** Request name {@link at.gv.egovernment.moa.id.auth.servlet.VerifyAuthenticationBlockServlet} is mapped to */
- public static final String REQ_VERIFY_AUTH_BLOCK = "VerifyAuthBlock";
- /** Logging hierarchy used for controlling debug output of XML structures to files */
- public static final String DEBUG_OUTPUT_HIERARCHY = "moa.id.auth";
- /** Header Name for controlling the caching mechanism of the browser */
- public static final String HEADER_EXPIRES = "Expires";
- /** Header Value for controlling the caching mechanism of the browser */
- public static final String HEADER_VALUE_EXPIRES = "Sat, 6 May 1995 12:00:00 GMT";
- /** Header Name for controlling the caching mechanism of the browser */
- public static final String HEADER_PRAGMA = "Pragma";
- /** Header Value for controlling the caching mechanism of the browser */
- public static final String HEADER_VALUE_PRAGMA = "no-cache";
- /** Header Name for controlling the caching mechanism of the browser */
- public static final String HEADER_CACHE_CONTROL = "Cache-control";
- /** Header Value for controlling the caching mechanism of the browser */
- public static final String HEADER_VALUE_CACHE_CONTROL = "no-store, no-cache, must-revalidate";
- /** Header Value for controlling the caching mechanism of the browser */
- public static final String HEADER_VALUE_CACHE_CONTROL_IE = "post-check=0, pre-check=0";
-
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java b/id.server/src/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
deleted file mode 100644
index bfae6bf9c..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
+++ /dev/null
@@ -1,119 +0,0 @@
-package at.gv.egovernment.moa.id.auth;
-
-import iaik.pki.PKIException;
-import iaik.pki.jsse.IAIKX509TrustManager;
-
-import java.security.GeneralSecurityException;
-
-import java.io.IOException;
-
-import javax.net.ssl.SSLSocketFactory;
-
-import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.ConnectionParameter;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
-import at.gv.egovernment.moa.id.iaik.config.LoggerConfigImpl;
-import at.gv.egovernment.moa.id.util.AxisSecureSocketFactory;
-import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
-import at.gv.egovernment.moa.id.util.SSLUtils;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.logging.LoggingContext;
-import at.gv.egovernment.moa.logging.LoggingContextManager;
-import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
-import at.gv.egovernment.moa.spss.server.iaik.config.IaikConfigurator;
-
-/**
- * Web application initializer
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class MOAIDAuthInitializer {
-
- /** a boolean identifying if the MOAIDAuthInitializer has been startet */
- public static boolean initialized = false;
-
-
-
- /**
- * Initializes the web application components which need initialization:
- * logging, JSSE, MOA-ID Auth configuration, Axis, session cleaner.
- */
- public static void initialize()
- throws ConfigurationException, PKIException, IOException, GeneralSecurityException {
- if (initialized)
- return;
- initialized=true;
- Logger.setHierarchy("moa.id.auth");
- Logger.info("Default java file.encoding: " + System.getProperty( "file.encoding" ));
- // Restricts TLS cipher suites
- System.setProperty("https.cipherSuites", "SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_3DES_EDE_CBC_SHA");
- // load some jsse classes so that the integrity of the jars can be verified
- // before the iaik jce is installed as the security provider
- // this workaround is only needed when sun jsse is used in conjunction with
- // iaik-jce (on jdk1.3)
- ClassLoader cl = MOAIDAuthInitializer.class.getClassLoader();
- try {
- cl.loadClass("javax.security.cert.Certificate"); // from jcert.jar
- }
- catch (ClassNotFoundException e) {
- Logger.warn(MOAIDMessageProvider.getInstance().getMessage("init.01", null), e);
- }
-
- // Initializes SSLSocketFactory store
- SSLUtils.initialize();
-
- // Loads the configuration
- AuthConfigurationProvider authConf = AuthConfigurationProvider.reload();
- ConnectionParameter moaSPConnParam = authConf.getMoaSpConnectionParameter();
-
- // If MOA-SP API calls: loads MOA-SP configuration and configures IAIK
- if (moaSPConnParam == null) {
- try {
- LoggingContextManager.getInstance().setLoggingContext(
- new LoggingContext("startup"));
- ConfigurationProvider config = ConfigurationProvider.getInstance();
- new IaikConfigurator().configure(config);
- }
- catch (at.gv.egovernment.moa.spss.server.config.ConfigurationException ex) {
- throw new ConfigurationException("config.10", new Object[] { ex.toString() }, ex);
- }
- }
-
- // Initializes IAIKX509TrustManager logging
- String log4jConfigURL = System.getProperty("log4j.configuration");
- if (log4jConfigURL != null) {
- IAIKX509TrustManager.initLog(new LoggerConfigImpl(log4jConfigURL));
- }
-
- // Initializes the Axis secure socket factory for use in calling the MOA-SP web service
- if (moaSPConnParam != null && moaSPConnParam.isHTTPSURL()) {
- SSLSocketFactory ssf = SSLUtils.getSSLSocketFactory(authConf, moaSPConnParam);
- AxisSecureSocketFactory.initialize(ssf);
- }
-
- // sets the authentication session and authentication data time outs
- String param = authConf.getGenericConfigurationParameter(AuthConfigurationProvider.AUTH_SESSION_TIMEOUT_PROPERTY);
- if (param != null) {
- long sessionTimeOut = 0;
- try { sessionTimeOut = new Long(param).longValue(); }
- catch (NumberFormatException ex) {
- Logger.error(MOAIDMessageProvider.getInstance().getMessage("config.05", new Object[] {AuthConfigurationProvider.AUTH_SESSION_TIMEOUT_PROPERTY}));
- }
- if (sessionTimeOut > 0)
- AuthenticationServer.getInstance().setSecondsSessionTimeOut(sessionTimeOut);
- }
- param = authConf.getGenericConfigurationParameter(AuthConfigurationProvider.AUTH_DATA_TIMEOUT_PROPERTY);
- if (param != null) {
- long authDataTimeOut = 0;
- try { authDataTimeOut = new Long(param).longValue(); }
- catch (NumberFormatException ex) {
- Logger.error(MOAIDMessageProvider.getInstance().getMessage("config.05", new Object[] {AuthConfigurationProvider.AUTH_DATA_TIMEOUT_PROPERTY}));
- }
- if (authDataTimeOut > 0)
- AuthenticationServer.getInstance().setSecondsAuthDataTimeOut(authDataTimeOut);
- }
-
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/WrongParametersException.java b/id.server/src/at/gv/egovernment/moa/id/auth/WrongParametersException.java
deleted file mode 100644
index 3ce2798ea..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/WrongParametersException.java
+++ /dev/null
@@ -1,21 +0,0 @@
-package at.gv.egovernment.moa.id.auth;
-
-import at.gv.egovernment.moa.id.MOAIDException;
-
-/**
- * Exception thrown when the AuthenticationServer API is
- * called with wrong parameters provided.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class WrongParametersException extends MOAIDException {
-
- /**
- * Constructor
- */
- public WrongParametersException(String call, String parameter) {
- super("auth.05", new Object[] {call, parameter});
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java
deleted file mode 100644
index 41f439d04..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java
+++ /dev/null
@@ -1,59 +0,0 @@
-package at.gv.egovernment.moa.id.auth.builder;
-
-import java.text.MessageFormat;
-
-import at.gv.egovernment.moa.util.Constants;
-
-/**
- * Builder for the authentication block <saml:Assertion>
- * to be included in a <CreateXMLSignatureResponse>.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class AuthenticationBlockAssertionBuilder implements Constants {
- /** private static String nl contains the NewLine representation in Java*/
- private static String nl = "\n";
- /** private static String AUTH_BLOCK contains an XML-Auth-Block-Template */
- private static String AUTH_BLOCK =
- "<saml:Assertion>.
- *
- * @param issuer authentication block issuer; "GivenName FamilyName"
- * @param issueInstant current timestamp
- * @param authURL URL of MOA-ID authentication component
- * @param target "Geschäftsbereich"
- * @param oaURL public URL of online application requested
- * @return String representation of authentication block
- * <saml:Assertion> built
- */
- public String build(String issuer, String issueInstant, String authURL, String target, String oaURL, String GebDat) {
- String assertion = MessageFormat.format(
- AUTH_BLOCK, new Object[] { issuer, issueInstant, authURL, target, oaURL, GebDat});
- return assertion;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java
deleted file mode 100644
index eaf9aa0ae..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java
+++ /dev/null
@@ -1,115 +0,0 @@
-package at.gv.egovernment.moa.id.auth.builder;
-
-import java.text.MessageFormat;
-
-import at.gv.egovernment.moa.id.BuildException;
-import at.gv.egovernment.moa.id.data.AuthenticationData;
-import at.gv.egovernment.moa.util.Constants;
-
-/**
- * Builder for the authentication data <saml:Assertion>
- * to be provided by the MOA ID Auth component.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class AuthenticationDataAssertionBuilder implements Constants {
- /** private static String NL contains the NewLine representation in Java*/
- private static final String NL = "\n";
- /**
- * XML template for the <saml:Assertion> to be built
- */
- private static final String AUTH_DATA =
- "" + NL +
- "<saml:Attribute> named "isPublicAuthority",
- * to be inserted into the <saml:Assertion>
- */
- private static final String PUBLIC_AUTHORITY_ATT =
- " <saml:Assertion>.
- *
- * @param authData the AuthenticationData to build the
- * <saml:Assertion> from
- * @param xmlPersonData lt;pr:Person> element as a String
- * @param xmlAuthBlock authentication block to be included in a
- * lt;saml:SubjectConfirmationData> element; may include
- * the "Stammzahl" or not; may be empty
- * @param xmlIdentityLink the IdentityLink
- * @return the <saml:Assertion>
- * @throws BuildException if an error occurs during the build process
- */
- public String build(
- AuthenticationData authData,
- String xmlPersonData,
- String xmlAuthBlock,
- String xmlIdentityLink) throws BuildException {
-
- String isQualifiedCertificate = authData.isQualifiedCertificate() ? "true" : "false";
- String publicAuthorityAttribute = "";
- if (authData.isPublicAuthority()) {
- String publicAuthorityIdentification = authData.getPublicAuthorityCode();
- if (publicAuthorityIdentification == null)
- publicAuthorityIdentification = "True";
- publicAuthorityAttribute = MessageFormat.format(
- PUBLIC_AUTHORITY_ATT, new Object[] { publicAuthorityIdentification });
- }
-
- String assertion = MessageFormat.format(AUTH_DATA, new Object[] {
- authData.getAssertionID(),
- authData.getIssuer(),
- authData.getIssueInstant(),
- authData.getPBK(),
- removeXMLDeclaration(xmlAuthBlock),
- removeXMLDeclaration(xmlIdentityLink),
- removeXMLDeclaration(xmlPersonData),
- isQualifiedCertificate,
- publicAuthorityAttribute});
- return assertion;
- }
-
- /**
- * Removes the XML declaration from an XML expression.
- * @param xmlString XML expression as String
- * @return XML expression, XML declaration removed
- */
- private String removeXMLDeclaration(String xmlString) {
- if (xmlString.startsWith(""Ableitung f¨r die bereichsspezifische Personenkennzeichnung"
- * version 1.0.1 from "reference.e-government.gv.at".
- *
- * @author Paul Schamberger
- * @version $Id$
- */
-public class BPKBuilder {
-
- /**
- * Builds the BPK from given parameters.
- * @param identificationValue Base64 encoded "Stammzahl"
- * @param target "Bereich lt. Verordnung des BKA"
- * @return PBK in a BASE64 encoding
- * @throws BuildException in case of error while building the BPK
- */
- public String buildBPK(String identificationValue, String target)
- throws BuildException {
-
- if (identificationValue == null || identificationValue.length() == 0
- || target == null || target.length() == 0)
- throw new BuildException(
- "builder.00",
- new Object[] {"BPK",
- "Unvollständige Parameterangaben: identificationValue=" + identificationValue +
- ",target=" + target});
- String basisbegriff = identificationValue + "+" + target;
- try {
- MessageDigest md = MessageDigest.getInstance("SHA-1");
- byte[] hash = md.digest(basisbegriff.getBytes("ISO-8859-1"));
- String hashBase64 = Base64Utils.encode(hash);
- return hashBase64;
- }
- catch (Exception ex) {
- throw new BuildException(
- "builder.00",
- new Object[] {"BPK", ex.toString()},
- ex);
- }
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/Builder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/Builder.java
deleted file mode 100644
index e5bbaa585..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/builder/Builder.java
+++ /dev/null
@@ -1,30 +0,0 @@
-package at.gv.egovernment.moa.id.auth.builder;
-
-import at.gv.egovernment.moa.id.BuildException;
-
-/**
- * Base class for HTML/XML builders providing commonly useful functions.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class Builder {
-
- /**
- * Replaces a special tag in an XML or HTML template by a value.
- * @param htmlTemplate template
- * @param tag special tag
- * @param value value replacing the tag
- * @return XML or HTML code, the tag replaced
- * @throws BuildException when template does not contain the tag
- */
- protected String replaceTag(String template, String tag, String value) throws BuildException {
- int index = template.indexOf(tag);
- if (index < 0)
- throw new BuildException(
- "builder.01",
- new Object[] {"<" + tag.substring(1, tag.length() - 1) + ">"});
- return template.substring(0, index) + value + template.substring(index + tag.length());
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/CertInfoVerifyXMLSignatureRequestBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/CertInfoVerifyXMLSignatureRequestBuilder.java
deleted file mode 100644
index 5ceb1d1c0..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/builder/CertInfoVerifyXMLSignatureRequestBuilder.java
+++ /dev/null
@@ -1,51 +0,0 @@
-package at.gv.egovernment.moa.id.auth.builder;
-
-import java.io.IOException;
-
-import at.gv.egovernment.moa.id.BuildException;
-import at.gv.egovernment.moa.util.FileUtils;
-
-/**
- * Builder for the <VerifyXMLSignatureRequest> structure
- * used for presenting certificate information in the secure viewer of the security layer implementation.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class CertInfoVerifyXMLSignatureRequestBuilder extends Builder {
-
- /** special tag in the VerifyXMLRequest template to be substituted for a <dsig:Signature> */
- private static final String SIGNATURE_TAG = "<VerifyXMLSignatureRequest> structure.
- * @return the XML structure
- * @throws BuildException
- */
- public String build() throws BuildException {
- String resCertInfoRequest = "resources/xmldata/CertInfoVerifyXMLSignatureRequest.xml";
- String resDsigSignature = "resources/xmldata/CertInfoDsigSignature.xml";
- String certInfoRequest;
- try {
- certInfoRequest = FileUtils.readResource(resCertInfoRequest, "UTF-8");
- }
- catch (IOException ex) {
- throw new BuildException("auth.04", new Object[] {resCertInfoRequest, ex.toString()});
- }
- try {
- String dsigSignature = FileUtils.readResource(resDsigSignature, "UTF-8");
- certInfoRequest = replaceTag(certInfoRequest, SIGNATURE_TAG, dsigSignature);
- return certInfoRequest;
- }
- catch (IOException ex) {
- throw new BuildException("auth.04", new Object[] {resDsigSignature, ex.toString()});
- }
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java
deleted file mode 100644
index 48320c4f5..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java
+++ /dev/null
@@ -1,59 +0,0 @@
-package at.gv.egovernment.moa.id.auth.builder;
-
-import java.text.MessageFormat;
-
-import at.gv.egovernment.moa.util.Constants;
-
-/**
- * Builder for the <CreateXMLSignatureRequest> structure
- * used for requesting a signature under the authentication block from the
- * security layer implementation.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class CreateXMLSignatureRequestBuilder implements Constants {
- /** private static String nl contains the NewLine representation in Java*/
- private static final String nl = "\n";
- /**
- * XML template for the <moa:CreateXMLSignatureRequest> to be built
- */
- private static final String CREATE_XML_SIGNATURE_REQUEST =
- "" + nl +
- "<CreateXMLSignatureRequest>.
- *
- * @param authBlock String representation of XML authentication block
- * @param keyBoxIdentfier the key box identifier which will be used (e.g. CertifiedKeypair)
- * @return String representation of <CreateXMLSignatureRequest>
- */
- public String build(String authBlock, String keyBoxIdentifier, String[] dsigTransformInfos) {
- String dsigTransformInfosString = "";
- for (int i = 0; i < dsigTransformInfos.length; i++)
- dsigTransformInfosString += dsigTransformInfos[i];
- String request = MessageFormat.format(
- CREATE_XML_SIGNATURE_REQUEST, new Object[] { authBlock, keyBoxIdentifier, dsigTransformInfosString });
- return request;
- }
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/DataURLBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/DataURLBuilder.java
deleted file mode 100644
index 30cc1df5a..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/builder/DataURLBuilder.java
+++ /dev/null
@@ -1,83 +0,0 @@
-package at.gv.egovernment.moa.id.auth.builder;
-
-import at.gv.egovernment.moa.id.auth.servlet.AuthServlet;
-import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
-import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
-import at.gv.egovernment.moa.logging.Logger;
-
-/**
- * Builds a DataURL parameter meant for the security layer implementation
- * to respond to.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class DataURLBuilder {
-
- /**
- * Constructor for DataURLBuilder.
- */
- public DataURLBuilder() {
- super();
- }
-
- /**
- * Constructs a data URL for VerifyIdentityLink or VerifyAuthenticationBlock,
- * including the MOASessionID as a parameter.
- *
- * @param authBaseURL base URL (context path) of the MOA ID Authentication component,
- * including a trailing '/'
- * @param authServletName request part of the data URL
- * @param sessionID sessionID to be included in the dataURL
- * @return String
- */
- public String buildDataURL(String authBaseURL, String authServletName, String sessionID) {
-
- String individualDataURLPrefix = null;
- String dataURL;
- try {
- //check if an individual prefix is configured
- individualDataURLPrefix = AuthConfigurationProvider.getInstance().
- getGenericConfigurationParameter(AuthConfigurationProvider.INDIVIDUAL_DATA_URL_PREFIX);
-
- if (null != individualDataURLPrefix) {
-
- //check individualDataURLPrefix
- if(!individualDataURLPrefix.startsWith("http"))
- throw(new ConfigurationException("config.13", new Object[] { individualDataURLPrefix}));
-
- //when ok then use it
- dataURL = individualDataURLPrefix + authServletName;
- } else
- dataURL = authBaseURL + authServletName;
-
- } catch (ConfigurationException e) {
- Logger.warn(e);
- Logger.warn(MOAIDMessageProvider.getInstance().getMessage("config.12", new Object[] { authBaseURL } ));
- dataURL = authBaseURL + authServletName;
- }
-
- dataURL = addParameter(dataURL, AuthServlet.PARAM_SESSIONID, sessionID);
- return dataURL;
- }
-
- /**
- * Method addParameter.
- * @param urlString represents the url
- * @param paramname is the parameter to be added
- * @param value is the value of that parameter
- * @return String
- */
- private String addParameter(String urlString, String paramname, String value) {
- String url = urlString;
- if (paramname != null) {
- if (url.indexOf("?") < 0)
- url += "?";
- else
- url += "&";
- url += paramname + "=" + value;
- }
- return url;
- }
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java
deleted file mode 100644
index dbc14804d..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java
+++ /dev/null
@@ -1,138 +0,0 @@
-package at.gv.egovernment.moa.id.auth.builder;
-
-import java.io.IOException;
-import java.io.StringReader;
-import java.io.StringWriter;
-
-import at.gv.egovernment.moa.id.BuildException;
-
-/**
- * Builder for HTML form requesting the security layer implementation
- * to get the identity link from smartcard by a <InfoboxReadRequest>.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class GetIdentityLinkFormBuilder extends Builder {
- /** private static String NL contains the NewLine representation in Java*/
- private static final String nl = "\n";
- /** special tag in the HTML template to be substituted for the BKU URL */
- private static final String BKU_TAG = "null, in this case a default layout will be produced
- * @param xmlRequest XML Request to be sent as a parameter in the form
- * @param bkuURL URL of the "Bürgerkartenumgebung" the form will be submitted to;
- * may be null, in this case the default URL will be used
- * @param dataURL DataURL to be sent as a parameter in the form
- */
- public String build(
- String htmlTemplate, String bkuURL, String xmlRequest, String dataURL, String certInfoXMLRequest, String certInfoDataURL)
- throws BuildException {
-
- String htmlForm = htmlTemplate == null ? DEFAULT_HTML_TEMPLATE : htmlTemplate;
- String bku = bkuURL == null ? DEFAULT_BKU : bkuURL;
- htmlForm = replaceTag(htmlForm, BKU_TAG, bku);
- htmlForm = replaceTag(htmlForm, XMLREQUEST_TAG, encodeParameter(xmlRequest));
- htmlForm = replaceTag(htmlForm, DATAURL_TAG, dataURL);
- htmlForm = replaceTag(htmlForm, BKU_TAG, bku);
- htmlForm = replaceTag(htmlForm, CERTINFO_XMLREQUEST_TAG, encodeParameter(certInfoXMLRequest));
- htmlForm = replaceTag(htmlForm, CERTINFO_DATAURL_TAG, certInfoDataURL);
- return htmlForm;
- }
- /**
- * Encodes a string for inclusion as a parameter in the form.
- * Double quotes are substituted by """.
- * @param s the string to be encoded
- * @return the string encoded
- * @throws BuildException on any exception encountered
- */
- public static String encodeParameter(String s) throws BuildException {
- StringReader in = new StringReader(s);
- StringWriter out = new StringWriter();
- try {
- for (int ch = in.read(); ch >= 0; ch = in.read()) {
- if (ch == '"')
- out.write(""");
- else if (ch == '<')
- out.write("<");
- else if (ch == '>')
- out.write(">");
- else if (ch == 'ä')
- out.write("ä");
- else if (ch == 'ö')
- out.write("ö");
- else if (ch == 'ü')
- out.write("ü");
- else if (ch == 'Ä')
- out.write("Ä");
- else if (ch == 'Ö')
- out.write("Ö");
- else if (ch == 'Ü')
- out.write("Ü");
- else if (ch == 'ß')
- out.write("ß");
- else
- out.write(ch);
- }
- }
- catch (IOException ex) {
- throw new BuildException("builder.00", new Object[] {"GetIdentityLinkForm", ex.toString()});
- }
- return out.toString();
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilder.java
deleted file mode 100644
index d3e100671..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilder.java
+++ /dev/null
@@ -1,39 +0,0 @@
-package at.gv.egovernment.moa.id.auth.builder;
-
-import at.gv.egovernment.moa.util.Constants;
-
-/**
- * Builder for the <InfoboxReadRequest> structure
- * used for requesting the identity link from the security layer implementation.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class InfoboxReadRequestBuilder implements Constants {
-
- /**
- * XML template for the <sl10:InfoboxReadRequest> to be built
- */
- String INFOBOX_READ_REQUEST =
- "" +
- "<InfoboxReadRequest>.
- *
- * @return <InfoboxReadRequest> as String
- */
- public String build() {
- String request = INFOBOX_READ_REQUEST;
- return request;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilder.java
deleted file mode 100644
index 819ed79bb..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilder.java
+++ /dev/null
@@ -1,59 +0,0 @@
-package at.gv.egovernment.moa.id.auth.builder;
-
-import org.w3c.dom.Element;
-import org.w3c.dom.Node;
-
-import at.gv.egovernment.moa.id.BuildException;
-import at.gv.egovernment.moa.id.auth.data.IdentityLink;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.XPathUtils;
-
-/**
- * Builder for the lt;pr:Person> element to be inserted
- * in the authentication data lt;saml:Assertion>.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class PersonDataBuilder {
-
- /**
- * Constructor for PersonDataBuilder.
- */
- public PersonDataBuilder() {
- super();
- }
- /**
- * Builds the <pr:Person> element.- * Utilizes the parsed
<prPerson> from the identity link
- * and the information regarding inclusion of "Stammzahl" in the
- * <pr:Person> data.
- *
- * @param identityLink IdentityLink containing the
- * attribute prPerson
- * @param provideStammzahl true if "Stammzahl" is to be included;
- * false otherwise
- * @return the <pr:Person> element as a String
- * @throws BuildException on any error
- */
- public String build(IdentityLink identityLink, boolean provideStammzahl)
- throws BuildException {
-
- try {
- Element prPerson = (Element)identityLink.getPrPerson().cloneNode(true);
- if (! provideStammzahl) {
- Node prIdentification = XPathUtils.selectSingleNode(prPerson, "pr:Identification/pr:Value");
- //remove IdentificationValue
- prIdentification.getFirstChild().setNodeValue("");
- }
- String xmlString = DOMUtils.serializeNode(prPerson);
- return xmlString;
- }
- catch (Exception ex) {
- throw new BuildException(
- "builder.00",
- new Object[] {"PersonData", ex.toString()},
- ex);
- }
- }
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java
deleted file mode 100644
index 27e19e830..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java
+++ /dev/null
@@ -1,60 +0,0 @@
-package at.gv.egovernment.moa.id.auth.builder;
-
-import java.io.ByteArrayOutputStream;
-import java.security.MessageDigest;
-
-import at.gv.egovernment.moa.id.BuildException;
-import at.gv.egovernment.moa.util.Base64Utils;
-
-/**
- * Builder for the SAML artifact, as defined in the
- * Browser/Artifact profile of SAML.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class SAMLArtifactBuilder {
-
- /**
- * Constructor for SAMLArtifactBuilder.
- */
- public SAMLArtifactBuilder() {
- super();
- }
-
- /**
- * Builds the SAML artifact, encoded BASE64.
- * -
- *
TypeCode:0x0001.
- * SourceID: SHA-1 hash of the authURL
- * AssertionHandle: SHA-1 hash of theMOASessionID
- *
SourceID
- * @param sessionID MOASessionID to be used for construction
- * of AssertionHandle
- * @return the 42-byte SAML artifact, encoded BASE64
- */
- public String build(String authURL, String sessionID) throws BuildException {
- try {
- MessageDigest md = MessageDigest.getInstance("SHA-1");
- byte[] sourceID = md.digest(authURL.getBytes());
- byte[] assertionHandle = md.digest(sessionID.getBytes());
- ByteArrayOutputStream out = new ByteArrayOutputStream(42);
- out.write(0);
- out.write(1);
- out.write(sourceID, 0, 20);
- out.write(assertionHandle, 0, 20);
- byte[] samlArtifact = out.toByteArray();
- String samlArtifactBase64 = Base64Utils.encode(samlArtifact);
- return samlArtifactBase64;
- }
- catch (Throwable ex) {
- throw new BuildException(
- "builder.00",
- new Object[] {"SAML Artifact, MOASessionID=" + sessionID, ex.toString()},
- ex);
- }
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/SAMLResponseBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/SAMLResponseBuilder.java
deleted file mode 100644
index d7dac3907..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/builder/SAMLResponseBuilder.java
+++ /dev/null
@@ -1,104 +0,0 @@
-package at.gv.egovernment.moa.id.auth.builder;
-
-import java.text.MessageFormat;
-
-import org.w3c.dom.Element;
-
-import at.gv.egovernment.moa.id.*;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.OutputXML2File;
-import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
-
-/**
- * Builder for the lt;samlp:Response> used for passing
- * result and status information from the GetAuthenticationData
- * web service.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class SAMLResponseBuilder implements Constants {
- /** XML - Template for samlp:Response */
- private static final String RESPONSE =
- "" +
- "lt;samlp:Request> responded to
- * @param issueInstant current timestamp
- * @param statusCode status code
- * @param subStatusCode sub-status code refining the status code; may be null
- * @param statusMessage status message
- * @param samlAssertion SAML assertion representing authentication data
- * @return SAML response as a DOM element
- */
- public Element build(
- String responseID,
- String inResponseTo,
- String issueInstant,
- String statusCode,
- String subStatusCode,
- String statusMessage,
- String samlAssertion)
- throws BuildException {
-
- try {
- String xmlSubStatusCode =
- subStatusCode == null ?
- "" :
- MessageFormat.format(SUB_STATUS_CODE, new Object[] {subStatusCode});
- OutputXML2File.debugOutputXML2File("SamlAssertion.xml", samlAssertion, MOAIDAuthConstants.DEBUG_OUTPUT_HIERARCHY);
-
- String xmlResponse = MessageFormat.format(RESPONSE, new Object[] {
- responseID,
- inResponseTo,
- issueInstant,
- statusCode,
- xmlSubStatusCode,
- statusMessage,
- removeXMLDeclaration(samlAssertion) });
- Element domResponse = DOMUtils.parseDocument(xmlResponse, true, ALL_SCHEMA_LOCATIONS, null).getDocumentElement();
- return domResponse;
- }
- catch (Throwable ex) {
- throw new BuildException(
- "builder.00",
- new Object[] { "samlp:Response", ex.toString() },
- ex);
- }
- }
- /**
- * Removes the XML declaration from an XML expression.
- * @param xmlString XML expression as String
- * @return XML expression, XML declaration removed
- */
- private String removeXMLDeclaration(String xmlString) {
- if (xmlString.startsWith("";
- /** special tag in the HTML template to be substituted for the <select;gt; tag
- * containing the BKU selection options */
- private static final String SELECT_TAG = "<VerifyXMLSignatureRequestBuilder> structure
- * used for sending the DSIG-Signature of the Security Layer card for validating to MOA-SP.
- *
- * @author Stefan Knirsch
- * @version $Id$
- */
-public class VerifyXMLSignatureRequestBuilder {
- /** The MOA-Prefix */
- private static final String MOA = Constants.MOA_PREFIX + ":";
- /** the request as string */
- private String request;
- /** the request as DOM-Element */
- private Element reqElem;
-
- /**
- * Constructor for VerifyXMLSignatureRequestBuilder.
- */
- public VerifyXMLSignatureRequestBuilder() {
- }
- /**
- * Builds a <VerifyXMLSignatureRequest>
- * from an IdentityLink with a known trustProfileID which
- * has to exist in MOA-SP
- * @param idl - The IdentityLink
- * @param trustProfileID - a preconfigured TrustProfile at MOA-SP
- * @return Element - The complete request as Dom-Element
- * @throws ParseException
- */
- public Element build(IdentityLink idl, String trustProfileID)
- throws ParseException { //samlAssertionObject
- request =
- ""
- + "<VerifyXMLSignatureRequest>
- * from the signed AUTH-Block with a known trustProfileID which
- * has to exist in MOA-SP
- * @param csr - signed AUTH-Block
- * @param verifyTransformsInfoProfileID - allowed verifyTransformsInfoProfileID
- * @param trustProfileID - a preconfigured TrustProfile at MOA-SP
- * @return Element - The complete request as Dom-Element
- * @throws ParseException
- */
- public Element build(
- CreateXMLSignatureResponse csr,
- String[] verifyTransformsInfoProfileID,
- String trustProfileID)
- throws ParseException { //samlAssertionObject
- request =
- ""
- + "AuthenticationServer API calls.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class AuthenticationSession {
- /**
- * session ID
- */
- private String sessionID;
- /**
- * "Geschäftsbereich" the online application belongs to
- */
- private String target;
- /**
- * public online application URL requested
- */
- private String oaURLRequested;
- /**
- * public online application URL prefix
- */
- private String oaPublicURLPrefix;
- /**
- * URL of MOA ID authentication component
- */
- private String authURL;
- /**
- * HTML template URL
- */
- private String templateURL;
- /**
- * identity link read from smartcard
- */
- private IdentityLink identityLink;
- /**
- * authentication block to be signed by the user
- */
- private String authBlock;
- /**
- * timestamp logging when authentication session has been created
- */
- private Date timestampStart;
- /**
- * timestamp logging when identity link has been received
- */
- private Date timestampIdentityLink;
-
- /**
- * Constructor for AuthenticationSession.
- *
- * @param id Session ID
- */
- public AuthenticationSession(String id) {
- sessionID = id;
- setTimestampStart();
- }
-
- /**
- * Returns the identityLink.
- * @return IdentityLink
- */
- public IdentityLink getIdentityLink() {
- return identityLink;
- }
-
- /**
- * Returns the sessionID.
- * @return String
- */
- public String getSessionID() {
- return sessionID;
- }
-
- /**
- * Sets the identityLink.
- * @param identityLink The identityLink to set
- */
- public void setIdentityLink(IdentityLink identityLink) {
- this.identityLink = identityLink;
- }
-
- /**
- * Sets the sessionID.
- * @param sessionID The sessionID to set
- */
- public void setSessionID(String sessionId) {
- this.sessionID = sessionId;
- }
-
- /**
- * Returns the oaURLRequested.
- * @return String
- */
- public String getOAURLRequested() {
- return oaURLRequested;
- }
-
- /**
- * Returns the oaURLRequested.
- * @return String
- */
- public String getPublicOAURLPrefix() {
- return oaPublicURLPrefix;
- }
-
- /**
- * Returns the target.
- * @return String
- */
- public String getTarget() {
- return target;
- }
-
- /**
- * Sets the oaURLRequested.
- * @param oaURLRequested The oaURLRequested to set
- */
- public void setOAURLRequested(String url) {
- this.oaURLRequested = url;
- }
-
- /**
- * Sets the oaPublicURLPrefix
- * @param url The oaPublicURLPrefix to set
- */
- public void setPublicOAURLPrefix(String url) {
- this.oaPublicURLPrefix = url;
- }
-
- /**
- * Sets the target.
- * @param target The target to set
- */
- public void setTarget(String target) {
- this.target = target;
- }
-
- /**
- * Returns the authURL.
- * @return String
- */
- public String getAuthURL() {
- return authURL;
- }
-
- /**
- * Sets the authURL.
- * @param authURL The authURL to set
- */
- public void setAuthURL(String authURL) {
- this.authURL = authURL;
- }
-
- /**
- * Returns the authBlock.
- * @return String
- */
- public String getAuthBlock() {
- return authBlock;
- }
-
- /**
- * Sets the authBlock.
- * @param authBlock The authBlock to set
- */
- public void setAuthBlock(String authBlock) {
- this.authBlock = authBlock;
- }
-
- /**
- * Returns the timestampIdentityLink.
- * @return Date
- */
- public Date getTimestampIdentityLink() {
- return timestampIdentityLink;
- }
-
- /**
- * Returns the timestampStart.
- * @return Date
- */
- public Date getTimestampStart() {
- return timestampStart;
- }
-
- /**
- * Sets the current date as timestampIdentityLink.
- */
- public void setTimestampIdentityLink() {
- timestampIdentityLink = new Date();
- }
-
- /**
- * Sets the current date as timestampStart.
- */
- public void setTimestampStart() {
- timestampStart = new Date();
- }
-
- /**
- * @return template URL
- */
- public String getTemplateURL() {
- return templateURL;
- }
-
- /**
- * @param string the template URL
- */
- public void setTemplateURL(String string) {
- templateURL = string;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/data/CreateXMLSignatureResponse.java b/id.server/src/at/gv/egovernment/moa/id/auth/data/CreateXMLSignatureResponse.java
deleted file mode 100644
index 81945f644..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/data/CreateXMLSignatureResponse.java
+++ /dev/null
@@ -1,71 +0,0 @@
-package at.gv.egovernment.moa.id.auth.data;
-
-import org.w3c.dom.Element;
-
-/**
- * This bean saves all information of the CreateXMLSignature-Response:
- * a {@link SAMLAttribute} array, the SamlAssertion-Element and the
- * saml NameIdentifier
- *
- * @author Stefan Knirsch
- * @version $Id$
- *
- */
-public class CreateXMLSignatureResponse {
- /** the samlNameIdentifier */
-private String samlNameIdentifier;
- /** an array of saml-attributes */
-private SAMLAttribute[] samlAttributes;
- /**
- * the original saml:Assertion-Element
- */
- private Element samlAssertion;
-/**
- * Returns the samlAssertion.
- * @return Element
- */
-public Element getSamlAssertion() {
- return samlAssertion;
-}
-
-/**
- * Returns the samlAttribute.
- * @return SAMLAttribute[]
- */
-public SAMLAttribute[] getSamlAttributes() {
- return samlAttributes;
-}
-
-/**
- * Returns the samlNameIdentifier.
- * @return String
- */
-public String getSamlNameIdentifier() {
- return samlNameIdentifier;
-}
-
-/**
- * Sets the samlAssertion.
- * @param samlAssertion The samlAssertion to set
- */
-public void setSamlAssertion(Element samlAssertion) {
- this.samlAssertion = samlAssertion;
-}
-
-/**
- * Sets the samlAttribute.
- * @param samlAttribute The samlAttribute to set
- */
-public void setSamlAttributes(SAMLAttribute[] samlAttributes) {
- this.samlAttributes = samlAttributes;
-}
-
-/**
- * Sets the samlNameIdentifier.
- * @param samlNameIdentifier The samlNameIdentifier to set
- */
-public void setSamlNameIdentifier(String samlNameIdentifier) {
- this.samlNameIdentifier = samlNameIdentifier;
-}
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/data/IdentityLink.java b/id.server/src/at/gv/egovernment/moa/id/auth/data/IdentityLink.java
deleted file mode 100644
index cc58db916..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/data/IdentityLink.java
+++ /dev/null
@@ -1,210 +0,0 @@
-package at.gv.egovernment.moa.id.auth.data;
-
-import java.security.PublicKey;
-
-import org.w3c.dom.Element;
-
-
-/**
- * Data contained in an identity link issued by BMI, relevant to the MOA ID component.
- * "IdentityLink" is the translation of "Personenbindung".
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class IdentityLink {
- /**
- * "identificationValue" is the translation of "Stammzahl".
- */
- private String identificationValue;
- /**
- * "identificationType" type of the identificationValue in the IdentityLink.
- */
- private String identificationType;
- /**
- * first name
- */
- private String givenName;
- /**
- * family name
- */
- private String familyName;
- /**
- * date of birth
- */
- private String dateOfBirth;
- /**
- * the original saml:Assertion-Element
- */
- private Element samlAssertion;
- /**
- * Element /saml:Assertion/saml:AttributeStatement/saml:Subject/saml:SubjectConfirmation/saml:SubjectConfirmationData/pr:Person
- */
- private Element prPerson;
- /**
- * we need for each dsig:Reference Element all
- * transformation elements
- */
- private Element[] dsigReferenceTransforms;
-
-
- /**
- * we need all public keys stored in
- * the identity link
- */
- private PublicKey[] publicKey;
-
- /**
- * Constructor for IdentityLink
- */
- public IdentityLink() {
- }
-
- /**
- * Returns the dateOfBirth.
- * @return Calendar
- */
- public String getDateOfBirth() {
- return dateOfBirth;
- }
-
- /**
- * Returns the familyName.
- * @return String
- */
- public String getFamilyName() {
- return familyName;
- }
-
- /**
- * Returns the givenName.
- * @return String
- */
- public String getGivenName() {
- return givenName;
- }
-
- /**
- * Returns the identificationValue.
- * "identificationValue" is the translation of "Stammzahl".
- * @return String
- */
- public String getIdentificationValue() {
- return identificationValue;
- }
-
- /**
- * Returns the identificationType.
- * "identificationType" type of the identificationValue in the IdentityLink.
- * @return String
- */
- public String getIdentificationType() {
- return identificationType;
- }
-
- /**
- * Sets the dateOfBirth.
- * @param dateOfBirth The dateOfBirth to set
- */
- public void setDateOfBirth(String dateOfBirth) {
- this.dateOfBirth = dateOfBirth;
- }
-
- /**
- * Sets the familyName.
- * @param familyName The familyName to set
- */
- public void setFamilyName(String familyName) {
- this.familyName = familyName;
- }
-
- /**
- * Sets the givenName.
- * @param givenName The givenName to set
- */
- public void setGivenName(String givenName) {
- this.givenName = givenName;
- }
-
- /**
- * Sets the identificationValue.
- * "identificationValue" is the translation of "Stammzahl".
- * @param identificationValue The identificationValue to set
- */
- public void setIdentificationValue(String identificationValue) {
- this.identificationValue = identificationValue;
- }
-
- /**
- * Sets the Type of the identificationValue.
- * @param identificationType The type of identificationValue to set
- */
- public void setIdentificationType(String identificationType) {
- this.identificationType = identificationType;
- }
-
- /**
- * Returns the samlAssertion.
- * @return Element
- */
- public Element getSamlAssertion() {
- return samlAssertion;
- }
-
- /**
- * Sets the samlAssertion.
- * @param samlAssertion The samlAssertion to set
- */
- public void setSamlAssertion(Element samlAssertion) {
- this.samlAssertion = samlAssertion;
- }
-
- /**
- * Returns the dsigReferenceTransforms.
- * @return Element[]
- */
- public Element[] getDsigReferenceTransforms() {
- return dsigReferenceTransforms;
- }
-
- /**
- * Sets the dsigReferenceTransforms.
- * @param dsigReferenceTransforms The dsigReferenceTransforms to set
- */
- public void setDsigReferenceTransforms(Element[] dsigReferenceTransforms) {
- this.dsigReferenceTransforms = dsigReferenceTransforms;
- }
-
- /**
- * Returns the publicKey.
- * @return PublicKey[]
- */
- public PublicKey[] getPublicKey() {
- return publicKey;
- }
-
- /**
- * Sets the publicKey.
- * @param publicKey The publicKey to set
- */
- public void setPublicKey(PublicKey[] publicKey) {
- this.publicKey = publicKey;
- }
-
- /**
- * Returns the prPerson.
- * @return Element
- */
- public Element getPrPerson() {
- return prPerson;
- }
-
- /**
- * Sets the prPerson.
- * @param prPerson The prPerson to set
- */
- public void setPrPerson(Element prPerson) {
- this.prPerson = prPerson;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/data/SAMLAttribute.java b/id.server/src/at/gv/egovernment/moa/id/auth/data/SAMLAttribute.java
deleted file mode 100644
index c787b2a81..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/data/SAMLAttribute.java
+++ /dev/null
@@ -1,78 +0,0 @@
-package at.gv.egovernment.moa.id.auth.data;
-
-/**
- * This bean saves all data of a single SAMLAttribute:
- * the name, value and namespace
- *
- * @author Stefan Knirsch
- * @version $Id$
- *
- */
-public class SAMLAttribute {
-/** the name to be stored */
-private String name;
-/** the namespace to be stored */
-private String namespace;
-/** the value to be stored */
-private String value;
-
- /**
- * Constructor for SAMLAttribute.
- */
- public SAMLAttribute(String name, String namespace, String value) {
-
- this.name = name;
- this.namespace = namespace;
- this.value = value;
-
- }
-
-/**
- * Returns the name.
- * @return String
- */
-public String getName() {
- return name;
-}
-
-/**
- * Returns the namespace.
- * @return String
- */
-public String getNamespace() {
- return namespace;
-}
-
-/**
- * Returns the value.
- * @return String
- */
-public String getValue() {
- return value;
-}
-
-/**
- * Sets the name.
- * @param name The name to set
- */
-public void setName(String name) {
- this.name = name;
-}
-
-/**
- * Sets the namespace.
- * @param namespace The namespace to set
- */
-public void setNamespace(String namespace) {
- this.namespace = namespace;
-}
-
-/**
- * Sets the value.
- * @param value The value to set
- */
-public void setValue(String value) {
- this.value = value;
-}
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/data/VerifyXMLSignatureResponse.java b/id.server/src/at/gv/egovernment/moa/id/auth/data/VerifyXMLSignatureResponse.java
deleted file mode 100644
index 8233d1478..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/data/VerifyXMLSignatureResponse.java
+++ /dev/null
@@ -1,177 +0,0 @@
-package at.gv.egovernment.moa.id.auth.data;
-
-import iaik.x509.X509Certificate;
-
-/**
- * This bean saves all information of the MOA-SP-Answer
- * after the verification of any signature
- *
- * @author Stefan Knirsch
- * @version $Id$
- *
- */
-public class VerifyXMLSignatureResponse {
- /** The xmlDsigSubjectName to be stored */
- private String xmlDsigSubjectName;
- /** The signatureCheckCode to be stored */
- private int signatureCheckCode;
- /** The xmlDSIGManifestCheckCode to be stored */
- private int xmlDSIGManifestCheckCode;
- /** The xmlDSIGManigest to be stored */
- private boolean xmlDSIGManigest;
- /** The certificateCheckCode to be stored */
- private int certificateCheckCode;
- /** The publicAuthority to be stored */
- private boolean publicAuthority;
- /** The publicAuthorityCode to be stored */
- private String publicAuthorityCode;
- /** The qualifiedCertificate to be stored */
- private boolean qualifiedCertificate;
- /** The x509certificate to be stored */
- private X509Certificate x509certificate;
-
- /**
- * Returns the certificateCheckCode.
- * @return int
- */
- public int getCertificateCheckCode() {
- return certificateCheckCode;
- }
-
- /**
- * Returns the signatureCheckCode.
- * @return int
- */
- public int getSignatureCheckCode() {
- return signatureCheckCode;
- }
-
- /**
- * Returns the xmlDSIGManifestCheckCode.
- * @return int
- */
- public int getXmlDSIGManifestCheckCode() {
- return xmlDSIGManifestCheckCode;
- }
-
- /**
- * Returns the xmlDsigSubjectName.
- * @return String
- */
- public String getXmlDsigSubjectName() {
- return xmlDsigSubjectName;
- }
-
- /**
- * Sets the certificateCheckCode.
- * @param certificateCheckCode The certificateCheckCode to set
- */
- public void setCertificateCheckCode(int certificateCheckCode) {
- this.certificateCheckCode = certificateCheckCode;
- }
-
- /**
- * Sets the signatureCheckCode.
- * @param signatureCheckCode The signatureCheckCode to set
- */
- public void setSignatureCheckCode(int signatureCheckCode) {
- this.signatureCheckCode = signatureCheckCode;
- }
-
- /**
- * Sets the xmlDSIGManifestCheckCode.
- * @param xmlDSIGManifestCheckCode The xmlDSIGManifestCheckCode to set
- */
- public void setXmlDSIGManifestCheckCode(int xmlDSIGManifestCheckCode) {
- this.xmlDSIGManifestCheckCode = xmlDSIGManifestCheckCode;
- }
-
- /**
- * Sets the xmlDsigSubjectName.
- * @param xmlDsigSubjectName The xmlDsigSubjectName to set
- */
- public void setXmlDsigSubjectName(String xmlDsigSubjectName) {
- this.xmlDsigSubjectName = xmlDsigSubjectName;
- }
-
- /**
- * Returns the publicAuthorityCode.
- * @return int
- */
- public String getPublicAuthorityCode() {
- return publicAuthorityCode;
- }
-
- /**
- * Sets the publicAuthorityCode.
- * @param publicAuthorityCode The publicAuthorityCode to set
- */
- public void setPublicAuthorityCode(String publicAuthorityCode) {
- this.publicAuthorityCode = publicAuthorityCode;
- }
-
- /**
- * Returns the qualifiedCertificate.
- * @return boolean
- */
- public boolean isQualifiedCertificate() {
- return qualifiedCertificate;
- }
-
- /**
- * Returns the x509certificate.
- * @return X509Certificate
- */
- public X509Certificate getX509certificate() {
- return x509certificate;
- }
-
- /**
- * Sets the qualifiedCertificate.
- * @param qualifiedCertificate The qualifiedCertificate to set
- */
- public void setQualifiedCertificate(boolean qualifiedCertificate) {
- this.qualifiedCertificate = qualifiedCertificate;
- }
-
- /**
- * Sets the x509certificate.
- * @param x509certificate The x509certificate to set
- */
- public void setX509certificate(X509Certificate x509certificate) {
- this.x509certificate = x509certificate;
- }
-
- /**
- * Returns the xmlDSIGManigest.
- * @return boolean
- */
- public boolean isXmlDSIGManigest() {
- return xmlDSIGManigest;
- }
-
- /**
- * Sets the xmlDSIGManigest.
- * @param xmlDSIGManigest The xmlDSIGManigest to set
- */
- public void setXmlDSIGManigest(boolean xmlDSIGManigest) {
- this.xmlDSIGManigest = xmlDSIGManigest;
- }
-
- /**
- * Returns the publicAuthority.
- * @return boolean
- */
- public boolean isPublicAuthority() {
- return publicAuthority;
- }
-
- /**
- * Sets the publicAuthority.
- * @param publicAuthority The publicAuthority to set
- */
- public void setPublicAuthority(boolean publicAuthority) {
- this.publicAuthority = publicAuthority;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationInvoker.java b/id.server/src/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationInvoker.java
deleted file mode 100644
index a18cf7322..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationInvoker.java
+++ /dev/null
@@ -1,92 +0,0 @@
-package at.gv.egovernment.moa.id.auth.invoke;
-
-import java.util.Vector;
-
-import javax.xml.namespace.QName;
-import javax.xml.rpc.Call;
-import javax.xml.rpc.Service;
-import javax.xml.rpc.ServiceFactory;
-
-import org.apache.axis.message.SOAPBodyElement;
-import org.w3c.dom.Document;
-import org.w3c.dom.Element;
-
-import at.gv.egovernment.moa.id.ServiceException;
-import at.gv.egovernment.moa.id.config.ConnectionParameter;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.spss.api.SignatureVerificationService;
-import at.gv.egovernment.moa.spss.api.xmlbind.VerifyXMLSignatureRequestParser;
-import at.gv.egovernment.moa.spss.api.xmlbind.VerifyXMLSignatureResponseBuilder;
-import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest;
-import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse;
-
-/**
- * Invoker of the SignatureVerification web service of MOA-SPSS.- * Either invokes the web service, or calls the corresponding API, depending on configuration data. - * - * @author Stefan Knirsch - * @version $Id$ - */ -public class SignatureVerificationInvoker { - /** This QName Object identifies the SignatureVerification endpoint of the web service */ - private static final QName SERVICE_QNAME = new QName("SignatureVerification"); - - /** - * Method verifyXMLSignature. - * @param request to be sent - * @return Element with the answer - * @throws ServiceException if an error occurs - */ - public Element verifyXMLSignature(Element request) throws ServiceException { - return doCall(SERVICE_QNAME, request); - } - - /** - * Method doCall. - * @param serviceName the name of the service - * @param request the request to be sent - * @return Element the answer - * @throws ServiceException if an error occurs - */ - protected Element doCall(QName serviceName, Element request) throws ServiceException { - ConnectionParameter authConnParam = null; - try { - Service service = ServiceFactory.newInstance().createService(serviceName); - Call call = service.createCall(); - SOAPBodyElement body = new SOAPBodyElement(request); - SOAPBodyElement[] params = new SOAPBodyElement[] { body }; - Vector responses; - SOAPBodyElement response; - - String endPoint; - AuthConfigurationProvider authConfigProvider = AuthConfigurationProvider.getInstance(); - authConnParam = authConfigProvider.getMoaSpConnectionParameter(); - //If the ConnectionParameter do NOT exist, we try to get the api to work.... - if (authConnParam != null) { - endPoint = authConnParam.getUrl(); - call.setTargetEndpointAddress(endPoint); - responses = (Vector) call.invoke(serviceName, params); - response = (SOAPBodyElement) responses.get(0); - return response.getAsDOM(); - } - else { - SignatureVerificationService svs = SignatureVerificationService.getInstance(); - VerifyXMLSignatureRequest vsrequest = new VerifyXMLSignatureRequestParser().parse(request); - - VerifyXMLSignatureResponse vsresponse = svs.verifyXMLSignature(vsrequest); - Document result = new VerifyXMLSignatureResponseBuilder().build(vsresponse); - - Logger.setHierarchy("moa.id.auth"); - return result.getDocumentElement(); - } - } - catch (Exception ex) { - if (authConnParam != null) { - throw new ServiceException("service.00", new Object[] { ex.toString()}, ex); - } else { - throw new ServiceException("service.03", new Object[] { ex.toString()}, ex); - } - } - } -} \ No newline at end of file diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/parser/CreateXMLSignatureResponseParser.java b/id.server/src/at/gv/egovernment/moa/id/auth/parser/CreateXMLSignatureResponseParser.java deleted file mode 100644 index 1079a48de..000000000 --- a/id.server/src/at/gv/egovernment/moa/id/auth/parser/CreateXMLSignatureResponseParser.java +++ /dev/null @@ -1,140 +0,0 @@ -package at.gv.egovernment.moa.id.auth.parser; - -import java.io.ByteArrayInputStream; -import java.io.InputStream; -import java.util.ArrayList; -import java.util.List; - -import org.w3c.dom.Element; -import org.w3c.dom.traversal.NodeIterator; - -import at.gv.egovernment.moa.id.*; -import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse; -import at.gv.egovernment.moa.id.auth.data.SAMLAttribute; -import at.gv.egovernment.moa.util.Constants; -import at.gv.egovernment.moa.util.DOMUtils; -import at.gv.egovernment.moa.util.XPathUtils; - -/** - * Parses an
<InfoboxReadResponse> returned from
- * the security layer
- *
- * @author Stefan Knirsch
- * @version $Id$
- */
-
-public class CreateXMLSignatureResponseParser {
- //
- // XPath namespace prefix shortcuts
- //
- /** Xpath prefix for reaching SecurityLayer 1.0 Namespaces */
- private static final String SL10 = Constants.SL10_PREFIX + ":";
- /** Xpath prefix for reaching SecurityLayer 1.1 Namespaces */
- private static final String SL11 = Constants.SL11_PREFIX + ":";
- /** Xpath prefix for reaching SAML Namespaces */
- private static final String SAML = Constants.SAML_PREFIX + ":";
- /** Xpath prefix for reaching XML-DSIG Namespaces */
- private static final String DSIG = Constants.DSIG_PREFIX + ":";
- /** Xpath expression to the root element */
- private static final String ROOT = "/" + SL11 + "CreateXMLSignatureResponse/";
- /** Xpath expression to the SAML:Assertion element */
- private static final String SAML_ASSERTION_XPATH = ROOT + SAML + "Assertion";
- /** Xpath expression to the SAML:NameIdentifier element */
- private static final String SAML_SUBJECT_NAME_IDENTIFIER_XPATH = SAML_ASSERTION_XPATH + "/" + SAML + "AttributeStatement/" + SAML + "Subject/" + SAML + "NameIdentifier";
- /** Xpath expression to the AttributeStatement element */
- private static final String SAML_ATTRIBUTE_XPATH = SAML_ASSERTION_XPATH + "/" + SAML + "AttributeStatement/" + SAML + "Attribute";
- /** Xpath expression to the AttributeValue element */
- private static final String SAML_ATTRIBUTE_VALUE_XPATH = SAML + "AttributeValue";
-
- /** This is the root element of the XML-Document provided by the Security Layer Card */
- private Element sigResponse;
-
- /**
- * Constructor for CreateXMLSignatureResponseParser.
- * A DOM-representation of the incoming String will be created
- * @param xmlResponse <InfoboxReadResponse> as String
- * @throws AuthenticationException if any authentication error occurs
- * @throws ParseException if an element cannot be parsed
- */
- public CreateXMLSignatureResponseParser(String xmlResponse) throws AuthenticationException, ParseException {
- ErrorResponseParser erp = new ErrorResponseParser(xmlResponse);
- if (erp.getErrorCode() != null) {
- throw new AuthenticationException("auth.08", new Object[] { erp.getErrorCode(), erp.getErrorInfo()});
- }
-
- try {
-
- InputStream s = new ByteArrayInputStream(xmlResponse.getBytes("UTF-8"));
- sigResponse = DOMUtils.parseXmlValidating(s);
- }
- catch (Throwable t) {
- throw new ParseException("parser.01", new Object[] { t.toString()}, t);
- }
- }
-
- /**
- * Constructor for CreateXMLSignatureResponseParser.
- * A DOM-representation of the incoming Inputstream will be created
- * @param xmlResponse <InfoboxReadResponse> as InputStream
- * @throws AuthenticationException if any Authentication error occurs
- * @throws ParseException if an element cannot be parsed
- */
- public CreateXMLSignatureResponseParser(InputStream is) throws AuthenticationException, ParseException {
-
- ErrorResponseParser erp = new ErrorResponseParser(is);
- if (erp.getErrorCode() != null) {
- throw new AuthenticationException("auth.08", new Object[] { erp.getErrorCode(), erp.getErrorInfo()});
- }
-
- try {
-
- sigResponse = DOMUtils.parseXmlValidating(is);
- }
- catch (Throwable t) {
- throw new ParseException("parser.01", new Object[] { t.toString()}, t);
- }
- }
-
- /**
- * Constructor for CreateXMLSignatureResponseParser.
- * The incoming Element will be used for further operations
- * @param xmlResponse <InfoboxReadResponse> as InputStream
- */
- public CreateXMLSignatureResponseParser(Element xmlResponse) {
- sigResponse = xmlResponse;
-
- }
-
- /**
- * Parses the identity link from <InfoboxReadResponse>
- * @return Identity link
- * @throws ParseException
- */
-
- public CreateXMLSignatureResponse parseResponse() throws ParseException {
- CreateXMLSignatureResponse cResp;
- try {
-
- cResp = new CreateXMLSignatureResponse();
- cResp.setSamlNameIdentifier(XPathUtils.getElementValue(sigResponse, SAML_SUBJECT_NAME_IDENTIFIER_XPATH, null));
- cResp.setSamlAssertion((Element) XPathUtils.selectSingleNode(sigResponse, SAML_ASSERTION_XPATH));
- NodeIterator attrIter = XPathUtils.selectNodeIterator(sigResponse, SAML_ATTRIBUTE_XPATH);
- Element samlAttr;
- List samlAttributes = new ArrayList();
- while ((samlAttr = (Element) attrIter.nextNode()) != null) {
- String attrName = XPathUtils.getAttributeValue(samlAttr, "@AttributeName", "");
- String attrNamespace = XPathUtils.getAttributeValue(samlAttr, "@AttributeNamespace", "");
- String attrValue = XPathUtils.getElementValue(samlAttr, SAML_ATTRIBUTE_VALUE_XPATH, "");
- samlAttributes.add(new SAMLAttribute(attrName, attrNamespace, attrValue));
- }
- SAMLAttribute[] result = new SAMLAttribute[samlAttributes.size()];
- samlAttributes.toArray(result);
- cResp.setSamlAttributes(result);
- }
- catch (Throwable t) {
- throw new ParseException("parser.01", new Object[] { t.toString()}, t);
- }
- return cResp;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/parser/ECDSAKeyValueConverter.java b/id.server/src/at/gv/egovernment/moa/id/auth/parser/ECDSAKeyValueConverter.java
deleted file mode 100644
index c28cfac76..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/parser/ECDSAKeyValueConverter.java
+++ /dev/null
@@ -1,350 +0,0 @@
-package at.gv.egovernment.moa.id.auth.parser;
-
-import iaik.security.ecc.ecdsa.ECDSAParameter;
-import iaik.security.ecc.ecdsa.ECPublicKey;
-import iaik.security.ecc.math.ecgroup.ECGroupFactory;
-import iaik.security.ecc.math.ecgroup.ECPoint;
-import iaik.security.ecc.math.ecgroup.EllipticCurve;
-import iaik.security.ecc.math.ecgroup.ProjectiveCoordinate;
-import iaik.security.ecc.math.field.Field;
-import iaik.security.ecc.math.field.FieldElement;
-import iaik.security.ecc.math.field.FieldFactory;
-import iaik.security.ecc.math.field.Value;
-import iaik.security.ecc.parameter.ECCParameterFactory;
-import iaik.security.ecc.spec.ECCParameterSpec;
-import java.math.BigInteger;
-import java.security.PublicKey;
-import java.util.HashMap;
-import java.util.Iterator;
-import java.util.Vector;
-import java.net.URL;
-import org.w3c.dom.Attr;
-import org.w3c.dom.Element;
-import org.w3c.dom.NamedNodeMap;
-import org.w3c.dom.Node;
-import org.w3c.dom.NodeList;
-
-import at.gv.egovernment.moa.util.Constants;
-
-/**
- * @author Stefan Knirsch
- * @version $Id$
- *
- */
-public class ECDSAKeyValueConverter
-{
- /** Namespaces */
- public static final String NAMESPACE_XSI = "http://www.w3.org/2001/XMLSchema-instance";
-
- /**
- * Method element2ECDSAPublicKey.
- * @param keyValueElem a DomElement containing an ECDSA Public Key
- * @return PublicKey a java.security.publicKey - object
- * @throws Exception on any error
- */
-
- public static PublicKey element2ECDSAPublicKey(Element keyValueElem) throws Exception
- {
- String ecdsaNS = Constants.ECDSA_NS_URI;
- // Domain parameters
- Element domainParams = getChildElement(keyValueElem, ecdsaNS, "DomainParameters", 1);
- if (domainParams == null) throw new Exception("Domain parameters must not be implicit.");
- Element namedCurve = getChildElement(domainParams, ecdsaNS, "NamedCurve", 1);
- ECCParameterSpec eccParameterSpec;
- if (namedCurve != null)
- {
- URL curveNameURN = new URL(namedCurve.getAttributeNS(null, "URN"));
- ECCParameterFactory eccParamFactory = ECCParameterFactory.getInstance();
- eccParameterSpec = eccParamFactory.getParameterByOID(curveNameURN.getPath().substring(4));
- }
- else
- {
- Element excplicitParams = getChildElement(domainParams, ecdsaNS, "ExplicitParams", 1);
- Element fieldParams = getChildElement(excplicitParams, ecdsaNS, "FieldParams", 1);
- Element curveParams = getChildElement(excplicitParams, ecdsaNS, "CurveParams", 1);
- Element basePointParams = getChildElement(excplicitParams, ecdsaNS, "BasePointParams", 1);
-
- // Field parameters
- String fieldParamsTypeStr = fieldParams.getAttributeNS(NAMESPACE_XSI, "type");
- String ecdsaNSPrefix = getECDSANSPrefix(fieldParams);
- BigInteger p = null;
- int fieldParamsType = 0;
- final int FIELD_TYPE_PRIME = 1;
- final int FIELD_TYPE_TNB = 2;
- final int FIELD_TYPE_PNB = 3;
- int m = -1, k = -1, k1 = -1, k2 = -1, k3 = -1;
- if (fieldParamsTypeStr.equals(ecdsaNSPrefix + ":PrimeFieldParamsType"))
- {
- fieldParamsType = FIELD_TYPE_PRIME;
- String pStr = getChildElementText(fieldParams, ecdsaNS, "P", 1);
- p = new BigInteger(pStr, 10);
- }
- else if (fieldParamsTypeStr.equals(ecdsaNSPrefix + ":TnBFieldParamsType"))
- {
- fieldParamsType = FIELD_TYPE_TNB;
- String mStr = getChildElementText(fieldParams, ecdsaNS, "M", 1);
- m = Integer.parseInt(mStr);
- String kStr = getChildElementText(fieldParams, ecdsaNS, "K", 1);
- k = Integer.parseInt(kStr);
- }
- else if (fieldParamsTypeStr.equals(ecdsaNSPrefix + ":PnBFieldParamsType"))
- {
- fieldParamsType = FIELD_TYPE_PNB;
- String mStr = getChildElementText(fieldParams, ecdsaNS, "M", 1);
- m = Integer.parseInt(mStr);
- String k1Str = getChildElementText(fieldParams, ecdsaNS, "K1", 1);
- k1 = Integer.parseInt(k1Str);
- String k2Str = getChildElementText(fieldParams, ecdsaNS, "K2", 1);
- k2 = Integer.parseInt(k2Str);
- String k3Str = getChildElementText(fieldParams, ecdsaNS, "K3", 1);
- k3 = Integer.parseInt(k3Str);
- }
- else throw new Exception("Unknown field parameters.");
-
- // Curve parameters
- Element aElem = getChildElement(curveParams, ecdsaNS, "A", 1);
- String aStr = aElem.getAttributeNS(null, "Value");
- Element bElem = getChildElement(curveParams, ecdsaNS, "B", 1);
- String bStr = bElem.getAttributeNS(null, "Value");
- String seedStr = getChildElementText(curveParams, ecdsaNS, "Seed", 1);
- BigInteger seed = (seedStr != null) ? new BigInteger(seedStr, 10) : null;
-
- // Base point parameters
- Element basePoint = getChildElement(basePointParams, ecdsaNS, "BasePoint", 1);
- Element basePointXElem = getChildElement(basePoint, ecdsaNS, "X", 1);
- String basePointXStr = basePointXElem.getAttributeNS(null, "Value");
- Element basePointYElem = getChildElement(basePoint, ecdsaNS, "Y", 1);
- String basePointYStr = basePointYElem.getAttributeNS(null, "Value");
- String orderStr = getChildElementText(basePointParams, ecdsaNS, "Order", 1);
- BigInteger order = new BigInteger(orderStr, 10);
- String cofactorStr = getChildElementText(basePointParams, ecdsaNS, "Cofactor", 1);
- BigInteger cofactor = (cofactorStr != null) ? new BigInteger(cofactorStr, 10) : null;
-
- if (fieldParamsType == FIELD_TYPE_PRIME)
- {
- BigInteger a = new BigInteger(aStr, 10);
- BigInteger b = new BigInteger(bStr, 10);
- BigInteger basePointX = new BigInteger(basePointXStr, 10);
- BigInteger basePointY = new BigInteger(basePointYStr, 10);
- eccParameterSpec = new ECCParameterSpec(p, cofactor, order, seed, null, a, b, basePointX,
- basePointY, null);
- }
- else
- {
- int[] irreducible = new int[m/32 + ((m % 32 != 0) ? 1 : 0)];
- if (fieldParamsType == FIELD_TYPE_TNB)
- {
- irreducible[m/32] = 1 << m % 32;
- irreducible[k/32] += 1 << k % 32;
- irreducible[0] += 1;
- }
- else
- {
- irreducible[m/32] = 1 << m % 32;
- irreducible[k3/32] += 1 << k3 % 32;
- irreducible[k2/32] += 1 << k2 % 32;
- irreducible[k1/32] += 1 << k1 % 32;
- irreducible[0] += 1;
- }
- eccParameterSpec = new ECCParameterSpec(irreducible, cofactor, order, octetString2IntArray(aStr),
- octetString2IntArray(bStr), octetString2IntArray(basePointXStr),
- octetString2IntArray(basePointYStr), null);
- }
- }
-
- // Public key
- Element publicKeyElem = getChildElement(keyValueElem, ecdsaNS, "PublicKey", 1);
- Element publicKeyXElem = getChildElement(publicKeyElem, ecdsaNS, "X", 1);
- String publicKeyXStr = publicKeyXElem.getAttributeNS(null, "Value");
- Element publicKeyYElem = getChildElement(publicKeyElem, ecdsaNS, "Y", 1);
- String publicKeyYStr = publicKeyYElem.getAttributeNS(null, "Value");
-
- ECDSAParameter ecdsaParams = new ECDSAParameter(eccParameterSpec, false);
- ECGroupFactory ecGroupFactory = ECGroupFactory.getInstance();
- EllipticCurve eCurve = ecGroupFactory.getCurveWithProjective(eccParameterSpec.getA(),
- eccParameterSpec.getB(), eccParameterSpec.getR());
- Field field = eCurve.getField();
-
- // Detect type of public key field elements
- String elementType = publicKeyXElem.getAttributeNS(NAMESPACE_XSI, "type");
- String elementTypeLocalName = elementType.substring(elementType.indexOf(':') + 1);
- int FIELD_TYPE_PRIME = 1, FIELD_TYPE_CHAR_TWO = 2;
- int fieldElemType = ("PrimeFieldElemType".equals(elementTypeLocalName))
- ? FIELD_TYPE_PRIME
- : FIELD_TYPE_CHAR_TWO;
-
- FieldElement publicKeyPointX, publicKeyPointY;
- if (fieldElemType == FIELD_TYPE_PRIME)
- {
- Value xValue = FieldFactory.getInstance().getPrimeFieldValue(new BigInteger(publicKeyXStr, 10));
- publicKeyPointX = field.newElement(xValue);
- Value yValue = FieldFactory.getInstance().getPrimeFieldValue(new BigInteger(publicKeyYStr, 10));
- publicKeyPointY = field.newElement(yValue);
- }
- else
- {
- publicKeyPointX = field.newElement(octetString2ByteArray(publicKeyXStr));
- publicKeyPointY = field.newElement(octetString2ByteArray(publicKeyYStr));
- }
- ProjectiveCoordinate publicKeyPointCoordinate = new ProjectiveCoordinate(publicKeyPointX,
- publicKeyPointY, field.getONEelement());
- ECPoint publicKeyPoint = eCurve.newPoint(publicKeyPointCoordinate);
- ECPublicKey publicKey = new ECPublicKey(ecdsaParams, publicKeyPoint);
-
- return publicKey;
- }
-
- /**
- * Method getECDSANSPrefix.
- * @param element to get the prefix
- * @return String the prefix
- */
- private static String getECDSANSPrefix(Element element)
- {
- // FIXXME: Review this function (GK, 11.06.2002) - should return a list of strings, since more than
- // one NS prefix can be bound to the ECDSA namespace
-
- HashMap inScopeNSAttrs = getInScopeNSAttrs(element);
- Iterator inScopeNSAttrsIt = inScopeNSAttrs.keySet().iterator();
- while (inScopeNSAttrsIt.hasNext())
- {
- Attr currentAttr = (Attr)inScopeNSAttrs.get(inScopeNSAttrsIt.next());
- if (Constants.ECDSA_NS_URI.equals(currentAttr.getValue()))
- {
- return ("xmlns".equals(currentAttr.getNodeName())) ? "" : currentAttr.getNodeName().substring(6);
- }
- }
- return null;
- }
-
- /**
- * Method octetString2IntArray.
- * Converts an octet string representation into an int array as needed for the IAIK ECC library
- * @param octetString rightmost byte is least significant byte
- * @return int[] rightmost byte is LEAST significant byte
- */
- private static int[] octetString2IntArray(String octetString)
- {
- int byteCount = octetString.length()/2;
- int[] intArray = new int[byteCount/4 + ((byteCount % 4 != 0) ? 1 : 0)];
- for (int i = 0; i < byteCount; i++)
- {
- int oSStartPos = octetString.length() - (i + 1) * 2;
- int currentByte = Integer.parseInt(octetString.substring(oSStartPos, oSStartPos + 2), 16);
- intArray[i/4] += (currentByte & 0xFF) << ((i % 4) * 8);
- }
- return intArray;
- }
-
- /**
- * Converts an octet string representation into a byte array as needed for the IAIK ECC library
- * @param octetString rightmost byte is least significant byte
- * @return byte[] rightmost byte is MOST significant byte
- */
- private static byte[] octetString2ByteArray(String octetString)
- {
- int byteCount = octetString.length()/2;
- byte[] byteArray = new byte[byteCount];
- for (int i = 0; i < byteCount; i++)
- {
- int oSStartPos = octetString.length() - (i + 1) * 2;
- byteArray[byteCount - i - 1] = (byte) Integer.parseInt(octetString.substring(
- oSStartPos, oSStartPos + 2), 16);
- }
- return byteArray;
- }
-
- /**
- * Method evenStringLength.
- * @param hexString
- * @return String
- */
-
- private static String evenStringLength(String hexString)
- {
- return (hexString.length() % 2 != 0) ? "0" + hexString : hexString;
- }
-
- /**
- * Method getChildElement.
- * @param parent
- * @param namespace
- * @param localName
- * @param instance
- * @return Element
- */
-
- private static Element getChildElement(Element parent, String namespace, String localName,
- int instance)
- {
- NodeList namedElements = parent.getElementsByTagNameNS(namespace, localName);
- if (namedElements.getLength() < instance) return null;
- return (Element)namedElements.item(instance - 1);
- }
-
- /**
- * Method getChildElementText.
- * @param parent Element
- * @param namespace String
- * @param localName String
- * @param instance int
- * @return String
- */
-
- private static String getChildElementText(Element parent, String namespace, String localName,
- int instance)
- {
- Element child = getChildElement(parent, namespace, localName, instance);
- if (child == null) return null;
- NodeList childNodes = child.getChildNodes();
- int nodeCount = 0;
- while (nodeCount < childNodes.getLength())
- {
- Node currentNode = childNodes.item(nodeCount);
- if (currentNode.getNodeType() == Node.TEXT_NODE) return currentNode.getNodeValue();
- nodeCount++;
- }
- return null;
- }
-
- /**
- * Method getInScopeNSAttrs.
- * @param element element
- * @return HashMap
- */
- public static HashMap getInScopeNSAttrs(Element element)
- {
- // Get all ancestors of element
- Vector ancestors = new Vector();
- ancestors.add(element);
- Node currentAncestor = element;
- while ((currentAncestor = currentAncestor.getParentNode()) != null &&
- currentAncestor.getNodeType() == Node.ELEMENT_NODE)
- {
- ancestors.add(currentAncestor);
- }
-
- // Scan all ancestors for NS attributes
- HashMap inScopeNSAttrs = new HashMap();
- for (int i = ancestors.size() - 1; i >= 0; i--)
- {
- Element currentAncestorElem = (Element)ancestors.get(i);
- NamedNodeMap attrs = currentAncestorElem.getAttributes();
- for (int j = 0; j < attrs.getLength(); j++)
- {
- Attr currentAttr = (Attr)attrs.item(j);
- String currentAttrName = currentAttr.getNodeName();
- if ("xmlns".equals(currentAttrName) || currentAttrName.startsWith("xmlns:"))
- {
- inScopeNSAttrs.put(currentAttrName, currentAttr);
- }
- }
- }
-
- // Check if default NS attribute is in list; if value is empty remove it from list
- Attr defaultNSAttr = (Attr)inScopeNSAttrs.get("xmlns");
- if (defaultNSAttr != null && "".equals(defaultNSAttr.getValue())) inScopeNSAttrs.remove("xmlns");
-
- return inScopeNSAttrs;
- }
-}
\ No newline at end of file
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/parser/ErrorResponseParser.java b/id.server/src/at/gv/egovernment/moa/id/auth/parser/ErrorResponseParser.java
deleted file mode 100644
index 4fbc58977..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/parser/ErrorResponseParser.java
+++ /dev/null
@@ -1,89 +0,0 @@
-package at.gv.egovernment.moa.id.auth.parser;
-
-import java.io.ByteArrayInputStream;
-import java.io.InputStream;
-
-import org.w3c.dom.Element;
-
-import at.gv.egovernment.moa.id.ParseException;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.XPathUtils;
-
-/**
- * Parses an <InfoboxReadResponse>.
- *
- * @author Stefan Knirsch
- * @version $Id$
- */
-
-public class ErrorResponseParser {
- //
- // XPath namespace prefix shortcuts
- //
- /** Xpath prefix for reaching SecurityLayer 1.0 Namespaces */
- private static final String SL10 = Constants.SL10_PREFIX + ":";
- /** Xpath expression to the root element */
- private static final String ROOT = "/" + SL10 + "ErrorResponse/";
- /** Xpath expression to the ErrorCode element */
- private static final String ERROR_CODE_XPATH =
- ROOT + SL10 + "ErrorCode";
- /** Xpath expression to the Info element */
- private static final String ERROR_INFO_XPATH =
- ROOT + SL10 + "Info";
-
-
- /** This is the root element of the XML-Document provided by the Security Layer Card */
- private Element errorElement;
-
- /**
- * Constructor for InfoboxReadResponseParser.
- * A DOM-representation of the incoming String will be created
- * @param xmlResponse <InfoboxReadResponse> as String
- * @throws ParseException on any error
- */
- public ErrorResponseParser(String xmlResponse) throws ParseException {
- try {
- InputStream s = new ByteArrayInputStream(xmlResponse.getBytes("UTF-8"));
- errorElement = DOMUtils.parseXmlValidating(s);
- }
- catch (Throwable t) {
- throw new ParseException("parser.01", new Object[] { t.toString()}, t);
- }
- }
-
- /**
- * Constructor for InfoboxReadResponseParser.
- * A DOM-representation of the incoming Inputstream will be created
- * @param xmlResponse <InfoboxReadResponse> as InputStream
- * @throws ParseException on any error
- */
- public ErrorResponseParser(InputStream xmlResponse) throws ParseException {
- try {
- errorElement = DOMUtils.parseXmlValidating(xmlResponse);
- }
- catch (Throwable t) {
- throw new ParseException("parser.01", new Object[] { t.toString() }, t);
- }
- }
-
- /**
- * Method getErrorCode. returns the error code
- * @return String
- */
- public String getErrorCode() {
-
- return XPathUtils.getElementValue(errorElement,ERROR_CODE_XPATH,null);
- }
-
- /**
- * Method getErrorInfo: returns the information about the error
- * @return String
- */
- public String getErrorInfo() {
-
- return XPathUtils.getElementValue(errorElement,ERROR_INFO_XPATH,null);
- }
-
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParser.java b/id.server/src/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParser.java
deleted file mode 100644
index 49baf1bf5..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParser.java
+++ /dev/null
@@ -1,277 +0,0 @@
-package at.gv.egovernment.moa.id.auth.parser;
-
-import java.security.interfaces.RSAPublicKey;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.math.BigInteger;
-import java.security.PublicKey;
-import java.util.ArrayList;
-import java.util.List;
-
-import org.w3c.dom.Element;
-import org.w3c.dom.traversal.NodeIterator;
-
-import at.gv.egovernment.moa.id.*;
-import at.gv.egovernment.moa.id.auth.data.IdentityLink;
-import at.gv.egovernment.moa.util.Base64Utils;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.XPathUtils;
-
-/**
- * Parses an identity link <saml:Assertion>
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class IdentityLinkAssertionParser {
-
- //
- // XPath namespace prefix shortcuts
- //
-
- /** Xpath prefix for reaching PersonData Namespaces */
- private static final String PDATA = Constants.PD_PREFIX + ":";
- /** Xpath prefix for reaching SecurityLayer 1.0 Namespaces */
- private static final String SL10 = Constants.SL10_PREFIX + ":";
- /** Xpath prefix for reaching SAML Namespaces */
- private static final String SAML = Constants.SAML_PREFIX + ":";
- /** Xpath prefix for reaching XML-DSIG Namespaces */
- private static final String DSIG = Constants.DSIG_PREFIX + ":";
- /** Xpath prefix for reaching ECDS Namespaces */
- private static final String ECDSA = Constants.ECDSA_PREFIX + ":";
- /** Xpath expression to the root element */
- private static final String ROOT = "/" + SAML + "Assertion/";
- /** Xpath expression to the SAMLSubjectConfirmationData element */
- private static final String SAML_SUBJECT_CONFIRMATION_DATA_XPATH =
- ROOT
- + SAML
- + "AttributeStatement/"
- + SAML
- + "Subject/"
- + SAML
- + "SubjectConfirmation/"
- + SAML
- + "SubjectConfirmationData";
- /** Xpath expression to the PersonData element */
- private static final String PERSON_XPATH =
- SAML_SUBJECT_CONFIRMATION_DATA_XPATH
- + "/"
- + PDATA
- + "Person";
- /** Xpath expression to the PersonData GivenName element */
- private static final String PERSON_GIVEN_NAME_XPATH =
- PERSON_XPATH
- + "/"
- + PDATA
- + "Name/"
- + PDATA
- + "GivenName";
- /** Xpath expression to the PersonData FamilyName element */
- private static final String PERSON_FAMILY_NAME_XPATH =
- PERSON_XPATH
- + "/"
- + PDATA
- + "Name/"
- + PDATA
- + "FamilyName";
- /** Xpath expression to the PersonData DateOfBirth element */
- private static final String PERSON_DATE_OF_BIRTH_XPATH =
- PERSON_XPATH
- + "/"
- + PDATA
- + "DateOfBirth";
- /** Xpath expression to the Identification element */
- private static final String PERSON_IDENT_XPATH =
- PERSON_XPATH
- + "/"
- + PDATA
- + "Identification";
-
- /** Xpath expression to the Identification Value element */
- private static final String PERSON_IDENT_VALUE_XPATH =
- PERSON_XPATH
- + "/"
- + PDATA
- + "Identification/"
- + PDATA
- + "Value";
-
- /** Xpath expression to the Identification Value element */
- private static final String PERSON_IDENT_TYPE_XPATH =
- PERSON_XPATH
- + "/"
- + PDATA
- + "Identification/"
- + PDATA
- + "Type";
-
- /** Xpath expression to the RSAKeyValue element */
- private static final String RSA_KEY_VALUE_XPATH =
- ROOT
- + SAML
- + "AttributeStatement/"
- + SAML
- + "Attribute/"
- + SAML
- + "AttributeValue/"
- + DSIG
- + "RSAKeyValue";
- /** Xpath expression to the RSA Modulus element */
- private static final String RSA_KEY_MODULUS_XPATH = DSIG + "Modulus";
- /** Xpath expression to the RSA Exponent element */
- private static final String RSA_KEY_EXPONENT_XPATH = DSIG + "Exponent";
- /** Xpath expression to the DSIG X509Certificate element */
- private static final String DSIG_CERTIFICATES_XPATH =
- ROOT
- + DSIG
- + "Signature/"
- + DSIG
- + "KeyInfo/"
- + DSIG
- + "X509Data/"
- + DSIG
- + "X509Certificate";
- /** Xpath expression to the DSIG Transforms element */
- private static final String DSIG_REFERENCE_TRANSFORMATION_XPATH =
- ROOT
- + DSIG
- + "Signature/"
- + DSIG
- + "SignedInfo/"
- + DSIG
- + "Reference/"
- + DSIG
- + "Transforms";
-
- /**This is the root element of the XML-Document provided by the Security Layer Card*/
- private Element assertionElem;
-
- /**
- * Constructor for IdentityLinkAssertionParser.
- * A DOM-representation of the incoming String will be created
- * @param xmlAssertion <saml:Assertion> as String
- * @throws ParseException on any parsing error
- */
- public IdentityLinkAssertionParser(String xmlAssertion) throws ParseException {
- try {
- InputStream s = new ByteArrayInputStream(xmlAssertion.getBytes("UTF-8"));
- assertionElem = DOMUtils.parseXmlValidating(s);
- }
- catch (Throwable t) {
- throw new ParseException("parser.01", new Object[] { t.toString()}, t);
- }
- }
-
- /**
- * Constructor for IdentityLinkAssertionParser.
- * A DOM-representation of the incoming Inputstream will be created
- * @param xmlAssertion <saml:Assertion> as InputStream
- * @throws ParseException on any parsing error
- */
- public IdentityLinkAssertionParser(InputStream xmlAssertion) throws Exception {
- try {
- assertionElem = DOMUtils.parseXmlValidating(xmlAssertion);
- }
- catch (Throwable t) {
- throw new ParseException("parser.01", new Object[] { t.toString() }, t);
- }
- }
-
- /**
- * Parses the identity link from the <saml:Assertion>
- * @return Identity link
- * @throws ParseException on any parsing error
- */
-
- public IdentityLink parseIdentityLink() throws ParseException {
- IdentityLink identityLink;
- try {
- identityLink = new IdentityLink();
- identityLink.setSamlAssertion(assertionElem);
- identityLink.setPrPerson((Element)
- XPathUtils.selectSingleNode(assertionElem, PERSON_XPATH));
- identityLink.setIdentificationValue(
- XPathUtils.getElementValue(assertionElem, PERSON_IDENT_VALUE_XPATH, ""));
- identityLink.setIdentificationType(
- XPathUtils.getElementValue(assertionElem, PERSON_IDENT_TYPE_XPATH, ""));
- identityLink.setGivenName(
- XPathUtils.getElementValue(assertionElem, PERSON_GIVEN_NAME_XPATH, ""));
- identityLink.setFamilyName(
- XPathUtils.getElementValue(assertionElem, PERSON_FAMILY_NAME_XPATH, ""));
- identityLink.setDateOfBirth(
- XPathUtils.getElementValue(assertionElem, PERSON_DATE_OF_BIRTH_XPATH, ""));
- NodeIterator dsigRefTransforms =
- XPathUtils.selectNodeIterator(assertionElem, DSIG_REFERENCE_TRANSFORMATION_XPATH);
- List transElems = new ArrayList();
- Element transformsElem;
- while ((transformsElem = (Element) dsigRefTransforms.nextNode()) != null) {
- transElems.add(transformsElem);
- }
- Element[] result = new Element[transElems.size()];
- transElems.toArray(result);
- identityLink.setDsigReferenceTransforms(result);
-
- identityLink.setPublicKey(getPublicKeys());
-
- }
- catch (Throwable t) {
- throw new ParseException("parser.01", new Object[] { t.toString() }, t);
- }
-
- return identityLink;
- }
-
- /**
- * Parses an array of Public Keys from the <InfoboxReadResponse>
- * @return RSAPublicKey[]
- * @throws IOException can occur when decoding the base64 values of the modulus and exponent
- */
- public PublicKey[] getPublicKeys() throws IOException{
-
-
- List pubKeys = new ArrayList();
- //Try to get RSA-Keys
- NodeIterator rsaIter =
- XPathUtils.selectNodeIterator(assertionElem, RSA_KEY_VALUE_XPATH);
- Element rsaElem;
- while ((rsaElem = (Element) rsaIter.nextNode()) != null) {
- String modulus =
- XPathUtils.getElementValue(rsaElem, RSA_KEY_MODULUS_XPATH, "");
- String exponent =
- XPathUtils.getElementValue(rsaElem, RSA_KEY_EXPONENT_XPATH, "");
-
- RSAPublicKey resPub =
- new iaik.security.rsa.RSAPublicKey(
- new BigInteger(1, Base64Utils.decode(modulus, true)),
- new BigInteger(1, Base64Utils.decode(exponent, true)));
- pubKeys.add(resPub);}
-
- PublicKey[] result = new PublicKey[pubKeys.size()];
-
- pubKeys.toArray(result);
- return result;
-
- }
- /**
- * Parses a string array of decoded base64 certificates from
- * the <InfoboxReadResponse> found in the dsig-signature
- * @return String[] with raw-certificates from the dsig-signature keyinfo
- * @throws Exception
- */
- public String[] getCertificates() throws Exception {
- List certs = new ArrayList();
- NodeIterator rsaIter =
- XPathUtils.selectNodeIterator(assertionElem, DSIG_CERTIFICATES_XPATH);
- Element certElem;
- while ((certElem = (Element) rsaIter.nextNode()) != null) {
- String content = DOMUtils.getText(certElem);
- certs.add(new String(Base64Utils.decode(content, true)));
- }
- String[] result = new String[certs.size()];
- certs.toArray(result);
- return result;
-
- }
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParser.java b/id.server/src/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParser.java
deleted file mode 100644
index 012a5b559..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParser.java
+++ /dev/null
@@ -1,109 +0,0 @@
-package at.gv.egovernment.moa.id.auth.parser;
-
-import java.io.ByteArrayInputStream;
-import java.io.InputStream;
-import org.w3c.dom.Element;
-
-import at.gv.egovernment.moa.id.AuthenticationException;
-import at.gv.egovernment.moa.id.ParseException;
-import at.gv.egovernment.moa.id.auth.data.IdentityLink;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.XPathUtils;
-
-/**
- * Parses an <InfoboxReadResponse>.
- *
- * @author Stefan Knirsch
- * @version $Id$
- */
-
-public class InfoboxReadResponseParser {
- //
- // XPath namespace prefix shortcuts
- //
- /** Xpath prefix for reaching SecurityLayer 1.0 Namespaces */
- private static final String SL10 = Constants.SL10_PREFIX + ":";
- /** Xpath prefix for reaching SAML Namespaces */
- private static final String SAML = Constants.SAML_PREFIX + ":";
- /** Xpath expression to the root element */
- private static final String ROOT = "/" + SL10 + "InfoboxReadResponse/";
- /** Xpath expression to the SAML:Assertion element */
- private static final String SAML_ASSERTION_XPATH = ROOT + SL10 + "BinaryFileData/" + SL10 + "XMLContent/" + SAML + "Assertion";
-
- /** This is the root element of the XML-Document provided by the Security Layer Card*/
- private Element infoBoxElem;
-
- /**
- * Constructor for InfoboxReadResponseParser.
- * A DOM-representation of the incoming String will be created
- * @param xmlResponse <InfoboxReadResponse> as String
- * @throws ParseException on any parsing error
- */
- public InfoboxReadResponseParser(String xmlResponse) throws ParseException, AuthenticationException {
-
- ErrorResponseParser erp = new ErrorResponseParser(xmlResponse);
- if (erp.getErrorCode() != null) {
- throw new AuthenticationException("auth.08", new Object[] { erp.getErrorCode(), erp.getErrorInfo()});
- }
-
- try {
-
- InputStream s = new ByteArrayInputStream(xmlResponse.getBytes("UTF-8"));
- infoBoxElem = DOMUtils.parseXmlValidating(s);
- }
- catch (Throwable t) {
- throw new ParseException("parser.01", new Object[] { t.toString()}, t);
- }
- }
-
- /**
- * Constructor for InfoboxReadResponseParser.
- * A DOM-representation of the incoming Inputstream will be created
- * @param xmlResponse <InfoboxReadResponse> as InputStream
- * @throws ParseException on any parsing error
- */
- public InfoboxReadResponseParser(InputStream is) throws ParseException, AuthenticationException {
-
- ErrorResponseParser erp = new ErrorResponseParser(is);
- if (erp.getErrorCode() != null) {
- throw new AuthenticationException("auth.08", new Object[] { erp.getErrorCode(), erp.getErrorInfo()});
- }
-
- try {
-
- infoBoxElem = DOMUtils.parseXmlValidating(is);
- }
- catch (Throwable t) {
- throw new ParseException("parser.01", new Object[] { t.toString()}, t);
- }
- }
-
- /**
- * Parses the embedded <saml:Assertion> element from <InfoboxReadResponse>
- * @return <saml:Assertion> as String
- * @throws ParseException on any parsing error
- */
- public String parseSAMLAssertion() throws ParseException {
- try {
- Element samlAssertion = (Element) XPathUtils.selectSingleNode(infoBoxElem, SAML_ASSERTION_XPATH);
- return DOMUtils.serializeNode(samlAssertion);
- }
- catch (Throwable t) {
- throw new ParseException("parser.01", new Object[] { t.toString()}, t);
- }
- }
-
- /**
- * Parses the identity link from the <saml:Assertion>
- * @return Identity link
- * @throws ParseException on any parsing error
- */
-
- public IdentityLink parseIdentityLink() throws ParseException {
- String samlAssertionString = parseSAMLAssertion();
- IdentityLinkAssertionParser ilParser = new IdentityLinkAssertionParser(samlAssertionString);
- return ilParser.parseIdentityLink();
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParser.java b/id.server/src/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParser.java
deleted file mode 100644
index 7c4c01abe..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParser.java
+++ /dev/null
@@ -1,58 +0,0 @@
-package at.gv.egovernment.moa.id.auth.parser;
-
-import java.io.IOException;
-
-import at.gv.egovernment.moa.id.ParseException;
-import at.gv.egovernment.moa.util.Base64Utils;
-
-/**
- * Parser for a SAML artifact.
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class SAMLArtifactParser {
- /** byte array containing the SamlArtifact bytes */
- private byte[] samlArtifactBytes;
-
- /**
- * Constructor
- * @param samlArtifact as String
- * @throws ParseException on any parsing error
- */
- public SAMLArtifactParser(String samlArtifact) throws ParseException {
- try {
- samlArtifactBytes = Base64Utils.decode(samlArtifact, false);
- }
- catch (IOException ex) {
- throw new ParseException("parser.02", new Object[] {ex.toString()}, ex);
- }
- }
- /**
- * Parses the type code.
- * @return type code
- * @throws ParseException when SAML artifact is invalid
- */
- public byte[] parseTypeCode() throws ParseException {
- try {
- byte[] typeCode = new byte[] {samlArtifactBytes[0], samlArtifactBytes[1]};
- return typeCode;
- }
- catch (Throwable ex) {
- throw new ParseException("parser.02", new Object[] {ex.toString()}, ex);
- }
- }
- /**
- * Parses the assertion handle.
- * @return assertion handle
- * @throws ParseException when SAML artifact is invalid
- */
- public String parseAssertionHandle() throws ParseException {
- try {
- return new String(samlArtifactBytes, 22, 20);
- }
- catch (Throwable ex) {
- throw new ParseException("parser.02", new Object[] {ex.toString()}, ex);
- }
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java b/id.server/src/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java
deleted file mode 100644
index e628cb997..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java
+++ /dev/null
@@ -1,157 +0,0 @@
-package at.gv.egovernment.moa.id.auth.parser;
-
-import iaik.utils.Base64InputStream;
-import iaik.x509.X509Certificate;
-import java.io.ByteArrayInputStream;
-import java.io.InputStream;
-
-import org.w3c.dom.Element;
-
-import at.gv.egovernment.moa.id.*;
-import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.XPathUtils;
-
-/**
- * Parses a <VerifyXMLSignatureResponse> returned by
- * MOA-SPSS.
- * This class implements the Singleton pattern
- *
- * @author Stefan Knirsch
- * @version $Id$
- */
-
-
-public class VerifyXMLSignatureResponseParser {
- //
- // XPath namespace prefix shortcuts
- //
- /** Xpath prefix for reaching MOA Namespaces */
- private static final String MOA = Constants.MOA_PREFIX + ":";
- /** Xpath prefix for reaching DSIG Namespaces */
- private static final String DSIG = Constants.DSIG_PREFIX + ":";
- /** Xpath prefix for reaching SecurityLayer 1.1 Namespaces */
- private static final String SL11 = Constants.SL11_PREFIX + ":";
- /** Xpath expression to the root element */
- private static final String ROOT = "/" + MOA + "VerifyXMLSignatureResponse/";
-
- /** Xpath expression to the X509SubjectName element */
- private static final String DSIG_SUBJECT_NAME_XPATH =
- ROOT + MOA + "SignerInfo/" + DSIG + "X509Data/" +
- DSIG + "X509SubjectName";
- /** Xpath expression to the X509Certificate element */
- private static final String DSIG_X509_CERTIFICATE_XPATH =
- ROOT + MOA + "SignerInfo/" + DSIG + "X509Data/" +
- DSIG + "X509Certificate";
- /** Xpath expression to the PublicAuthority element */
- private static final String PUBLIC_AUTHORITY_XPATH =
- ROOT + MOA + "SignerInfo/" + DSIG + "X509Data/" +
- MOA + "PublicAuthority";
- /** Xpath expression to the PublicAuthorityCode element */
- private static final String PUBLIC_AUTHORITY_CODE_XPATH =
- PUBLIC_AUTHORITY_XPATH + "/" + MOA + "Code";
- /** Xpath expression to the QualifiedCertificate element */
- private static final String QUALIFIED_CERTIFICATE_XPATH =
- ROOT + MOA + "SignerInfo/" + DSIG + "X509Data/" +
- SL11 + "QualifiedCertificate";
-
- /** Xpath expression to the SignatureCheckCode element */
- private static final String SIGNATURE_CHECK_CODE_XPATH =
- ROOT + MOA + "SignatureCheck/" + MOA + "Code";
- /** Xpath expression to the XMLDSIGManifestCheckCode element */
- private static final String XMLDSIG_MANIFEST_CHECK_CODE_XPATH =
- ROOT + MOA + "XMLDSIGManifestCheck/" + MOA + "Code";
- /** Xpath expression to the CertificateCheckCode element */
- private static final String CERTIFICATE_CHECK_CODE_XPATH =
- ROOT + MOA + "CertificateCheck/" + MOA + "Code";
-
-
- /** This is the root element of the XML-Document provided by the Security Layer Card*/
- private Element verifyXMLSignatureResponse;
-
- /**
- * Constructor for VerifyXMLSignatureResponseParser.
- * A DOM-representation of the incoming String will be created
- * @param xmlResponse <InfoboxReadResponse> as String
- * @throws ParseException on any parsing error
- */
- public VerifyXMLSignatureResponseParser(String xmlResponse) throws ParseException{
- try {
- InputStream s = new ByteArrayInputStream(xmlResponse.getBytes("UTF-8"));
-
- verifyXMLSignatureResponse = DOMUtils.parseXmlValidating(s);
- }
- catch (Throwable t) {
- throw new ParseException("parser.01", new Object[] { t.toString() }, t);
- }
- }
-
- /**
- * Constructor for VerifyXMLSignatureResponseParser.
- * A DOM-representation of the incoming Inputstream will be created
- * @param xmlResponse <InfoboxReadResponse> as InputStream
- * @throws Exception on any parsing error
- */
- public VerifyXMLSignatureResponseParser(InputStream xmlResponse) throws Exception
- {
- try {
- verifyXMLSignatureResponse = DOMUtils.parseXmlValidating(xmlResponse);
- }
- catch (Throwable t) {
- throw new ParseException("parser.01", null, t);
- }
- }
-
- /**
- * Constructor for VerifyXMLSignatureResponseParser.
- * The incoming Element will be used for further operations
- * @param xmlResponse <InfoboxReadResponse> as Element
- */
- public VerifyXMLSignatureResponseParser(Element xmlResponse)
- {
- verifyXMLSignatureResponse =xmlResponse;
-
- }
-
- /**
- * Parse identity link from <InfoboxReadResponse>
- * @return Identity link
- * @throws ParseException on any parsing error
- */
-
- public VerifyXMLSignatureResponse parseData() throws ParseException {
- VerifyXMLSignatureResponse respData=new VerifyXMLSignatureResponse();
-
- try {
- respData.setXmlDsigSubjectName(XPathUtils.getElementValue(verifyXMLSignatureResponse,DSIG_SUBJECT_NAME_XPATH,""));
- Element e = (Element)XPathUtils.selectSingleNode(verifyXMLSignatureResponse,QUALIFIED_CERTIFICATE_XPATH);
- respData.setQualifiedCertificate(e!=null);
-
- Base64InputStream in = new Base64InputStream(new ByteArrayInputStream(XPathUtils.getElementValue(
- verifyXMLSignatureResponse,DSIG_X509_CERTIFICATE_XPATH,"").getBytes("UTF-8")),true);
-
- respData.setX509certificate(new X509Certificate(in));
- Element publicAuthority = (Element)XPathUtils.selectSingleNode(verifyXMLSignatureResponse,PUBLIC_AUTHORITY_CODE_XPATH);
- respData.setPublicAuthority(publicAuthority != null);
- respData.setPublicAuthorityCode(XPathUtils.getElementValue(verifyXMLSignatureResponse,PUBLIC_AUTHORITY_CODE_XPATH,""));
- respData.setSignatureCheckCode(new Integer(XPathUtils.getElementValue(verifyXMLSignatureResponse,SIGNATURE_CHECK_CODE_XPATH,"")).intValue());
-
- String xmlDsigCheckCode = XPathUtils.getElementValue(verifyXMLSignatureResponse,XMLDSIG_MANIFEST_CHECK_CODE_XPATH,null);
- if (xmlDsigCheckCode!=null)
- {
- respData.setXmlDSIGManigest(true);
- respData.setXmlDSIGManifestCheckCode(new Integer(xmlDsigCheckCode).intValue());
- }
- else
- respData.setXmlDSIGManigest(false);
- respData.setCertificateCheckCode(new Integer(XPathUtils.getElementValue(verifyXMLSignatureResponse,CERTIFICATE_CHECK_CODE_XPATH,"")).intValue());
- }
- catch (Throwable t) {
- throw new ParseException("parser.01", null, t);
- }
- return respData;
- }
-
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java b/id.server/src/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java
deleted file mode 100644
index 95878007e..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java
+++ /dev/null
@@ -1,156 +0,0 @@
-package at.gv.egovernment.moa.id.auth.servlet;
-
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.util.Enumeration;
-import java.util.HashMap;
-import java.util.Map;
-
-import javax.servlet.RequestDispatcher;
-import javax.servlet.ServletConfig;
-import javax.servlet.ServletContext;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServlet;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
-import at.gv.egovernment.moa.id.auth.WrongParametersException;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.URLDecoder;
-
-/**
- * Base class for MOA-ID Auth Servlets, providing standard error handling
- * and constant names.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class AuthServlet extends HttpServlet implements MOAIDAuthConstants {
-
-
- /**
- * Handles an error. - *
-
- *
- Logs the error - *
- Places error message and exception thrown into the request
- * as request attributes (to be used by
"/errorpage-auth.jsp")
- * - Sets HTTP status 500 (internal server error) - *
WrongParametersException.
- * @param req servlet request
- * @param resp servlet response
- */
- protected void handleWrongParameters(WrongParametersException ex, HttpServletRequest req, HttpServletResponse resp) {
- Logger.error(ex.toString());
- req.setAttribute("WrongParameters", ex.getMessage());
-
- // forward this to errorpage-auth.jsp where the HTML error page is generated
- ServletContext context = getServletContext();
- RequestDispatcher dispatcher = context.getRequestDispatcher("/errorpage-auth.jsp");
- try {
- dispatcher.forward(req, resp);
- } catch (ServletException e) {
- Logger.error(e);
- } catch (IOException e) {
- Logger.error(e);
- }
- }
-
- /**
- * Logs all servlet parameters for debugging purposes.
- */
- protected void logParameters(HttpServletRequest req) {
- for (Enumeration enum = req.getParameterNames(); enum.hasMoreElements(); ) {
- String parname = (String)enum.nextElement();
- Logger.debug("Parameter " + parname + req.getParameter(parname));
- }
- }
- /**
- * Parses the request input stream for parameters,
- * assuming parameters are encoded UTF-8.
- * @param req servlet request
- * @return mapping parameter name -> value
- */
- protected Map getParameters(HttpServletRequest req) throws IOException {
- Map parameters = new HashMap();
- InputStream in = req.getInputStream();
- String paramName;
- String paramValueURLEncoded;
- do {
- paramName = new String(readBytesUpTo(in, '='));
- if (paramName.length() > 0) {
- paramValueURLEncoded = readBytesUpTo(in, '&');
- String paramValue = URLDecoder.decode(paramValueURLEncoded, "UTF-8");
- parameters.put(paramName, paramValue);
- }
- }
- while (paramName.length() > 0);
- in.close();
-
- return parameters;
- }
- /**
- * Reads bytes up to a delimiter, consuming the delimiter.
- * @param in input stream
- * @param delimiter delimiter character
- * @return String constructed from the read bytes
- * @throws IOException
- */
- protected String readBytesUpTo(InputStream in, char delimiter) throws IOException {
- ByteArrayOutputStream bout = new ByteArrayOutputStream();
- boolean done = false;
- int b;
- while (! done && (b = in.read()) >= 0) {
- if (b == delimiter)
- done = true;
- else
- bout.write(b);
- }
- return bout.toString();
- }
-
- /**
- * Calls the web application initializer.
- *
- * @see javax.servlet.Servlet#init(ServletConfig)
- */
- public void init(ServletConfig servletConfig) throws ServletException {
- super.init(servletConfig);
- }
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/servlet/ConfigurationServlet.java b/id.server/src/at/gv/egovernment/moa/id/auth/servlet/ConfigurationServlet.java
deleted file mode 100644
index f33377547..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/servlet/ConfigurationServlet.java
+++ /dev/null
@@ -1,75 +0,0 @@
-package at.gv.egovernment.moa.id.auth.servlet;
-
-import java.io.IOException;
-import java.text.DateFormat;
-import java.util.Date;
-import java.util.Locale;
-
-import javax.servlet.ServletConfig;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServlet;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import at.gv.egovernment.moa.id.auth.MOAIDAuthInitializer;
-import at.gv.egovernment.moa.id.util.HTTPRequestJSPForwarder;
-import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
-import at.gv.egovernment.moa.logging.Logger;
-
-/**
- * Servlet requested for updating the MOA-ID Auth configuration from configuration file
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class ConfigurationServlet extends HttpServlet {
-
- /**
- * Handle a HTTP GET request, used to indicated that the MOA
- * configuration needs to be updated (reloaded).
- *
- * @see javax.servlet.http.HttpServlet#doGet(HttpServletRequest, HttpServletResponse)
- */
- public void doGet(HttpServletRequest request, HttpServletResponse response)
- throws ServletException, IOException {
-
- MOAIDMessageProvider msg = MOAIDMessageProvider.getInstance();
-
- try {
- MOAIDAuthInitializer.initialized=false;
- MOAIDAuthInitializer.initialize();
- String message = msg.getMessage("config.00", new Object[]
- { DateFormat.getTimeInstance(DateFormat.MEDIUM, Locale.GERMAN).format(new Date())} );
-
- Logger.info(message);
- HTTPRequestJSPForwarder.forwardNamed(message, "/message-auth.jsp", getServletContext(), request, response);
-
- } catch (Throwable t) {
- String errorMessage = msg.getMessage("config.04", null);
- Logger.error(errorMessage, t);
- HTTPRequestJSPForwarder.forwardNamed(errorMessage, "/message-auth.jsp", getServletContext(), request, response);
- }
- }
-
- /**
- * Do the same as doGet.
- *
- * @see javax.servlet.http.HttpServlet#doPost(HttpServletRequest, HttpServletResponse)
- */
- public void doPost(HttpServletRequest request, HttpServletResponse response)
- throws ServletException, IOException {
- doGet(request, response);
- }
-
- /**
- * Calls the web application initializer.
- *
- * @see javax.servlet.Servlet#init(ServletConfig)
- */
- public void init(ServletConfig servletConfig) throws ServletException {
- super.init(servletConfig);
- }
-
-}
-
-
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/servlet/GetAuthenticationDataService.java b/id.server/src/at/gv/egovernment/moa/id/auth/servlet/GetAuthenticationDataService.java
deleted file mode 100644
index c41b514c8..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/servlet/GetAuthenticationDataService.java
+++ /dev/null
@@ -1,135 +0,0 @@
-package at.gv.egovernment.moa.id.auth.servlet;
-
-import java.util.Calendar;
-
-import org.apache.axis.AxisFault;
-import org.w3c.dom.Element;
-
-import org.w3c.dom.NodeList;
-
-import at.gv.egovernment.moa.id.AuthenticationException;
-import at.gv.egovernment.moa.id.MOAIDException;
-import at.gv.egovernment.moa.id.auth.AuthenticationServer;
-import at.gv.egovernment.moa.id.auth.builder.SAMLResponseBuilder;
-import at.gv.egovernment.moa.id.data.AuthenticationData;
-import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
-import at.gv.egovernment.moa.id.util.Random;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.DateTimeUtils;
-import at.gv.egovernment.moa.util.XPathUtils;
-
-/**
- * Web service for picking up authentication data created in the MOA-ID Auth component.
- *
- * @author Paul Ivancsics
- * @version $Id$
- * @see at.gv.egovernment.moa.id.auth.AuthenticationServer#getAuthenticationData
- */
-public class GetAuthenticationDataService implements Constants {
-
- /**
- * Constructor for GetAuthenticationDataService.
- */
- public GetAuthenticationDataService() {
- super();
- }
-
- /**
- * Takes a lt;samlp:Request> containing a
- * SAML artifact and returns the corresponding
- * authentication data lt;saml:Assertion>
- * (obtained from the AuthenticationServer),
- * enclosed in a lt;samlp:Response>.
- * Bad requests are mapped into various
lt;samlp:StatusCode>s,
- * possibly containing enclosed sub-lt;samlp:StatusCode>s.
- * The status codes are defined in the SAML specification.
- *
- * @param requests request elements of type lt;samlp:Request>;
- * only 1 request element is allowed
- * @return response element of type lt;samlp:Response>,
- * packed into an Element[]
- * @throws AxisFault thrown when an error occurs in assembling the
- * lt;samlp:Response>
- */
- public Element[] Request(Element[] requests)
- throws AxisFault {
-
- Element request = requests[0];
- Element[] responses = new Element[1];
- String requestID = "";
- String statusCode = "";
- String subStatusCode = null;
- String statusMessageCode = null;
- String statusMessage = null;
- String samlAssertion = "";
- if (requests.length > 1) {
- // more than 1 request given as parameter
- statusCode = "samlp:Requester";
- subStatusCode = "samlp:TooManyResponses";
- statusMessageCode = "1201";
- }
- else {
- try {
- DOMUtils.validateElement(request, ALL_SCHEMA_LOCATIONS, null);
- NodeList samlArtifactList = XPathUtils.selectNodeList(request, "samlp:AssertionArtifact");
- if (samlArtifactList.getLength() == 0) {
- // no SAML artifact given in request
- statusCode = "samlp:Requester";
- statusMessageCode = "1202";
- }
- else if (samlArtifactList.getLength() > 1) {
- // too many SAML artifacts given in request
- statusCode = "samlp:Requester";
- subStatusCode = "samlp:TooManyResponses";
- statusMessageCode = "1203";
- }
- else {
- Element samlArtifactElem = (Element)samlArtifactList.item(0);
- requestID = samlArtifactElem.getAttribute("RequestID");
- String samlArtifact = DOMUtils.getText(samlArtifactElem);
- try {
- AuthenticationData authData = AuthenticationServer.getInstance().
- getAuthenticationData(samlArtifact);
- // success
- samlAssertion = authData.getSamlAssertion();
- statusCode = "samlp:Success";
- statusMessageCode = "1200";
- }
- catch (AuthenticationException ex) {
- // no authentication data for given SAML artifact
- statusCode = "samlp:Requester";
- subStatusCode = "samlp:ResourceNotRecognized";
- statusMessage = ex.toString();
- }
- }
- }
- catch (Throwable t) {
- // invalid request format
- statusCode = "samlp:Requester";
- statusMessageCode = "1204";
- }
- }
- try {
- String responseID = Random.nextRandom();
- String issueInstant = DateTimeUtils.buildDateTime(Calendar.getInstance());
- if (statusMessage == null)
- statusMessage = MOAIDMessageProvider.getInstance().getMessage(statusMessageCode, null);
- responses[0] = new SAMLResponseBuilder().build(
- responseID, requestID, issueInstant, statusCode, subStatusCode, statusMessage, samlAssertion);
- }
- catch (MOAIDException e) {
- AxisFault fault = AxisFault.makeFault(e);
- fault.setFaultDetail(new Element[] { e.toErrorResponse()});
- throw fault;
- }
- catch (Throwable t) {
- MOAIDException e = new MOAIDException("1299", null, t);
- AxisFault fault = AxisFault.makeFault(e);
- fault.setFaultDetail(new Element[] { e.toErrorResponse()});
- throw fault;
- }
- return responses;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/servlet/SelectBKUServlet.java b/id.server/src/at/gv/egovernment/moa/id/auth/servlet/SelectBKUServlet.java
deleted file mode 100644
index 50d3225d2..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/servlet/SelectBKUServlet.java
+++ /dev/null
@@ -1,100 +0,0 @@
-package at.gv.egovernment.moa.id.auth.servlet;
-
-import java.io.IOException;
-import java.io.OutputStreamWriter;
-import java.io.Writer;
-
-import javax.servlet.ServletConfig;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import at.gv.egovernment.moa.id.auth.AuthenticationServer;
-import at.gv.egovernment.moa.id.auth.MOAIDAuthInitializer;
-import at.gv.egovernment.moa.id.auth.WrongParametersException;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
-import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
-import at.gv.egovernment.moa.logging.Logger;
-
-/**
- * Servlet requested for selecting a BKU.
- * In case of {@link AuthConfigurationProvider#getBKUSelectionType}==HTMLComplete, - * the browser is redirected to the configured "BKU-Auswahl-URL". - *
In case of {@link AuthConfigurationProvider#getBKUSelectionType}==HTMLSelect, - * the list of available BKU's is fetched from a BKU-Auswahl server, and presented - * to the user in an HTML form. - * - * @author Paul Ivancsics - * @version $Id$ - */ -public class SelectBKUServlet extends AuthServlet { - - /** - * Calls the web application initializer. - * - * @see javax.servlet.Servlet#init(ServletConfig) - */ - public void init(ServletConfig servletConfig) throws ServletException { - try { - super.init(servletConfig); - MOAIDAuthInitializer.initialize(); - Logger.debug("default platform file.encoding: " + System.getProperty("file.encoding")); - Logger.info(MOAIDMessageProvider.getInstance().getMessage("init.00", null)); - } - catch (Exception ex) { - Logger.fatal(MOAIDMessageProvider.getInstance().getMessage("init.02", null), ex); - throw new ServletException(ex); - } - } - - /** - * Responds with an HTML form which requests the user to choose a BKU. - */ - protected void doGet(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { - - Logger.debug("GET SelectBKU"); - String authURL = - req.getScheme() + "://" + - req.getServerName() + ":" + - req.getServerPort() + - req.getContextPath() + "/"; - String target = req.getParameter(PARAM_TARGET); - String oaURL = req.getParameter(PARAM_OA); - String bkuSelectionTemplateURL = req.getParameter(PARAM_BKUTEMPLATE); - String templateURL = req.getParameter(PARAM_TEMPLATE); - resp.setHeader(HEADER_EXPIRES,HEADER_VALUE_EXPIRES); - resp.setHeader(HEADER_PRAGMA,HEADER_VALUE_PRAGMA); - resp.setHeader(HEADER_CACHE_CONTROL,HEADER_VALUE_CACHE_CONTROL); - resp.addHeader(HEADER_CACHE_CONTROL,HEADER_VALUE_CACHE_CONTROL_IE); - - try { - String returnValue = AuthenticationServer.getInstance().selectBKU( - authURL, target, oaURL, bkuSelectionTemplateURL, templateURL); - String bkuSelectionType = AuthConfigurationProvider.getInstance().getBKUSelectionType(); - if (bkuSelectionType.equals(AuthConfigurationProvider.BKU_SELECTION_TYPE_HTMLCOMPLETE)) { - // bkuSelectionType==HTMLComplete - String redirectURL = returnValue; - resp.setContentType("text/html"); - resp.sendRedirect(redirectURL); - Logger.info("REDIRECT TO: " + redirectURL); - } - else { - // bkuSelectionType==HTMLSelect - String htmlForm = returnValue; - resp.setContentType("text/html;charset=UTF-8"); - Logger.debug("HTML-Form: " + htmlForm); - Writer out = new OutputStreamWriter(resp.getOutputStream(), "UTF8"); - out.write(htmlForm); - out.flush(); - Logger.debug("Finished GET SelectBKU"); - } - } - catch (WrongParametersException ex) { - handleWrongParameters(ex, req, resp); - } - catch (Throwable ex) { - handleError(null, ex, req, resp); - } - } -} diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/servlet/StartAuthenticationServlet.java b/id.server/src/at/gv/egovernment/moa/id/auth/servlet/StartAuthenticationServlet.java deleted file mode 100644 index 6098f5138..000000000 --- a/id.server/src/at/gv/egovernment/moa/id/auth/servlet/StartAuthenticationServlet.java +++ /dev/null @@ -1,103 +0,0 @@ -package at.gv.egovernment.moa.id.auth.servlet; - -import java.io.IOException; -import java.io.PrintWriter; - -import javax.servlet.ServletConfig; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import at.gv.egovernment.moa.id.MOAIDException; -import at.gv.egovernment.moa.id.auth.AuthenticationServer; -import at.gv.egovernment.moa.id.auth.MOAIDAuthInitializer; -import at.gv.egovernment.moa.id.auth.WrongParametersException; -import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; -import at.gv.egovernment.moa.logging.Logger; - -/** - * Servlet requested for starting a MOA ID authentication session. - * Utilizes the {@link AuthenticationServer}. - * - * @author Paul Ivancsics - * @version $Id$ - * @see AuthenticationServer#startAuthentication - */ -public class StartAuthenticationServlet extends AuthServlet { - - /** - * Responds with an HTML form which upon submit requests the identity link - * from the security layer implementation. - *
- * Response: - *
-
- *
- Content type:
"text/html"
- * - Content: see return value of {@link AuthenticationServer#startAuthentication} - *
- Error status:
500- *
- * Request parameters: - *
-
- *
- MOASessionID: ID of associated authentication session - *
- XMLResponse:
<CreateXMLSignatureResponse>
- *
-
- *
- Status:
302
- * - Header
"Location": URL of the online application requested, with - * parameters"Target"and"SAMLArtifact"added
- * - Error status:
500- *
CreateXMLSignatureRequest.
- * - * Request parameters: - *
-
- *
- MOASessionID: ID of associated authentication session - *
- XMLResponse:
<InfoboxReadResponse>
- *
-
- *
- Content type:
"text/xml"
- * - Content: see return value of {@link AuthenticationServer#verifyIdentityLink} - *
- Error status:
500- *
null, if none has been created. */
- private static CreateXMLSignatureResponseValidator instance;
-
- /**
- * Constructor for a singleton CreateXMLSignatureResponseValidator.
- * @return an instance of CreateXMLSignatureResponseValidator
- * @throws ValidateException if no instance can be created
- */
- public static synchronized CreateXMLSignatureResponseValidator getInstance()
- throws ValidateException {
- if (instance == null) {
- instance = new CreateXMLSignatureResponseValidator();
- }
- return instance;
- }
-
-
- /**
- * The Method validate is used for validating an explicit {@link CreateXMLSignatureResponse}
- * @param createXMLSignatureResponse
- * @param gbTarget
- * @param oaURL
- * @throws ValidateException
- */
- public void validate(CreateXMLSignatureResponse createXMLSignatureResponse, String gbTarget, String oaURL)
- throws ValidateException {
-
- // A3.056: more then one /saml:Assertion/saml:AttributeStatement/saml:Subject/saml:NameIdentifier
-
-
- XPathUtils.selectNodeList(createXMLSignatureResponse.getSamlAssertion(),SAML_SUBJECT_NAME_IDENTIFIER_XPATH);
-
- SAMLAttribute[] samlattributes = createXMLSignatureResponse.getSamlAttributes();
-
- boolean foundOA = false;
- boolean foundGB = false;
- for (int i = 0; i < samlattributes.length; i++)
- {
- if (samlattributes[i].getName().equals("Geschaeftsbereich"))
- if (samlattributes[i].getNamespace().equals("http://reference.e-government.gv.at/namespace/moa/20020822#"))
-
- {
- foundGB = true;
- if (!gbTarget.equals(samlattributes[i].getValue()))
- {
- throw new ValidateException("validator.13", null);
- }
- }
- else throw new ValidateException("validator.12", null);
- if (samlattributes[i].getName().equals("OA"))
- if (samlattributes[i].getNamespace().equals("http://reference.e-government.gv.at/namespace/moa/20020822#"))
- {
- foundOA = true;
- if (!oaURL.equals(samlattributes[i].getValue())) // CHECKS für die AttributeVALUES fehlen noch
- {
- throw new ValidateException("validator.16", new Object[] {":gefunden wurde '" + oaURL + "', erwartet wurde '" + samlattributes[i].getValue()});
- }
-
- }
- else throw new ValidateException("validator.15", null);
- }
- if (!foundOA) throw new ValidateException("validator.14", null);
- if (!foundGB) throw new ValidateException("validator.11", null);
-
- //Check if dsig:Signature exists
- Element dsigSignature = (Element) XPathUtils.selectSingleNode(createXMLSignatureResponse.getSamlAssertion(),DSIG + "Signature");
- if (dsigSignature==null) throw new ValidateException("validator.05", null);
-
-
- }
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/validator/IdentityLinkValidator.java b/id.server/src/at/gv/egovernment/moa/id/auth/validator/IdentityLinkValidator.java
deleted file mode 100644
index 4c584f745..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/validator/IdentityLinkValidator.java
+++ /dev/null
@@ -1,157 +0,0 @@
-package at.gv.egovernment.moa.id.auth.validator;
-
-import org.w3c.dom.Element;
-import org.w3c.dom.NodeList;
-
-import at.gv.egovernment.moa.id.auth.data.IdentityLink;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.XPathUtils;
-
-/**
- *
- * This class is used to validate an {@link IdentityLink}
- * returned by the security layer
- *
- * @author Stefan Knirsch
- * @version $Id$
- */
-public class IdentityLinkValidator implements Constants {
-
- //
- // XPath namespace prefix shortcuts
- //
- /** Xpath prefix for reaching PersonData Namespaces */
- private static final String PDATA = PD_PREFIX + ":";
- /** Xpath prefix for reaching SAML Namespaces */
- private static final String SAML = SAML_PREFIX + ":";
- /** Xpath prefix for reaching XML-DSIG Namespaces */
- private static final String DSIG = DSIG_PREFIX + ":";
- /** Xpath prefix for reaching ECDSA Namespaces */
- private static final String ECDSA = ECDSA_PREFIX + ":";
- /** Xpath expression to the root element */
- private static final String ROOT = "/" + SAML + "Assertion/";
- /** Xpath expression to the SAML:SubjectConfirmationData element */
- private static final String SAML_SUBJECT_CONFIRMATION_DATA_XPATH =
- ROOT
- + SAML
- + "AttributeStatement/"
- + SAML
- + "Subject/"
- + SAML
- + "SubjectConfirmation/"
- + SAML
- + "SubjectConfirmationData";
-/** Xpath expression to the PersonData:Person element */
- private static final String PERSON_XPATH =
- SAML_SUBJECT_CONFIRMATION_DATA_XPATH + "/" + PDATA + "Person";
- /** Xpath expression to the SAML:Attribute element */
- private static final String ATTRIBUTE_XPATH =
- ROOT + SAML + "AttributeStatement/" + SAML + "Attribute";
- /** Xpath expression to the SAML:AttributeName attribute */
- private static final String ATTRIBUTE_NAME_XPATH =
- ROOT + SAML + "AttributeStatement/" + SAML + "Attribute/@AttributeName";
- /** Xpath expression to the SAML:AttributeNamespace attribute */
- private static final String ATTRIBUTE_NAMESPACE_XPATH =
- ROOT
- + SAML
- + "AttributeStatement/"
- + SAML
- + "Attribute/@AttributeNamespace";
- /** Xpath expression to the SAML:AttributeValue element */
- private static final String ATTRIBUTE_VALUE_XPATH =
- ROOT
- + SAML
- + "AttributeStatement/"
- + SAML
- + "Attribute/"
- + SAML
- + "AttributeValue";
-
- /** Singleton instance. null, if none has been created. */
- private static IdentityLinkValidator instance;
-
- /**
- * Constructor for a singleton IdentityLinkValidator.
- * @return a new IdentityLinkValidator instance
- * @throws ValidateException if no instance can be created
- */
- public static synchronized IdentityLinkValidator getInstance()
- throws ValidateException {
- if (instance == null) {
- instance = new IdentityLinkValidator();
- }
- return instance;
- }
-
- /**
- * Method validate. Validates the {@link IdentityLink}
- * @param identityLink The identityLink to validate
- * @throws ValidateException on any validation error
- */
- public void validate(IdentityLink identityLink) throws ValidateException {
-
- //Search the SAML:ASSERTION Object (A2.054)
- if (identityLink.getSamlAssertion() == null)
- throw new ValidateException("validator.00", null);
-
- // Check how many saml:Assertion/saml:AttributeStatement/
- // saml:Subject/ saml:SubjectConfirmation/
- // saml:SubjectConfirmationData/pr:Person of type
- // PhysicalPersonType exist (A2.056)
- NodeList nl =
- XPathUtils.selectNodeList(identityLink.getSamlAssertion(), PERSON_XPATH);
- // If we have just one Person-Element we don't need to check the attributes
- int counterPhysicalPersonType = 0;
- if (nl.getLength() > 1)
- for (int i = 0; i < nl.getLength(); i++) {
- String xsiType =
- ((Element) nl.item(i))
- .getAttributeNodeNS(
- "http://www.w3.org/2001/XMLSchema-instance",
- "type")
- .getNodeValue();
- // We have to check if xsiType contains "PhysicalPersonType"
- // An equal-check will fail because of the Namespace-prefix of the attribute value
- if (xsiType.indexOf("PhysicalPersonType") > -1)
- counterPhysicalPersonType++;
- }
- if (counterPhysicalPersonType > 1)
- throw new ValidateException("validator.01", null);
-
- //Check the SAML:ATTRIBUTES
- nl = XPathUtils.selectNodeList(identityLink.getSamlAssertion(), ATTRIBUTE_XPATH);
- for (int i = 0; i < nl.getLength(); i++) {
- String attributeName =
- XPathUtils.getAttributeValue(
- (Element) nl.item(i),
- "@AttributeName",
- null);
- String attributeNS =
- XPathUtils.getAttributeValue(
- (Element) nl.item(i),
- "@AttributeNamespace",
- null);
- if (attributeName.equals("CitizenPublicKey")) {
- if (attributeNS.equals("http://www.buergerkarte.at/namespaces/personenbindung/20020506#") ||
- attributeNS.equals("urn:publicid:gv.at:namespaces:identitylink:1.2")) {
- Element attributeValue =
- (Element) XPathUtils.selectSingleNode((Element) nl.item(i),SAML + "AttributeValue/" + DSIG + "RSAKeyValue");
- if (attributeValue==null)
- attributeValue =
- (Element) XPathUtils.selectSingleNode((Element)nl.item(i), SAML + "AttributeValue/" + ECDSA + "ECDSAKeyValue");
- if (attributeValue == null)
- throw new ValidateException("validator.02", null);
- }
- else
- throw new ValidateException("validator.03", new Object [] {attributeNS} );
- }
- else
- throw new ValidateException("validator.04", new Object [] {attributeName} );
- }
-
- //Check if dsig:Signature exists
- Element dsigSignature = (Element) XPathUtils.selectSingleNode(identityLink.getSamlAssertion(),ROOT + DSIG + "Signature");
- if (dsigSignature==null) throw new ValidateException("validator.05", null);
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/validator/ValidateException.java b/id.server/src/at/gv/egovernment/moa/id/auth/validator/ValidateException.java
deleted file mode 100644
index a6685fca8..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/validator/ValidateException.java
+++ /dev/null
@@ -1,35 +0,0 @@
-package at.gv.egovernment.moa.id.auth.validator;
-
-import at.gv.egovernment.moa.id.MOAIDException;
-
-/**
- * Exception thrown while validating an incoming XML structure
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class ValidateException extends MOAIDException {
-
- /**
- * Constructor for ValidateException.
- * @param messageId
- * @param parameters
- */
- public ValidateException(String messageId, Object[] parameters) {
- super(messageId, parameters);
- }
-
- /**
- * Constructor for ValidateException.
- * @param messageId
- * @param parameters
- * @param wrapped
- */
- public ValidateException(
- String messageId,
- Object[] parameters,
- Throwable wrapped) {
- super(messageId, parameters, wrapped);
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java b/id.server/src/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java
deleted file mode 100644
index c4c22fd02..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java
+++ /dev/null
@@ -1,139 +0,0 @@
-package at.gv.egovernment.moa.id.auth.validator;
-
-import java.security.PublicKey;
-import java.security.interfaces.RSAPublicKey;
-
-import iaik.asn1.structures.Name;
-import iaik.utils.RFC2253NameParserException;
-import iaik.x509.X509Certificate;
-
-import at.gv.egovernment.moa.id.auth.data.IdentityLink;
-import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse;
-import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
-
-/**
- * This class is used to validate an {@link VerifyXMLSignatureResponse}
- * returned by MOA-SPSS
- *
- * @author Stefan Knirsch
- * @version $Id$
- */
-public class VerifyXMLSignatureResponseValidator {
-
- /** Identification string for checking identity link */
- public static final String CHECK_IDENTITY_LINK = "IdentityLink";
- /** Identification string for checking authentication block */
- public static final String CHECK_AUTH_BLOCK = "AuthBlock";
-
- /** Singleton instance. null, if none has been created. */
- private static VerifyXMLSignatureResponseValidator instance;
-
- /**
- * Constructor for a singleton VerifyXMLSignatureResponseValidator.
- */
- public static synchronized VerifyXMLSignatureResponseValidator getInstance()
- throws ValidateException {
- if (instance == null) {
- instance = new VerifyXMLSignatureResponseValidator();
- }
- return instance;
- }
-
- /**
- * Validates a {@link VerifyXMLSignatureResponse} returned by MOA-SPSS.
- *
- * @param verifyXMLSignatureResponse the <VerifyXMLSignatureResponse>
- * @param identityLinkSignersSubjectDNNames subject names configured
- * @param whatToCheck is used to identify whether the identityLink or the Auth-Block is validated
- * @throws ValidateException on any validation error
- */
- public void validate(
- VerifyXMLSignatureResponse verifyXMLSignatureResponse,
- String[] identityLinkSignersSubjectDNNames, String whatToCheck)
- throws ValidateException {
-
- if (verifyXMLSignatureResponse.getSignatureCheckCode() != 0)
- throw new ValidateException("validator.06", null);
-
- if (verifyXMLSignatureResponse.getCertificateCheckCode() != 0) {
- String checkFailedReason ="";
- if (verifyXMLSignatureResponse.getCertificateCheckCode() == 1)
- checkFailedReason = MOAIDMessageProvider.getInstance().getMessage("validator.21", null);
- if (verifyXMLSignatureResponse.getCertificateCheckCode() == 2)
- checkFailedReason = MOAIDMessageProvider.getInstance().getMessage("validator.22", null);
- if (verifyXMLSignatureResponse.getCertificateCheckCode() == 3)
- checkFailedReason = MOAIDMessageProvider.getInstance().getMessage("validator.23", null);
- if (verifyXMLSignatureResponse.getCertificateCheckCode() == 4)
- checkFailedReason = MOAIDMessageProvider.getInstance().getMessage("validator.24", null);
- if (verifyXMLSignatureResponse.getCertificateCheckCode() == 5)
- checkFailedReason = MOAIDMessageProvider.getInstance().getMessage("validator.25", null);
-
- if (whatToCheck.equals(CHECK_IDENTITY_LINK))
- throw new ValidateException("validator.07", new Object[] { checkFailedReason } );
- else
- throw new ValidateException("validator.19", new Object[] { checkFailedReason } );
- }
- if (verifyXMLSignatureResponse.isXmlDSIGManigest())
- if (verifyXMLSignatureResponse.getXmlDSIGManifestCheckCode() != 0)
- throw new ValidateException("validator.08", null);
- //Check whether the returned X509 SubjectName is in the MOA-ID configuration or not
- if (identityLinkSignersSubjectDNNames != null) {
- String subjectDN = "";
- X509Certificate x509Cert = verifyXMLSignatureResponse.getX509certificate();
- try {
- subjectDN = ((Name) x509Cert.getSubjectDN()).getRFC2253String();
- }
- catch (RFC2253NameParserException e) {
- throw new ValidateException("validator.17", null);
- }
- boolean found = false;
- for (int i = 0; i < identityLinkSignersSubjectDNNames.length; i++) {
- if (identityLinkSignersSubjectDNNames[i].equals(subjectDN))
- found = true;
- }
- if (!found)
- throw new ValidateException(
- "validator.18",
- new Object[] { subjectDN });
- }
- }
-
- /**
- * Method validateCertificate.
- * @param vsr is the VerifyXMLSignatureResponse
- * @param idl
- * @throws ValidateException
- */
- public void validateCertificate(
- VerifyXMLSignatureResponse verifyXMLSignatureResponse,
- IdentityLink idl)
- throws ValidateException {
-
- X509Certificate x509Response = verifyXMLSignatureResponse.getX509certificate();
- PublicKey[] pubKeysIdentityLink = (PublicKey[]) idl.getPublicKey();
-
- RSAPublicKey pubKeyResponse = (RSAPublicKey) x509Response.getPublicKey();
-
- boolean found = false;
- for (int i = 0; i < pubKeysIdentityLink.length; i++) {
- if (idl.getPublicKey()[i]
- instanceof java.security.interfaces.RSAPublicKey) {
- /* for (int j = 0;
- j < idl.getPublicKey()[i].getClass().getInterfaces().length;
- j++) {
- if (idl.getPublicKey()[i].getClass().getInterfaces()[j].getName()
- .equals("java.security.interfaces.RSAPublicKey")) {*/
- RSAPublicKey rsakey = (RSAPublicKey) pubKeysIdentityLink[i];
- if (rsakey.getModulus().equals(pubKeyResponse.getModulus())
- && rsakey.getPublicExponent().equals(
- pubKeyResponse.getPublicExponent()))
- found = true;
- }
-
- }
-
- if (!found)
- throw new ValidateException("validator.09", null);
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/config/ConfigurationBuilder.java b/id.server/src/at/gv/egovernment/moa/id/config/ConfigurationBuilder.java
deleted file mode 100644
index 53f763630..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/config/ConfigurationBuilder.java
+++ /dev/null
@@ -1,699 +0,0 @@
-package at.gv.egovernment.moa.id.config;
-
-import iaik.pki.pathvalidation.ChainingModes;
-import iaik.utils.RFC2253NameParser;
-import iaik.utils.RFC2253NameParserException;
-
-import java.io.ByteArrayInputStream;
-import java.math.BigInteger;
-import java.security.Principal;
-import java.util.ArrayList;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-
-import org.w3c.dom.Attr;
-import org.w3c.dom.Element;
-import org.w3c.dom.NodeList;
-import org.w3c.dom.traversal.NodeIterator;
-
-import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
-import at.gv.egovernment.moa.id.config.proxy.OAConfiguration;
-import at.gv.egovernment.moa.id.config.proxy.OAProxyParameter;
-import at.gv.egovernment.moa.id.data.IssuerAndSerial;
-import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.BoolUtils;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.FileUtils;
-import at.gv.egovernment.moa.util.XPathUtils;
-
-/**
- * A class that builds configuration data from a DOM based representation.
- *
- * @author Patrick Peck
- * @author Stefan Knirsch
- * @version $Id$
- */
-public class ConfigurationBuilder {
-
- //
- // XPath namespace prefix shortcuts
- //
- /** an XPATH-Expression */
- private static final String CONF = Constants.MOA_ID_CONFIG_PREFIX + ":";
- /** an XPATH-Expression */
- private static final String DSIG = Constants.DSIG_PREFIX + ":";
-
- //
- // chaining mode constants appearing in the configuration file
- //
- /** an XPATH-Expression */
- private static final String CM_CHAINING = "chaining";
- /** an XPATH-Expression */
- private static final String CM_PKIX = "pkix";
- /** an XPATH-Expression */
- private static final String DEFAULT_ENCODING = "UTF-8";
-
- /**
- * Default online application configuration file name
- * (used when /OnlineApplication/ProxyComponent@configFileURL is null).
- */
- public static final String DEFAULT_OA_CONFIG_FILENAME = "MOAConfig.xml";
-
- //
- // XPath expressions to select certain parts of the configuration
- //
- /** an XPATH-Expression */
- private static final String ROOT = "/" + CONF + "MOA-IDConfiguration/";
- /** an XPATH-Expression */
- private static final String ROOTOA = "/" + CONF + "Configuration/";
- /** an XPATH-Expression */
- private static final String AUTH_BKU_XPATH =
- ROOT + CONF + "AuthComponent/" + CONF + "BKUSelection";
- /** an XPATH-Expression */
- private static final String AUTH_SECLAYER_TRANSFORMS_INFO_FILENAME_XPATH =
- ROOT + CONF + "AuthComponent/" + CONF + "SecurityLayer/" + CONF + "TransformsInfo/@filename";
- /** an XPATH-Expression */
- private static final String AUTH_MOA_SP_XPATH =
- ROOT + CONF + "AuthComponent/" + CONF + "MOA-SP";
- /** an XPATH-Expression */
- private static final String AUTH_MOA_SP_VERIFY_IDENTITY_TRUST_ID_XPATH =
- ROOT + CONF + "AuthComponent/" + CONF + "MOA-SP/" + CONF + "VerifyIdentityLink/" + CONF + "TrustProfileID";
- /** an XPATH-Expression */
- private static final String AUTH_MOA_SP_VERIFY_AUTH_TRUST_ID_XPATH =
- ROOT + CONF + "AuthComponent/" + CONF + "MOA-SP/" + CONF + "VerifyAuthBlock/" + CONF + "TrustProfileID";
- /** an XPATH-Expression */
- private static final String AUTH_MOA_SP_VERIFY_AUTH_VERIFY_ID_XPATH =
- ROOT + CONF + "AuthComponent/" + CONF + "MOA-SP/" + CONF + "VerifyAuthBlock/" + CONF + "VerifyTransformsInfoProfileID";
-
- /** an XPATH-Expression */
- private static final String AUTH_IDENTITY_LINK_X509SUBJECTNAME_XPATH =
- ROOT + CONF + "AuthComponent/" + CONF + "IdentityLinkSigners/" + CONF + "X509SubjectName";
- /** an XPATH-Expression */
- private static final String PROXY_AUTH_XPATH =
- ROOT + CONF + "ProxyComponent/" + CONF + "AuthComponent";
-
- /** an XPATH-Expression */
- private static final String OA_XPATH = ROOT + CONF + "OnlineApplication";
- /** an XPATH-Expression */
- private static final String OA_LOGIN_XPATH = ROOT + CONF + "OnlineApplication/@loginURL";
- /** an XPATH-Expression */
- private static final String OA_AUTH_COMPONENT_XPATH = CONF + "AuthComponent";
- /** an XPATH-Expression */
- private static final String OA_PROXY_COMPONENT_XPATH = CONF + "ProxyComponent";
- /** an XPATH-Expression */
- private static final String OA_PROXY_COMPONENT_ABSOLUTE_XPATH = ROOT + CONF + "OnlineApplication/" + CONF + "ProxyComponent";
- /** an XPATH-Expression */
- private static final String OA_PROXY_URL_XPATH = CONF + "ProxyComponent/@configFileURL";
- /** an XPATH-Expression */
- private static final String OA_PROXY_SESSION_TIMEOUT_XPATH = CONF + "ProxyComponent/@sessionTimeOut";
- /** an XPATH-Expression */
- private static final String OA_PROXY_LOGIN_PARA_XPATH = CONF + "ProxyComponent/@loginParameterResolverImpl";
- /** an XPATH-Expression */
- private static final String OA_PROXY_LOGIN_PARA_CONF_XPATH = CONF + "ProxyComponent/@loginParameterResolverConfiguration";
- /** an XPATH-Expression */
- private static final String OA_PROXY_CONNECTION_BUILDER_XPATH = CONF + "ProxyComponent/@connectionBuilderImpl";
- /** an XPATH-Expression */
- private static final String CONNECTION_PARAMETER_URL_XPATH =
- CONF + "ConnectionParameter/@URL";
- /** an XPATH-Expression */
- private static final String CONNECTION_PARAMETER_ACCEPTED_CERTS_XPATH =
- CONF + "ConnectionParameter/" + CONF + "AcceptedServerCertificates";
- /** an XPATH-Expression */
- private static final String CONNECTION_PARAMETERN_KEYSTORE_XPATH =
- CONF + "ConnectionParameter/" + CONF + "ClientKeyStore";
- /** an XPATH-Expression */
- private static final String CONNECTION_PARAMETER_KEYSTORE_PASS_XPATH =
- CONNECTION_PARAMETERN_KEYSTORE_XPATH + "/@password";
- /** an XPATH-Expression */
- private static final String GENERIC_CONFIGURATION_XPATH =
- ROOT + CONF + "GenericConfiguration";
- /** an XPATH-Expression */
- private static final String OACONF_LOGIN_TYPE_XPATH =
- ROOTOA + CONF + "LoginType";
- /** an XPATH-Expression */
- private static final String OACONF_PARAM_AUTH_PARAMETER_XPATH =
- ROOTOA + CONF + "ParamAuth/" + CONF + "Parameter";
- /** an XPATH-Expression */
- private static final String OACONF_USER_ID_XPATH =
- ROOTOA + CONF + "BasicAuth/" + CONF + "UserID";
- /** an XPATH-Expression */
- private static final String OACONF_PASSWORD_XPATH =
- ROOTOA + CONF + "BasicAuth/" + CONF + "Password";
- /** an XPATH-Expression */
- private static final String OACONF_HEADER_AUTH_HEADER_XPATH =
- ROOTOA + CONF + "HeaderAuth/" + CONF + "Header";
- /** an XPATH-Expression */
- private static final String CHAINING_MODES_XPATH =
- ROOT + CONF + "ChainingModes";
- /** an XPATH-Expression */
- private static final String CHAINING_MODES_DEFAULT_XPATH =
- CHAINING_MODES_XPATH + "/@systemDefaultMode";
- /** an XPATH-Expression */
- private static final String TRUST_ANCHOR_XPATH =
- ROOT + CONF + "ChainingModes/" + CONF + "TrustAnchor";
- /** an XPATH-Expression */
- private static final String ISSUER_XPATH = DSIG + "X509IssuerName";
- /** an XPATH-Expression */
- private static final String SERIAL_XPATH = DSIG + "X509SerialNumber";
- /** an XPATH-Expression */
- private static final String TRUSTED_CA_CERTIFICATES_XPATH =
- ROOT + CONF + "TrustedCACertificates";
-
-
- /**
- * main configuration file directory name used to configure MOA-ID
- */
- private String rootConfigFileDir;
-
- /** The root element of the MOA-ID configuration */
- private Element configElem;
-
- /**
- * Creates a new MOAConfigurationProvider.
- *
- * @param configElem The root element of the MOA-ID configuration.
- */
- public ConfigurationBuilder(Element configElem, String rootConfigDir) {
- this.configElem = configElem;
- this.rootConfigFileDir = rootConfigDir;
- }
-
- /**
- * Returns the root element of the MOA-ID configuration.
- *
- * @return The root element of the MOA-ID configuration.
- */
- public Element getConfigElem() {
- return configElem;
- }
-
- /**
- * Build a ConnectionParameter object containing all information
- * of the moa-sp element in the authentication component
- * @return ConnectionParameter of the authentication component moa-sp element
- */
- public ConnectionParameter buildAuthBKUConnectionParameter() {
-
- Element authBKU = (Element) XPathUtils.selectSingleNode(getConfigElem(), AUTH_BKU_XPATH);
- if (authBKU==null) return null;
- return buildConnectionParameter(authBKU);
- }
-
- /**
- * Method buildAuthBKUSelectionType.
- *
- * Build a string with the configuration value of BKUSelectionAlternative
- *
- * @return String
- */
- public String buildAuthBKUSelectionType() {
-
- Element authBKU = (Element) XPathUtils.selectSingleNode(getConfigElem(), AUTH_BKU_XPATH);
- if (authBKU==null) return null;
- return (authBKU).getAttribute("BKUSelectionAlternative");
- }
-
- /**
- * Build a string array with all filenames leading
- * to the Transforms Information for the Security Layer
- * @return String[] of filenames to the Security Layer Transforms Information
- */
- public String[] buildTransformsInfoFileNames() {
-
- List transformsInfoFileNames = new ArrayList();
- NodeIterator tiIter =
- XPathUtils.selectNodeIterator(
- getConfigElem(),
- AUTH_SECLAYER_TRANSFORMS_INFO_FILENAME_XPATH);
- Attr tiElem;
-
- while ((tiElem = (Attr) tiIter.nextNode()) != null) {
-
- String tiFileName = tiElem.getNodeValue();
- transformsInfoFileNames.add(tiFileName);
- }
- String[] result = new String[transformsInfoFileNames.size()];
- transformsInfoFileNames.toArray(result);
-
- return result;
- }
-
- /**
- * Build a ConnectionParameter bean containing all information
- * of the authentication component moa-sp element
- * @return ConnectionParameter of the authentication component moa-sp element
- */
- public ConnectionParameter buildMoaSpConnectionParameter() {
-
- Element connectionParameter = (Element) XPathUtils.selectSingleNode(getConfigElem(), AUTH_MOA_SP_XPATH);
- if (connectionParameter==null) return null;
- return buildConnectionParameter(connectionParameter);
- }
-
- /**
- * Return a string with a url-reference to the VerifyIdentityLink trust
- * profile id within the moa-sp part of the authentication component
- * @return String with a url-reference to the VerifyIdentityLink trust profile ID
- */
- public String getMoaSpIdentityLinkTrustProfileID() {
- return XPathUtils.getElementValue(
- getConfigElem(),
- AUTH_MOA_SP_VERIFY_IDENTITY_TRUST_ID_XPATH,
- "");
- }
- /**
- * Return a string representation of an URL pointing to trusted CA Certificates
- * @return String representation of an URL pointing to trusted CA Certificates
- */
- public String getTrustedCACertificates() {
- return XPathUtils.getElementValue(
- getConfigElem(),
- TRUSTED_CA_CERTIFICATES_XPATH,null);
- }
-
- /**
- * Return a string with a url-reference to the VerifyAuthBlock trust
- * profile id within the moa-sp part of the authentication component
- * @return String with a url-reference to the VerifyAuthBlock trust profile ID
- */
- public String getMoaSpAuthBlockTrustProfileID() {
- return XPathUtils.getElementValue(
- getConfigElem(),
- AUTH_MOA_SP_VERIFY_AUTH_TRUST_ID_XPATH,
- "");
- }
- /**
- * Build a string array with references to all verify transform info
- * IDs within the moa-sp part of the authentication component
- * @return A string array containing all urls to the
- * verify transform info IDs
- */
- public String[] buildMoaSpAuthBlockVerifyTransformsInfoIDs() {
-
- List verifyTransformsInfoIDs = new ArrayList();
- NodeIterator vtIter =
- XPathUtils.selectNodeIterator(
- getConfigElem(),
- AUTH_MOA_SP_VERIFY_AUTH_VERIFY_ID_XPATH);
- Element vtElem;
-
- while ((vtElem = (Element) vtIter.nextNode()) != null) {
-
- String vtInfoIDs = DOMUtils.getText(vtElem);
- verifyTransformsInfoIDs.add(vtInfoIDs);
- }
- String[] result = new String[verifyTransformsInfoIDs.size()];
- verifyTransformsInfoIDs.toArray(result);
-
- return result;
- }
-
- /**
- * Return a string array containing all X509 Subject Names
- * of the Identity Link Signers
- * @return String with a url-reference to the VerifyAuthBlock trust profile ID
- */
- public String[] getIdentityLink_X509SubjectNames() {
-
- List x509SubjectNameList = new ArrayList();
- NodeIterator x509Iter =
- XPathUtils.selectNodeIterator(
- getConfigElem(),
- AUTH_IDENTITY_LINK_X509SUBJECTNAME_XPATH);
- Element x509Elem;
-
- while ((x509Elem = (Element) x509Iter.nextNode()) != null) {
-
- String vtInfoIDs = DOMUtils.getText(x509Elem);
- x509SubjectNameList.add(vtInfoIDs);
- }
- String[] result = new String[x509SubjectNameList.size()];
- x509SubjectNameList.toArray(result);
-
- return result;
- }
-
- /**
- * Build an array of the OnlineApplication Parameters containing information
- * about the authentication component
- * @return An OAProxyParameter array containing beans
- * with all relevant information for the authentication component of the online
- * application
- */
- public OAAuthParameter[] buildOnlineApplicationAuthParameters() {
-
- List OA_set = new ArrayList();
- NodeList OAIter = XPathUtils.selectNodeList(getConfigElem(), OA_XPATH);
-
- for (int i = 0; i < OAIter.getLength(); i++) {
- Element oAElem = (Element) OAIter.item(i);
- Element authComponent =
- (Element) XPathUtils.selectSingleNode(oAElem, OA_AUTH_COMPONENT_XPATH);
-
- OAAuthParameter oap = new OAAuthParameter();
- oap.setPublicURLPrefix(oAElem.getAttribute("publicURLPrefix"));
- oap.setKeyBoxIdentier(oAElem.getAttribute("keyBoxIdentifier"));
-
- //Check if there is an Auth-Block to read from configuration
- if (authComponent!=null)
- {
- oap.setProvideStammzahl(BoolUtils.valueOf(authComponent.getAttribute("provideStammzahl")));
- oap.setProvideAuthBlock(BoolUtils.valueOf(authComponent.getAttribute("provideAUTHBlock")));
- oap.setProvideIdentityLink(BoolUtils.valueOf(authComponent.getAttribute("provideIdentityLink")));
- }
- OA_set.add(oap);
- }
- OAAuthParameter[] result =
- new OAAuthParameter[OA_set.size()];
- OA_set.toArray(result);
-
- return result;
-
- }
-
- /**
- * Build a bean containing all information about the ProxyComponent
- * @return The ConnectionParameter for the Proxy Component
- */
- public ConnectionParameter buildAuthComponentConnectionParameter()
- {
-
- Element connectionParameter = (Element) XPathUtils.selectSingleNode(getConfigElem(), PROXY_AUTH_XPATH);
- if (connectionParameter==null) return null;
- return buildConnectionParameter(connectionParameter);
-
- }
- /**
- * Method buildConnectionParameter: internal Method for creating a
- * ConnectionParameter object with all data found in the incoming element
- * @param root: this Element contains the ConnectionParameter
- * @return ConnectionParameter
- */
- protected ConnectionParameter buildConnectionParameter(Element root)
- {
- ConnectionParameter result = new ConnectionParameter();
- result.setAcceptedServerCertificates(
- XPathUtils.getElementValue(root,CONNECTION_PARAMETER_ACCEPTED_CERTS_XPATH,null));
-
- result.setAcceptedServerCertificates(FileUtils.makeAbsoluteURL(
- result.getAcceptedServerCertificates(), rootConfigFileDir));
-
- result.setUrl(
- XPathUtils.getAttributeValue(root, CONNECTION_PARAMETER_URL_XPATH, ""));
- result.setClientKeyStore(
- XPathUtils.getElementValue(root,CONNECTION_PARAMETERN_KEYSTORE_XPATH,null));
-
- result.setClientKeyStore(FileUtils.makeAbsoluteURL(
- result.getClientKeyStore(), rootConfigFileDir));
-
- result.setClientKeyStorePassword(
- XPathUtils.getAttributeValue(root,CONNECTION_PARAMETER_KEYSTORE_PASS_XPATH,""));
-
- if ((result.getAcceptedServerCertificates()==null)
- && (result.getUrl()=="")
- && (result.getClientKeyStore()==null)
- && (result.getClientKeyStorePassword()==""))
- return null;
-
- return result;
- }
-
- /**
- * Build an array of OnlineApplication Parameter Beans containing information
- * about the proxy component
- * @return An OAProxyParameter array containing beans
- * with all relevant information for the proxy component of the online
- * application
- */
- public OAProxyParameter[] buildOnlineApplicationProxyParameters() throws ConfigurationException{
-
- List oA_list = new ArrayList();
- NodeList OAIter = XPathUtils.selectNodeList(getConfigElem(), OA_XPATH);
-
- for (int i = 0; i < OAIter.getLength(); i++) {
- Element oAElem = (Element) OAIter.item(i);
- OAProxyParameter oap = new OAProxyParameter();
-
- oap.setPublicURLPrefix(oAElem.getAttribute("publicURLPrefix"));
- Element proxyComponentElem = (Element) XPathUtils.selectSingleNode(oAElem,OA_PROXY_COMPONENT_XPATH);
- if (proxyComponentElem != null) {
- oap.setConfigFileURL(XPathUtils.getAttributeValue(oAElem, OA_PROXY_URL_XPATH, null));
- oap.setConfigFileURL(FileUtils.makeAbsoluteURL(oap.getConfigFileURL(), rootConfigFileDir));
- // default session time out: 3600 sec = 1 h
- oap.setSessionTimeOut(new Integer(XPathUtils.getAttributeValue(oAElem,OA_PROXY_SESSION_TIMEOUT_XPATH,"3600")).intValue());
- oap.setLoginParameterResolverImpl(XPathUtils.getAttributeValue(oAElem, OA_PROXY_LOGIN_PARA_XPATH, null));
- oap.setLoginParameterResolverConfiguration(XPathUtils.getAttributeValue(oAElem, OA_PROXY_LOGIN_PARA_CONF_XPATH, null));
- oap.setConnectionBuilderImpl(XPathUtils.getAttributeValue(oAElem,OA_PROXY_CONNECTION_BUILDER_XPATH, null));
-
- ConnectionParameter conPara = buildConnectionParameter(proxyComponentElem);
- oap.setConnectionParameter(conPara);
-
- OAConfiguration oaConf = buildOAConfiguration(getOAConfigElement(oap));
- oap.setOaConfiguration(oaConf);
-
- oA_list.add(oap);
- }
- }
- OAProxyParameter[] result =
- new OAProxyParameter[oA_list.size()];
- oA_list.toArray(result);
-
- return result;
-
- }
-
- /**
- * Build the mapping of generic configuration properties.
- *
- * @return a {@link Map} of generic configuration properties (a name to value
- * mapping) from the configuration.
- */
- public Map buildGenericConfiguration() {
-
- Map genericConfiguration = new HashMap();
- NodeIterator gcIter =
- XPathUtils.selectNodeIterator(
- getConfigElem(),
- GENERIC_CONFIGURATION_XPATH);
- Element gcElem;
-
- while ((gcElem = (Element) gcIter.nextNode()) != null) {
- String gcName = gcElem.getAttribute("name");
- String gcValue = gcElem.getAttribute("value");
-
- genericConfiguration.put(gcName, gcValue);
- }
-
- return genericConfiguration;
- }
- /**
- * Method buildOAConfiguration.
- *
- * Build an {@link OAConfiguration} Object from the given configuration DOM element
- *
- * @param root
- * @return OAConfiguration
- * @throws ConfigurationException
- */
- public OAConfiguration buildOAConfiguration(Element root) throws ConfigurationException{
-
- OAConfiguration oaConfiguration = new OAConfiguration();
-
- //The LoginType hast to be "stateless" or "stateful" to be valid
- oaConfiguration.setLoginType(
- XPathUtils.getElementValue(root, OACONF_LOGIN_TYPE_XPATH, null));
-
- //Try to build the Parameter Auth Parameters
- NodeIterator paramAuthIter =
- XPathUtils.selectNodeIterator(
- root,
- OACONF_PARAM_AUTH_PARAMETER_XPATH);
- Element paramAuthElem;
- HashMap paramAuthMap = new HashMap();
- while ((paramAuthElem = (Element) paramAuthIter.nextNode()) != null) {
- String name = XPathUtils.getAttributeValue(paramAuthElem, "@Name", null);
- String value = XPathUtils.getAttributeValue(paramAuthElem, "@Value", null);
- if (paramAuthMap.containsKey(name))
- throw new ConfigurationException("config.06", new Object[]{"Doppelter Wert für Parameter per HeaderAuthentication"});
- paramAuthMap.put(name, value);
- }
- oaConfiguration.setParamAuthMapping(paramAuthMap);
- // Try to build the BasicAuthParameters
- oaConfiguration.setBasicAuthUserIDMapping(
- XPathUtils.getElementValue(root, OACONF_USER_ID_XPATH, null));
- oaConfiguration.setBasicAuthPasswordMapping(
- XPathUtils.getElementValue(root, OACONF_PASSWORD_XPATH, null));
-
- //Try to build the Parameter Auth Parameters
- NodeIterator headerAuthIter = XPathUtils.selectNodeIterator(root,OACONF_HEADER_AUTH_HEADER_XPATH);
-
- Element headerAuthElem;
- HashMap headerAuthMap = new HashMap();
- while ((headerAuthElem = (Element) headerAuthIter.nextNode()) != null) {
- String name =
- XPathUtils.getAttributeValue(headerAuthElem, "@Name", null);
- String value =
- XPathUtils.getAttributeValue(headerAuthElem, "@Value", null);
- // Contains Key (Neue Config-Exception: doppelte werte)
- if (headerAuthMap.containsKey(name))
- throw new ConfigurationException("config.06", new Object[]{"Doppelter Wert für Parameter per HeaderAuthentication"});
- headerAuthMap.put(name, value);
- }
- oaConfiguration.setHeaderAuthMapping(headerAuthMap);
-
- if (paramAuthMap.size() == 0) {
- if (oaConfiguration.getBasicAuthUserIDMapping() == null) {
- oaConfiguration.setAuthType(OAConfiguration.HEADER_AUTH);
- }
- else
- oaConfiguration.setAuthType(OAConfiguration.BASIC_AUTH);
- }
- else
- oaConfiguration.setAuthType(OAConfiguration.PARAM_AUTH);
-
- return oaConfiguration;
- }
-
- /**
- * Reads the configuration file of the online application, and creates a DOM tree from it.
- * If /OnlineApplication/ProxyComponent@configFileURL is not given,
- * uses default configuration file location.
- *
- * @param oap configuration data of online application, meant for use by MOA-ID-PROXY
- * @return Element DOM tree root element
- * @throws ConfigurationException on any exception thrown
- */
- private Element getOAConfigElement(OAProxyParameter oap) throws ConfigurationException
- {
- try {
- String configFileURL = oap.getConfigFileURL();
- if (configFileURL == null) {
- // use default config file URL, when config file URL is not given
- configFileURL = oap.getConnectionParameter().getUrl();
- if (configFileURL.charAt(configFileURL.length() - 1) != '/')
- configFileURL += "/";
- configFileURL += DEFAULT_OA_CONFIG_FILENAME;
- }
- Logger.info("Loading MOA-OA configuration " + configFileURL);
- Element configElem = DOMUtils.parseXmlValidating(
- new ByteArrayInputStream(FileUtils.readURL(configFileURL)));
- return configElem;
- }
- catch (Throwable t) {
- throw new ConfigurationException("config.03", new Object[] {"OAConfiguration"} , t);
- }
- }
-
- /**
- * Returns the default chaining mode from the configuration.
- *
- * @return The default chaining mode.
- */
- public String getDefaultChainingMode() {
- String defaultChaining =
- XPathUtils.getAttributeValue(
- getConfigElem(),
- CHAINING_MODES_DEFAULT_XPATH,
- CM_CHAINING);
-
- return translateChainingMode(defaultChaining);
-
- }
- /**
- * Build the chaining modes for all configured trust anchors.
- *
- * @return The mapping from trust anchors to chaining modes.
- */
- public Map buildChainingModes() {
- Map chainingModes = new HashMap();
- NodeIterator trustIter =
- XPathUtils.selectNodeIterator(getConfigElem(), TRUST_ANCHOR_XPATH);
- Element trustAnchorElem;
-
- while ((trustAnchorElem = (Element) trustIter.nextNode()) != null) {
- IssuerAndSerial issuerAndSerial = buildIssuerAndSerial(trustAnchorElem);
- String mode = trustAnchorElem.getAttribute("mode");
-
- if (issuerAndSerial != null) {
- chainingModes.put(issuerAndSerial, translateChainingMode(mode));
- }
- }
-
- return chainingModes;
- }
-
- /**
- * Build an IssuerAndSerial from the DOM representation.
- *
- * @param root The root element (being of type dsig:
- * X509IssuerSerialType.
- * @return The issuer and serial number contained in the root
- * element or null if could not be built for any reason.
- */
- private IssuerAndSerial buildIssuerAndSerial(Element root) {
- String issuer = XPathUtils.getElementValue(root, ISSUER_XPATH, null);
- String serial = XPathUtils.getElementValue(root, SERIAL_XPATH, null);
-
- if (issuer != null && serial != null) {
- try {
- RFC2253NameParser nameParser = new RFC2253NameParser(issuer);
- Principal issuerDN = nameParser.parse();
-
- return new IssuerAndSerial(issuerDN, new BigInteger(serial));
- } catch (RFC2253NameParserException e) {
- warn("config.09", new Object[] { issuer, serial }, e);
- return null;
- } catch (NumberFormatException e) {
- warn("config.09", new Object[] { issuer, serial }, e);
- return null;
- }
- }
- return null;
- }
-
- /**
- * Translate the chaining mode from the configuration file to one used in the
- * IAIK MOA API.
- *
- * @param chainingMode The chaining mode from the configuration.
- * @return The chaining mode as provided by the ChainingModes
- * interface.
- * @see iaik.pki.pathvalidation.ChainingModes
- */
- private String translateChainingMode(String chainingMode) {
- if (chainingMode.equals(CM_CHAINING)) {
- return ChainingModes.CHAIN_MODE;
- } else if (chainingMode.equals(CM_PKIX)) {
- return ChainingModes.PKIX_MODE;
- } else {
- return ChainingModes.CHAIN_MODE;
- }
- }
-
- /**
- * Method warn.
- * @param messageId to identify a country-specific message
- * @param parameters for the logger
- */
- //
- // various utility methods
- //
-
- private static void warn(String messageId, Object[] parameters) {
- Logger.warn(MOAIDMessageProvider.getInstance().getMessage(messageId, parameters));
- }
-
- /**
- * Method warn.
- * @param messageId to identify a country-specific message
- * @param args for the logger
- * @param t as throwabl
- */
- private static void warn(String messageId, Object[] args, Throwable t) {
- Logger.warn(MOAIDMessageProvider.getInstance().getMessage(messageId, args), t);
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/config/ConfigurationException.java b/id.server/src/at/gv/egovernment/moa/id/config/ConfigurationException.java
deleted file mode 100644
index 2ebec0398..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/config/ConfigurationException.java
+++ /dev/null
@@ -1,31 +0,0 @@
-package at.gv.egovernment.moa.id.config;
-
-import at.gv.egovernment.moa.id.MOAIDException;
-
-/**
- * Exception signalling an error in the configuration.
- *
- * @author Patrick Peck
- * @version $Id$
- */
-public class ConfigurationException extends MOAIDException {
-
- /**
- * Create a MOAConfigurationException.
- */
- public ConfigurationException(String messageId, Object[] parameters) {
- super(messageId, parameters);
- }
-
- /**
- * Create a MOAConfigurationException.
- */
- public ConfigurationException(
- String messageId,
- Object[] parameters,
- Throwable wrapped) {
-
- super(messageId, parameters, wrapped);
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/config/ConfigurationProvider.java b/id.server/src/at/gv/egovernment/moa/id/config/ConfigurationProvider.java
deleted file mode 100644
index e65c47bad..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/config/ConfigurationProvider.java
+++ /dev/null
@@ -1,128 +0,0 @@
-package at.gv.egovernment.moa.id.config;
-
-import java.math.BigInteger;
-import java.security.Principal;
-import java.security.cert.X509Certificate;
-import java.util.Map;
-
-import at.gv.egovernment.moa.id.data.IssuerAndSerial;
-
-/**
- * Base class for AuthConfigurationProvider and ProxyConfigurationProvider,
- * providing functions common to both of them.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class ConfigurationProvider {
-
- /**
- * Constructor
- */
- public ConfigurationProvider() {
- super();
- }
-
- /**
- * The name of the system property which contains the file name of the
- * configuration file.
- */
- public static final String CONFIG_PROPERTY_NAME =
- "moa.id.configuration";
-
- /**
- * The name of the generic configuration property giving the certstore directory path.
- */
- public static final String DIRECTORY_CERTSTORE_PARAMETER_PROPERTY =
- "DirectoryCertStoreParameters.RootDir";
-
- /**
- * The name of the generic configuration property switching the ssl revocation checking on/off
- */
- public static final String TRUST_MANAGER_REVOCATION_CHECKING =
- "TrustManager.RevocationChecking";
-
-
- /**
- * A Map which contains generic configuration information. Maps a
- * configuration name (a String) to a configuration value (also a
- * String).
- */
- protected Map genericConfiguration;
-
- /** The default chaining mode. */
- protected String defaultChainingMode;
-
- /**
- * A Map which contains the IssuerAndSerial to
- * chaining mode (a String) mapping.
- */
- protected Map chainingModes;
-
- /**
- * the URL for the trusted CA Certificates
- */
- protected String trustedCACertificates;
-
- /**
- * main configuration file directory name used to configure MOA-ID
- */
- protected String rootConfigFileDir;
-
- /**
- * Returns the main configuration file directory used to configure MOA-ID
- *
- * @return the directory
- */
- public String getRootConfigFileDir() {
- return rootConfigFileDir;
- }
-
- /**
- * Returns the mapping of generic configuration properties.
- *
- * @return The mapping of generic configuration properties (a name to value
- * mapping) from the configuration.
- */
- public Map getGenericConfiguration() {
- return genericConfiguration;
- }
-
- /**
- * Returns the value of a parameter from the generic configuration section.
- *
- * @return the parameter value; null if no such parameter
- */
- public String getGenericConfigurationParameter(String parameter) {
- if (! genericConfiguration.containsKey(parameter))
- return null;
- return (String)genericConfiguration.get(parameter);
- }
-
- /**
- * Return the chaining mode for a given trust anchor.
- *
- * @param trustAnchor The trust anchor for which the chaining mode should be
- * returned.
- * @return The chaining mode for the given trust anchor. If the trust anchor
- * has not been configured separately, the system default will be returned.
- */
- public String getChainingMode(X509Certificate trustAnchor) {
- Principal issuer = trustAnchor.getIssuerDN();
- BigInteger serial = trustAnchor.getSerialNumber();
- IssuerAndSerial issuerAndSerial = new IssuerAndSerial(issuer, serial);
-
- String mode = (String) chainingModes.get(issuerAndSerial);
- return mode != null ? mode : defaultChainingMode;
- }
-
- /**
- * Returns the trustedCACertificates.
- * @return String
- */
- public String getTrustedCACertificates() {
-
- return trustedCACertificates;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/config/ConnectionParameter.java b/id.server/src/at/gv/egovernment/moa/id/config/ConnectionParameter.java
deleted file mode 100644
index 30b09cfe0..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/config/ConnectionParameter.java
+++ /dev/null
@@ -1,106 +0,0 @@
-package at.gv.egovernment.moa.id.config;
-
-/**
- * This bean class is used to store data for various connectionParameter
- * within the MOA-ID configuration
- *
- * @author Stefan Knirsch
- * @version $Id$
- */
-public class ConnectionParameter {
-
- /**
- * Server URL
- */
- private String url;
- /**
- * File URL for a directory containing PKCS#12 server SSL certificates.
- * From these certificates, a X509 trust store will be assembled for use
- * by a JSSE TrustManager.
- * This field will only be used in case of an HTTPS URL.
- */
- private String acceptedServerCertificates;
- /**
- * File URL of a X509 key store containing the private key to be used
- * for an HTTPS connection when the server requires client authentication.
- * This field will only be used in case of an HTTPS URL.
- */
- private String clientKeyStore;
- /**
- * Password protecting the client key store.
- */
- private String clientKeyStorePassword;
-
- /**
- * Checks whether the URL scheme is "https".
- * @return true in case of an URL starting with "https"
- */
- public boolean isHTTPSURL() {
- return getUrl().indexOf("https") == 0;
- }
-
- /**
- * Returns the url.
- * @return String
- */
- public String getUrl() {
- return url;
- }
-
- /**
- * Returns the acceptedServerCertificates.
- * @return String
- */
- public String getAcceptedServerCertificates() {
- return acceptedServerCertificates;
- }
-
- /**
- * Sets the acceptedServerCertificates.
- * @param acceptedServerCertificates The acceptedServerCertificates to set
- */
- public void setAcceptedServerCertificates(String acceptedServerCertificates) {
- this.acceptedServerCertificates = acceptedServerCertificates;
- }
-
- /**
- * Sets the url.
- * @param url The url to set
- */
- public void setUrl(String url) {
- this.url = url;
- }
-
- /**
- * Returns the clientKeyStore.
- * @return String
- */
- public String getClientKeyStore() {
- return clientKeyStore;
- }
-
- /**
- * Returns the clientKeyStorePassword.
- * @return String
- */
- public String getClientKeyStorePassword() {
- return clientKeyStorePassword;
- }
-
- /**
- * Sets the clientKeyStore.
- * @param clientKeyStore The clientKeyStore to set
- */
- public void setClientKeyStore(String clientKeyStore) {
- this.clientKeyStore = clientKeyStore;
- }
-
- /**
- * Sets the clientKeyStorePassword.
- * @param clientKeyStorePassword The clientKeyStorePassword to set
- */
- public void setClientKeyStorePassword(String clientKeyStorePassword) {
- this.clientKeyStorePassword = clientKeyStorePassword;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java b/id.server/src/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
deleted file mode 100644
index a722868e0..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
+++ /dev/null
@@ -1,370 +0,0 @@
-package at.gv.egovernment.moa.id.config.auth;
-
-import java.io.BufferedInputStream;
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.net.MalformedURLException;
-import org.w3c.dom.Element;
-
-import at.gv.egovernment.moa.id.config.ConfigurationBuilder;
-import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.ConfigurationProvider;
-import at.gv.egovernment.moa.id.config.ConnectionParameter;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.FileUtils;
-
-/**
- * A class providing access to the Auth Part of the MOA-ID configuration data.
- *
- * Configuration data is read from an XML file, whose location is given by
- * the moa.id.configuration system property.
This class implements the Singleton pattern. The reload()
- * method can be used to update the configuration data. Therefore, it is not
- * guaranteed that consecutive calls to getInstance() will return
- * the same AuthConfigurationProvider all the time. During the
- * processing of a web service request, the current
- * TransactionContext should be used to obtain the
- * AuthConfigurationProvider local to that request.
BKUSelectionType
- */
- public static final String BKU_SELECTION_TYPE_HTMLCOMPLETE =
- "HTMLComplete";
-
- /**
- * BKUSelectionType HTMLSelect, according to schema type BKUSelectionType
- */
- public static final String BKU_SELECTION_TYPE_HTMLSELECT =
- "HTMLSelect";
-
- /**
- * The name of the generic configuration property allowing https connection to
- * the user frontend servlets ("StartAuthentication" and "SelectBKU" servlets)
- */
- public static final String FRONTEND_SERVLETS_ENABLE_HTTP_CONNECTION_PROPERTY =
- "FrontendServlets.EnableHTTPConnection";
-
- /**
- * The name of the generic configuration property allowing to set a individual
- * DATA URL used to communicate with the BKU (SecurityLayer)
- */
- public static final String INDIVIDUAL_DATA_URL_PREFIX =
- "FrontendServlets.DataURLPrefix";
-
- /** Singleton instance. null, if none has been created. */
- private static AuthConfigurationProvider instance;
-
- //
- // configuration data
- //
-
- /**
- * configuration files containing transformations for rendering in the
- * secure viewer of the security layer implementation;
- * multiple files can be given for different mime types
- */
- private String[] transformsInfoFileNames;
- /**
- * transformations for rendering in the secure viewer of the security layer implementation,
- * read from {@link transformsInfoFileNames};
- * multiple transformation can be given for different mime types
- */
- private String[] transformsInfos;
- /**
- * parameters for connection to MOA SP component
- */
- private ConnectionParameter moaSpConnectionParameter;
- /**
- * trust profile ID to be used for verifying the identity link signature via MOA ID SP
- */
- private String moaSpIdentityLinkTrustProfileID;
- /**
- * trust profile ID to be used for verifying the AUTH block signature via MOA ID SP
- */
- private String moaSpAuthBlockTrustProfileID;
- /**
- * transformations to be used for verifying the AUTH block signature via MOA ID SP
- */
- private String[] moaSpAuthBlockVerifyTransformsInfoIDs;
- /**
- * X509 SubjectNames which will be trusted
- */
- private String[] identityLinkX509SubjectNames;
-
- /**
- * configuration parameters for online applications
- */
- private OAAuthParameter[] onlineApplicationAuthParameters;
- /**
- * the Selection Type of the bku Selection Element
- */
- private String bKUSelectionType;
- /**
- * is the bku Selection Element present?
- */
- private boolean bKUSelectable;
- /**
- * the bku Selection Connection Parameters
- */
- private ConnectionParameter bKUConnectionParameter;
- /**
- * Return the single instance of configuration data.
- *
- * @return AuthConfigurationProvider The current configuration data.
- * @throws ConfigurationException
- */
- public static synchronized AuthConfigurationProvider getInstance()
- throws ConfigurationException {
-
- if (instance == null) {
- reload();
- }
- return instance;
- }
-
- /**
- * Reload the configuration data and set it if successful.
- *
- * @return AuthConfigurationProvider The loaded configuration data.
- * @throws ConfigurationException Failure to load the configuration data.
- */
- public static synchronized AuthConfigurationProvider reload()
- throws ConfigurationException {
- String fileName = System.getProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME);
- if (fileName == null) {
- throw new ConfigurationException("config.01", null);
- }
- Logger.info("Loading MOA-ID-AUTH configuration " + fileName);
-
- instance = new AuthConfigurationProvider(fileName);
- return instance;
- }
-
- /**
- * Constructor for AuthConfigurationProvider.
- * @param fileName
- * @throws ConfigurationException
- */
- public AuthConfigurationProvider(String fileName)
- throws ConfigurationException {
-
- load(fileName);
- }
-
- /**
- * Load the configuration data from XML file with the given name and build
- * the internal data structures representing the MOA ID configuration.
- *
- * @param fileName The name of the XML file to load.
- * @throws ConfigurationException The MOA configuration could not be
- * read/built.
- */
- private void load(String fileName) throws ConfigurationException {
- InputStream stream = null;
- Element configElem;
- ConfigurationBuilder builder;
-
- try {
- // load the main config file
- stream = new BufferedInputStream(new FileInputStream(fileName));
- configElem = DOMUtils.parseXmlValidating(stream);
- } catch (Throwable t) {
- throw new ConfigurationException("config.03", null, t);
- }
- finally {
- try {
- if (stream != null) {
- stream.close();
- }
- } catch (IOException e) {
- }
- }
- try {
- // determine the directory of the root config file
- rootConfigFileDir = new File(fileName).getParent();
- try {
- rootConfigFileDir = new File(rootConfigFileDir).toURL().toString();
- } catch (MalformedURLException t) {
- throw new ConfigurationException("config.03", null, t);
- }
-
- // build the internal datastructures
- builder = new ConfigurationBuilder(configElem, rootConfigFileDir);
- bKUConnectionParameter = builder.buildAuthBKUConnectionParameter();
- bKUSelectable = (bKUConnectionParameter!=null);
- bKUSelectionType = builder.buildAuthBKUSelectionType();
- genericConfiguration = builder.buildGenericConfiguration();
- transformsInfoFileNames = builder.buildTransformsInfoFileNames();
- loadTransformsInfos();
- moaSpConnectionParameter = builder.buildMoaSpConnectionParameter();
- moaSpIdentityLinkTrustProfileID = builder.getMoaSpIdentityLinkTrustProfileID();
- moaSpAuthBlockTrustProfileID = builder.getMoaSpAuthBlockTrustProfileID();
- moaSpAuthBlockVerifyTransformsInfoIDs = builder.buildMoaSpAuthBlockVerifyTransformsInfoIDs();
- onlineApplicationAuthParameters = builder.buildOnlineApplicationAuthParameters();
- identityLinkX509SubjectNames = builder.getIdentityLink_X509SubjectNames();
- defaultChainingMode = builder.getDefaultChainingMode();
- chainingModes = builder.buildChainingModes();
- trustedCACertificates = builder.getTrustedCACertificates();
- trustedCACertificates = FileUtils.makeAbsoluteURL(trustedCACertificates, rootConfigFileDir); }
-
- catch (Throwable t) {
- throw new ConfigurationException("config.02", null, t);
- }
- }
-
- /**
- * Loads the transformsInfos from files.
- * @throws Exception on any exception thrown
- */
- private void loadTransformsInfos() throws Exception {
-
- transformsInfos = new String[transformsInfoFileNames.length];
- for (int i = 0; i < transformsInfoFileNames.length; i++) {
- String fileURL = transformsInfoFileNames[i];
-
- //if fileURL is relative to rootConfigFileDir make it absolute
- fileURL = FileUtils.makeAbsoluteURL(fileURL, rootConfigFileDir);
- String transformsInfo = FileUtils.readURL(fileURL, DEFAULT_ENCODING);
- transformsInfos[i] = transformsInfo;
- }
- }
- /**
- * Return a string array with all filenames leading
- * to the Transforms Information for the Security Layer
- * @return String[] of filenames to the Security Layer Transforms Information
- */
- public String[] getTransformsInfoFileNames() {
- return transformsInfoFileNames;
- }
-
- /**
- * Build an array of the OnlineApplication Parameters containing information
- * about the authentication component
- * @return An OAProxyParameter array containing beans
- * with all relevant information for theauthentication component of the online
- * application
- */
- public OAAuthParameter[] getOnlineApplicationParameters() {
- return onlineApplicationAuthParameters;
- }
-
- /**
- * Provides configuration information regarding the online application behind
- * the given URL, relevant to the MOA-ID Auth component.
- *
- * @param oaURL URL requested for an online application
- * @return an OAAuthParameter, or null
- * if none is applicable
- */
- public OAAuthParameter getOnlineApplicationParameter(String oaURL) {
- OAAuthParameter[] oaParams = getOnlineApplicationParameters();
- for (int i = 0; i < oaParams.length; i++) {
- OAAuthParameter oaParam = oaParams[i];
- if (oaURL.indexOf(oaParam.getPublicURLPrefix()) == 0)
- return oaParam;
- }
- return null;
- }
-
- /**
- * Return a string with a url-reference to the VerifyAuthBlock trust
- * profile id within the moa-sp part of the authentication component
- *
- * @return String with a url-reference to the VerifyAuthBlock trust profile ID
- */
- public String getMoaSpAuthBlockTrustProfileID() {
- return moaSpAuthBlockTrustProfileID;
- }
-
- /**
- * Return a string array with references to all verify transform info
- * IDs within the moa-sp part of the authentication component
- * @return A string array containing all urls to the
- * verify transform info IDs
- */
- public String[] getMoaSpAuthBlockVerifyTransformsInfoIDs() {
- return moaSpAuthBlockVerifyTransformsInfoIDs;
- }
-
- /**
- * Return a ConnectionParameter bean containing all information
- * of the authentication component moa-sp element
- * @return ConnectionParameter of the authentication component moa-sp element
- */
- public ConnectionParameter getMoaSpConnectionParameter() {
- return moaSpConnectionParameter;
- }
-
- /**
- * Return a string with a url-reference to the VerifyIdentityLink trust
- * profile id within the moa-sp part of the authentication component
- * @return String with a url-reference to the VerifyIdentityLink trust profile ID
- */
- public String getMoaSpIdentityLinkTrustProfileID() {
- return moaSpIdentityLinkTrustProfileID;
- }
- /**
- * Returns the transformsInfos.
- * @return String[]
- */
- public String[] getTransformsInfos() {
- return transformsInfos;
- }
-
- /**
- * Returns the identityLinkX509SubjectNames.
- * @return String[]
- */
- public String[] getIdentityLinkX509SubjectNames() {
- return identityLinkX509SubjectNames;
- }
-
- /**
- * Returns the bKUConnectionParameter.
- * @return ConnectionParameter
- */
- public ConnectionParameter getBKUConnectionParameter() {
- return bKUConnectionParameter;
- }
-
- /**
- * Returns the bKUSelectable.
- * @return boolean
- */
- public boolean isBKUSelectable() {
- return bKUSelectable;
- }
-
- /**
- * Returns the bKUSelectionType.
- * @return String
- */
- public String getBKUSelectionType() {
- return bKUSelectionType;
- }
-
-}
\ No newline at end of file
diff --git a/id.server/src/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java b/id.server/src/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
deleted file mode 100644
index 223abc632..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
+++ /dev/null
@@ -1,115 +0,0 @@
-package at.gv.egovernment.moa.id.config.auth;
-
-/**
- * Configuration parameters belonging to an online application,
- * to use with the MOA ID Auth component.
- *
- * @author Stefan Knirsch
- * @version $Id$
- */
-public class OAAuthParameter {
-
- /**
- * public URL prefix of the online application
- */
- private String publicURLPrefix;
-
- /**
- * key box Identifier (e.g. CertifiedKeypair, SecureSignatureKeypair)
- */
- private String keyBoxIdentifier;
- /**
- * determines whether "Stammzahl" is to be included in the authentication data
- */
- private boolean provideStammzahl;
- /**
- * determines whether AUTH block is to be included in the authentication data
- */
- private boolean provideAuthBlock;
- /**
- * determines whether identity link is to be included in the authentication data
- */
- private boolean provideIdentityLink;
-
- /**
- * Returns the provideAuthBlock.
- * @return String
- */
- public boolean getProvideAuthBlock() {
- return provideAuthBlock;
- }
-
- /**
- * Returns the provideIdentityLink.
- * @return String
- */
- public boolean getProvideIdentityLink() {
- return provideIdentityLink;
- }
-
- /**
- * Returns the provideStammzahl.
- * @return String
- */
- public boolean getProvideStammzahl() {
- return provideStammzahl;
- }
-
- /**
- * Returns the publicURLPrefix.
- * @return String
- */
- public String getPublicURLPrefix() {
- return publicURLPrefix;
- }
-
- /**
- * Returns the key box identifier.
- * @return String
- */
- public String getKeyBoxIdentifier() {
- return keyBoxIdentifier;
- }
-
- /**
- * Sets the provideAuthBlock.
- * @param provideAuthBlock The provideAuthBlock to set
- */
- public void setProvideAuthBlock(boolean provideAuthBlock) {
- this.provideAuthBlock = provideAuthBlock;
- }
-
- /**
- * Sets the provideIdentityLink.
- * @param provideIdentityLink The provideIdentityLink to set
- */
- public void setProvideIdentityLink(boolean provideIdentityLink) {
- this.provideIdentityLink = provideIdentityLink;
- }
-
- /**
- * Sets the provideStammzahl.
- * @param provideStammzahl The provideStammzahl to set
- */
- public void setProvideStammzahl(boolean provideStammzahl) {
- this.provideStammzahl = provideStammzahl;
- }
-
- /**
- * Sets the publicURLPrefix.
- * @param publicURLPrefix The publicURLPrefix to set
- */
- public void setPublicURLPrefix(String publicURLPrefix) {
- this.publicURLPrefix = publicURLPrefix;
- }
-
- /**
- * Sets the key box identifier.
- * @param keyBoxIdentifier to set
- */
- public void setKeyBoxIdentier(String keyBoxIdentifier) {
- this.keyBoxIdentifier = keyBoxIdentifier;
- }
-
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/config/proxy/OAConfiguration.java b/id.server/src/at/gv/egovernment/moa/id/config/proxy/OAConfiguration.java
deleted file mode 100644
index c9a13fee5..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/config/proxy/OAConfiguration.java
+++ /dev/null
@@ -1,145 +0,0 @@
-package at.gv.egovernment.moa.id.config.proxy;
-
-import java.util.HashMap;
-import java.util.Map;
-
-/**
- * Holds configuration data concerning an online application for use by the MOA-ID Proxy component.
- * These include the login type (stateful or stateless), the HTTP authentication type,
- * and information needed to add authentication parameters or headers for a URL connection
- * to the remote online application.
- * @see MOAIDConfiguration-1.1.xsd, element Configuration
- *
- * @author Stefan Knirsch
- * @version $Id$
- */
-public class OAConfiguration {
-
- /** Constant for an login method */
- public static final String LOGINTYPE_STATEFUL = "stateful";
- /** Constant for an login method */
- public static final String LOGINTYPE_STATELESS = "stateless";
-
- /** Constant for an auth method */
- public static final String BASIC_AUTH = "basic";
- /** Constant for an auth method */
- public static final String HEADER_AUTH = "header";
- /** Constant for an auth method */
- public static final String PARAM_AUTH = "param";
-
- /** login type: stateful or stateless */
- String loginType;
- /** authentication type: basic, header, or param */
- String authType;
- /**
- * mapping of parameter names to AuthenticationData field names
- * in case of authentication type "header-auth"
- */
- Map paramAuthMapping;
- /**
- * mapping of parameter names to AuthenticationData field names
- * in case of authentication type "param-auth"
- */
- Map headerAuthMapping;
- /** mapping for user ID to be used in case of authentication type "basic-auth" */
- String basicAuthUserIDMapping;
- /** mapping for password to be used in case of authentication type "basic-auth" */
- String basicAuthPasswordMapping;
-
- /**
- * Returns the basicAuthPasswordMapping.
- * @return String
- */
- public String getBasicAuthPasswordMapping() {
- return basicAuthPasswordMapping;
- }
-
- /**
- * Returns the basicAuthUserIDMapping.
- * @return String
- */
- public String getBasicAuthUserIDMapping() {
- return basicAuthUserIDMapping;
- }
-
- /**
- * Returns the headerAuthMapping.
- * @return HashMap
- */
- public Map getHeaderAuthMapping() {
- return headerAuthMapping;
- }
-
- /**
- * Returns the loginType.
- * @return String
- */
- public String getLoginType() {
- return loginType;
- }
-
- /**
- * Returns the paramAuthMapping.
- * @return HashMap
- */
- public Map getParamAuthMapping() {
- return paramAuthMapping;
- }
-
- /**
- * Sets the basicAuthPasswordMapping.
- * @param basicAuthPasswordMapping The basicAuthPasswordMapping to set
- */
- public void setBasicAuthPasswordMapping(String basicAuthPassword) {
- this.basicAuthPasswordMapping = basicAuthPassword;
- }
-
- /**
- * Sets the basicAuthUserIDMapping.
- * @param basicAuthUserIDMapping The basicAuthUserIDMapping to set
- */
- public void setBasicAuthUserIDMapping(String basicAuthUserID) {
- this.basicAuthUserIDMapping = basicAuthUserID;
- }
-
- /**
- * Sets the headerAuthMapping.
- * @param headerAuthMapping The headerAuthMapping to set
- */
- public void setHeaderAuthMapping(HashMap headerAuth) {
- this.headerAuthMapping = headerAuth;
- }
-
- /**
- * Sets the loginType.
- * @param loginType The loginType to set
- */
- public void setLoginType(String loginType) {
- this.loginType = loginType;
- }
-
- /**
- * Sets the paramAuthMapping.
- * @param paramAuthMapping The paramAuthMapping to set
- */
- public void setParamAuthMapping(HashMap paramAuth) {
- this.paramAuthMapping = paramAuth;
- }
-
- /**
- * Returns the authType.
- * @return String
- */
- public String getAuthType() {
- return authType;
- }
-
- /**
- * Sets the authType.
- * @param authType The authType to set
- */
- public void setAuthType(String authLoginType) {
- this.authType = authLoginType;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/config/proxy/OAProxyParameter.java b/id.server/src/at/gv/egovernment/moa/id/config/proxy/OAProxyParameter.java
deleted file mode 100644
index a16dcfa26..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/config/proxy/OAProxyParameter.java
+++ /dev/null
@@ -1,183 +0,0 @@
-package at.gv.egovernment.moa.id.config.proxy;
-
-import at.gv.egovernment.moa.id.config.ConnectionParameter;
-
-/**
- * Configuration parameters belonging to an online application,
- * to use with the MOA ID Proxy component.
- *
- * @author Stefan Knirsch
- * @version $Id$
- */
-public class OAProxyParameter {
-
- /**
- * public URL prefix of the online application
- */
- private String publicURLPrefix;
- /**
- * URL of online application configuration file;
- * defaults to relative URL /moaconfig.xml
- */
- private String configFileURL;
- /**
- * implementation of {@link at.gv.egovernment.moa.id.proxy.LoginParameterResolver} interface
- * to be used for authenticating the online application;
- * defaults to {@link at.gv.egovernment.moa.id.proxy.DefaultLoginParameterResolver}
- */
- private String loginParameterResolverImpl;
-
- /**
- * Configuration Parameter of LoginParameterResolver
- */
- private String loginParameterResolverConfiguration;
-
- /**
- * implementation of {@link at.gv.egovernment.moa.id.proxy.ConnectionBuilder} interface
- * to be used for connecting to the online application;
- * defaults to {@link at.gv.egovernment.moa.id.proxy.DefaultConnectionBuilder}
- */
- private String connectionBuilderImpl;
- /**
- * session time out to be used in case of a stateless online application
- */
- private int sessionTimeOut;
- /**
- * parameters regarding the connection from the proxy to the online application
- */
- private ConnectionParameter connectionParameter;
- /**
- * parameters for logging into the online application
- */
- private OAConfiguration oaConfiguration;
-
-
- /**
- * Returns the configFileURL.
- * @return String
- */
- public String getConfigFileURL() {
- return configFileURL;
- }
-
- /**
- * Returns the sessionTimeOut.
- * @return int
- */
- public int getSessionTimeOut() {
- return sessionTimeOut;
- }
-
- /**
- * Returns the connectionParameter.
- * @return ConnectionParameter
- */
- public ConnectionParameter getConnectionParameter() {
- return connectionParameter;
- }
-
- /**
- * Sets the configFileURL.
- * @param configFileURL The configFileURL to set
- */
- public void setConfigFileURL(String oaProxyConfigFileURL) {
- this.configFileURL = oaProxyConfigFileURL;
- }
-
- /**
- * Sets the sessionTimeOut.
- * @param sessionTimeOut The sessionTimeOut to set
- */
- public void setSessionTimeOut(int oaProxySessionTimeOut) {
- this.sessionTimeOut = oaProxySessionTimeOut;
- }
-
- /**
- * Sets the connectionParameter.
- * @param connectionParameter The connectionParameter to set
- */
- public void setConnectionParameter(ConnectionParameter proxyConnectionParameter) {
- this.connectionParameter = proxyConnectionParameter;
- }
-
- /**
- * Returns the publicURLPrefix.
- * @return String
- */
- public String getPublicURLPrefix() {
- return publicURLPrefix;
- }
-
- /**
- * Sets the publicURLPrefix.
- * @param publicURLPrefix The publicURLPrefix to set
- */
- public void setPublicURLPrefix(String url) {
- this.publicURLPrefix = url;
- }
-
- /**
- * Returns the connectionBuilderImpl.
- * @return String
- */
- public String getConnectionBuilderImpl() {
- return connectionBuilderImpl;
- }
-
- /**
- * Returns the loginParameterResolverImpl.
- * @return String
- */
- public String getLoginParameterResolverImpl() {
- return loginParameterResolverImpl;
- }
-
- /**
- * Returns the loginParameterResolverConfiguration.
- * @return String
- */
- public String getLoginParameterResolverConfiguration() {
- return loginParameterResolverConfiguration;
- }
-
- /**
- * Sets the connectionBuilderImpl.
- * @param connectionBuilderImpl The connectionBuilderImpl to set
- */
- public void setConnectionBuilderImpl(String connectionBuilderImp) {
- this.connectionBuilderImpl = connectionBuilderImp;
- }
-
- /**
- * Sets the loginParameterResolverImpl.
- * @param loginParameterResolverImpl The loginParameterResolverImpl to set
- */
- public void setLoginParameterResolverImpl(String loginParameterResolverImpl) {
- this.loginParameterResolverImpl = loginParameterResolverImpl;
- }
-
- /**
- * Sets the loginParameterResolverConfiguration.
- * @param loginParameterResolverImpl The loginParameterResolverImpl to set
- */
- public void setLoginParameterResolverConfiguration(String loginParameterResolverConfiguration) {
- this.loginParameterResolverConfiguration = loginParameterResolverConfiguration;
- }
-
- /**
- * Returns the oaConfiguration.
- * @return OAConfiguration
- */
- public OAConfiguration getOaConfiguration() {
- return oaConfiguration;
- }
-
- /**
- * Sets the oaConfiguration.
- * @param oaConfiguration The oaConfiguration to set
- */
- public void setOaConfiguration(OAConfiguration oaConfiguration) {
- this.oaConfiguration = oaConfiguration;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/config/proxy/ProxyConfigurationProvider.java b/id.server/src/at/gv/egovernment/moa/id/config/proxy/ProxyConfigurationProvider.java
deleted file mode 100644
index fdb7e6f55..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/config/proxy/ProxyConfigurationProvider.java
+++ /dev/null
@@ -1,189 +0,0 @@
-package at.gv.egovernment.moa.id.config.proxy;
-
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.IOException;
-import java.net.MalformedURLException;
-
-import org.w3c.dom.Element;
-
-import at.gv.egovernment.moa.id.config.ConfigurationBuilder;
-import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.ConfigurationProvider;
-import at.gv.egovernment.moa.id.config.ConnectionParameter;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.FileUtils;
-
-/**
- * A class providing access to the Proxy Part of the MOA-ID configuration data.
- *
- * Configuration data is read from an XML file, whose location is given by
- * the moa.id.configuration system property.
This class implements the Singleton pattern. The reload()
- * method can be used to update the configuration data. Therefore, it is not
- * guaranteed that consecutive calls to getInstance() will return
- * the same ProxyConfigurationProvider all the time. During the
- * processing of a web service request, the current
- * TransactionContext should be used to obtain the
- * ProxyConfigurationProvider local to that request.
null, if none has been created. */
- private static ProxyConfigurationProvider instance;
-
-
- //
- // configuration data
- //
- /**
- * connection parameters for connection to MOA ID Auth component
- */
- private ConnectionParameter authComponentConnectionParameter;
- /**
- * configuration parameters for online applications
- */
- private OAProxyParameter[] onlineApplicationProxyParameter;
-
- /**
- * Return the single instance of configuration data.
- *
- * @return ProxyConfigurationProvider The current configuration data.
- * @throws ConfigurationException
- */
- public static synchronized ProxyConfigurationProvider getInstance()
- throws ConfigurationException {
-
- if (instance == null) {
- reload();
- }
- return instance;
- }
-
- /**
- * Reload the configuration data and set it if successful.
- *
- * @return ProxyConfigurationProvider The loaded configuration data.
- * @throws ConfigurationException Failure to load the configuration data.
- */
- public static synchronized ProxyConfigurationProvider reload()
- throws ConfigurationException {
- String fileName = System.getProperty(CONFIG_PROPERTY_NAME);
- if (fileName == null) {
- throw new ConfigurationException("config.01", null);
- }
- Logger.info("Loading MOA-ID-PROXY configuration " + fileName);
-
- instance = new ProxyConfigurationProvider(fileName);
- return instance;
- }
-
- /**
- * Constructor for ProxyConfigurationProvider.
- */
- public ProxyConfigurationProvider(String fileName)
- throws ConfigurationException {
-
- load(fileName);
- }
-
- /**
- * Load the configuration data from XML file with the given name and build
- * the internal data structures representing the MOA configuration.
- *
- * @param fileName The name of the XML file to load.
- * @throws ConfigurationException The MOA configuration could not be
- * read/built.
- */
- private void load(String fileName) throws ConfigurationException {
- FileInputStream stream = null;
- Element configElem;
- ConfigurationBuilder builder;
-
- try {
- // load the main config file
- stream = new FileInputStream(fileName);
- configElem = DOMUtils.parseXmlValidating(stream);
- }
- catch (Throwable t) {
- throw new ConfigurationException("config.03", null, t);
- }
- finally {
- try {
- if (stream != null) {
- stream.close();
- }
- }
- catch (IOException e) {
- }
- }
- try {
- // determine the directory of the root config file
- rootConfigFileDir = new File(fileName).getParent();
- try {
- rootConfigFileDir = new File(rootConfigFileDir).toURL().toString();
- } catch (MalformedURLException t) {
- throw new ConfigurationException("config.03", null, t);
- }
-
- // build the internal datastructures
- builder = new ConfigurationBuilder(configElem, rootConfigFileDir);
- authComponentConnectionParameter = builder.buildAuthComponentConnectionParameter();
-
- onlineApplicationProxyParameter = builder.buildOnlineApplicationProxyParameters();
- for(int i = 0; i < onlineApplicationProxyParameter.length; i++) {
- onlineApplicationProxyParameter[i].setConfigFileURL(FileUtils.makeAbsoluteURL(onlineApplicationProxyParameter[i].getConfigFileURL(), rootConfigFileDir));
- }
-
- genericConfiguration = builder.buildGenericConfiguration();
- defaultChainingMode = builder.getDefaultChainingMode();
- chainingModes = builder.buildChainingModes();
- trustedCACertificates = builder.getTrustedCACertificates();
- trustedCACertificates = FileUtils.makeAbsoluteURL(trustedCACertificates, rootConfigFileDir);
-
- }
- catch (Throwable t) {
- throw new ConfigurationException("config.02", null, t);
- }
- }
-
- /**
- * Return a bean containing all information about the ProxyComponent
- * @return The ConnectionParameter for the Proxy Component
- */
- public ConnectionParameter getAuthComponentConnectionParameter() {
- return authComponentConnectionParameter;
- }
-
- /**
- * Build an array of OnlineApplication Parameter Beans containing all
- * information about the proxy component of the online application
- * @return An OAProxyParameter array containing beans
- * with all relevant information for the proxy component of the online
- * application
- */
- public OAProxyParameter[] getOnlineApplicationParameters() {
- return onlineApplicationProxyParameter;
- }
- /**
- * Provides configuration information regarding the online application behind
- * the given URL, relevant to the MOA-ID Proxy component.
- *
- * @param oaURL URL requested for an online application
- * @return an OAProxyParameter, or null
- * if none is applicable
- */
- public OAProxyParameter getOnlineApplicationParameter(String oaURL) {
- OAProxyParameter[] oaParams = getOnlineApplicationParameters();
- for (int i = 0; i < oaParams.length; i++) {
- OAProxyParameter oaParam = oaParams[i];
- if (oaURL.startsWith(oaParam.getPublicURLPrefix()))
- return oaParam;
- }
- return null;
- }
-
-}
\ No newline at end of file
diff --git a/id.server/src/at/gv/egovernment/moa/id/data/AuthenticationData.java b/id.server/src/at/gv/egovernment/moa/id/data/AuthenticationData.java
deleted file mode 100644
index 65fe9047d..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/data/AuthenticationData.java
+++ /dev/null
@@ -1,334 +0,0 @@
-package at.gv.egovernment.moa.id.data;
-
-import java.util.Date;
-
-/**
- * Encapsulates authentication data contained in a <saml:Assertion>.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-
-public class AuthenticationData {
- /**
- * major version number of the SAML assertion
- */
- private int majorVersion;
- /**
- * minor version number of the SAML assertion
- */
- private int minorVersion;
- /**
- * identifier for this assertion
- */
- private String assertionID;
- /**
- * URL of the MOA-ID Auth component issueing this assertion
- */
- private String issuer;
- /**
- * time instant of issue of this assertion
- */
- private String issueInstant;
- /**
- * user identification value (Stammzahl); null,
- * if the authentication module is configured not to return this data
- */
- private String identificationValue;
- /**
- * user identification type
- */
- private String identificationType;
- /**
- * application specific user identifier (bPK)
- */
- private String bPK;
- /**
- * given name of the user
- */
- private String givenName;
- /**
- * family name of the user
- */
- private String familyName;
- /**
- * date of birth of the user
- */
- private String dateOfBirth;
- /**
- * says whether the certificate is a qualified certificate or not
- */
- private boolean qualifiedCertificate;
- /**
- * says whether the certificate is a public authority or not
- */
- private boolean publicAuthority;
- /**
- * public authority code (Behördenkennzeichen - BKZ)
- */
- private String publicAuthorityCode;
- /**
- * the corresponding lt;saml:Assertion>
- */
- private String samlAssertion;
- /**
- * creation timestamp
- */
- Date timestamp;
-
- /**
- * Constructor for AuthenticationData.
- */
- public AuthenticationData() {
- timestamp = new Date();
- }
-
- /**
- * Returns the minorVersion.
- * @return int
- */
- public int getMinorVersion() {
- return minorVersion;
- }
-
- /**
- * Returns the publicAuthority.
- * @return boolean
- */
- public boolean isPublicAuthority() {
- return publicAuthority;
- }
-
- /**
- * Returns the publicAuthorityCode.
- * @return String
- */
- public String getPublicAuthorityCode() {
- return publicAuthorityCode;
- }
-
- /**
- * Returns the qualifiedCertificate.
- * @return boolean
- */
- public boolean isQualifiedCertificate() {
- return qualifiedCertificate;
- }
-
- /**
- * Returns the bPK.
- * @return String
- */
- public String getPBK() {
- return bPK;
- }
-
- /**
- * Sets the minorVersion.
- * @param minorVersion The minorVersion to set
- */
- public void setMinorVersion(int minorVersion) {
- this.minorVersion = minorVersion;
- }
-
- /**
- * Sets the publicAuthority.
- * @param publicAuthority The publicAuthority to set
- */
- public void setPublicAuthority(boolean publicAuthority) {
- this.publicAuthority = publicAuthority;
- }
-
- /**
- * Sets the publicAuthorityCode.
- * @param publicAuthorityCode The publicAuthorityCode to set
- */
- public void setPublicAuthorityCode(String publicAuthorityIdentification) {
- this.publicAuthorityCode = publicAuthorityIdentification;
- }
-
- /**
- * Sets the qualifiedCertificate.
- * @param qualifiedCertificate The qualifiedCertificate to set
- */
- public void setQualifiedCertificate(boolean qualifiedCertificate) {
- this.qualifiedCertificate = qualifiedCertificate;
- }
-
- /**
- * Sets the bPK.
- * @param bPK The bPK to set
- */
- public void setPBK(String bPK) {
- this.bPK = bPK;
- }
-
- /**
- * Returns the assertionID.
- * @return String
- */
- public String getAssertionID() {
- return assertionID;
- }
-
- /**
- * Returns the dateOfBirth.
- * @return String
- */
- public String getDateOfBirth() {
- return dateOfBirth;
- }
-
- /**
- * Returns the familyName.
- * @return String
- */
- public String getFamilyName() {
- return familyName;
- }
-
- /**
- * Returns the givenName.
- * @return String
- */
- public String getGivenName() {
- return givenName;
- }
-
- /**
- * Returns the identificationValue.
- * @return String
- */
- public String getIdentificationValue() {
- return identificationValue;
- }
-
- /**
- * Returns the identificationType
- * @return String
- */
- public String getIdentificationType() {
- return identificationType;
- }
-
- /**
- * Returns the issueInstant.
- * @return String
- */
- public String getIssueInstant() {
- return issueInstant;
- }
-
- /**
- * Returns the issuer.
- * @return String
- */
- public String getIssuer() {
- return issuer;
- }
-
- /**
- * Returns the majorVersion.
- * @return int
- */
- public int getMajorVersion() {
- return majorVersion;
- }
-
- /**
- * Sets the assertionID.
- * @param assertionID The assertionID to set
- */
- public void setAssertionID(String assertionID) {
- this.assertionID = assertionID;
- }
-
- /**
- * Sets the dateOfBirth.
- * @param dateOfBirth The dateOfBirth to set
- */
- public void setDateOfBirth(String dateOfBirth) {
- this.dateOfBirth = dateOfBirth;
- }
-
- /**
- * Sets the familyName.
- * @param familyName The familyName to set
- */
- public void setFamilyName(String gamilyName) {
- this.familyName = gamilyName;
- }
-
- /**
- * Sets the givenName.
- * @param givenName The givenName to set
- */
- public void setGivenName(String givenName) {
- this.givenName = givenName;
- }
-
- /**
- * Sets the identificationValue.
- * @param identificationValue The identificationValue to set
- */
- public void setIdentificationValue(String identificationValue) {
- this.identificationValue = identificationValue;
- }
-
- /**
- * Sets the identificationType.
- * @param identificationType The identificationType to set
- */
- public void setIdentificationType(String identificationType) {
- this.identificationType = identificationType;
- }
-
- /**
- * Sets the issueInstant.
- * @param issueInstant The issueInstant to set
- */
- public void setIssueInstant(String issueInstant) {
- this.issueInstant = issueInstant;
- }
-
- /**
- * Sets the issuer.
- * @param issuer The issuer to set
- */
- public void setIssuer(String issuer) {
- this.issuer = issuer;
- }
-
- /**
- * Sets the majorVersion.
- * @param majorVersion The majorVersion to set
- */
- public void setMajorVersion(int majorVersion) {
- this.majorVersion = majorVersion;
- }
-
- /**
- * Returns the samlAssertion.
- * @return String
- */
- public String getSamlAssertion() {
- return samlAssertion;
- }
-
- /**
- * Sets the samlAssertion.
- * @param samlAssertion The samlAssertion to set
- */
- public void setSamlAssertion(String samlAssertion) {
- this.samlAssertion = samlAssertion;
- }
-
- /**
- * Returns the timestamp.
- * @return Date
- */
- public Date getTimestamp() {
- return timestamp;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/data/Cookie.java b/id.server/src/at/gv/egovernment/moa/id/data/Cookie.java
deleted file mode 100644
index 5729e54c3..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/data/Cookie.java
+++ /dev/null
@@ -1,119 +0,0 @@
-package at.gv.egovernment.moa.id.data;
-import java.util.HashMap;
-import java.util.Iterator;
-import java.util.StringTokenizer;
-
-import at.gv.egovernment.moa.logging.Logger;
-
-/**
- * The Cookie-class provides methods to save and return cookies for
- * each single session
- *
- * @author Stefan Knirsch
- * @version $Id$
- *
- */
-public class Cookie {
- /** A HahsMap containing all our cookies */
- HashMap cookies = new HashMap();
- /** A HashMap to temporarely store 'Set-Cookie' values from the OnlineApplication
- * to send them back to the client/browser as soon as possible */
- HashMap cookies401 = new HashMap();
-
- /**
- * Adds a Cookie from a response with response-code 401 to the cookie-pool
- * for sending it back to the browser / client
- * @param String: the complete 'Set-Cookie' - String
- */
- public void add401(String cookieString)
- {
- cookies401.put(getKey(cookieString),cookieString);
- }
-
- /**
- * Get the HashMap containing all cookies to be sent to the browser / client
- * @return HashMap with all cookies
- */
- public HashMap get401()
- {
- return cookies401;
- }
-
- /**
- * Clear the 401 cookie-pool
- */
- public void clear401()
- {
- cookies401.clear();
- }
-
- /**
- * Set a cookie that comes from the Online-Application
- * and save it in our "normal" cookie-pool
- * @param String the complete "Set-Cookie" - String from the Online-Application
- */
- public void setCookie(String value) {
- cookies.put(getKey(value), getValue(value));
- }
-
- /**
- * Method saveOldCookies.
- * @param String the complete "Set-Cookie" - String from the Online-Application
- */
- public void saveOldCookies(String value) {
- StringTokenizer st = new StringTokenizer(value,";");
- while (st.hasMoreTokens())
- {
- // We have to trim because the Tokenizer returns cookies including spaces at the beginning
- StringTokenizer st2 = new StringTokenizer(st.nextToken().trim(),"=");
- String cookieKey = st2.nextToken().trim();
- if (st2.hasMoreTokens())
- {
- String cookieValue = st2.nextToken().trim();
- if (!cookies.containsKey(cookieKey))
- cookies.put(cookieKey , cookieValue);
- }
- }
- Logger.debug("Found these cookies: " + getCookies());
- }
-
- /**
- * Get a String containing all cookies saved in that session seperated by '; '
- * to be sent back to the Online-Application
- * @return String containing all cookies saved in that session seperated by '; '
- */
- public String getCookies() {
- String result = "";
- if (cookies.size()==0)
- return null;
- Iterator i = cookies.keySet().iterator();
- while (i.hasNext()) {
- String key = (String) i.next();
- result += key + "=" + (String)cookies.get(key) + "; ";
- }
- return result.substring(0, result.length() - 2);
- }
-
- /**
- * Returns the key of a key-value-pair of a cookie
- * getKey("CookieA=1234") returns CookieA
- * @param String the complete "Set-cookie" String containing a key-value-pair of a cookie
- * @return String the key of a key-value-pair of a cookie
- */
- private String getKey(String input) {
- return input.substring(0, input.indexOf("="));
- }
-
- /**
- * Returns the value of a key-value-pair of a cookie
- * getKey("CookieA=1234") returns 1234
- * @param String the complete "Set-cookie" String containing a key-value-pair of a cookie
- * @return String the value of a key-value-pair of a cookie
- */
- private String getValue(String input) {
- if (input.indexOf(";") == -1)
- return input.substring(input.indexOf("=") + 1, input.getBytes().length);
- return input.substring(input.indexOf("=") + 1, input.indexOf(";"));
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/data/CookieManager.java b/id.server/src/at/gv/egovernment/moa/id/data/CookieManager.java
deleted file mode 100644
index 98f84c429..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/data/CookieManager.java
+++ /dev/null
@@ -1,114 +0,0 @@
-package at.gv.egovernment.moa.id.data;
-
-import java.util.HashMap;
-
-/**
- * The CookieManager is a singleton to manage a Cookie-Object for
- * each session
- * @author Stefan Knirsch
- * @version $Id$
- *
- */
-public class CookieManager {
- /** the singleton instance of the CookieManager */
- private static CookieManager instance;
- /** a HashMap to bind a Cookie-object to every single session*/
- private static HashMap cookies = new HashMap();
-
- /**
- * Create a singleton of the CookieManager
- * @return CookieManager
- */
- public static CookieManager getInstance()
- {
- if(instance==null) instance=new CookieManager();
- return instance;
- }
-
- /**
- * Save a cookie to a specified session-id
- * @param String id the session id
- * @param String cookie_string - the complete 'Set-Cookie' String from the OnlineApplication
- */
- public void saveCookie(String id,String cookie_string)
- {
- getCookieWithID(id).setCookie(cookie_string);
- }
-
- /**
- * Method saveOldCookies.
- * @param id
- * @param cookie_string
- */
- public void saveOldCookies(String id,String cookie_string)
- {
- getCookieWithID(id).saveOldCookies(cookie_string);
- }
-
- /**
- * Get a Cookie-Object for a specified session-id
- * @param String id the session id
- * @return Cookie object containing all saved cookies for this session
- */
- public Cookie getCookieWithID(String id)
- {
- Cookie c = null;
- if(cookies.containsKey(id))
- c = (Cookie)cookies.get(id);
- else
- {
- c = new Cookie();
- cookies.put(id,c);
- }
- return c;
- }
-
-
- /**
- * Get a String containing all cookies of a specified session-id
- * saved in that session seperated by '; ' to be sent back to
- * the Online-Application
- * @param id the session-id
- * @return String containing all cookies saved in that session seperated by '; '
- */
- public String getCookie(String id)
- {
- Cookie result = (Cookie)cookies.get((String)id);
- if (result==null)
- return null;
- return result.getCookies();
-
- }
-
- /**
- * Adds a Cookie for a special session from a response with
- * response-code 401 to the cookie-pool for sending it back
- * to the browser / client
- * @param id the session-id
- * @param String: the complete 'Set-Cookie' - String
- */
- public void add401(String id,String value)
- {
- getCookieWithID(id).add401(value);
- }
-
- /**
- * Clear the 401 cookie-pool of a session
- * @param id the session-id
- */
- public void clear401(String id)
- {
- getCookieWithID(id).clear401();
- }
-
- /**
- * Get the HashMap containing all cookies of a session to be sent to the browser / client
- * @param id the session-id
- * @return HashMap with all cookies
- */
- public HashMap get401(String id)
- {
- return getCookieWithID(id).get401();
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/data/IssuerAndSerial.java b/id.server/src/at/gv/egovernment/moa/id/data/IssuerAndSerial.java
deleted file mode 100644
index a47dd8b29..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/data/IssuerAndSerial.java
+++ /dev/null
@@ -1,111 +0,0 @@
-package at.gv.egovernment.moa.id.data;
-
-import java.math.BigInteger;
-import java.security.Principal;
-
-import iaik.asn1.structures.Name;
-import iaik.utils.RFC2253NameParser;
-import iaik.utils.RFC2253NameParserException;
-
-/**
- * A class containing the issuer and serial number of a certificate, which can
- * be used to uniquely identify the certificate.
- *
- * @author Patrick Peck
- * @version $Id$
- */
-public class IssuerAndSerial {
- /** store the issuer as String*/
- private String issuerDN;
- /** store the serial as BigInteger*/
- private BigInteger serial;
-
- /**
- * Create an IssuerAndSerial object.
- *
- * The name of the issuer is converted to RFC2253. If it cannot be parsed, the
- * DN contained in the issuer is set.
- *
- * @param issuer The isser of a certificate.
- * @param serial The serial number of the certificate.
- */
- public IssuerAndSerial(Principal issuer, BigInteger serial) {
- RFC2253NameParser parser = new RFC2253NameParser(issuer.getName());
-
- try {
- this.issuerDN = ((Name) parser.parse()).getRFC2253String();
- } catch (RFC2253NameParserException e) {
- this.issuerDN = issuer.getName();
- }
- this.serial = serial;
- }
-
- /**
- * Create an IssuerAndSerial object.
- *
- * @param issuerDN The issuer distinguished name. Should be an RFC2253 name.
- * @param serial The serial number of the certificate.
- */
- public IssuerAndSerial(String issuerDN, BigInteger serial) {
- this.issuerDN = issuerDN;
- this.serial = serial;
- }
-
- /**
- * Return the issuer DN in RFC2253 format.
- *
- * @return The issuer part of this object.
- */
- public String getIssuerDN() {
- return issuerDN;
- }
-
- /**
- * Return the serial number.
- *
- * @return The serial number of this object.
- */
- public BigInteger getSerial() {
- return serial;
- }
-
- /**
- * Compare this IssuerAndSerial to another object.
- *
- * @return true, if other is an
- * IssuerAndSerial object and the issuer and
- * serial fields are both equal. false otherwise.
- * @see java.lang.Object#equals(java.lang.Object)
- */
- public boolean equals(Object other) {
- if (other instanceof IssuerAndSerial) {
- IssuerAndSerial ias = (IssuerAndSerial) other;
- return getIssuerDN().equals(ias.getIssuerDN())
- && getSerial().equals(ias.getSerial());
- }
- return false;
- }
-
- /**
- * Return the hash code of this IssuerAndSerial.
- *
- * @return The hash code of this IssuerAndSerial.
- * @see java.lang.Object#hashCode()
- */
- public int hashCode() {
- return issuerDN.hashCode() ^ serial.hashCode();
- }
-
- /**
- * Return a String representation of this
- * IssuerAndSerial object.
- *
- * @return The String representation.
- * @see java.lang.Object#toString()
- */
- public String toString() {
- return ("(IssuerAndSerial - Issuer<" + getIssuerDN())
- + ("> Serial<" + serial.toString() + ">)");
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/data/SAMLStatus.java b/id.server/src/at/gv/egovernment/moa/id/data/SAMLStatus.java
deleted file mode 100644
index ed61827b6..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/data/SAMLStatus.java
+++ /dev/null
@@ -1,59 +0,0 @@
-package at.gv.egovernment.moa.id.data;
-
-/**
- * Data contained in a <samlp:Status>
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class SAMLStatus {
-
- /** main status code */
- private String statusCode;
- /** sub status code */
- private String subStatusCode;
- /** status message */
- private String statusMessage;
-
- /**
- * @return status code
- */
- public String getStatusCode() {
- return statusCode;
- }
-
- /**
- * @return status message
- */
- public String getStatusMessage() {
- return statusMessage;
- }
-
- /**
- * @return enclosed sub-status code
- */
- public String getSubStatusCode() {
- return subStatusCode;
- }
-
- /**
- * @param string the status code
- */
- public void setStatusCode(String string) {
- statusCode = string;
- }
-
- /**
- * @param string the status message
- */
- public void setStatusMessage(String string) {
- statusMessage = string;
- }
-
- /**
- * @param string the enclosed sub-status code
- */
- public void setSubStatusCode(String string) {
- subStatusCode = string;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/iaik/config/CertStoreConfigurationImpl.java b/id.server/src/at/gv/egovernment/moa/id/iaik/config/CertStoreConfigurationImpl.java
deleted file mode 100644
index c338e96fc..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/iaik/config/CertStoreConfigurationImpl.java
+++ /dev/null
@@ -1,96 +0,0 @@
-package at.gv.egovernment.moa.id.iaik.config;
-
-import java.io.File;
-
-import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.ConfigurationProvider;
-import at.gv.egovernment.moa.id.iaik.servertools.observer.ObservableImpl;
-import at.gv.egovernment.moa.util.FileUtils;
-import iaik.pki.store.certstore.CertStoreConfiguration;
-import iaik.pki.store.certstore.CertStoreParameters;
-import iaik.pki.store.certstore.CertStoreTypes;
-import iaik.pki.store.certstore.directory.DirectoryCertStoreParameters;
-
-/**
- * Implementation of interface needed to initialize an IAIK JSSE TrustManager
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class CertStoreConfigurationImpl extends ObservableImpl
- implements CertStoreConfiguration, DirectoryCertStoreParameters {
- /** identifies the rootDirectory */
- private String rootDirectory;
- /** ConfigurationProvider */
- private ConfigurationProvider conf;
- /** Array for storing all CertStoreParameters */
- private CertStoreParameters[] parameters;
-
- /**
- * Create a new CertStoreConfigurationImpl.
- *
- * @param conf The MOA configuration from which the configuration data is
- * @throws ConfigurationException an any config-error
- * being read.
- */
- public CertStoreConfigurationImpl(ConfigurationProvider conf) throws ConfigurationException {
- this.conf=conf;
- String paramName = ConfigurationProvider.DIRECTORY_CERTSTORE_PARAMETER_PROPERTY;
- String certStoreRootDirParam = conf.getGenericConfigurationParameter(paramName);
- if (certStoreRootDirParam == null)
- throw new ConfigurationException(
- "config.08", new Object[] {paramName});
-
- rootDirectory = FileUtils.makeAbsoluteURL(certStoreRootDirParam, conf.getRootConfigFileDir());
- if(rootDirectory.startsWith("file:")) rootDirectory = rootDirectory.substring(6);
- File f = new File(rootDirectory);
- if (!f.isDirectory())
- throw new ConfigurationException(
- "config.05", new Object[] {paramName});
-
- parameters = new CertStoreParameters[] { this };
- }
-
- /**
- * @see iaik.pki.store.certstore.CertStoreConfiguration#getParameters()
- */
- public CertStoreParameters[] getParameters() {
- return parameters;
- }
-
- /**
- * @see iaik.pki.store.certstore.directory.DirectoryCertStoreParameters#getRootDirectory()
- */
- public String getRootDirectory() {
- return rootDirectory;
- }
-
- /**
- * @see iaik.pki.store.certstore.directory.DirectoryCertStoreParameters#createNew()
- */
- public boolean createNew() {
- return false;
- }
-
- /**
- * @see iaik.pki.store.certstore.CertStoreParameters#getId()
- */
- public String getId() {
- return "MOA ID Directory CertStore";
- }
-
- /**
- * @see iaik.pki.store.certstore.CertStoreParameters#isReadOnly()
- */
- public boolean isReadOnly() {
- return false;
- }
-
- /**
- * @return CertStoreTypes.DIRECTORY
- * @see iaik.pki.store.certstore.CertStoreParameters#getType()
- */
- public String getType() {
- return CertStoreTypes.DIRECTORY;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/iaik/config/LoggerConfigImpl.java b/id.server/src/at/gv/egovernment/moa/id/iaik/config/LoggerConfigImpl.java
deleted file mode 100644
index 3cd02a2b5..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/iaik/config/LoggerConfigImpl.java
+++ /dev/null
@@ -1,51 +0,0 @@
-package at.gv.egovernment.moa.id.iaik.config;
-
-import iaik.logging.LogConfigurationException;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.net.URL;
-import java.util.Properties;
-
-/**
- * Implementation of interface PKIConfiguration needed to
- * initialize an IAIK JSSE TrustManager
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class PKIConfigurationImpl implements PKIConfiguration {
- /** The configuration for the CertStore */
- private CertStoreConfiguration certStoreConfiguration;
- /** The configuration for the RevocationChecks */
- private RevocationConfiguration revocationConfiguration;
- /** The configuration for the Validation */
- private ValidationConfiguration validationConfiguration;
-
- /**
- * Constructor
- * @param conf the Configuration for the PKIConfig
- * @throws ConfigurationException for any config error
- */
- public PKIConfigurationImpl(ConfigurationProvider conf) throws ConfigurationException {
-
- certStoreConfiguration = new CertStoreConfigurationImpl(conf);
- revocationConfiguration = new RevocationConfigurationImpl();
- validationConfiguration = new ValidationConfigurationImpl(conf);
- }
-
- /**
- * @see iaik.pki.PKIConfiguration#getCertStoreConfiguration()
- */
- public CertStoreConfiguration getCertStoreConfiguration() {
- return certStoreConfiguration;
- }
-
- /**
- * @see iaik.pki.PKIConfiguration#getRevocationConfiguration()
- */
- public RevocationConfiguration getRevocationConfiguration() {
- return revocationConfiguration;
- }
-
- /**
- * @see iaik.pki.PKIConfiguration#getArchiveConfiguration()
- */
- public ArchiveConfiguration getArchiveConfiguration() {
- return null;
- }
-
- /**
- * @see iaik.pki.PKIConfiguration#getValidationConfiguration()
- */
- public ValidationConfiguration getValidationConfiguration() {
- return validationConfiguration;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/iaik/config/RevocationConfigurationImpl.java b/id.server/src/at/gv/egovernment/moa/id/iaik/config/RevocationConfigurationImpl.java
deleted file mode 100644
index c583babdc..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/iaik/config/RevocationConfigurationImpl.java
+++ /dev/null
@@ -1,35 +0,0 @@
-package at.gv.egovernment.moa.id.iaik.config;
-
-import iaik.pki.revocation.RevocationConfiguration;
-
-import java.security.cert.X509Certificate;
-import java.util.Collections;
-import java.util.Date;
-import java.util.Set;
-
-import at.gv.egovernment.moa.id.iaik.servertools.observer.*;
-
-/**
- * Implementation of interface needed to initialize an IAIK JSSE TrustManager
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class RevocationConfigurationImpl extends ObservableImpl implements RevocationConfiguration {
-
- /**
- * @see iaik.pki.revocation.RevocationConfiguration#getAlternativeDistributionPoints(java.security.cert.X509Certificate, java.util.Date)
- */
- public Set getAlternativeDistributionPoints(
- X509Certificate arg0,
- Date arg1) {
- return Collections.EMPTY_SET;
- }
-
- /**
- * @see iaik.pki.revocation.RevocationConfiguration#archiveRevocationInfo(java.lang.String, java.lang.String)
- */
- public boolean archiveRevocationInfo(String arg0, String arg1) {
- return false;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/iaik/config/ValidationConfigurationImpl.java b/id.server/src/at/gv/egovernment/moa/id/iaik/config/ValidationConfigurationImpl.java
deleted file mode 100644
index c500e2e8e..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/iaik/config/ValidationConfigurationImpl.java
+++ /dev/null
@@ -1,51 +0,0 @@
-package at.gv.egovernment.moa.id.iaik.config;
-
-import iaik.pki.pathvalidation.ValidationConfiguration;
-
-import java.security.cert.X509Certificate;
-import java.security.spec.AlgorithmParameterSpec;
-
-import at.gv.egovernment.moa.id.config.ConfigurationProvider;
-import at.gv.egovernment.moa.id.iaik.servertools.observer.ObservableImpl;
-
-/**
- * Implementation of interface needed to initialize an IAIK JSSE TrustManager
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class ValidationConfigurationImpl extends ObservableImpl
- implements ValidationConfiguration {
- /** The ConfigurationProvider for the validation*/
- private ConfigurationProvider conf;
-
- /**
- * Constructor
- * @param conf with the configuration
- */
- public ValidationConfigurationImpl(ConfigurationProvider conf) {
- this.conf = conf;
- }
-
- /**
- * @see iaik.pki.pathvalidation.ValidationConfiguration#getChainingMode(java.security.cert.X509Certificate)
- */
- public String getChainingMode(X509Certificate trustAnchor) {
- String chainingMode = conf.getChainingMode(trustAnchor);
- return chainingMode;
- }
-
- /**
- * @see iaik.pki.pathvalidation.ValidationConfiguration#getPublicKeyParamsAsSpec(java.security.cert.X509Certificate)
- */
- public AlgorithmParameterSpec getPublicKeyParamsAsSpec(X509Certificate arg0) {
- return null;
- }
-
- /**
- * @see iaik.pki.pathvalidation.ValidationConfiguration#getPublicKeyParamsAsCert(java.security.cert.X509Certificate)
- */
- public X509Certificate getPublicKeyParamsAsCert(X509Certificate arg0) {
- return null;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/iaik/pki/PKIProfileImpl.java b/id.server/src/at/gv/egovernment/moa/id/iaik/pki/PKIProfileImpl.java
deleted file mode 100644
index 4d309c18c..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/iaik/pki/PKIProfileImpl.java
+++ /dev/null
@@ -1,166 +0,0 @@
-package at.gv.egovernment.moa.id.iaik.pki;
-
-import java.security.cert.X509Certificate;
-import java.util.Collections;
-import java.util.Set;
-
-import iaik.pki.PKIProfile;
-import iaik.pki.pathvalidation.ValidationProfile;
-import iaik.pki.revocation.RevocationProfile;
-import iaik.pki.revocation.RevocationSourceTypes;
-import iaik.pki.store.truststore.TrustStoreProfile;
-import iaik.pki.store.truststore.TrustStoreTypes;
-
-import at.gv.egovernment.moa.id.iaik.servertools.observer.ObservableImpl;
-
-/**
- * Implementation of the PKIProfile interface and subinterfaces
- * providing information needed for certificate path validation.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class PKIProfileImpl extends ObservableImpl
- implements PKIProfile, RevocationProfile, TrustStoreProfile, ValidationProfile {
-
- /**
- * URI to the truststore
- */
- private String trustStoreURI;
-
- /**
- * revocation checking;
- */
- private boolean revocationChecking;
-
-
- /**
- * Create a new PKIProfileImpl.
- *
- * @param trustStoreURI trust store URI
- */
- public PKIProfileImpl(String trustStoreURI, boolean revocationChecking) {
- this.trustStoreURI = trustStoreURI;
- this.revocationChecking = revocationChecking;
- }
-
- /**
- * @see iaik.pki.PKIProfile#autoAddCertificates()
- */
- public boolean autoAddCertificates() {
- return true;
- }
-
- /**
- * @see iaik.pki.PKIProfile#getRevocationProfile()
- */
- public RevocationProfile getRevocationProfile() {
- return this;
- }
-
- /**
- * @see iaik.pki.PKIProfile#getTrustStoreProfile()
- */
- public TrustStoreProfile getTrustStoreProfile() {
- return this;
- }
-
- /**
- * @see iaik.pki.PKIProfile#getValidationProfile()
- */
- public ValidationProfile getValidationProfile() {
- return this;
- }
-
- /**
- * @see iaik.pki.PKIProfile#useAuthorityInfoAccess()
- */
- public boolean useAuthorityInfoAccess() {
- return true;
- }
-
- /**
- * @see iaik.pki.revocation.RevocationProfile#getMaxRevocationAge(java.lang.String)
- */
- public long getMaxRevocationAge(String arg0) {
- return 0;
- }
-
- /**
- * @see iaik.pki.revocation.RevocationProfile#getOCSPRequestHashAlgorithm()
- */
- public String getOCSPRequestHashAlgorithm() {
- return null;
- }
-
- /**
- * @see iaik.pki.revocation.RevocationProfile#getPreferredServiceOrder(java.security.cert.X509Certificate)
- */
- public String[] getPreferredServiceOrder(X509Certificate arg0) {
- return new String[] {RevocationSourceTypes.CRL};
- }
-
- /**
- * @see iaik.pki.store.truststore.TrustStoreProfile#getType()
- */
- public String getType() {
- return TrustStoreTypes.DIRECTORY;
- }
-
- /**
- * @see iaik.pki.store.truststore.TrustStoreProfile#getURI()
- */
- public String getURI() {
- return trustStoreURI;
- }
-
- /**
- * @see iaik.pki.pathvalidation.ValidationProfile#getInitialAnyPolicyInhibit()
- */
- public boolean getInitialAnyPolicyInhibit() {
- return false;
- }
-
- /**
- * @see iaik.pki.pathvalidation.ValidationProfile#getInitialExplicitPolicy()
- */
- public boolean getInitialExplicitPolicy() {
- return false;
- }
-
- /**
- * @see iaik.pki.pathvalidation.ValidationProfile#getInitialPolicyMappingInhibit()
- */
- public boolean getInitialPolicyMappingInhibit() {
- return false;
- }
-
- /**
- * @see iaik.pki.pathvalidation.ValidationProfile#getInitialPolicySet()
- */
- public Set getInitialPolicySet() {
- return Collections.EMPTY_SET;
- }
-
- /**
- * @see iaik.pki.pathvalidation.ValidationProfile#getNameConstraintsProcessing()
- */
- public boolean getNameConstraintsProcessing() {
- return false;
- }
-
- /**
- * @see iaik.pki.pathvalidation.ValidationProfile#getPolicyProcessing()
- */
- public boolean getPolicyProcessing() {
- return false;
- }
-
- /**
- * @see iaik.pki.pathvalidation.ValidationProfile#getRevocationChecking()
- */
- public boolean getRevocationChecking() {
- return this.revocationChecking;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/iaik/pki/jsse/MOAIDTrustManager.java b/id.server/src/at/gv/egovernment/moa/id/iaik/pki/jsse/MOAIDTrustManager.java
deleted file mode 100644
index 9da006d35..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/iaik/pki/jsse/MOAIDTrustManager.java
+++ /dev/null
@@ -1,119 +0,0 @@
-package at.gv.egovernment.moa.id.iaik.pki.jsse;
-
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.IOException;
-import java.net.URL;
-import java.security.GeneralSecurityException;
-import java.security.cert.CertificateFactory;
-import java.security.cert.X509Certificate;
-import java.util.ArrayList;
-import java.util.List;
-
-import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.logging.LoggingContext;
-import at.gv.egovernment.moa.logging.LoggingContextManager;
-
-import iaik.pki.jsse.IAIKX509TrustManager;
-
-/**
- * TrustManager implementation featuring CRL checking (inherited from
- * IAIKX509TrustManager), plus server-end-SSL-certificate checking.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class MOAIDTrustManager extends IAIKX509TrustManager {
-
- /** an x509Certificate array containing all accepted server certificates*/
- private X509Certificate[] acceptedServerCertificates;
-
- /**
- * Constructor
- * @param acceptedServerCertificateStoreURL the url leading to the acceptedServer cert store
- * @throws GeneralSecurityException occurs on security errors
- * @throws IOException occurs on IO errors
- */
- public MOAIDTrustManager(String acceptedServerCertificateStoreURL)
- throws IOException, GeneralSecurityException {
-
- if (acceptedServerCertificateStoreURL != null)
- buildAcceptedServerCertificates(acceptedServerCertificateStoreURL);
- else
- acceptedServerCertificates = null;
- }
-
-
- /**
- * Initializes the LoggingContextManager logging context.
- * Fixes a bug occuring in the case MOA-SP is called by API.
- * In this case, IAIKX509TrustManager uses the LogginConfig of MOA-SP.
- * This method must be called before a MOAIDTrustManager is constructed,
- * from every thread.
- */
- public static void initializeLoggingContext() {
- if (LoggingContextManager.getInstance().getLoggingContext() == null)
- LoggingContextManager.getInstance().setLoggingContext(
- new LoggingContext(Thread.currentThread().getName()));
- }
-
-
- /**
- * Builds an Array of accepted server certificates from an URL,
- * and stores it in acceptedServerCertificates.
- * @param acceptedServerCertificateStoreURL file URL pointing to the directory
- * containing accepted server X509 certificates
- * @throws GeneralSecurityException on security errors
- * @throws IOException on any IO errors
- */
- private void buildAcceptedServerCertificates(String acceptedServerCertificateStoreURL)
- throws IOException, GeneralSecurityException {
-
- List certList = new ArrayList();
- URL storeURL = new URL(acceptedServerCertificateStoreURL);
- File storeDir = new File(storeURL.getFile());
- // list certificate files in directory
- File[] certFiles = storeDir.listFiles();
- for (int i = 0; i < certFiles.length; i++) {
- // for each: create an X509Certificate and store it in list
- File certFile = certFiles[i];
- FileInputStream fis = new FileInputStream(certFile.getPath());
- CertificateFactory certFact = CertificateFactory.getInstance("X.509");
- X509Certificate cert = (X509Certificate)certFact.generateCertificate(fis);
- fis.close();
- certList.add(cert);
- }
- // store acceptedServerCertificates
- acceptedServerCertificates = (X509Certificate[]) certList.toArray(new X509Certificate[0]);
- }
-
- /**
- * Does additional server-end-SSL-certificate checking.
- * @see com.sun.net.ssl.X509TrustManager#isServerTrusted(java.security.cert.X509Certificate[])
- */
- public boolean isServerTrusted(X509Certificate[] certChain) {
- boolean trusted = super.isServerTrusted(certChain);
- if (! trusted || acceptedServerCertificates == null)
- return trusted;
- else {
- // check server-end-SSL-certificate with acceptedServerCertificates
- X509Certificate serverCert = certChain[0];
- for (int i = 0; i < acceptedServerCertificates.length; i++) {
- X509Certificate acceptedServerCert = acceptedServerCertificates[i];
- if (serverCert.equals(acceptedServerCert))
- return true;
- }
- Logger.warn(MOAIDMessageProvider.getInstance().getMessage("ssl.01", null));
- return false;
- }
- }
- /**
- * In rare cases, this method is being called although it should not be.
- * @see com.sun.net.ssl.X509TrustManager#isClientTrusted(X509Certificate[])
- */
- public boolean isClientTrusted(java.security.cert.X509Certificate arg0[])
- {
- return true;
- }
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/iaik/servertools/observer/ObservableImpl.java b/id.server/src/at/gv/egovernment/moa/id/iaik/servertools/observer/ObservableImpl.java
deleted file mode 100644
index 6f6949ad6..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/iaik/servertools/observer/ObservableImpl.java
+++ /dev/null
@@ -1,46 +0,0 @@
-package at.gv.egovernment.moa.id.iaik.servertools.observer;
-
-import iaik.servertools.observer.NotificationData;
-import iaik.servertools.observer.Observable;
-import iaik.servertools.observer.Observer;
-
-import java.util.ArrayList;
-import java.util.Iterator;
-import java.util.List;
-
-
-/**
- * Implementation of interface - * The HttpURLConnection has been created by {@link java.net.URL#openConnection}, but - * it has not yet been connected to by {@link java.net.URLConnection#connect}.
- * The field settings of the HttpURLConnection are: - *
-
- *
allowUserInteraction = false
- * doInput = true
- * doOutput = true
- * requestMethod = request.getMethod()
- * useCaches = false
- *
"https:";
- * if
null, the default SSL socket factory would be used
- * @param parameters parameters to be forwarded
- * @return a URLConnection created by {@link java.net.URL#openConnection}, connecting to
- * the requested URL with publicURLPrefix substituted by realURLPrefix
- * @throws IOException if an I/O exception occurs during opening the connection
- * @see java.net.URL#openConnection()
- * @see com.sun.net.ssl.HttpsURLConnection#getDefaultSSLSocketFactory()
- */
- public HttpURLConnection buildConnection(
- HttpServletRequest request,
- String publicURLPrefix,
- String realURLPrefix,
- SSLSocketFactory sslSocketFactory,
- Map parameters) throws IOException;
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/ConnectionBuilderFactory.java b/id.server/src/at/gv/egovernment/moa/id/proxy/ConnectionBuilderFactory.java
deleted file mode 100644
index ff7787839..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/proxy/ConnectionBuilderFactory.java
+++ /dev/null
@@ -1,68 +0,0 @@
-package at.gv.egovernment.moa.id.proxy;
-
-import java.util.HashMap;
-import java.util.Map;
-
-import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.proxy.OAProxyParameter;
-import at.gv.egovernment.moa.id.config.proxy.ProxyConfigurationProvider;
-
-/**
- * Factory delivering a {@link ConnectionBuilder} implementation for
- * an online application, initialized from configuration data.
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class ConnectionBuilderFactory {
-
- /** default connection builder to be used for online application
- * where no special implementation of the ConnectionBuilder
- * interface is configured
- */
- private static ConnectionBuilder defaultConnectionBuilder;
- /** mapping from online application public URL prefix to an implementation
- * of the ConnectionBuilder interface to be used;
- * if no mapping is given for an online application, the
- * DefaultConnectionBuilder will be used */
- private static Map connectionBuilderMap;
-
- /**
- * Initializes the ConnectionBuilder map from the configuration data.
- * @throws ConfigurationException when the configuration cannot be read,
- * or when a class name configured cannot be instantiated
- */
- public static void initialize() throws ConfigurationException {
- defaultConnectionBuilder = new DefaultConnectionBuilder();
- connectionBuilderMap = new HashMap();
- ProxyConfigurationProvider proxyConf = ProxyConfigurationProvider.getInstance();
- for (int i = 0; i < proxyConf.getOnlineApplicationParameters().length; i++) {
- OAProxyParameter oaParam = proxyConf.getOnlineApplicationParameters()[i];
- String publicURLPrefix = oaParam.getPublicURLPrefix();
- String className = oaParam.getConnectionBuilderImpl();
- if (className != null) {
- try {
- ConnectionBuilder cb = (ConnectionBuilder)Class.forName(className).newInstance();
- connectionBuilderMap.put(publicURLPrefix, cb);
- }
- catch (Throwable ex) {
- throw new ConfigurationException("config.07", new Object[] {publicURLPrefix}, ex);
- }
- }
- }
- }
-
- /**
- * Gets the ConnectionBuilder implementation to be used for the given
- * online application.
- * @param publicURLPrefix public URL prefix of the online application
- * @return ConnectionBuilder implementation
- */
- public static ConnectionBuilder getConnectionBuilder(String publicURLPrefix) {
- ConnectionBuilder cb = (ConnectionBuilder) connectionBuilderMap.get(publicURLPrefix);
- if (cb == null)
- return defaultConnectionBuilder;
- else
- return cb;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/DefaultConnectionBuilder.java b/id.server/src/at/gv/egovernment/moa/id/proxy/DefaultConnectionBuilder.java
deleted file mode 100644
index 7807955c2..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/proxy/DefaultConnectionBuilder.java
+++ /dev/null
@@ -1,120 +0,0 @@
-package at.gv.egovernment.moa.id.proxy;
-
-import java.io.IOException;
-import java.net.HttpURLConnection;
-import java.net.URL;
-import java.util.Iterator;
-import java.util.Map;
-
-import javax.net.ssl.SSLSocketFactory;
-import javax.servlet.http.HttpServletRequest;
-
-import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.proxy.ProxyConfigurationProvider;
-import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.BoolUtils;
-
-import com.sun.net.ssl.HostnameVerifier;
-import com.sun.net.ssl.HttpsURLConnection;
-
-/**
- * Defaultimplementierung von ConnectionBuilder.
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class DefaultConnectionBuilder implements ConnectionBuilder {
-
- /** a boolean to disable the HostnameVerification (default = false)*/
- private static boolean cbDisableHostnameVerification = false;
-
- /**
- * Constructor for DefaultConnectionBuilder.
- * @throws ConfigurationException on any config error
- */
- public DefaultConnectionBuilder() throws ConfigurationException {
- cbDisableHostnameVerification = BoolUtils.valueOf(
- ProxyConfigurationProvider.getInstance().getGenericConfigurationParameter(
- "ProxyComponent.DisableHostnameVerification"));
- //TODO MOA-ID BRZ undocumented feature
- if (cbDisableHostnameVerification)
- Logger.warn("ProxyComponent.DisableHostnameVerification: " + cbDisableHostnameVerification);
- }
-
- /**
- * @see at.gv.egovernment.moa.id.proxy.ConnectionBuilder#buildConnection
- */
- public HttpURLConnection buildConnection(
- HttpServletRequest req,
- String publicURLPrefix,
- String realURLPrefix,
- SSLSocketFactory sslSocketFactory,
- Map parameters)
- throws IOException {
-
- String requestedURL = req.getRequestURL().toString();
- // check whether requested URL starts with publicURLPrefix
- if (! requestedURL.startsWith(publicURLPrefix))
- throw new IOException(MOAIDMessageProvider.getInstance().getMessage(
- "proxy.01", new Object[] {requestedURL, publicURLPrefix}));
- // in case of GET request, append query string to requested URL;
- // otherwise, HttpURLConnection would perform a POST request
- if ("get".equalsIgnoreCase(req.getMethod()) && ! parameters.isEmpty()) {
- requestedURL = appendQueryString(requestedURL, parameters);
- }
- // build real URL in online application
- String realURLString = realURLPrefix + requestedURL.substring(publicURLPrefix.length());
- URL url = new URL(realURLString);
- Logger.debug("OA Request: " + req.getMethod() + " " + url.toString());
-
- HttpURLConnection conn = (HttpURLConnection)url.openConnection();
- conn.setRequestMethod(req.getMethod());
- conn.setDoInput(true);
- conn.setDoOutput(true);
- //conn.setUseCaches(false);
- conn.setAllowUserInteraction(true);
- conn.setInstanceFollowRedirects(false);
- if (conn instanceof HttpsURLConnection && sslSocketFactory != null) {
- HttpsURLConnection httpsConn = (HttpsURLConnection) conn;
- httpsConn.setSSLSocketFactory(sslSocketFactory);
- if (cbDisableHostnameVerification)
- httpsConn.setHostnameVerifier(new HostnameNonVerifier());
- }
- return conn;
- }
- /**
- * @param requestedURL
- * @param parameters
- * @return
- */
- private String appendQueryString(String requestedURL, Map parameters) {
- String newURL = requestedURL;
- for (Iterator iter = parameters.keySet().iterator(); iter.hasNext();) {
- String paramName = (String)iter.next();
- String paramValue = (String)parameters.get(paramName);
- String paramString = paramName + "=" + paramValue;
- if (newURL.indexOf("?") < 0)
- newURL = newURL + "?" + paramString;
- else
- newURL = newURL + "&" + paramString;
- }
- return newURL;
- }
-
- /**
- * @author Stefan Knirsch
- * @version $Id$
- * A private class to change the standard HostName verifier to disable the
- * Hostname Verification Check
- */
- private class HostnameNonVerifier implements HostnameVerifier {
-
- /**
- * @see com.sun.net.ssl.HostnameVerifier#verify(String, String)
- */
- public boolean verify(String arg0, String arg1) {
- return true;
- }
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/DefaultLoginParameterResolver.java b/id.server/src/at/gv/egovernment/moa/id/proxy/DefaultLoginParameterResolver.java
deleted file mode 100644
index 77f6652f3..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/proxy/DefaultLoginParameterResolver.java
+++ /dev/null
@@ -1,136 +0,0 @@
-package at.gv.egovernment.moa.id.proxy;
-
-import java.io.IOException;
-import java.io.UnsupportedEncodingException;
-import java.util.HashMap;
-import java.util.Iterator;
-import java.util.Map;
-
-import at.gv.egovernment.moa.id.config.proxy.OAConfiguration;
-import at.gv.egovernment.moa.id.data.AuthenticationData;
-import at.gv.egovernment.moa.util.Base64Utils;
-import at.gv.egovernment.moa.util.URLEncoder;
-
-/**
- * Implementation of interface LoginParameterResolver
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class DefaultLoginParameterResolver implements LoginParameterResolver {
-
- /**
- * Constructor
- */
- public DefaultLoginParameterResolver() {
- }
-
- /**
- * Configuration mehtod (not used)
- */
- public void configure(String configuration) throws LoginParameterResolverException {
- }
-
-
- /**
- * @see at.gv.egovernment.moa.id.proxy.LoginParameterResolver#getAuthenticationHeaders(at.gv.egovernment.moa.id.config.proxy.OAConfiguration, at.gv.egovernment.moa.id.auth.data.AuthenticationData, java.lang.String)
- */
- public Map getAuthenticationHeaders(
- OAConfiguration oaConf,
- AuthenticationData authData,
- String clientIPAddress) {
-
- Map result = new HashMap();
-
- if (oaConf.getAuthType().equals(OAConfiguration.BASIC_AUTH)) {
- String useridPredicate = oaConf.getBasicAuthUserIDMapping();
- String userid = resolveValue(useridPredicate, authData, clientIPAddress);
- String passwordPredicate = oaConf.getBasicAuthPasswordMapping();
- String password = resolveValue(passwordPredicate, authData, clientIPAddress);
-
- try {
- String userIDPassword = userid + ":" + password;
- String credentials = Base64Utils.encode(userIDPassword.getBytes());
- result.put("Authorization", "Basic " + credentials);
- }
- catch (IOException ignore) {
- }
- }
- else if (oaConf.getAuthType().equals(OAConfiguration.HEADER_AUTH)) {
- for (Iterator iter = oaConf.getHeaderAuthMapping().keySet().iterator(); iter.hasNext();) {
- String key = (String) iter.next();
- String predicate = (String) oaConf.getHeaderAuthMapping().get(key);
- String resolvedValue = resolveValue(predicate, authData, clientIPAddress);
- result.put(key, resolvedValue);
- }
- }
-
- return result;
- }
-
- /**
- * @see at.gv.egovernment.moa.id.proxy.LoginParameterResolver#getAuthenticationParameters(at.gv.egovernment.moa.id.config.proxy.OAConfiguration, at.gv.egovernment.moa.id.auth.data.AuthenticationData, java.lang.String)
- */
- public Map getAuthenticationParameters(
- OAConfiguration oaConf,
- AuthenticationData authData,
- String clientIPAddress) {
-
- Map result = new HashMap();
-
- if (oaConf.getAuthType().equals(OAConfiguration.PARAM_AUTH)) {
- for (Iterator iter = oaConf.getParamAuthMapping().keySet().iterator(); iter.hasNext();) {
- String key = (String) iter.next();
- String predicate = (String) oaConf.getParamAuthMapping().get(key);
- String resolvedValue;
- try {
- resolvedValue =
- URLEncoder.encode(resolveValue(predicate, authData, clientIPAddress), "ISO-8859-1");
- } catch (UnsupportedEncodingException e) {
- //ISO-8859-1 is supported
- resolvedValue = null;
- }
- result.put(key, resolvedValue);
- }
- }
-
- return result;
- }
-
- /**
- * Resolves a login header or parameter value.
- * @param predicate header or parameter predicate name from online application configuration
- * @param authData authentication data for current login
- * @param clientIPAddress client IP address
- * @return header or parameter value resolved; null if unknown name is given
- */
- private static String resolveValue(String predicate, AuthenticationData authData, String clientIPAddress) {
- if (predicate.equals(MOAGivenName))
- return authData.getGivenName();
- if (predicate.equals(MOAFamilyName))
- return authData.getFamilyName();
- if (predicate.equals(MOADateOfBirth))
- return authData.getDateOfBirth();
- if (predicate.equals(MOABPK))
- return authData.getPBK();
- if (predicate.equals(MOAPublicAuthority))
- if (authData.isPublicAuthority())
- return "true";
- else
- return "false";
- if (predicate.equals(MOABKZ))
- return authData.getPublicAuthorityCode();
- if (predicate.equals(MOAQualifiedCertificate))
- if (authData.isQualifiedCertificate())
- return "true";
- else
- return "false";
- if (predicate.equals(MOAStammzahl))
- return authData.getIdentificationValue();
- if (predicate.equals(MOAIdentificationValueType))
- return authData.getIdentificationType();
- if (predicate.equals(MOAIPAddress))
- return clientIPAddress;
- else return null;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/ElakConnectionBuilder.java b/id.server/src/at/gv/egovernment/moa/id/proxy/ElakConnectionBuilder.java
deleted file mode 100644
index a1ccb7353..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/proxy/ElakConnectionBuilder.java
+++ /dev/null
@@ -1,226 +0,0 @@
-package at.gv.egovernment.moa.id.proxy;
-
-import java.io.IOException;
-import java.net.HttpURLConnection;
-
-import com.ibm.webdav.HTTPHeaders;
-import com.ibm.webdav.protocol.URLStreamHandlerFactory;
-import java.util.StringTokenizer;
-import com.ibm.webdav.protocol.http.WebDAVURLConnection;
-import java.net.URL;
-import java.net.URLStreamHandler;
-import java.util.Iterator;
-import java.util.Map;
-
-import javax.net.ssl.SSLSocketFactory;
-import javax.servlet.http.HttpServletRequest;
-
-import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.proxy.ProxyConfigurationProvider;
-import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.BoolUtils;
-
-import com.sun.net.ssl.HostnameVerifier;
-import com.sun.net.ssl.HttpsURLConnection;
-
-/**
- * Defaultimplementierung von ConnectionBuilder.
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class ElakConnectionBuilder implements ConnectionBuilder {
-
- /** a boolean to disable the HostnameVerification (default = false)*/
- private static boolean cbDisableHostnameVerification = false;
-
- /** a boolean to indicat if webdav protocol handler was already set */
- private static boolean webdavPHSet = false;
-
- /**
- * The system property name used to register a protocol handler.
- */
- public final static String PROTOCOL_HANDLER_PROPERTY_NAME = "java.protocol.handler.pkgs";
-
- /**
- * The package providing the ldap protocol handler.
- */
- public final static String WEBDAV_PROTOCOL_HANDLER = "com.ibm.webdav.protocol";
-
- /**
- * The pipe character used to sepearte different protocol handlers.
- */
- public final static char PIPE_CHAR = '|';
-
-
-
-
-
- /**
- * Constructor for ElakConnectionBuilder.
- * @throws ConfigurationException on any config error
- */
- public ElakConnectionBuilder() throws ConfigurationException {
- cbDisableHostnameVerification = BoolUtils.valueOf(
- ProxyConfigurationProvider.getInstance().getGenericConfigurationParameter(
- "ProxyComponent.DisableHostnameVerification"));
- //TODO MOA-ID BRZ undocumented feature
- if (cbDisableHostnameVerification)
- Logger.warn("ProxyComponent.DisableHostnameVerification: " + cbDisableHostnameVerification);
- }
-
- /**
- * @see at.gv.egovernment.moa.id.proxy.ConnectionBuilder#buildConnection
- */
- public HttpURLConnection buildConnection(
- HttpServletRequest req,
- String publicURLPrefix,
- String realURLPrefix,
- SSLSocketFactory sslSocketFactory,
- Map parameters)
- throws IOException {
-
- String requestedURL = req.getRequestURL().toString();
- // check whether requested URL starts with publicURLPrefix
- if (! requestedURL.startsWith(publicURLPrefix))
- throw new IOException(MOAIDMessageProvider.getInstance().getMessage(
- "proxy.01", new Object[] {requestedURL, publicURLPrefix}));
-
-
-
- // in case of GET request, append query string to requested URL;
- // otherwise, HttpURLConnection would perform a POST request
- //FIXME right parameters
- /*
- if ("get".equalsIgnoreCase(req.getMethod()) && ! parameters.isEmpty()) {
- requestedURL = appendQueryString(requestedURL, parameters);
- }
- */
- //TODO RSCH check functionality
- if (null != req.getQueryString() && 0 != req.getQueryString().length() ) {
- String query = req.getQueryString();
- requestedURL = requestedURL + "?" + query;
-
- for (Iterator iter = parameters.keySet().iterator(); iter.hasNext();) {
- String parameterKey = (String) iter.next();
- if(query.indexOf(parameterKey) >= 0) iter.remove();
- }
- }
-
- // build real URL in online application
- String realURLString = realURLPrefix + requestedURL.substring(publicURLPrefix.length());
-
-
- Logger.info("Registering WebDAV protocol handler");
- String protocolHandlers = System.getProperty(ElakConnectionBuilder.PROTOCOL_HANDLER_PROPERTY_NAME);
- if (protocolHandlers == null) {
- protocolHandlers = ElakConnectionBuilder.WEBDAV_PROTOCOL_HANDLER;
- System.setProperty(ElakConnectionBuilder.PROTOCOL_HANDLER_PROPERTY_NAME, protocolHandlers);
- } else {
- // check, if WEBDAV protocol handler is already configured
- boolean isConfigured = false;
- StringTokenizer tokenizer = new StringTokenizer(protocolHandlers, "| ");
- while (tokenizer.hasMoreTokens()) {
- String protocolHandler = tokenizer.nextToken();
- if (protocolHandler.equals(ElakConnectionBuilder.WEBDAV_PROTOCOL_HANDLER)) {
- isConfigured = true;
- break;
- }
- }
- // if it has not been configured yet, configure it
- if (!isConfigured) {
- protocolHandlers = ElakConnectionBuilder.WEBDAV_PROTOCOL_HANDLER + ElakConnectionBuilder.PIPE_CHAR + protocolHandlers;
- System.setProperty(ElakConnectionBuilder.PROTOCOL_HANDLER_PROPERTY_NAME, protocolHandlers);
- }
- }
- Logger.info("Registered protocol handlers: " + protocolHandlers);
- Class webdavSH = null;
- try
- {
- webdavSH = Class.forName(ElakConnectionBuilder.WEBDAV_PROTOCOL_HANDLER + ".http.Handler");
- }
- catch (ClassNotFoundException e)
- {
- // TODO Auto-generated catch block
- e.printStackTrace();
- }
- URLStreamHandler urlStreamHandler = null;
- try
- {
- urlStreamHandler = (URLStreamHandler) webdavSH.newInstance();
- }
- catch (InstantiationException e1)
- {
- // TODO Auto-generated catch block
- e1.printStackTrace();
- }
- catch (IllegalAccessException e1)
- {
- // TODO Auto-generated catch block
- e1.printStackTrace();
- }
- //URL testURL = new URL("http", realURLString.substring("http://localhost:82".length()), 82, "", urlStreamHandler);
- //WebDAVURLConnection webDavTest = (WebDAVURLConnection) testURL.openConnection();
-
-
- URL testURL = new URL(realURLString);
- Logger.debug("TEST URL ist von der Klasse: " + testURL.getClass().getName());
-
- //URL url = new URL(realURLString);
- URL testURL2 = new URL(realURLString);
-
- URL url = new URL("http", "localhost", 82, realURLString.substring("http://localhost:82".length()), urlStreamHandler);
-
- Logger.debug("OA Request: " + req.getMethod() + " " + url.toString());
- WebDAVURLConnection webDavConn = (WebDAVURLConnection) url.openConnection();
- HttpURLConnection conn = (HttpURLConnection)webDavConn;
- webDavConn.setRequestMethod(req.getMethod());
- webDavConn.setDoInput(true);
- webDavConn.setDoOutput(true);
- //conn.setUseCaches(false);
- webDavConn.setAllowUserInteraction(true);
- webDavConn.setInstanceFollowRedirects(false);
- if (conn instanceof HttpsURLConnection && sslSocketFactory != null) {
- HttpsURLConnection httpsConn = (HttpsURLConnection) conn;
- httpsConn.setSSLSocketFactory(sslSocketFactory);
- if (cbDisableHostnameVerification)
- httpsConn.setHostnameVerifier(new HostnameNonVerifier());
- }
- return conn;
- }
- /**
- * @param requestedURL
- * @param parameters
- * @return
- */
- private String appendQueryString(String requestedURL, Map parameters) {
- String newURL = requestedURL;
- for (Iterator iter = parameters.keySet().iterator(); iter.hasNext();) {
- String paramName = (String)iter.next();
- String paramValue = (String)parameters.get(paramName);
- String paramString = paramName + "=" + paramValue;
- if (newURL.indexOf("?") < 0)
- newURL = newURL + "?" + paramString;
- else
- newURL = newURL + "&" + paramString;
- }
- return newURL;
- }
-
- /**
- * @author Stefan Knirsch
- * @version $Id$
- * A private class to change the standard HostName verifier to disable the
- * Hostname Verification Check
- */
- private class HostnameNonVerifier implements HostnameVerifier {
-
- /**
- * @see com.sun.net.ssl.HostnameVerifier#verify(String, String)
- */
- public boolean verify(String arg0, String arg1) {
- return true;
- }
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/LoginParameterResolver.java b/id.server/src/at/gv/egovernment/moa/id/proxy/LoginParameterResolver.java
deleted file mode 100644
index f43bbd9e4..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/proxy/LoginParameterResolver.java
+++ /dev/null
@@ -1,76 +0,0 @@
-package at.gv.egovernment.moa.id.proxy;
-
-import java.util.Map;
-
-import at.gv.egovernment.moa.id.config.proxy.OAConfiguration;
-import at.gv.egovernment.moa.id.data.AuthenticationData;
-
-/**
- * Determines authentication parameters and headers to be added to a {@link java.net.URLConnection}
- * to the remote online application.
- * Utilizes {@link OAConfiguration} and {@link AuthenticationData}.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public interface LoginParameterResolver {
-
- /** Constants used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType,
- * naming predicates used by the LoginParameterResolver. */
- public static final String MOAGivenName = "MOAGivenName";
- /** Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType */
- public static final String MOAFamilyName = "MOAFamilyName";
- /** Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType */
- public static final String MOADateOfBirth = "MOADateOfBirth";
- /** Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType */
- public static final String MOABPK = "MOABPK";
- /** Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType */
- public static final String MOAPublicAuthority = "MOAPublicAuthority";
- /** Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType */
- public static final String MOABKZ = "MOABKZ";
- /** Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType */
- public static final String MOAQualifiedCertificate = "MOAQualifiedCertificate";
- /** Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType */
- public static final String MOAStammzahl = "MOAStammzahl";
- /** Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType */
- public static final String MOAIdentificationValueType = "MOAIdentificationValueType";
- /** Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType */
- public static final String MOAIPAddress = "MOAIPAddress";
-
- /**
- * Returns authentication headers to be added to a URLConnection.
- *
- * @param oaConf configuration data
- * @param authData authentication data
- * @param clientIPAddress client IP address
- * @return A map, the keys being header names and values being corresponding header values.
- * In case of authentication type
"basic-auth", header fields
- * username and password.
- * In case of authentication type
"header-auth", header fields
- * derived from parameter mapping and authentication data provided.
- * Otherwise, an empty map. - */ - public Map getAuthenticationHeaders( - OAConfiguration oaConf, - AuthenticationData authData, - String clientIPAddress) throws LoginParameterResolverException, NotAllowedException; - - /** - * Returns request parameters to be added to a URLConnection. - * - * @param oaConf configuration data - * @param authData authentication data - * @param clientIPAddress client IP address - * @return A map, the keys being parameter names and values being corresponding parameter values. - *
In case of authentication type
"param-auth", parameters
- * derived from parameter mapping and authentication data provided.
- * Otherwise, an empty map. - */ - public Map getAuthenticationParameters( - OAConfiguration oaConf, - AuthenticationData authData, - String clientIPAddress) throws LoginParameterResolverException, NotAllowedException; - - public void configure(String configuration) throws LoginParameterResolverException; - -} diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/LoginParameterResolverException.java b/id.server/src/at/gv/egovernment/moa/id/proxy/LoginParameterResolverException.java deleted file mode 100644 index 3aa2368bf..000000000 --- a/id.server/src/at/gv/egovernment/moa/id/proxy/LoginParameterResolverException.java +++ /dev/null @@ -1,37 +0,0 @@ -package at.gv.egovernment.moa.id.proxy; - -import at.gv.egovernment.moa.id.MOAIDException; - -/** - * Exception thrown while proxying a request to the online application - * - * @author Rudolf Schamberger - * @version $Id$ - */ -public class LoginParameterResolverException extends MOAIDException { - - /** - * Constructor for LoginParameterResolverException. - * @param messageId - * @param parameters - */ - public LoginParameterResolverException( - String messageId, - Object[] parameters) { - super(messageId, parameters); - } - - /** - * Constructor for LoginParameterResolverException. - * @param messageId - * @param parameters - * @param wrapped - */ - public LoginParameterResolverException( - String messageId, - Object[] parameters, - Throwable wrapped) { - super(messageId, parameters, wrapped); - } - -} diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/LoginParameterResolverFactory.java b/id.server/src/at/gv/egovernment/moa/id/proxy/LoginParameterResolverFactory.java deleted file mode 100644 index 856afe74c..000000000 --- a/id.server/src/at/gv/egovernment/moa/id/proxy/LoginParameterResolverFactory.java +++ /dev/null @@ -1,83 +0,0 @@ -package at.gv.egovernment.moa.id.proxy; - -import java.lang.reflect.InvocationTargetException; -import java.lang.reflect.Method; -import java.util.HashMap; -import java.util.Map; - -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.proxy.OAProxyParameter; -import at.gv.egovernment.moa.id.config.proxy.ProxyConfigurationProvider; - -/** - * Factory delivering a {@link LoginParameterResolver} implementation for - * an online application, initialized from configuration data. - * @author Paul Ivancsics - * @version $Id$ - */ -public class LoginParameterResolverFactory { - - /** default login parameter resolver to be used for online application - * where no special implementation of the
LoginParameterResolver
- * interface is configured
- */
- private static LoginParameterResolver defaultLoginParameterResolver;
- /** mapping from online application public URL prefix to an implementation
- * of the LoginParameterResolver interface to be used;
- * if no mapping is given for an online application, the
- * DefaultLoginParameterResolver will be used */
- private static Map loginParameterResolverMap;
-
- /**
- * Initializes the LoginParameterResolver map from the configuration data.
- * @throws ConfigurationException when the configuration cannot be read,
- * or when a class name configured cannot be instantiated
- */
- public static void initialize() throws ConfigurationException {
- defaultLoginParameterResolver = new DefaultLoginParameterResolver();
- loginParameterResolverMap = new HashMap();
- ProxyConfigurationProvider proxyConf = ProxyConfigurationProvider.getInstance();
- for (int i = 0; i < proxyConf.getOnlineApplicationParameters().length; i++) {
- OAProxyParameter oaParam = proxyConf.getOnlineApplicationParameters()[i];
- String publicURLPrefix = oaParam.getPublicURLPrefix();
- String className = oaParam.getLoginParameterResolverImpl();
- String configuration = oaParam.getLoginParameterResolverConfiguration();
-
- if (className != null) {
- try {
- Class lprClass = Class.forName(className);
- LoginParameterResolver lpr = (LoginParameterResolver)Class.forName(className).newInstance();
-
- Class[] argumentTypes = { String.class };
- Method confMethod = lprClass.getMethod( "configure", argumentTypes );
-
- Object[] arguments = { new String(configuration) };
- confMethod.invoke( lpr, arguments );
-
- loginParameterResolverMap.put(publicURLPrefix, lpr);
- }
- catch (InvocationTargetException lpex) {
- throw new ConfigurationException("config.11", new Object[] {className}, lpex);
- }
- catch (Throwable ex) {
- throw new ConfigurationException("config.07", new Object[] {publicURLPrefix}, ex);
- }
- }
- }
- }
-
- /**
- * Gets the LoginParameterResolver implementation to be used for the given
- * online application.
- * @param publicURLPrefix public URL prefix of the online application
- * @return LoginParameterResolver implementation
- */
- public static LoginParameterResolver getLoginParameterResolver(String publicURLPrefix) {
- LoginParameterResolver lpr = (LoginParameterResolver) loginParameterResolverMap.get(publicURLPrefix);
- if (lpr == null)
- return defaultLoginParameterResolver;
- else
- return lpr;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/MOAIDProxyInitializer.java b/id.server/src/at/gv/egovernment/moa/id/proxy/MOAIDProxyInitializer.java
deleted file mode 100644
index da5d36678..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/proxy/MOAIDProxyInitializer.java
+++ /dev/null
@@ -1,91 +0,0 @@
-package at.gv.egovernment.moa.id.proxy;
-
-import iaik.pki.PKIException;
-import iaik.pki.jsse.IAIKX509TrustManager;
-
-import java.io.IOException;
-import java.security.GeneralSecurityException;
-
-import javax.net.ssl.SSLSocketFactory;
-
-import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.ConnectionParameter;
-import at.gv.egovernment.moa.id.config.proxy.OAProxyParameter;
-import at.gv.egovernment.moa.id.config.proxy.ProxyConfigurationProvider;
-import at.gv.egovernment.moa.id.iaik.config.LoggerConfigImpl;
-import at.gv.egovernment.moa.id.util.AxisSecureSocketFactory;
-import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
-import at.gv.egovernment.moa.id.util.SSLUtils;
-import at.gv.egovernment.moa.logging.Logger;
-
-/**
- * Web application initializer
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class MOAIDProxyInitializer {
-
- /**
- * Initializes the web application components which need initialization:
- * logging, JSSE, MOA-ID Auth configuration, Axis, session cleaner.
- */
- public static void initialize()
- throws ConfigurationException, IOException, GeneralSecurityException, PKIException {
-
- Logger.setHierarchy("moa.id.proxy");
-
- // Restricts TLS cipher suites
- System.setProperty("https.cipherSuites", "SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_3DES_EDE_CBC_SHA");
-
- // load some jsse classes so that the integrity of the jars can be verified
- // before the iaik jce is installed as the security provider
- // this workaround is only needed when sun jsse is used in conjunction with
- // iaik-jce (on jdk1.3)
- ClassLoader cl = MOAIDProxyInitializer.class.getClassLoader();
- try {
- cl.loadClass("javax.security.cert.Certificate"); // from jcert.jar
- }
- catch (ClassNotFoundException e) {
- Logger.warn(MOAIDMessageProvider.getInstance().getMessage("init.01", null), e);
- }
-
- // Initializes the SSLSocketFactory store
- SSLUtils.initialize();
-
- // Initializes IAIKX509TrustManager logging
- String log4jConfigURL = System.getProperty("log4j.configuration");
- if (log4jConfigURL != null) {
- IAIKX509TrustManager.initLog(new LoggerConfigImpl(log4jConfigURL));
- }
-
- // Loads the configuration
- ProxyConfigurationProvider proxyConf = ProxyConfigurationProvider.reload();
-
- // Initializes the Axis secure socket factory for use in calling the MOA-Auth web service,
- // using configuration data
- ConnectionParameter connParamAuth = proxyConf.getAuthComponentConnectionParameter();
- if (connParamAuth.isHTTPSURL()) {
- SSLSocketFactory ssf = SSLUtils.getSSLSocketFactory(proxyConf, connParamAuth);
- AxisSecureSocketFactory.initialize(ssf);
- }
-
- // Initializes the Axis secure socket factories for use in calling the online applications,
- // using configuration data
- OAProxyParameter[] oaParams = proxyConf.getOnlineApplicationParameters();
- for (int i = 0; i < oaParams.length; i++) {
- OAProxyParameter oaParam = oaParams[i];
- ConnectionParameter oaConnParam = oaParam.getConnectionParameter();
- if (oaConnParam.isHTTPSURL())
- SSLUtils.getSSLSocketFactory(proxyConf, oaConnParam);
- }
-
- // Initializes the ConnectionBuilderFactory from configuration data
- ConnectionBuilderFactory.initialize();
-
- // Initializes the LoginParameterResolverFactory from configuration data
- LoginParameterResolverFactory.initialize();
-
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/NotAllowedException.java b/id.server/src/at/gv/egovernment/moa/id/proxy/NotAllowedException.java
deleted file mode 100644
index 849160a7b..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/proxy/NotAllowedException.java
+++ /dev/null
@@ -1,39 +0,0 @@
-package at.gv.egovernment.moa.id.proxy;
-
-import at.gv.egovernment.moa.id.MOAIDException;
-
-/**
- * Exception thrown while proxying a request to the online application
- * Reason for this exception: the dedicated LoginParameterResolver does
- * not allow access to the desired ressource.
- *
- * @author Rudolf Schamberger
- * @version $Id$
- */
-public class NotAllowedException extends MOAIDException {
-
- /**
- * Constructor for NotAllowedException.
- * @param messageId
- * @param parameters
- */
- public NotAllowedException(
- String messageId,
- Object[] parameters) {
- super(messageId, parameters);
- }
-
- /**
- * Constructor for NotAllowedException.
- * @param messageId
- * @param parameters
- * @param wrapped
- */
- public NotAllowedException(
- String messageId,
- Object[] parameters,
- Throwable wrapped) {
- super(messageId, parameters, wrapped);
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/WebmailLoginParameterResolver.class b/id.server/src/at/gv/egovernment/moa/id/proxy/WebmailLoginParameterResolver.class
deleted file mode 100644
index 49200265a..000000000
Binary files a/id.server/src/at/gv/egovernment/moa/id/proxy/WebmailLoginParameterResolver.class and /dev/null differ
diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/XMLLoginParameterResolverEncryptedData.java b/id.server/src/at/gv/egovernment/moa/id/proxy/XMLLoginParameterResolverEncryptedData.java
deleted file mode 100644
index 8a93148bb..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/proxy/XMLLoginParameterResolverEncryptedData.java
+++ /dev/null
@@ -1,655 +0,0 @@
-package at.gv.egovernment.moa.id.proxy;
-
-import iaik.security.provider.IAIK;
-
-import java.io.BufferedInputStream;
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.InputStream;
-import java.io.UnsupportedEncodingException;
-
-import javax.crypto.Cipher;
-import javax.crypto.BadPaddingException;
-import javax.crypto.IllegalBlockSizeException;
-import javax.crypto.NoSuchPaddingException;
-import javax.crypto.spec.IvParameterSpec;
-
-import java.security.InvalidAlgorithmParameterException;
-import java.security.Key;
-import java.security.InvalidKeyException;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.Security;
-
-
-
-import at.gv.egovernment.moa.id.config.proxy.OAConfiguration;
-import at.gv.egovernment.moa.id.data.AuthenticationData;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.Base64Utils;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.FileUtils;
-import at.gv.egovernment.moa.util.URLEncoder;
-import at.gv.egovernment.moa.id.config.ConfigurationProvider;
-
-import java.io.IOException;
-import java.util.*;
-
-import javax.xml.parsers.ParserConfigurationException;
-import org.w3c.dom.*;
-import org.xml.sax.SAXException;
-
-/**
- * XMLLoginParameterResolver an implementation of implementation of interface
- * LoginParameterResolver
- * This implementation used to map identities stored in an XML file to parameters
- * which are given to OAs.
- *
- * @author Rudolf Schamberger
- * @version $Id$
- */
-public class XMLLoginParameterResolverEncryptedData implements LoginParameterResolver {
-
- //file which is parsed and interpreted for paremeter resolving.
- private String identityFile;
-
- private Cipher blowfishCipher;
- private Key key;
- /**
- * inner class used to store mapped parameters
- */
- class LPRParams {
-
- /**
- * getter method for parameter Enabled.
- * Parameter Enabled decides if mapped parameters should be used by XMLLoginParameterResolver
- */
- public boolean getEnabled() {
- return enabled.booleanValue();
- }
-
- /**
- * getter method for parameter UN (username)
- * @return Parameter UN or null not set.
- */
- public String getUN() {
- return UN;
- }
-
- /**
- * getter method for parameter UN (username)
- * @return Parameter UN or null not set.
- */
- //TODO XMLLPR decrypt
- public String getPlainUN() {
- //Security.addProvider();
-
-
- return UN;
- }
-
-
- /**
- * getter method for parameter PW (password)
- * @return Parameter PW or null not set.
- */
- public String getPW() {
- return PW;
- }
-
- /**
- * getter method for generic parameter Param1
- * @return Parameter Param1 or null not set.
- */
- public String getParam1() {
- return Param1;
- }
-
- /**
- * getter method for generic parameter Param2
- * @return Parameter Param2 or null not set.
- */
- public String getParam2() {
- return Param2;
- }
-
- /**
- * getter method for generic parameter Param3
- * @return Parameter Param3 or null not set.
- */
- public String getParam3() {
- return Param3;
- }
-
- /**
- * Returns a string representation of LPRParams
- *
- * @return a String representation of this object.
- * @see XMLLoginParameterResolver.LPRParams
- */
- public String toString() {
- return "Enabled: "
- + enabled.toString()
- + "UN: '"
- + UN
- + "' PW: '"
- + PW
- + "' Param1: '"
- + Param1
- + "' Param2: '"
- + Param2
- + "' Param3: '"
- + Param3
- + "'\n";
- }
-
- //private member variables used to store the parameters
- private Boolean enabled = null;
- private String UN = null;
- private String PW = null;
- private String Param1 = null;
- private String Param2 = null;
- private String Param3 = null;
-
- /**
- * Constructs a newly allocated XMLLoginParameterResolver.LPRParams object.
- *
- * @param enabled enable user mapping to parameter set for the parameter set.
- * @param UN username used in HTTP 401 - BasicAuthentication
- * @param PW password used in HTTP 401 - BasicAuthentication
- * @param Param1 generic parameter1 used in HeaderAuthentication and ParameterAuthentication
- * @param Param2 generic parameter2 used in HeaderAuthentication and ParameterAuthentication
- * @param Param3 generic parameter3 used in HeaderAuthentication and ParameterAuthentication
- **/
- LPRParams(boolean enabled, String UN, String PW, String Param1, String Param2, String Param3) {
- this.enabled = new Boolean(enabled);
- this.UN = UN;
- this.PW = PW;
- this.Param1 = Param1;
- this.Param1 = Param2;
- this.Param1 = Param3;
- }
-
- /**
- * Constructs a newly allocated XMLLoginParameterResolver.LPRParams object.
- *
- * @param enabled enable user mapping to parameter set for the parameter set.
- * @param UN username used in HTTP 401 - BasicAuthentication
- * @param PW password used in HTTP 401 - BasicAuthentication
- **/
- LPRParams(boolean enabled, String UN, String PW) {
- this(enabled, UN, PW, null, null, null);
- }
- }
-
- /**
- * Constructs a newly allocated XMLLoginParameterResolver object.
- **/
- public XMLLoginParameterResolverEncryptedData() {
- bPKMap = new HashMap();
- namedMap = new HashMap();
- }
-
- /**
- * configuration method
- * @param configuration enabled enable user mapping to parameter set for the parameter set.
- */
- public void configure(String configuration) throws LoginParameterResolverException {
- File idFile;
- Element rootElement;
-
- Security.addProvider(new IAIK());
- try {
- blowfishCipher = Cipher.getInstance("Blowfish/CBC/PKCS5Padding", "IAIK");
-
- } catch (NoSuchPaddingException e) {
- throw new LoginParameterResolverException("config.11",
- new Object[] { "XMLLoginParameterResolver: NoSuchPaddingException \n" + e.toString()});
- } catch (NoSuchProviderException e) {
- throw new LoginParameterResolverException("config.11",
- new Object[] { "XMLLoginParameterResolver: NoSuchProviderException \n" + e.toString()});
- } catch (NoSuchAlgorithmException e) {
- throw new LoginParameterResolverException("config.11",
- new Object[] { "XMLLoginParameterResolver: NoSuchAlgorithmException \n" + e.toString()});
- }
-
- String plaintext = "start";
- String encrypted = encryptData(plaintext, "1234567890123456", "123hochgeheim");
- String decrypted = decryptData(encrypted, "1234567890123456", "123hochgeheim");
- Logger.debug("plaintext: " + plaintext);
- Logger.debug("encrypted: " + encrypted);
- Logger.debug("decrypted: " + decrypted);
-
- //make file name absolut (if it is relative to main config file)
- //TODO MOAID XMLLPR check
- String moaIDConfigFileName = System.getProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME);
- String rootConfigFileDir = new File(moaIDConfigFileName).getParent();
- this.identityFile = FileUtils.makeAbsoluteURL(configuration, rootConfigFileDir);
-
- if (null == identityFile || false == (idFile = new File(identityFile)).canRead()) {
- throw new LoginParameterResolverException("config.11",
- new Object[] { "XMLLoginParameterResolver: could not read '" + identityFile + "' " });
- }
- try {
- rootElement = readXMLFile(identityFile);
- } catch (IOException lex) {
- Logger.error(lex.toString());
- throw new LoginParameterResolverException("config.11",
- new Object[] { "XMLLoginParameterResolver: could not read '" + identityFile + "' " });
-
- } catch (SAXException sex) {
- Logger.error(sex.toString());
- throw new LoginParameterResolverException("config.11",
- new Object[] { "XMLLoginParameterResolver: parsing problem in file:'" + identityFile + "' ", sex.toString() });
- } catch (ParserConfigurationException e) {
- // TODO XMLPR Auto-generated catch block
- Logger.error(e.toString());
- throw new LoginParameterResolverException("config.11",
- new Object[] { "XMLLoginParameterResolver: parsing problem in file:'" + identityFile + "' ", e.toString() });
- }
- buildInfo(rootElement);
- isConfigured = true;
- }
-
- /**
- * encryptData method uses parameters masterSecret and bPK as key information to encrypt plaintext
- * @param plaintext
- * @param bPK
- * @param masterSecret
- * @returns encrypted data (blowfish encrypted, base64 encoded)
- * @throws LoginParameterResolverException
- */
- public String encryptData(String plaintext, String bPK, String masterSecret) throws LoginParameterResolverException
- {
- try {
- String keyString = bPK + masterSecret;
- key = new iaik.security.cipher.SecretKey(keyString.getBytes("UTF-8"), "Blowfish");
- IvParameterSpec param = new IvParameterSpec(new byte [] {0,0,0,0,0,0,0,0});
-
- blowfishCipher.init(Cipher.ENCRYPT_MODE, key, param);
- byte [] cipherText = blowfishCipher.doFinal(plaintext.getBytes("UTF-8"));
- return Base64Utils.encode(cipherText);
- } catch (UnsupportedEncodingException e) {
- throw new LoginParameterResolverException("config.14", new Object [] {"Blowfish: " + e.toString()});
- } catch (InvalidKeyException e) {
- throw new LoginParameterResolverException("config.14", new Object [] {"Blowfish: " + e.toString()});
- } catch (BadPaddingException e) {
- throw new LoginParameterResolverException("config.14", new Object [] {"Blowfish: " + e.toString()});
- } catch (IllegalBlockSizeException e) {
- throw new LoginParameterResolverException("config.14", new Object [] {"Blowfish: " + e.toString()});
- } catch (IllegalStateException e) {
- throw new LoginParameterResolverException("config.14", new Object [] {"Blowfish: " + e.toString()});
- } catch (InvalidAlgorithmParameterException e) {
- throw new LoginParameterResolverException("config.14", new Object [] {"Blowfish: " + e.toString()});
- } catch (IOException e) {
- throw new LoginParameterResolverException("config.14", new Object [] {"Blowfish: " + e.toString()});
- }
- }
-
-
- /**
- * encryptData method uses parameters masterSecret and bPK as key information to decrypt ciphertext
- * @param ciphertext (blowfish encrypted, base64encoded)
- * @param bPK
- * @param masterSecret
- * @returns decrypted Data (plaintext)
- * @throws LoginParameterResolverException
- */
- public String decryptData(String ciphertext, String bPK, String masterSecret) throws LoginParameterResolverException
- {
- try {
- String keyString = bPK + masterSecret;
- key = new iaik.security.cipher.SecretKey(keyString.getBytes("UTF-8"), "Blowfish");
- IvParameterSpec param = new IvParameterSpec(new byte [] {0,0,0,0,0,0,0,0});
- blowfishCipher.init(Cipher.DECRYPT_MODE, key, param);
- byte [] plaintext = blowfishCipher.doFinal(Base64Utils.decode(ciphertext, true));
- return new String(plaintext);
- } catch (UnsupportedEncodingException e) {
- throw new LoginParameterResolverException("config.14", new Object [] {"Blowfish: " + e.toString()});
- } catch (InvalidKeyException e) {
- throw new LoginParameterResolverException("config.14", new Object [] {"Blowfish: " + e.toString()});
- } catch (BadPaddingException e) {
- throw new LoginParameterResolverException("config.14", new Object [] {"Blowfish: " + e.toString()});
- } catch (IllegalBlockSizeException e) {
- throw new LoginParameterResolverException("config.14", new Object [] {"Blowfish: " + e.toString()});
- } catch (IllegalStateException e) {
- throw new LoginParameterResolverException("config.14", new Object [] {"Blowfish: " + e.toString()});
- } catch (InvalidAlgorithmParameterException e) {
- throw new LoginParameterResolverException("config.14", new Object [] {"Blowfish: " + e.toString()});
- } catch (IOException e) {
- throw new LoginParameterResolverException("config.14", new Object [] {"Blowfish: " + e.toString()});
- }
- }
-
-
-
- /**
- * @see at.gv.egovernment.moa.id.proxy.LoginParameterResolver#getAuthenticationHeaders(at.gv.egovernment.moa.id.config.proxy.OAConfiguration, at.gv.egovernment.moa.id.auth.data.AuthenticationData, java.lang.String)
- */
- public Map getAuthenticationHeaders(
- OAConfiguration oaConf,
- AuthenticationData authData,
- String clientIPAddress) throws LoginParameterResolverException, NotAllowedException {
- Map result = new HashMap();
-
- if (!isConfigured) {
- //TODO XMLLPR
- throw new LoginParameterResolverException("XMLLoginParameterResolver with configuration '" +
- identityFile + "' is not configured!", null);
- }
-
- //get the Identity of the user
- String famName = resolveValue("MOAFamilyName", authData, clientIPAddress);
- String givenName = resolveValue("MOAGivenName", authData, clientIPAddress);
- String dateOfBirth = resolveValue("MOADateOfBirth", authData, clientIPAddress);
- String bPK = resolveValue("MOABPK", authData, clientIPAddress);
- String userid = "";
- String password = "";
- LPRParams params = null;
- boolean userFound = false;
-
- //try bPK and named search
- params = bPKIdentitySearch(bPK);
-
- if (null == params)
- params = namedIdentitySearch(famName, givenName, dateOfBirth);
-
- //if both searches failed, report error.
- if(null == params)
- throw new NotAllowedException("User:_bPK:'" +bPK+ ", " + famName + ", " + givenName + "' not authorized.", null);
-
- //HTTP 401 - Basic Authentication
- if (oaConf.getAuthType().equals("basic")) {
- userid = (null != params.getUN()) ? params.getUN() : "";
- password = (null != params.getPW()) ? params.getPW() : "";
-
- try {
- String userIDPassword = userid + ":" + password;
- String credentials = Base64Utils.encode(userIDPassword.getBytes("UTF-8"));
- Logger.debug("XMLLoginParameterResolver: calculated credentials: " + credentials);
- result.put("Authorization", "Basic " + credentials);
- } catch (IOException ignore) {
- throw new LoginParameterResolverException("config.14", new Object[] {"internal error while encoding in Base64"});
- }
- } else if (oaConf.getAuthType().equals("header")) { //HTTP Authentication
- String key;
- String resolvedValue;
- //TODO MOAID XMLLPR select value through OA-ConfigFile;
- if(null != params.getUN()) result.put("UN", params.getUN());
- if(null != params.getPW()) result.put("UN", params.getPW());
- if(null != params.getParam1()) result.put("UN", params.getParam1());
- if(null != params.getParam2()) result.put("UN", params.getParam2());
- if(null != params.getParam3()) result.put("UN", params.getParam3());
-
- } else {
- throw new LoginParameterResolverException("config.14", new Object[] {"AuthType not supported"});
- }
-
- return result;
- }
-
- /**
- * @see at.gv.egovernment.moa.id.proxy.LoginParameterResolver#getAuthenticationParameters(at.gv.egovernment.moa.id.config.proxy.OAConfiguration, at.gv.egovernment.moa.id.auth.data.AuthenticationData, java.lang.String)
- */
- public Map getAuthenticationParameters(
- OAConfiguration oaConf,
- AuthenticationData authData,
- String clientIPAddress) throws LoginParameterResolverException, NotAllowedException {
-
- Map result = new HashMap();
-
- if (!isConfigured) {
- Logger.warn("XMLLoginParameterResolver with configuration '" + identityFile + " is not configured");
- return result;
- }
-
- String famName = resolveValue("MOAFamilyName", authData, clientIPAddress);
- String givenName = resolveValue("MOAGivenName", authData, clientIPAddress);
- String dateOfBirth = resolveValue("MOADateOfBirth", authData, clientIPAddress);
- String bPK = resolveValue("MOABPK", authData, clientIPAddress);
- String userid = "";
- String password = "";
- LPRParams params = null;
-
- //try bPK and named search
- params = bPKIdentitySearch(bPK);
-
- if (null == params)
- params = namedIdentitySearch(famName, givenName, dateOfBirth);
-
- //if both searches failed, report error.
- if(null == params)
- throw new NotAllowedException("User:_bPK:'" +bPK+ ", " + famName + ", " + givenName + "' not authorized.", null);
-
- //TODO MOAID XMLLPR URLEncoder.encode
- if (oaConf.getAuthType().equals("param")) {
- try {
- if(null != params.getUN()) result.put(XSD_UNATTR, URLEncoder.encode(params.getUN(),"ISO-8859-1"));
- if(null != params.getPW()) result.put(XSD_PWATTR, URLEncoder.encode(params.getPW(),"ISO-8859-1"));
- if(null != params.getParam1()) result.put(XSD_PARAM1ATTR, URLEncoder.encode(params.getParam1(),"ISO-8859-1"));
- if(null != params.getParam2()) result.put(XSD_PARAM2ATTR, URLEncoder.encode(params.getParam2(),"ISO-8859-1"));
- if(null != params.getParam3()) result.put(XSD_PARAM3ATTR, URLEncoder.encode(params.getParam3(),"ISO-8859-1"));
- } catch (UnsupportedEncodingException e) {
- // ISO-8859-1 is supported
- throw new LoginParameterResolverException("URLEncoder error", null);
- }
- } else {
- throw new LoginParameterResolverException("AuthType not supported", null);
- }
- return result;
- }
-
- /**
- * Resolves a login header or parameter value.
- * @param predicate header or parameter predicate name from online application configuration
- * @param authData authentication data for current login
- * @param clientIPAddress client IP address
- * @return header or parameter value resolved; null if unknown name is given
- */
- private static String resolveValue(
- String predicate,
- AuthenticationData authData,
- String clientIPAddress) {
- if (predicate.equals("MOAGivenName"))
- return authData.getGivenName();
- if (predicate.equals("MOAFamilyName"))
- return authData.getFamilyName();
- if (predicate.equals("MOADateOfBirth"))
- return authData.getDateOfBirth();
- if (predicate.equals("MOABPK"))
- return authData.getPBK();
- if (predicate.equals("MOAPublicAuthority"))
- if (authData.isPublicAuthority())
- return "true";
- else
- return "false";
- if (predicate.equals("MOABKZ"))
- return authData.getPublicAuthorityCode();
- if (predicate.equals("MOAQualifiedCertificate"))
- if (authData.isQualifiedCertificate())
- return "true";
- else
- return "false";
- if (predicate.equals("MOAStammzahl"))
- return authData.getIdentificationValue();
- if (predicate.equals(MOAIdentificationValueType))
- return authData.getIdentificationType();
- if (predicate.equals("MOAIPAddress"))
- return clientIPAddress;
- else
- return null;
- }
-
- /**
- * reads, parses the configuration file of XMLLoginParameterResolver and returns the document element.
- * @param fileName of the configuration file.
- */
- private Element readXMLFile(String fileName) throws ParserConfigurationException, SAXException, IOException {
- Logger.info("XMLLoginParameterResolver: Loading and parsing XMLPLoginParameterConfiguration configuration: " + fileName);
-
- InputStream stream = null;
- Element configElem;
-
- stream = new BufferedInputStream(new FileInputStream(fileName));
- configElem = DOMUtils.parseDocument(stream, true, Constants.ALL_SCHEMA_LOCATIONS, null).getDocumentElement();
- return configElem;
- }
-
- /**
- * buildInfo builds up the internal data mapping between the "Identities" and the "Parameters" from the parsed XML file.
- * @param root document root element.
- */
- private void buildInfo(Element root) {
- NodeList idList = root.getElementsByTagName(XSD_IDELEM);
- NodeList paramList = root.getElementsByTagName(XSD_PARAMELEM);
- for (int i = 0; i < idList.getLength(); i++)
- Logger.debug("XMLLoginParameterResolver: LocalName idList: " + idList.item(i).getLocalName());
-
- for (int i = 0; i < paramList.getLength(); i++)
- Logger.debug("XMLLoginParameterResolver: LocalName paramList: " + paramList.item(i).getLocalName());
-
- for (int i = 0; i < idList.getLength(); i++) {
- Element tmpElem = (Element) idList.item(i);
- NodeList tmpList = tmpElem.getElementsByTagName(XSD_NAMEDIDELEM);
- for (int j = 0; j < tmpList.getLength(); j++)
- Logger.debug("XMLLoginParameterResolver: LocalName tmp: " + tmpList.item(j).getLocalName());
-
- //Search for NamedIdentity Elements
- if (1 == tmpList.getLength()) {
- tmpElem = (Element) tmpList.item(0);
- String tmpStr = tmpElem.getAttribute(XSD_SURNAMEATTR) + "," +
- tmpElem.getAttribute(XSD_GIVENNAMEATTR) + "," +
- tmpElem.getAttribute(XSD_BIRTHDATEATTR);
- boolean tmpBool = false;
- if (tmpElem.getFirstChild() != null
- && "1".compareTo(tmpElem.getFirstChild().getNodeValue()) == 0)
- tmpBool = true;
- //TODO XMLLPR remove
- Logger.debug("XMLLoginParameterResolver: tmpStr: " + tmpStr + " value: " + (new Boolean(tmpBool)).toString());
- tmpElem = (Element) paramList.item(i);
- Logger.debug("XMLLoginParameterResolver: attribute UN: " + tmpElem.getAttribute(XSD_UNATTR) +
- " attribute PW: " + tmpElem.getAttribute(XSD_PWATTR) +
- " attribute Param1: " + tmpElem.getAttribute(XSD_PARAM1ATTR) +
- " attribute Param2: " + tmpElem.getAttribute(XSD_PARAM2ATTR) +
- " attribute Param3: " + tmpElem.getAttribute(XSD_PARAM3ATTR) );
- namedMap.put(tmpStr, new LPRParams(tmpBool, tmpElem.getAttribute(XSD_UNATTR), tmpElem.getAttribute(XSD_PWATTR),
- tmpElem.getAttribute(XSD_PARAM1ATTR), tmpElem.getAttribute(XSD_PARAM2ATTR),
- tmpElem.getAttribute(XSD_PARAM3ATTR)) );
- } else { //bPKIdentity Elements
-
- tmpList = tmpElem.getElementsByTagName(XSD_BPKIDELEM);
- if (1 == tmpList.getLength()) {
- tmpElem = (Element) tmpList.item(0);
- String tmpStr = tmpElem.getAttribute(XSD_BPKATTR);
- boolean tmpBool = false;
- if (tmpElem.getFirstChild() != null
- && "1".compareTo(tmpElem.getFirstChild().getNodeValue()) == 0)
- tmpBool = true;
- Logger.debug("XMLLoginParameterResolver: tmpStr: " + tmpStr + " value: " + (new Boolean(tmpBool)).toString());
- tmpElem = (Element) paramList.item(i);
- Logger.debug("XMLLoginParameterResolver: attribute UN: " + tmpElem.getAttribute(XSD_UNATTR) +
- " attribute PW: " + tmpElem.getAttribute(XSD_PWATTR) +
- " attribute Param1: " + tmpElem.getAttribute(XSD_PARAM1ATTR) +
- " attribute Param2: " + tmpElem.getAttribute(XSD_PARAM2ATTR) +
- " attribute Param3: " + tmpElem.getAttribute(XSD_PARAM3ATTR) );
- namedMap.put(tmpStr, new LPRParams(tmpBool, tmpElem.getAttribute(XSD_UNATTR), tmpElem.getAttribute(XSD_PWATTR),
- tmpElem.getAttribute(XSD_PARAM1ATTR), tmpElem.getAttribute(XSD_PARAM2ATTR),
- tmpElem.getAttribute(XSD_PARAM3ATTR)) );
- } else {
- Logger.warn(
- "XMLLoginParameterResolver: wrong format no Elements " + XSD_NAMEDIDELEM + " or " + XSD_BPKIDELEM + " found");
- }
- }
- }
-
- Logger.debug("namedMap:" + namedMap.toString());
- Logger.debug("bPKMap:" + bPKMap.toString());
- }
-
- /**
- * searches for a given bPK and returns the appropriate LPRParams structure
- * @param bPK search argument
- * @returns LPRParams if bPK could be found in internal mappings or null otherwise.
- */
- LPRParams bPKIdentitySearch(String bPK) {
- //search for mapping with bPK of the user
- Logger.info("XMLLoginParameterResolver: search for login data mapped to bPK:" + bPK);
- LPRParams params = (LPRParams) bPKMap.get(bPK);
- if (null == params) {
- Logger.info("XMLLoginParameterResolver: params for bPK: " + bPK + " not found!");
- return null;
- } else if (params.getEnabled()) {
- Logger.info("XMLLoginParameterResolver: bPK: " + bPK + "found in list; user is enabled");
- Logger.debug("XMLLoginParameterResolver: using: " + params.toString());
- return params;
- }
- Logger.info("XMLLoginParameterResolver: bPK: " + bPK + "found in list but user is NOT enabled");
- return null;
- }
-
- /**
- * searches for a given namedIdentity and returns the appropriate LPRParams structure
- * @param surName surname search argument
- * @param givenName givenname search argument
- * @param dateOfBirth dateofbirth search argument
- * @returns LPRParams if bPK could be found in internal mappings or null otherwise.
- */
- LPRParams namedIdentitySearch(String surName, String givenName, String dateOfBirth) {
- Logger.info("XMLLoginParameterResolver: search for login data for SurName:" + surName +
- " GivenName: " + givenName +
- " DateOfBirth" + dateOfBirth);
-
- //try first a search with surname, givenname and birthdate
- LPRParams params = (LPRParams) namedMap.get(surName + "," + givenName + "," + dateOfBirth);
- if (null == params) {
- Logger.debug("XMLLoginParameterResolver: params for Surname: " + surName + " GivenName: " +
- givenName + "BirthDate: " + dateOfBirth + " not found!");
-
- //try a search with surname, givenname only
- params = (LPRParams) namedMap.get(surName + "," + givenName + "," + XSD_BIRTHDATEBLANKATTR);
- if(null == params) {
- Logger.debug("XMLLoginParameterResolver: params for Surname: " + surName + " GivenName: " +
- givenName + " not found!");
- return null;
- }
- }
-
- if (params.getEnabled()) {
- Logger.info("XMLLoginParameterResolver: Surname:" + surName
- + " GivenName: "
- + givenName
- + " found in list; user is enabled");
- Logger.debug("XMLLoginParameterResolver: using: " + params.toString());
- return params;
- }
- Logger.info(
- "XMLLoginParameterResolver: SurName:"
- + surName
- + " GivenName: "
- + givenName
- + "found in list; user is NOT enabled");
- return null;
- }
-
- //public static final String XSD_MAPPING = "Mapping";
-
- //public static final String XSD_DOCELEM = "MOAIdentities";
- public static final String XSD_IDELEM = "Identity";
- public static final String XSD_NAMEDIDELEM = "NamedIdentity";
- public static final String XSD_BPKIDELEM = "bPKIdentity";
- public static final String XSD_PARAMELEM = "Parameters";
- public static final String XSD_SURNAMEATTR = "SurName";
- public static final String XSD_GIVENNAMEATTR = "GivenName";
- public static final String XSD_BIRTHDATEATTR = "BirthDate";
- public static final String XSD_BIRTHDATEBLANKATTR = "any";
- public static final String XSD_BPKATTR = "bPK";
- public static final String XSD_UNATTR = "UN";
- public static final String XSD_PWATTR = "PW";
- public static final String XSD_PARAM1ATTR = "Param1";
- public static final String XSD_PARAM2ATTR = "Param2";
- public static final String XSD_PARAM3ATTR = "Param3";
- private Map bPKMap;
- private Map namedMap;
- private boolean isConfigured = false;
-}
\ No newline at end of file
diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/XMLLoginParameterResolverPlainData.java b/id.server/src/at/gv/egovernment/moa/id/proxy/XMLLoginParameterResolverPlainData.java
deleted file mode 100644
index 1e28e095c..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/proxy/XMLLoginParameterResolverPlainData.java
+++ /dev/null
@@ -1,381 +0,0 @@
-package at.gv.egovernment.moa.id.proxy;
-
-import at.gv.egovernment.moa.id.config.proxy.OAConfiguration;
-import at.gv.egovernment.moa.id.data.AuthenticationData;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.Base64Utils;
-import java.io.IOException;
-import java.util.*;
-import org.apache.xerces.parsers.DOMParser;
-import org.w3c.dom.*;
-
-// Referenced classes of package at.gv.egovernment.moa.id.proxy:
-//
-// TODO MOA-ID test full functionality
-
-public class XMLLoginParameterResolverPlainData
- implements LoginParameterResolver
-{
- private String configuration;
-
- /**
- * inner class used to store mapped parameters
- */
- class LPRParams {
-
- /**
- * getter method for parameter Enabled.
- * Parameter Enabled decides if mapped parameters should be used by XMLLoginParameterResolver
- */
- public boolean getEnabled() {
- return enabled.booleanValue();
- }
-
- /**
- * getter method for parameter UN (username)
- * @return Parameter UN or null not set.
- */
- public String getUN() {
- return UN;
- }
-
- /**
- * getter method for parameter UN (username)
- * @return Parameter UN or null not set.
- */
- public String getPlainUN() {
- return UN;
- }
-
-
- /**
- * getter method for parameter PW (password)
- * @return Parameter PW or null not set.
- */
- public String getPW() {
- return PW;
- }
-
- /**
- * getter method for generic parameter Param1
- * @return Parameter Param1 or null not set.
- */
- public String getParam1() {
- return Param1;
- }
-
- /**
- * getter method for generic parameter Param2
- * @return Parameter Param2 or null not set.
- */
- public String getParam2() {
- return Param2;
- }
-
- /**
- * getter method for generic parameter Param3
- * @return Parameter Param3 or null not set.
- */
- public String getParam3() {
- return Param3;
- }
-
- /**
- * Returns a string representation of LPRParams
- *
- * @return a String representation of this object.
- * @see XMLLoginParameterResolver.LPRParams
- */
- public String toString() {
- return "Enabled: "
- + enabled.toString()
- + "UN: '"
- + UN
- + "' PW: '"
- + PW
- + "' Param1: '"
- + Param1
- + "' Param2: '"
- + Param2
- + "' Param3: '"
- + Param3
- + "'\n";
- }
-
- //private member variables used to store the parameters
- private Boolean enabled = null;
- private String UN = null;
- private String PW = null;
- private String Param1 = null;
- private String Param2 = null;
- private String Param3 = null;
-
- /**
- * Constructs a newly allocated XMLLoginParameterResolver.LPRParams object.
- *
- * @param enabled enable user mapping to parameter set for the parameter set.
- * @param UN username used in HTTP 401 - BasicAuthentication
- * @param PW password used in HTTP 401 - BasicAuthentication
- * @param Param1 generic parameter1 used in HeaderAuthentication and ParameterAuthentication
- * @param Param2 generic parameter2 used in HeaderAuthentication and ParameterAuthentication
- * @param Param3 generic parameter3 used in HeaderAuthentication and ParameterAuthentication
- **/
- LPRParams(boolean enabled, String UN, String PW, String Param1, String Param2, String Param3) {
- this.enabled = new Boolean(enabled);
- this.UN = UN;
- this.PW = PW;
- this.Param1 = Param1;
- this.Param1 = Param2;
- this.Param1 = Param3;
- }
-
- /**
- * Constructs a newly allocated XMLLoginParameterResolver.LPRParams object.
- *
- * @param enabled enable user mapping to parameter set for the parameter set.
- * @param UN username used in HTTP 401 - BasicAuthentication
- * @param PW password used in HTTP 401 - BasicAuthentication
- **/
- LPRParams(boolean enabled, String UN, String PW) {
- this(enabled, UN, PW, null, null, null);
- }
- }
-
- public XMLLoginParameterResolverPlainData()
- {
- bPKMap = new HashMap();
- namedMap = new HashMap();
-
- }
-
- public Map getAuthenticationHeaders(OAConfiguration oaConf, AuthenticationData authData, String clientIPAddress)
- {
- Map result = new HashMap();
- if(oaConf.getAuthType().equals("basic"))
- {
- String famName = resolveValue("MOAFamilyName", authData, clientIPAddress);
- String givenName = resolveValue("MOAGivenName", authData, clientIPAddress);
- String bPK = resolveValue("MOABPK", authData, clientIPAddress);
- String userid = "";
- String password = "";
- String param1 = "";
- String param2 = "";
- String param3 = "";
-
- LPRParams params = null;
- boolean userFound = false;
- Logger.debug("XMLLoginParameterResolverPlainData: search for automatic login data for bPK:" + bPK);
- params = (LPRParams)bPKMap.get(bPK);
- if(params == null)
- Logger.debug("XMLLoginParameterResolverPlainData: params for bPK: " + bPK + " not found!");
- else
- if(params.getEnabled())
- {
- Logger.debug("XMLLoginParameterResolverPlainData: bPK: " + bPK + "found in list; user is enabled");
- Logger.debug("XMLLoginParameterResolverPlainData: using: " + params.toString());
- userid = params.getUN();
- password = params.getPW();
- param1 = params.getParam1();
- param2 = params.getParam2();
- param3 = params.getParam3();
- userFound = true;
- } else
- {
- Logger.info("XMLLoginParameterResolverPlainData: bPK: " + bPK + "found in list; user is NOT enabled");
- }
- if(!userFound)
- {
- Logger.debug("XMLLoginParameterResolverPlainData: search for automatic login data for SurName:" + famName + " GivenName: " + givenName);
- params = (LPRParams)namedMap.get(famName + "," + givenName);
- if(params == null)
- Logger.debug("XMLLoginParameterResolverPlainData: params for Surname: " + famName + " GivenName: " + givenName + " not found!");
- else
- if(params.getEnabled())
- {
- Logger.debug("XMLLoginParameterResolverPlainData: SurName:" + famName + " GivenName: " + givenName + "found in list; user is enabled");
- Logger.debug("XMLLoginParameterResolverPlainData: using: " + params.toString());
- userid = params.getUN();
- password = params.getPW();
- param1 = params.getParam1();
- param2 = params.getParam2();
- param3 = params.getParam3();
- userFound = true;
- } else
- {
- Logger.info("XMLLoginParameterResolverPlainData: SurName:" + famName + " GivenName: " + givenName + "found in list; user is NOT enabled");
- }
- }
- if(!userFound)
- {
- Logger.info("XMLLoginParameterResolverPlainData: Person is not allowed No automatic login");
- return result;
- }
- try
- {
- String userIDPassword = userid + ":" + password;
- String credentials = Base64Utils.encode(userIDPassword.getBytes());
- Logger.debug("XMLLoginParameterResolverPlainData: calculated credentials: " + credentials);
- result.put("Authorization", "Basic " + credentials);
- }
- catch(IOException ignore) { }
- } else
- if(oaConf.getAuthType().equals("header"))
- {
- String key;
- String resolvedValue;
- for(Iterator iter = oaConf.getHeaderAuthMapping().keySet().iterator(); iter.hasNext(); result.put(key, resolvedValue))
- {
- key = (String)iter.next();
- String predicate = (String)oaConf.getHeaderAuthMapping().get(key);
- resolvedValue = resolveValue(predicate, authData, clientIPAddress);
- }
-
- }
- return result;
- }
-
- public Map getAuthenticationParameters(OAConfiguration oaConf, AuthenticationData authData, String clientIPAddress)
- {
- Map result = new HashMap();
- if(oaConf.getAuthType().equals("param"))
- {
- String key;
- String resolvedValue;
- for(Iterator iter = oaConf.getParamAuthMapping().keySet().iterator(); iter.hasNext(); result.put(key, resolvedValue))
- {
- key = (String)iter.next();
- String predicate = (String)oaConf.getParamAuthMapping().get(key);
- resolvedValue = resolveValue(predicate, authData, clientIPAddress);
- }
-
- }
- return result;
- }
-
- private static String resolveValue(String predicate, AuthenticationData authData, String clientIPAddress)
- {
- if(predicate.equals("MOAGivenName"))
- return authData.getGivenName();
- if(predicate.equals("MOAFamilyName"))
- return authData.getFamilyName();
- if(predicate.equals("MOADateOfBirth"))
- return authData.getDateOfBirth();
- if(predicate.equals("MOABPK"))
- return authData.getPBK();
- if(predicate.equals("MOAPublicAuthority"))
- if(authData.isPublicAuthority())
- return "true";
- else
- return "false";
- if(predicate.equals("MOABKZ"))
- return authData.getPublicAuthorityCode();
- if(predicate.equals("MOAQualifiedCertificate"))
- if(authData.isQualifiedCertificate())
- return "true";
- else
- return "false";
- if(predicate.equals("MOAStammzahl"))
- return authData.getIdentificationValue();
- if (predicate.equals(MOAIdentificationValueType))
- return authData.getIdentificationType();
- if(predicate.equals("MOAIPAddress"))
- return clientIPAddress;
- else
- return null;
- }
-
- private Document readXMLFile(String fileName)
- {
- Logger.info("XMLLoginParameterResolverPlainData: Loading MOA-OA configuration " + fileName);
- DOMParser parser = new DOMParser();
- try
- {
- parser.setFeature("http://xml.org/sax/features/validation", true);
- parser.setFeature("http://apache.org/xml/features/validation/schema", true);
- parser.parse(fileName);
- return parser.getDocument();
- }
- catch(Exception e)
- {
- String msg = e.toString();
- Logger.error("XMLLoginParameterResolverPlainData: Error parsing file" + fileName + "\n" + msg);
- return null;
- }
- }
-
- private void buildInfo(Document doc)
- {
- Element root = doc.getDocumentElement();
- NodeList idList = root.getElementsByTagName("Identity");
- NodeList paramList = root.getElementsByTagName("Parameters");
- for(int i = 0; i < idList.getLength(); i++)
- Logger.debug("XMLLoginParameterResolverPlainData: LocalName idList: " + idList.item(i).getLocalName());
-
- for(int i = 0; i < paramList.getLength(); i++)
- Logger.debug("XMLLoginParameterResolverPlainData: LocalName paramList: " + paramList.item(i).getLocalName());
-
- for(int i = 0; i < idList.getLength(); i++)
- {
- Element tmpElem = (Element)idList.item(i);
- NodeList tmpList = tmpElem.getElementsByTagName("NamedIdentity");
- for(int j = 0; j < tmpList.getLength(); j++)
- Logger.debug("XMLLoginParameterResolverPlainData: LocalName tmp: " + tmpList.item(j).getLocalName());
-
- if(1 == tmpList.getLength())
- {
- tmpElem = (Element)tmpList.item(0);
- String tmpStr = tmpElem.getAttribute("SurName") + "," + tmpElem.getAttribute("GivenName");
- boolean tmpBool = false;
- if(tmpElem.getFirstChild() != null && "1".compareTo(tmpElem.getFirstChild().getNodeValue()) == 0)
- tmpBool = true;
- Logger.debug("XMLLoginParameterResolverPlainData: tmpStr: " + tmpStr + " value: " + (new Boolean(tmpBool)).toString());
- tmpElem = (Element)paramList.item(i);
- Logger.debug("XMLLoginParameterResolverPlainData: attribute UN: " + tmpElem.getAttribute("UN") + " attribute PW: " + tmpElem.getAttribute("PW"));
- namedMap.put(tmpStr, new LPRParams(tmpBool, tmpElem.getAttribute("UN"), tmpElem.getAttribute("PW")));
- } else
- {
- tmpList = tmpElem.getElementsByTagName("bPKIdentity");
- if(1 == tmpList.getLength())
- {
- tmpElem = (Element)tmpList.item(0);
- String tmpStr = tmpElem.getAttribute("bPK");
- boolean tmpBool = false;
- if(tmpElem.getFirstChild() != null && "1".compareTo(tmpElem.getFirstChild().getNodeValue()) == 0)
- tmpBool = true;
- Logger.debug("XMLLoginParameterResolverPlainData: tmpStr: " + tmpStr + " value: " + (new Boolean(tmpBool)).toString());
- tmpElem = (Element)paramList.item(i);
- Logger.debug("XMLLoginParameterResolverPlainData: attribute UN: " + tmpElem.getAttribute("UN") + " attribute PW: " + tmpElem.getAttribute("PW") + " attribute Param1: " + tmpElem.getAttribute("Param1"));
- bPKMap.put(tmpStr, new LPRParams(tmpBool, tmpElem.getAttribute("UN"), tmpElem.getAttribute("PW")));
- } else
- {
- Logger.warn("XMLLoginParameterResolverPlainData: wrong format no NamedIdentity or bPKIdentity found");
- }
- }
- }
-
- Logger.debug("namedMap:" + namedMap.toString());
- Logger.debug("bPKMap:" + bPKMap.toString());
- }
-
- public static final String XSD_DOCELEM = "MOAIdentities";
- public static final String XSD_IDELEM = "Identity";
- public static final String XSD_NAMEDIDELEM = "NamedIdentity";
- public static final String XSD_BPKIDELEM = "bPKIdentity";
- public static final String XSD_PARAMELEM = "Parameters";
- public static final String XML_LPR_CONFIG_PROPERTY_NAME1 = "moa.id.xmllpr1.configuration";
- private Map bPKMap;
- private Map namedMap;
-
-
- public void configure(String configuration) throws LoginParameterResolverException {
- Logger.info("XMLLoginParameterResolverPlainData: initialization string: " + configuration);
- this.configuration = configuration;
- String fileName = configuration;
- if(fileName == null) {
- fileName = "file:conf/moa-id/Identities.xml";
- Logger.info("XMLLoginParameterResolverPlainData: used file name string: " + fileName);
- }
- Document doc = readXMLFile(fileName);
- buildInfo(doc);
- }
-}
\ No newline at end of file
diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestBuilder.java b/id.server/src/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestBuilder.java
deleted file mode 100644
index e0e1fde4a..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestBuilder.java
+++ /dev/null
@@ -1,55 +0,0 @@
-package at.gv.egovernment.moa.id.proxy.builder;
-
-import java.text.MessageFormat;
-import java.util.Calendar;
-
-import org.w3c.dom.Element;
-
-import at.gv.egovernment.moa.id.BuildException;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.DateTimeUtils;
-
-/**
- * Builder for the <samlp:Request> used for querying
- * the authentication data <saml:Assertion>.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class SAMLRequestBuilder implements Constants {
- /** samlp-Request template */
- private static final String REQUEST =
- "<samlp:Request>.
- * @param requestID request ID
- * @param samlArtifactBase64 SAML artifact, encoded BASE64
- * @return the DOM element
- */
- public Element build(String requestID, String samlArtifactBase64) throws BuildException {
- try {
- String issueInstant = DateTimeUtils.buildDateTime(Calendar.getInstance());
- String request = MessageFormat.format(REQUEST, new Object[] {requestID, issueInstant, samlArtifactBase64});
- Element requestElem = DOMUtils.parseDocument(request, false, ALL_SCHEMA_LOCATIONS, null).getDocumentElement();
- return requestElem;
- }
- catch (Throwable ex) {
- throw new BuildException(
- "builder.00",
- new Object[] {"samlp:Request", ex.toString()},
- ex);
- }
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/invoke/GetAuthenticationDataInvoker.java b/id.server/src/at/gv/egovernment/moa/id/proxy/invoke/GetAuthenticationDataInvoker.java
deleted file mode 100644
index 4e9a72111..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/proxy/invoke/GetAuthenticationDataInvoker.java
+++ /dev/null
@@ -1,143 +0,0 @@
-package at.gv.egovernment.moa.id.proxy.invoke;
-
-import java.lang.reflect.InvocationTargetException;
-import java.lang.reflect.Method;
-import java.util.Vector;
-
-import javax.xml.namespace.QName;
-import javax.xml.rpc.Call;
-import javax.xml.rpc.Service;
-import javax.xml.rpc.ServiceFactory;
-
-import org.apache.axis.message.SOAPBodyElement;
-import org.w3c.dom.Element;
-
-import at.gv.egovernment.moa.id.AuthenticationException;
-import at.gv.egovernment.moa.id.BuildException;
-import at.gv.egovernment.moa.id.ParseException;
-import at.gv.egovernment.moa.id.ServiceException;
-import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.ConnectionParameter;
-import at.gv.egovernment.moa.id.config.proxy.ProxyConfigurationProvider;
-import at.gv.egovernment.moa.id.data.AuthenticationData;
-import at.gv.egovernment.moa.id.data.SAMLStatus;
-import at.gv.egovernment.moa.id.proxy.builder.SAMLRequestBuilder;
-import at.gv.egovernment.moa.id.proxy.parser.SAMLResponseParser;
-import at.gv.egovernment.moa.id.proxy.servlet.ProxyException;
-import at.gv.egovernment.moa.id.util.Random;
-
-/**
- * Invoker of
- * -
- *
- either the GetAuthenticationData web service of MOA-ID Auth - *
- or the API call {@link at.gv.egovernment.moa.id.auth.AuthenticationServer#getAuthenticationData}, - *
<saml:Assertion> returned by the
- * GetAuthenticationData web service.
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class AuthenticationDataAssertionParser implements Constants {
-
- /** Prefix for SAML-Xpath-expressions */
- private static String SAML = SAML_PREFIX + ":";
- /** Prefix for PersonData-Xpath-expressions */
- private static String PR = PD_PREFIX + ":";
- /** Prefix for Attribute MajorVersion in an Xpath-expression */
- private static String MAJOR_VERSION_XPATH =
- "@MajorVersion";
- /** Prefix for Attribute MinorVersion in an Xpath-expression */
- private static String MINOR_VERSION_XPATH =
- "@MinorVersion";
- /** Prefix for Attribute AssertionID in an Xpath-expression */
- private static String ASSERTION_ID_XPATH =
- "@AssertionID";
- /** Prefix for Attribute Issuer in an Xpath-expression */
- private static String ISSUER_XPATH =
- "@Issuer";
- /** Prefix for Attribute IssueInstant in an Xpath-expression */
- private static String ISSUE_INSTANT_XPATH =
- "@IssueInstant";
- /** Prefix for Element AttributeStatement in an Xpath-expression */
- private static String ATTRIBUTESTATEMENT_XPATH =
- SAML + "AttributeStatement/";
- /** Prefix for Element NameIdentifier in an Xpath-expression */
- private static String BPK_XPATH =
- ATTRIBUTESTATEMENT_XPATH +
- SAML + "Subject/" +
- SAML + "NameIdentifier";
- /** Prefix for Element Person in an Xpath-expression */
- private static String PERSONDATA_XPATH =
- ATTRIBUTESTATEMENT_XPATH +
- SAML + "Attribute[@AttributeName=\"PersonData\"]/" +
- SAML + "AttributeValue/" +
- PR + "Person/";
- /** Prefix for Element Value in an Xpath-expression */
- private static String IDENTIFICATION_VALUE_XPATH =
- PERSONDATA_XPATH +
- PR + "Identification/" +
- PR + "Value";
- private static String IDENTIFICATION_TYPE_XPATH =
- PERSONDATA_XPATH +
- PR + "Identification/" +
- PR + "Type";
-
- /** Prefix for Element GivenName in an Xpath-expression */
- private static String GIVEN_NAME_XPATH =
- PERSONDATA_XPATH +
- PR + "Name/" +
- PR + "GivenName";
- /** Prefix for Element FamilyName in an Xpath-expression */
- private static String FAMILY_NAME_XPATH =
- PERSONDATA_XPATH +
- PR + "Name/" +
- PR + "FamilyName";
- /** Prefix for Element DateOfBirth in an Xpath-expression */
- private static String DATE_OF_BIRTH_XPATH =
- PERSONDATA_XPATH +
- PR + "DateOfBirth";
- /** Prefix for Element AttributeValue in an Xpath-expression */
- private static String IS_QUALIFIED_CERT_XPATH =
- ATTRIBUTESTATEMENT_XPATH +
- SAML + "Attribute[@AttributeName=\"isQualifiedCertificate\"]/" +
- SAML + "AttributeValue";
- /** Prefix for Element AttributeValue in an Xpath-expression */
- private static String PUBLIC_AUTHORITY_XPATH =
- ATTRIBUTESTATEMENT_XPATH +
- SAML + "Attribute[@AttributeName=\"isPublicAuthority\"]/" +
- SAML + "AttributeValue";
- /** Element samlAssertion represents the SAML:Assertion */
- private Element samlAssertion;
-
- /**
- * Constructor
- * @param samlAssertion samlpResponse the <samlp:Response> as a DOM element
- */
- public AuthenticationDataAssertionParser(Element samlAssertion) {
- this.samlAssertion = samlAssertion;
- }
-
- /**
- * Parses the <saml:Assertion>.
- * @return AuthenticationData object
- * @throws ParseException on any error
- */
- public AuthenticationData parseAuthenticationData()
- throws ParseException {
-
- try {
- AuthenticationData authData = new AuthenticationData();
- //ÄNDERN: NUR der Identification-Teil
- authData.setSamlAssertion(DOMUtils.serializeNode(samlAssertion));
- authData.setMajorVersion(new Integer(
- XPathUtils.getAttributeValue(samlAssertion, MAJOR_VERSION_XPATH, "-1")).intValue());
- authData.setMinorVersion(new Integer(
- XPathUtils.getAttributeValue(samlAssertion, MINOR_VERSION_XPATH, "-1")).intValue());
- authData.setAssertionID(
- XPathUtils.getAttributeValue(samlAssertion, ASSERTION_ID_XPATH, ""));
- authData.setIssuer(
- XPathUtils.getAttributeValue(samlAssertion, ISSUER_XPATH, ""));
- authData.setIssueInstant(
- XPathUtils.getAttributeValue(samlAssertion, ISSUE_INSTANT_XPATH, ""));
- authData.setPBK(
- XPathUtils.getElementValue(samlAssertion, BPK_XPATH, ""));
- authData.setIdentificationValue(
- XPathUtils.getElementValue(samlAssertion, IDENTIFICATION_VALUE_XPATH, ""));
- authData.setIdentificationType(
- XPathUtils.getElementValue(samlAssertion, IDENTIFICATION_TYPE_XPATH, ""));
- authData.setGivenName(
- XPathUtils.getElementValue(samlAssertion, GIVEN_NAME_XPATH, ""));
- authData.setFamilyName(
- XPathUtils.getElementValue(samlAssertion, FAMILY_NAME_XPATH, ""));
- authData.setDateOfBirth(
- XPathUtils.getElementValue(samlAssertion, DATE_OF_BIRTH_XPATH, ""));
- authData.setQualifiedCertificate(BoolUtils.valueOf(
- XPathUtils.getElementValue(samlAssertion, IS_QUALIFIED_CERT_XPATH, "")));
- String publicAuthority =
- XPathUtils.getElementValue(samlAssertion, PUBLIC_AUTHORITY_XPATH, null);
- if (publicAuthority == null) {
- authData.setPublicAuthority(false);
- authData.setPublicAuthorityCode("");
- }
- else {
- authData.setPublicAuthority(true);
- if (! publicAuthority.equalsIgnoreCase("true"))
- authData.setPublicAuthorityCode(publicAuthority);
- }
- return authData;
- }
- catch (Throwable t) {
- throw new ParseException("parser.01", new Object[] { t.toString() }, t);
- }
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/parser/SAMLResponseParser.java b/id.server/src/at/gv/egovernment/moa/id/proxy/parser/SAMLResponseParser.java
deleted file mode 100644
index 9f77578fd..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/proxy/parser/SAMLResponseParser.java
+++ /dev/null
@@ -1,100 +0,0 @@
-package at.gv.egovernment.moa.id.proxy.parser;
-
-import org.w3c.dom.Element;
-
-import at.gv.egovernment.moa.id.ParseException;
-import at.gv.egovernment.moa.id.data.AuthenticationData;
-import at.gv.egovernment.moa.id.data.SAMLStatus;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.XPathUtils;
-
-/**
- * Parser for the <samlp:Response> returned by the
- * GetAuthenticationData web service.
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class SAMLResponseParser implements Constants {
- /** Element containing the samlResponse */
- private Element samlResponse;
- /** Xpath prefix for reaching SAMLP Namespaces */
- private static String SAMLP = SAMLP_PREFIX + ":";
- /** Xpath prefix for reaching SAML Namespaces */
- private static String SAML = SAML_PREFIX + ":";
- /** Xpath prefix for reaching PersonData Namespaces */
- private static String PR = PD_PREFIX + ":";
- /** Xpath expression for reaching the SAMLP:Response element */
- private static final String ROOT =
- "/" + SAMLP + "Response/";
- /** Xpath expression for reaching the SAMLP:Status element */
- private static final String STATUS_XPATH =
- ROOT +
- SAMLP + "Status/";
- /** Xpath expression for reaching the SAMLP:StatusCode_Value attribute */
- private static final String STATUSCODE_XPATH =
- STATUS_XPATH +
- SAMLP + "StatusCode/@Value";
- /** Xpath expression for reaching the SAMLP:SubStatusCode_Value attribute */
- private static final String SUBSTATUSCODE_XPATH =
- STATUS_XPATH +
- SAMLP + "StatusCode/" +
- SAMLP + "StatusCode/@Value";
- /** Xpath expression for reaching the SAMLP:StatusMessage element */
- private static final String STATUSMESSAGE_XPATH =
- STATUS_XPATH +
- SAMLP + "StatusMessage";
- /** Xpath expression for reaching the SAML:Assertion element */
- private static String ASSERTION_XPATH =
- ROOT +
- SAML + "Assertion";
-
- /**
- * Constructor
- * @param samlResponse the <samlp:Response> as a DOM element
- */
- public SAMLResponseParser(Element samlResponse) {
- this.samlResponse = samlResponse;
- }
-
- /**
- * Parses the <samlp:StatusCode> from the <samlp:Response>.
- * @return AuthenticationData object
- * @throws ParseException on any parsing error
- */
- public SAMLStatus parseStatusCode()
- throws ParseException {
-
- SAMLStatus status = new SAMLStatus();
- try {
- status.setStatusCode(
- XPathUtils.getAttributeValue(samlResponse, STATUSCODE_XPATH, ""));
- status.setSubStatusCode(
- XPathUtils.getAttributeValue(samlResponse, SUBSTATUSCODE_XPATH, ""));
- status.setStatusMessage(
- XPathUtils.getElementValue(samlResponse, STATUSMESSAGE_XPATH, ""));
- }
- catch (Throwable t) {
- throw new ParseException("parser.01", new Object[] { t.toString() }, t);
- }
- return status;
- }
-
- /**
- * Parses the <saml:Assertion> from the <samlp:Response>.
- * @return AuthenticationData object
- * @throws ParseException on any parsing error
- */
- public AuthenticationData parseAuthenticationData()
- throws ParseException {
-
- Element samlAssertion;
- try {
- samlAssertion = (Element)XPathUtils.selectSingleNode(samlResponse, ASSERTION_XPATH);
- }
- catch (Throwable t) {
- throw new ParseException("parser.01", new Object[] { t.toString() }, t);
- }
- return new AuthenticationDataAssertionParser(samlAssertion).parseAuthenticationData();
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ConfigurationServlet.java b/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ConfigurationServlet.java
deleted file mode 100644
index 4ab2e2cf7..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ConfigurationServlet.java
+++ /dev/null
@@ -1,71 +0,0 @@
-package at.gv.egovernment.moa.id.proxy.servlet;
-
-import java.io.IOException;
-import java.text.DateFormat;
-import java.util.Date;
-import java.util.Locale;
-
-import javax.servlet.ServletConfig;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServlet;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import at.gv.egovernment.moa.id.proxy.MOAIDProxyInitializer;
-import at.gv.egovernment.moa.id.util.HTTPRequestJSPForwarder;
-import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
-import at.gv.egovernment.moa.logging.Logger;
-
-/**
- * Servlet requested for updating the MOA-ID Auth configuration from configuration file
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class ConfigurationServlet extends HttpServlet {
-
- /**
- * Handle a HTTP GET request, used to indicated that the MOA
- * configuration needs to be updated (reloaded).
- *
- * @see javax.servlet.http.HttpServlet#doGet(HttpServletRequest, HttpServletResponse)
- */
- public void doGet(HttpServletRequest request, HttpServletResponse response)
- throws ServletException, IOException {
-
- MOAIDMessageProvider msg = MOAIDMessageProvider.getInstance();
- try {
- MOAIDProxyInitializer.initialize();
-
- String message = msg.getMessage("config.00", new Object[]
- { DateFormat.getTimeInstance(DateFormat.MEDIUM, Locale.GERMAN).format(new Date())} );
- Logger.info(message);
-
- HTTPRequestJSPForwarder.forwardNamed(message, "/message-proxy.jsp", getServletContext(), request, response);
- } catch (Throwable t) {
- String errorMessage = msg.getMessage("config.04", null);
- Logger.error(errorMessage, t);
- HTTPRequestJSPForwarder.forwardNamed(errorMessage, "/message-proxy.jsp", getServletContext(), request, response);
- }
- }
-
- /**
- * Do the same as doGet.
- *
- * @see javax.servlet.http.HttpServlet#doPost(HttpServletRequest, HttpServletResponse)
- */
- public void doPost(HttpServletRequest request, HttpServletResponse response)
- throws ServletException, IOException {
- doGet(request, response);
- }
-
-/**
- * Calls the web application initializer.
- *
- * @see javax.servlet.Servlet#init(ServletConfig)
- */
-public void init(ServletConfig servletConfig) throws ServletException {
- super.init(servletConfig);
-}
-
-}
\ No newline at end of file
diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ProxyException.java b/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ProxyException.java
deleted file mode 100644
index 0080c010e..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ProxyException.java
+++ /dev/null
@@ -1,35 +0,0 @@
-package at.gv.egovernment.moa.id.proxy.servlet;
-
-import at.gv.egovernment.moa.id.MOAIDException;
-
-/**
- * Exception thrown while proxying a request to the online application
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class ProxyException extends MOAIDException {
-
- /**
- * Constructor for ProxyException.
- * @param messageId
- * @param parameters
- */
- public ProxyException(String messageId, Object[] parameters) {
- super(messageId, parameters);
- }
-
- /**
- * Constructor for ProxyException.
- * @param messageId
- * @param parameters
- * @param wrapped
- */
- public ProxyException(
- String messageId,
- Object[] parameters,
- Throwable wrapped) {
- super(messageId, parameters, wrapped);
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java b/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java
deleted file mode 100644
index f82ad93ed..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java
+++ /dev/null
@@ -1,590 +0,0 @@
-package at.gv.egovernment.moa.id.proxy.servlet;
-
-import java.io.BufferedInputStream;
-import java.io.BufferedOutputStream;
-import java.io.IOException;
-import java.io.PrintWriter;
-import java.io.StringWriter;
-import java.net.HttpURLConnection;
-import java.net.URLEncoder;
-import java.util.Enumeration;
-import java.util.HashMap;
-import java.util.Iterator;
-import java.util.Map;
-
-import javax.net.ssl.SSLSocketFactory;
-import javax.servlet.RequestDispatcher;
-import javax.servlet.ServletConfig;
-import javax.servlet.ServletContext;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServlet;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
-
-import at.gv.egovernment.moa.id.AuthenticationException;
-import at.gv.egovernment.moa.id.BuildException;
-import at.gv.egovernment.moa.id.MOAIDException;
-import at.gv.egovernment.moa.id.ParseException;
-import at.gv.egovernment.moa.id.ServiceException;
-import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.ConnectionParameter;
-import at.gv.egovernment.moa.id.config.proxy.ProxyConfigurationProvider;
-import at.gv.egovernment.moa.id.config.proxy.OAConfiguration;
-import at.gv.egovernment.moa.id.config.proxy.OAProxyParameter;
-import at.gv.egovernment.moa.id.data.AuthenticationData;
-import at.gv.egovernment.moa.id.data.CookieManager;
-import at.gv.egovernment.moa.id.proxy.ConnectionBuilder;
-import at.gv.egovernment.moa.id.proxy.ConnectionBuilderFactory;
-import at.gv.egovernment.moa.id.proxy.LoginParameterResolver;
-import at.gv.egovernment.moa.id.proxy.LoginParameterResolverException;
-import at.gv.egovernment.moa.id.proxy.LoginParameterResolverFactory;
-import at.gv.egovernment.moa.id.proxy.MOAIDProxyInitializer;
-import at.gv.egovernment.moa.id.proxy.NotAllowedException;
-import at.gv.egovernment.moa.id.proxy.invoke.GetAuthenticationDataInvoker;
-import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
-import at.gv.egovernment.moa.id.util.SSLUtils;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.Base64Utils;
-
-/**
- * Servlet requested for logging in at an online application,
- * and then for proxying requests to the online application.
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class ProxyServlet extends HttpServlet {
- /** Name of the Parameter for the Target */
- private static final String PARAM_TARGET = "Target";
- /** Name of the Parameter for the SAMLArtifact */
- private static final String PARAM_SAMLARTIFACT = "SAMLArtifact";
-
- /** Name of the Attribute for the PublicURLPrefix */
- private static final String ATT_PUBLIC_URLPREFIX = "PublicURLPrefix";
- /** Name of the Attribute for the RealURLPrefix */
- private static final String ATT_REAL_URLPREFIX = "RealURLPrefix";
- /** Name of the Attribute for the SSLSocketFactory */
- private static final String ATT_SSL_SOCKET_FACTORY = "SSLSocketFactory";
- /** Name of the Attribute for the LoginHeaders */
- private static final String ATT_LOGIN_HEADERS = "LoginHeaders";
- /** Name of the Attribute for the LoginParameters */
- private static final String ATT_LOGIN_PARAMETERS = "LoginParameters";
- /** Name of the Attribute for the SAMLARTIFACT */
- private static final String ATT_SAML_ARTIFACT = "SamlArtifact";
-
- /**
- * @see javax.servlet.http.HttpServlet#service(HttpServletRequest, HttpServletResponse)
- */
- protected void service(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
-
- Logger.debug("getRequestURL:" + req.getRequestURL().toString());
- try {
- if (req.getParameter(PARAM_SAMLARTIFACT) != null && req.getParameter(PARAM_TARGET) != null) {
-
- // check if SAML Artifact was already used in this session (in case of page reload)
- HttpSession session = req.getSession();
- if(null != session && req.getParameter(PARAM_SAMLARTIFACT).equals(session.getAttribute(ATT_SAML_ARTIFACT))) {
- tunnelRequest(req, resp);
- } else
- // it is the first time that the SAML Artifact was used
- login(req, resp);
- }
- else
- tunnelRequest(req, resp);
- }
- catch (MOAIDException ex) {
- handleError(ex.getMessage(), ex, req, resp);
- }
- catch (Throwable ex) {
- handleError(ex.getMessage(), ex, req, resp);
- }
- }
-
- /**
- * Login to online application at first call of servlet for a user session.- *
-
- *
- Acquires authentication data from the MOA-ID Auth component. - *
- Reads configuration data for the online application. - *
- Resolves login parameters. - *
- Sets up an SSLSocketFactory in case of a secure connection to the online application. - *
- For a stateless online application, stores data in the HttpSession. - *
- Tunnels the request to the online application. - *
null
- * @param loginParameters parameter name/values to be inserted for purposes of authentication;
- * may be null
- * @param publicURLPrefix prefix of request URL to be substituted for the realURLPrefix
- * @param realURLPrefix prefix of online application URL to substitute the publicURLPrefix
- * @param ssf SSLSocketFactory to use
- * @throws IOException if an I/O error occurs
- */
-private int tunnelRequest(HttpServletRequest req, HttpServletResponse resp, Map loginHeaders, Map loginParameters, String publicURLPrefix, String realURLPrefix, SSLSocketFactory ssf)
- throws IOException {
-
- // collect headers from request
- Map headers = new HashMap();
- for (Enumeration enum = req.getHeaderNames(); enum.hasMoreElements();) {
- String headerKey = (String) enum.nextElement();
- //We ignore any Basic-Auth-Headers from the client
- if (headerKey.equalsIgnoreCase("Authorization"))
- { Logger.debug("Ignoring authorization-header from browser: " +req.getHeader(headerKey) );
- }
- else
- headers.put(headerKey, req.getHeader(headerKey));
- }
- // collect login headers, possibly overwriting headers from request
- if (loginHeaders != null) {
- for (Iterator iter = loginHeaders.keySet().iterator(); iter.hasNext();) {
- String headerKey = (String) iter.next();
- headers.put(headerKey, loginHeaders.get(headerKey));
- }
- }
- // collect parameters from request
- Map parameters = new HashMap();
- for (Enumeration enum = req.getParameterNames(); enum.hasMoreElements();) {
- String paramName = (String) enum.nextElement();
- parameters.put(paramName, req.getParameter(paramName));
- }
- // collect login parameters, possibly overwriting parameters from request
- if (loginParameters != null) {
- for (Iterator iter = loginParameters.keySet().iterator(); iter.hasNext();) {
- String paramName = (String) iter.next();
- parameters.put(paramName, loginParameters.get(paramName));
- }
- }
-
- headers.remove("content-length");
- parameters.remove(PARAM_SAMLARTIFACT);
- parameters.remove(PARAM_TARGET);
-
- ConnectionBuilder cb = ConnectionBuilderFactory.getConnectionBuilder(publicURLPrefix);
- HttpURLConnection conn = cb.buildConnection(req, publicURLPrefix, realURLPrefix, ssf, parameters);
-
- //Set Cookies...
-
- String cookieString = CookieManager.getInstance().getCookie(req.getSession().getId());
- if (cookieString!=null)
- {
- //If we get Cookies from Client, we put them throgh if they dont exist/conflict with the stored Cookies
- for (Iterator iter = headers.keySet().iterator(); iter.hasNext();) {
- String headerKey = (String) iter.next();
- String headerValue = (String) headers.get(headerKey);
- if (headerKey.equalsIgnoreCase("Cookie"))
- CookieManager.getInstance().saveOldCookies(req.getSession().getId(), headerValue);
- }
- cookieString = CookieManager.getInstance().getCookie(req.getSession().getId());
- headers.put("cookie", cookieString);
- }
-
- // set headers as request properties of URLConnection
- for (Iterator iter = headers.keySet().iterator(); iter.hasNext();) {
- String headerKey = (String) iter.next();
- String headerValue = (String) headers.get(headerKey);
- conn.setRequestProperty(headerKey, headerValue);
- Logger.debug("Req header " + headerKey + ": " + headers.get(headerKey));
- if (Logger.isDebugEnabled() && isBasicAuthenticationHeader(headerKey, headerValue)) {
- String credentials = headerValue.substring(6);
- String userIDPassword = new String(Base64Utils.decode(credentials, false));
- Logger.debug(":UserID:Password: :" + userIDPassword + ":");
- }
- }
- // Write out parameters into output stream of URLConnection.
- // On GET request, do not send parameters in any case,
- // otherwise HttpURLConnection would send a POST.
- if (!"get".equalsIgnoreCase(req.getMethod()) && !parameters.isEmpty()) {
- boolean firstParam = true;
- StringWriter sb = new StringWriter();
- for (Iterator iter = parameters.keySet().iterator(); iter.hasNext();) {
- String paramname = (String) iter.next();
- String value = URLEncoder.encode((String) parameters.get(paramname));
- if (firstParam)
- firstParam = false;
- else
- sb.write("&");
- sb.write(paramname);
- sb.write("=");
- sb.write(value);
- Logger.debug("Req param " + paramname + ": " + value);
- }
- PrintWriter reqOut = new PrintWriter(conn.getOutputStream());
- reqOut.write(sb.toString());
- reqOut.flush();
- reqOut.close();
- }
- // connect
- conn.connect();
-
- // Read response status and content type.
- // If the connection returns a 401 disconnect and return
- // otherwise the attempt to read data from that connection
- // will result in an error
-
- if (conn.getResponseCode()==HttpURLConnection.HTTP_UNAUTHORIZED)
- {
- Logger.debug("Found 401... searching cookies");
- String headerKey;
-
- int i = 1;
- CookieManager cm = CookieManager.getInstance();
- while ((headerKey = conn.getHeaderFieldKey(i)) != null) {
- String headerValue = conn.getHeaderField(i);
- if (headerKey.equalsIgnoreCase("set-cookie"))
- { cm.saveCookie(req.getSession().getId(), headerValue);
- cm.add401(req.getSession().getId(),headerValue);
- Logger.debug("Cookie " + headerValue);
- Logger.debug("CookieSession " + req.getSession().getId());
- }
- i++;
- }
-
- conn.disconnect();
- return conn.getResponseCode();
- }
- resp.setStatus(conn.getResponseCode());
- resp.setContentType(conn.getContentType());
-
- // Read response headers
- // Omit response header "content-length" if response header "Transfer-encoding: chunked" is set.
- // Otherwise, the connection will not be kept alive, resulting in subsequent missing requests.
- // See JavaDoc of javax.servlet.http.HttpServlet:
- // When using HTTP 1.1 chunked encoding (which means that the response has a Transfer-Encoding header), do not set the Content-Length header.
- Map respHeaders = new HashMap();
- boolean chunked = false;
- String contentLengthKey = null;
- String transferEncodingKey = null;
- int i = 1;
- String headerKey;
- while ((headerKey = conn.getHeaderFieldKey(i)) != null) {
- String headerValue = conn.getHeaderField(i);
- respHeaders.put(headerKey, headerValue);
- if (isTransferEncodingChunkedHeader(headerKey, headerValue)) {
- chunked = true;
- transferEncodingKey = headerKey;
- }
- CookieManager cm = CookieManager.getInstance();
- if (headerKey.equalsIgnoreCase("set-cookie"))
- { cm.saveCookie(req.getSession().getId(), headerValue);
- Logger.debug("Cookie " + headerValue);
- Logger.debug("CookieSession " + req.getSession().getId());
- }
- if ("content-length".equalsIgnoreCase(headerKey))
- contentLengthKey = headerKey;
- Logger.debug("Resp header " + headerKey + ": " + headerValue);
- i++;
- }
- if (chunked && contentLengthKey != null) {
- respHeaders.remove(transferEncodingKey);
- Logger.debug("Resp header " + transferEncodingKey + " REMOVED");
- }
-
- //Get a Hash-Map of all 401-set-cookies
- HashMap cookies401 = CookieManager.getInstance().get401(req.getSession().getId());
-
- for (Iterator iter = respHeaders.keySet().iterator(); iter.hasNext();) {
- headerKey = (String) iter.next();
-
- if (headerKey.equalsIgnoreCase("Set-Cookie"))
- {
- String headerValue = (String) respHeaders.get(headerKey);
- Logger.debug("Found 'Set-Cookie' in ResponseHeaders: " + headerValue);
- if(!cookies401.containsKey(headerValue.substring(0, headerValue.indexOf("="))))
- {
- // If we dont already have a Set-Cookie-Value for THAT Cookie we create one...
- CookieManager.getInstance().add401(req.getSession().getId(), headerValue);
- }
- }
- }
-
- //write out all Responseheaders != "set-cookie"
- for (Iterator iter = respHeaders.keySet().iterator(); iter.hasNext();) {
- headerKey = (String) iter.next();
- if (!headerKey.equalsIgnoreCase("Set-Cookie"))
- resp.addHeader(headerKey, (String) respHeaders.get(headerKey));
- }
-
- //write out all Responseheaders = "set-cookie"
- cookies401 = CookieManager.getInstance().get401(req.getSession().getId());
- Iterator cookie_i = cookies401.values().iterator();
- while (cookie_i.hasNext()) {
- String element = (String) cookie_i.next();
- resp.addHeader("Set-Cookie", element);
- }
- //Delete all "Set-Cookie" - Values
- CookieManager.getInstance().clear401(req.getSession().getId());
-
- // read response stream
- Logger.debug("Resp from " + conn.getURL().toString() + ": status " + conn.getResponseCode());
- // Load content unless the server lets us know that the content is NOT MODIFIED...
- if (conn.getResponseCode()!=HttpURLConnection.HTTP_NOT_MODIFIED)
- {
- BufferedInputStream respIn = new BufferedInputStream(conn.getInputStream());
- Logger.debug("Got Inputstream");
- BufferedOutputStream respOut = new BufferedOutputStream(resp.getOutputStream());
- Logger.debug("Got Outputstream");
- int ch;
- while ((ch = respIn.read()) >= 0)
- respOut.write(ch);
- respOut.close();
- respIn.close();
- }
- else
- Logger.debug("Found 304 NOT MODIFIED...");
- conn.disconnect();
- Logger.debug("Request done");
-
-
- return conn.getResponseCode();
-}
-/**
- * Determines whether a HTTP header is a basic authentication header of the kind "Authorization: Basic ..."
- *
- * @param headerKey header name
- * @param headerValue header value
- * @return true for a basic authentication header
- */
-private boolean isBasicAuthenticationHeader(String headerKey, String headerValue) {
- if (!"authorization".equalsIgnoreCase(headerKey))
- return false;
- if (headerValue.length() < "basic".length())
- return false;
- String authenticationSchema = headerValue.substring(0, "basic".length());
- return "basic".equalsIgnoreCase(authenticationSchema);
-}
-/**
- * Determines whether a HTTP header is "Transfer-encoding" header with value containing "chunked"
- *
- * @param headerKey header name
- * @param headerValue header value
- * @return true for a "Transfer-encoding: chunked" header
- */
-private boolean isTransferEncodingChunkedHeader(String headerKey, String headerValue) {
- if (!"transfer-encoding".equalsIgnoreCase(headerKey))
- return false;
- return headerValue.indexOf("chunked") >= 0 || headerValue.indexOf("Chunked") >= 0 || headerValue.indexOf("CHUNKED") >= 0;
-}
-
-/**
- * Calls the web application initializer.
- *
- * @see javax.servlet.Servlet#init(ServletConfig)
- */
-public void init(ServletConfig servletConfig) throws ServletException {
- super.init(servletConfig);
- try {
- MOAIDProxyInitializer.initialize();
- Logger.info(MOAIDMessageProvider.getInstance().getMessage("proxy.00", null));
- }
- catch (Exception ex) {
- Logger.fatal(MOAIDMessageProvider.getInstance().getMessage("proxy.06", null), ex);
- throw new ServletException(ex);
- }
-}
-
-/**
- * Handles an error. - *
-
- *
- Logs the error - *
- Places error message and exception thrown into the request
- * as request attributes (to be used by
"/errorpage-proxy.jsp")
- * - Sets HTTP status 500 (internal server error) - *
Use this initialization code:
- *
// ConnectionParameter connParam = ... get from ConfigurationProvider
- * AxisSecureSocketFactory.initialize(connParam);
- * See the Apache Axis documentation on how to configure this class - * as the default secure socket factory to be used by Axis. - *
- * This code has been copied from
JSSESocketFactory, the
- * method initialize() has been added.
- *
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class AxisSecureSocketFactory
- extends DefaultSocketFactory implements SecureSocketFactory {
-
- /** Field sslFactory */
- private static SSLSocketFactory sslFactory;
-
- /**
- * Constructor for AxisSecureSocketFactory.
- * @param attributes ???
- */
- public AxisSecureSocketFactory(Hashtable attributes) {
- super(attributes);
- }
- /**
- * Initializes the factory by setting the connection parameters to be used for
- * setting the secure socket factory, and by setting the system property
- * axis.socketSecureFactory.
- * @param connParam ConnectionParameter to derive the
- * secure socket factory from
- */
- public static void initialize(SSLSocketFactory ssf)
- throws IOException, GeneralSecurityException {
-
- Logger.debug("Initialize AxisSecureSocketFactory");
- sslFactory = ssf;
- }
-
- /**
- * creates a secure socket
- *
- * @param host
- * @param port
- * @param otherHeaders
- * @param useFullURL
- *
- * @return Socket
- * @throws Exception
- */
- public Socket create(
- String host,
- int port,
- StringBuffer otherHeaders,
- BooleanHolder useFullURL)
- throws Exception {
- if (port == -1) {
- port = 443;
- }
-
- TransportClientProperties tcp =
- TransportClientPropertiesFactory.create("https");
-
- boolean hostInNonProxyList =
- isHostInNonProxyList(host, tcp.getNonProxyHosts());
-
- Socket sslSocket = null;
- if (tcp.getProxyHost().length() == 0 || hostInNonProxyList) {
- // direct SSL connection
- sslSocket = sslFactory.createSocket(host, port);
- }
- else {
-
- // Default proxy port is 80, even for https
- int tunnelPort =
- (tcp.getProxyPort().length() != 0)
- ? Integer.parseInt(tcp.getProxyPort())
- : 80;
- if (tunnelPort < 0)
- tunnelPort = 80;
-
- // Create the regular socket connection to the proxy
- Socket tunnel = new Socket(tcp.getProxyHost(), tunnelPort);
-
- // The tunnel handshake method (condensed and made reflexive)
- OutputStream tunnelOutputStream = tunnel.getOutputStream();
- PrintWriter out =
- new PrintWriter(
- new BufferedWriter(new OutputStreamWriter(tunnelOutputStream)));
-
- // More secure version... engage later?
- // PasswordAuthentication pa =
- // Authenticator.requestPasswordAuthentication(
- // InetAddress.getByName(tunnelHost),
- // tunnelPort, "SOCK", "Proxy","HTTP");
- // if(pa == null){
- // printDebug("No Authenticator set.");
- // }else{
- // printDebug("Using Authenticator.");
- // tunnelUser = pa.getUserName();
- // tunnelPassword = new String(pa.getPassword());
- // }
- out.print(
- "CONNECT "
- + host
- + ":"
- + port
- + " HTTP/1.0\r\n"
- + "User-Agent: AxisClient");
- if (tcp.getProxyUser().length() != 0
- && tcp.getProxyPassword().length() != 0) {
-
- // add basic authentication header for the proxy
- String encodedPassword =
- XMLUtils.base64encode(
- (tcp.getProxyUser() + ":" + tcp.getProxyPassword()).getBytes());
-
- out.print("\nProxy-Authorization: Basic " + encodedPassword);
- }
- out.print("\nContent-Length: 0");
- out.print("\nPragma: no-cache");
- out.print("\r\n\r\n");
- out.flush();
- InputStream tunnelInputStream = tunnel.getInputStream();
-
- if (log.isDebugEnabled()) {
- log.debug(
- Messages.getMessage(
- "isNull00",
- "tunnelInputStream",
- "" + (tunnelInputStream == null)));
- }
- String replyStr = "";
-
- // Make sure to read all the response from the proxy to prevent SSL negotiation failure
- // Response message terminated by two sequential newlines
- int newlinesSeen = 0;
- boolean headerDone = false; /* Done on first newline */
-
- while (newlinesSeen < 2) {
- int i = tunnelInputStream.read();
-
- if (i < 0) {
- throw new IOException("Unexpected EOF from proxy");
- }
- if (i == '\n') {
- headerDone = true;
- ++newlinesSeen;
- }
- else if (i != '\r') {
- newlinesSeen = 0;
- if (!headerDone) {
- replyStr += String.valueOf((char) i);
- }
- }
- }
- if (!replyStr.startsWith("HTTP/1.0 200")
- && !replyStr.startsWith("HTTP/1.1 200")) {
- throw new IOException(
- Messages.getMessage(
- "cantTunnel00",
- new String[] { tcp.getProxyHost(), "" + tunnelPort, replyStr }));
- }
-
- // End of condensed reflective tunnel handshake method
- sslSocket = sslFactory.createSocket(tunnel, host, port, true);
- if (log.isDebugEnabled()) {
- log.debug(
- Messages.getMessage(
- "setupTunnel00",
- tcp.getProxyHost(),
- "" + tunnelPort));
- }
- }
-
- ((SSLSocket) sslSocket).startHandshake();
- if (log.isDebugEnabled()) {
- log.debug(Messages.getMessage("createdSSL00"));
- }
- return sslSocket;
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/util/HTTPRequestJSPForwarder.java b/id.server/src/at/gv/egovernment/moa/id/util/HTTPRequestJSPForwarder.java
deleted file mode 100644
index 7c4731555..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/util/HTTPRequestJSPForwarder.java
+++ /dev/null
@@ -1,76 +0,0 @@
-/*
- * Created on 17.02.2004
- *
- * To change the template for this generated file go to
- * Window>Preferences>Java>Code Generation>Code and Comments
- */
-package at.gv.egovernment.moa.id.util;
-
-import java.io.IOException;
-import javax.servlet.ServletContext;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import at.gv.egovernment.moa.logging.Logger;
-
-/**
- * @author rschamberger
- *
- * To change the template for this generated type comment go to
- * Window>Preferences>Java>Code Generation>Code and Comments
- */
-public class HTTPRequestJSPForwarder {
-
- /**
- * Forwards the HttpServletRequest to a customizable JSP Page and serves the Response. - *
-
- *
- Logs the message - *
- *
-
- *
- Logs the message - *
HttpServletRequest which should be parsed
- */
- protected final void parseParameters(final HttpServletRequest req)
- {
- queryParamOrder = new Vector();
- queryParameters = new Hashtable();
- bodyParamOrder = new Vector();
- bodyParameters = new Hashtable();
-
- //Insert code for Query string parsing
- String rawQuery = req.getQueryString();
- queryParameters = tokenize(queryParameters, queryParamOrder, rawQuery, DEFAULT_CHARACTER_ENCODING);
-
- //analyze HTTP Post body parameters
- if (req.getMethod().equalsIgnoreCase("POST"))
- {
- //get body encoding
- String enc = req.getCharacterEncoding();
- if (enc == null) enc = DEFAULT_CHARACTER_ENCODING;
-
- if (req.getContentType().equals("application/x-www-form-urlencoded"))
- {
- try
- {
- bodyParameters = parsePostData(bodyParameters, req.getContentLength(), req.getInputStream(), enc);
- }
- catch (IOException e)
- {
- context.log("could not open input stream of reqest \n" + e.toString());
- }
- }
- else
- {
- //TODO add multipart code
- context.log(
- "ERROR other Content-Types than 'application/x-www-form-urlencoded' not supported!");
- }
-
- }// end POST
- }
-
- /**
- * parses the HTTP POST parameters
- *
- * @param ht parameter Hashtable to put parameters in.
- * @param length of content
- * @param instream the ServletInputStream of the request
- * @param encoding encoding of the instream
- *
- * @return the Hashtable with the parsed data
- */
- private Hashtable parsePostData(Hashtable ht, final int length, final ServletInputStream instream,
- final String encoding)
- {
- int inputLen, offset;
- byte[] postedBytes = null;
- boolean dataRemaining = true;
- String postedBody;
-
- StringBuffer sb = new StringBuffer();
-
- if (length <= 0)
- {
- return null;
- }
-
- postedBytes = new byte[length];
- try
- {
- offset = 0;
- while (dataRemaining)
- {
- inputLen = instream.read(postedBytes, offset, length - offset);
- if (inputLen <= 0)
- {
- throw new IOException("read error during reading the HTTP POST body");
- }
- offset += inputLen;
- if ((length - offset) == 0)
- {
- dataRemaining = false;
- }
- }
- }
- catch (IOException e)
- {
- System.out.println("Exception =" + e);
- return null;
- }
-
- postedBody = new String(postedBytes);
- Hashtable ht2 = tokenize(ht, bodyParamOrder, postedBody, encoding);
- return ht2;
- }
-
-
- /**
- * tokenizes parameter strings
- *
- * @param ht parameter Hashtable to put parameters in.
- * @param order Vector in which the order of the tokenized parameters will be stored.
- * @param parameterString String to tokenize.
- * @param encoding which will be used to decode the parameterString.
- *
- * @return the Hashtable with the parsed data
- */
- private Hashtable tokenize(Hashtable ht, Vector order, final String parameterString, final String encoding)
- {
- String[] valArray = null;
-
- if (null == parameterString) return ht;
-
- StringTokenizer st = new StringTokenizer(parameterString, "&");
-
- String key = null;
- String val = null;
-
- while (st.hasMoreTokens())
- {
- String pair = (String) st.nextToken();
- int pos = pair.indexOf('=');
- if (pos == -1)
- {
- throw new IllegalArgumentException();
- }
- try
- {
- key = URLDecoder.decode(pair.substring(0, pos), encoding);
- val = URLDecoder.decode(pair.substring(pos + 1, pair.length()), encoding);
- }
- catch (Exception e)
- {
- throw new IllegalArgumentException();
- }
- if (ht.containsKey(key))
- {
- String oldVals[] = (String[]) ht.get(key);
- valArray = new String[oldVals.length + 1];
- for (int i = 0; i < oldVals.length; i++)
- {
- valArray[i] = oldVals[i];
- }
- valArray[oldVals.length] = val;
- }
- else
- {
- valArray = new String[1];
- valArray[0] = val;
- }
- ht.put(key, valArray);
- order.addElement(key);
- }
- return ht;
-
- }
-
- /**
- * Returns the value of a request parameter as a String, or null if the
- * parameter does not exist. Request parameters are extra information sent with the request. For HTTP
- * servlets, parameters are contained in the query string or posted form data.
- *
- * - * You should only use this method when you are sure the parameter has only one value. If the parameter - * might have more than one value, use {@link #getParameterValues}. - * - *
- * If you use this method with a multivalued parameter, the value returned is equal to the first value in
- * the array returned by getParameterValues.
- *
- *
- * If the parameter data was sent in the request body, such as occurs with an HTTP POST request, then
- * reading the body directly via {@link#getInputStream} or {@link #getReader}can interfere with the
- * execution of this method.
- *
- * @param name a String containing the name of the parameter whose value is requested
- *
- * @return a String representing the single value of the parameter
- *
- * @see #getParameterValues
- *
- */
- public final String getParameter(final String name) {
- String val = getParameter(name, QUERY_PARAM);
- return (null != val) ? val : getParameter(name, BODY_PARAM);
- }
-
- /**
- * Returns the value of a request parameter as a String, or null if the
- * parameter does not exist.
- *
- * @param name a String containing the name of the parameter whose value is requested
- * @param parameterType type of parameter
- * @see at.gv.egovernment.moa.id.util.ParametersInOrderServlet#QUERY_PARAM
- * and @see at.gv.egovernment.moa.id.util.ParametersInOrderServlet#BODY_PARAM
- * @see getParameterValues(String name);
- * @return value of the (single) parameter or null if not availlable
- **/
- public final String getParameter(final String name, final int parameterType)
- {
-
- Hashtable parameters = (parameterType == QUERY_PARAM) ? queryParameters : bodyParameters;
- String[] vals = (String[]) parameters.get(name);
- if (vals == null)
- {
- return null;
- }
- return vals[0];
- }
-
-
- /**
- * Returns an array of String objects containing all of the values the given request
- * parameter has, or null if the parameter does not exist.
- *
- *
- * If the parameter has a single value, the array has a length of 1.
- *
- * @param name a String containing the name of the parameter whose value is requested
- * @param parameterType type of parameter
- * @see at.gv.egovernment.moa.id.util.ParametersInOrderServlet#QUERY_PARAM
- * and @see at.gv.egovernment.moa.id.util.ParametersInOrderServlet#BODY_PARAM
- * @return an array of String objects containing the parameter's values or null
- *
- * @see #getParameter
- */
- public final String getParameterValues(final String name, final int parameterType)
- {
- Hashtable parameters = (parameterType == QUERY_PARAM) ? queryParameters : bodyParameters;
- String[] vals = (String[]) parameters.get(name);
- if (vals == null)
- {
- return null;
- }
- String vallist = vals[0];
- for (int i = 1; i < vals.length; i++)
- {
- vallist = vallist + "," + vals[i];
- }
- return vallist;
- }
-
- /**
- *
- * Returns an Enumeration of String objects containing the names of the
- * parameters contained in this request. If the request has no parameters, the method returns an empty
- * Enumeration.
- * @param parameterType type of parameter
- * @see at.gv.egovernment.moa.id.util.ParametersInOrderServlet#QUERY_PARAM
- * and @see at.gv.egovernment.moa.id.util.ParametersInOrderServlet#BODY_PARAM
- *
- * @return an Enumeration of String objects, each String
- * containing the name of a request parameter; or an empty Enumeration if the
- * request has no parameters
- *
- */
- public final Enumeration getParameterNames(final int parameterType)
- {
- if (QUERY_PARAM == parameterType)
- return queryParamOrder.elements();
- else
- return bodyParamOrder.elements();
- }
-} //End InOrderServletRequestWrapper
\ No newline at end of file
diff --git a/id.server/src/at/gv/egovernment/moa/id/util/MOAIDMessageProvider.java b/id.server/src/at/gv/egovernment/moa/id/util/MOAIDMessageProvider.java
deleted file mode 100644
index d31aa6ec1..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/util/MOAIDMessageProvider.java
+++ /dev/null
@@ -1,58 +0,0 @@
-package at.gv.egovernment.moa.id.util;
-
-import java.util.Locale;
-
-import at.gv.egovernment.moa.util.Messages;
-
-/**
- * A singleton wrapper around a Message object, providing the messages used in MOA-ID.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class MOAIDMessageProvider {
-
- /** DEFAULT_MESSAGE_RESOURCES are resources/properties/id_messages */
- private static final String[] DEFAULT_MESSAGE_RESOURCES =
- { "resources/properties/id_messages" };
- /** DEFAULT_MESSAGE_LOCALES are "de", "AT" */
- private static final Locale[] DEFAULT_MESSAGE_LOCALES =
- new Locale[] { new Locale("de", "AT") };
- /** The instance for our singleton */
- private static MOAIDMessageProvider instance;
- /** The Messages */
- private Messages messages;
-
- /**
- * Returns the single instance of MOAIDMessageProvider.
- *
- * @return the single instance of MOAIDMessageProvider
- */
- public static MOAIDMessageProvider getInstance() {
- if (instance == null)
- instance = new MOAIDMessageProvider(DEFAULT_MESSAGE_RESOURCES, DEFAULT_MESSAGE_LOCALES);
- return instance;
- }
-
- /**
- * Create a MOAIDMessageProvider.
- *
- * @param resourceNames The names of the resources containing the messages.
- * @param locales The corresponding locales.
- */
- protected MOAIDMessageProvider(String[] resourceNames, Locale[] locales) {
- this.messages = new Messages(resourceNames, locales);
- }
-
- /**
- * Get the message corresponding to a given message ID.
- *
- * @param messageId The ID of the message.
- * @param parameters The parameters to fill in into the message arguments.
- * @return The formatted message.
- */
- public String getMessage(String messageId, Object[] parameters) {
- return messages.getMessage(messageId, parameters);
- }
-
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/util/ParameterInOrderFilter.java b/id.server/src/at/gv/egovernment/moa/id/util/ParameterInOrderFilter.java
deleted file mode 100644
index 3f5fddba2..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/util/ParameterInOrderFilter.java
+++ /dev/null
@@ -1,62 +0,0 @@
-package at.gv.egovernment.moa.id.util;
-
-import java.io.IOException;
-
-import javax.servlet.Filter;
-import javax.servlet.FilterChain;
-import javax.servlet.FilterConfig;
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-import javax.servlet.http.HttpServletRequest;
-
-/**
- * @author rschamberger
- *
- */
-/**
- * A Filter class wich uses the InOrderServletRequestWrapper to provide servlets a more precise
- * implementation of the getParameter* family. This implementation cares about the order of the parameters
- * from Query String and HTTP POST Body. Use this as Filter class for Servlets which such needs.
- *
- * @author Rudolf Schamberger
- * @version $Id$
- */
-public class ParameterInOrderFilter implements Filter
-{
-
- /**
- * filterConfig
- */
- private FilterConfig filterConfig;
-
- /**
- * @see javax.servlet.Filter#init(javax.servlet.FilterConfig)
- */
- public final void init(final FilterConfig config)
- {
- this.filterConfig = config;
- }
-
- /**
- * @see javax.servlet.Filter#destroy()
- */
- public final void destroy()
- {
- };
-
- /**
- * @see javax.servlet.Filter#doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse,
- * javax.servlet.FilterChain)
- */
- public final void doFilter(final ServletRequest request, final ServletResponse response,
- final FilterChain chain) throws IOException, ServletException
- {
- InOrderServletRequestWrapper sRequ = new InOrderServletRequestWrapper((HttpServletRequest) request,
- filterConfig.getServletContext());
- //parse the Query (and Body) parameters
- sRequ.parseParameters((HttpServletRequest) request);
- //process the rest of filter chain
- chain.doFilter(sRequ, response);
- }
-}
\ No newline at end of file
diff --git a/id.server/src/at/gv/egovernment/moa/id/util/Random.java b/id.server/src/at/gv/egovernment/moa/id/util/Random.java
deleted file mode 100644
index da75b4213..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/util/Random.java
+++ /dev/null
@@ -1,22 +0,0 @@
-package at.gv.egovernment.moa.id.util;
-
-import java.util.Date;
-
-/**
- * Random number generator used to generate ID's
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class Random {
-
- /** random number generator used */
- private static java.util.Random random = new java.util.Random(new Date().getTime());
- /**
- * Creates a new random number, to be used as an ID.
- *
- * @return random long as a String
- */
- public static String nextRandom() {
- return "" + random.nextLong();
- }
-}
diff --git a/id.server/src/at/gv/egovernment/moa/id/util/SSLUtils.java b/id.server/src/at/gv/egovernment/moa/id/util/SSLUtils.java
deleted file mode 100644
index bd64b5a42..000000000
--- a/id.server/src/at/gv/egovernment/moa/id/util/SSLUtils.java
+++ /dev/null
@@ -1,175 +0,0 @@
-package at.gv.egovernment.moa.id.util;
-
-import iaik.pki.PKIConfiguration;
-import iaik.pki.PKIException;
-import iaik.pki.PKIFactory;
-import iaik.pki.PKIProfile;
-import iaik.pki.jsse.IAIKX509TrustManager;
-
-import java.io.BufferedInputStream;
-import java.io.BufferedReader;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.InputStreamReader;
-import java.io.Reader;
-import java.net.URL;
-import java.security.GeneralSecurityException;
-import java.security.Security;
-import java.util.HashMap;
-import java.util.Map;
-
-import javax.net.ssl.SSLSocketFactory;
-
-import org.apache.regexp.RE;
-
-import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.ConfigurationProvider;
-import at.gv.egovernment.moa.id.config.ConnectionParameter;
-import at.gv.egovernment.moa.id.iaik.config.PKIConfigurationImpl;
-import at.gv.egovernment.moa.id.iaik.pki.PKIProfileImpl;
-import at.gv.egovernment.moa.id.iaik.pki.jsse.MOAIDTrustManager;
-import at.gv.egovernment.moa.logging.Logger;
-import com.sun.net.ssl.HttpsURLConnection;
-import com.sun.net.ssl.KeyManager;
-import com.sun.net.ssl.SSLContext;
-import com.sun.net.ssl.TrustManager;
-
-/**
- * Utility for a obtaining a secure socket factory using IAIKX509TrustManager.
- * This TrustManager implementation features CRL checking.
- * SSLUtils caches secure socket factories for given ConnectionParameters.
- *
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class SSLUtils {
-
- /** SSLSocketFactory store, mapping URL->SSLSocketFactory **/
- private static Map sslSocketFactories = new HashMap();
-
- /**
- * Initializes the SSLSocketFactory store.
- */
- public static void initialize() {
- sslSocketFactories = new HashMap();
- Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
- System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
- }
-
- /**
- * Creates an SSLSocketFactory which utilizes an
- * IAIKX509TrustManager for the given trust store,
- * and the given key store.
- *
- * @param conf configuration provider providing a generic properties pointing
- * to trusted CA store and certificate store root
- * @param connParam connection parameter containing the client key store settings
- * to be used in case of client authentication;
- * if connParam.getClientKeyStore() == null, client authentication
- * is assumed to be disabled
- * @return SSLSocketFactory to be used by an HttpsURLConnection
- * @throws IOException thrown while reading key store file
- * @throws GeneralSecurityException thrown while creating the socket factory
- * @throws ConfigurationException on invalid configuration data
- * @throws PKIException while initializing the IAIKX509TrustManager
- */
- public static SSLSocketFactory getSSLSocketFactory(
- ConfigurationProvider conf,
- ConnectionParameter connParam)
- throws IOException, GeneralSecurityException, ConfigurationException, PKIException {
-
- Logger.debug("Get SSLSocketFactory for " + connParam.getUrl());
- // retrieve SSLSocketFactory if already created
- SSLSocketFactory ssf = (SSLSocketFactory)sslSocketFactories.get(connParam.getUrl());
- if (ssf != null)
- return ssf;
- // else create new SSLSocketFactory
- String trustStoreURL = conf.getTrustedCACertificates();
- if (trustStoreURL == null)
- throw new ConfigurationException(
- "config.08", new Object[] {"TrustedCACertificates"});
- String acceptedServerCertURL = connParam.getAcceptedServerCertificates();
- TrustManager[] tms = getTrustManagers(conf, trustStoreURL, acceptedServerCertURL);
- KeyManager[] kms = at.gv.egovernment.moa.util.SSLUtils.getKeyManagers(
- "pkcs12", connParam.getClientKeyStore(), connParam.getClientKeyStorePassword());
- SSLContext ctx = SSLContext.getInstance("TLS");
- ctx.init(kms, tms, null);
- ssf = ctx.getSocketFactory();
- // store SSLSocketFactory
- sslSocketFactories.put(connParam.getUrl(), ssf);
- return ssf;
- }
-
- /**
- * Initializes an IAIKX509TrustManager for a given trust store,
- * using configuration data.
- *
- * @param conf MOA-ID configuration provider
- * @param trustStoreURL trust store URL
- * @param acceptedServerCertURL file URL pointing to directory containing accepted server SSL certificates
- * @return TrustManager array containing the IAIKX509TrustManager
- * @throws ConfigurationException on invalid configuration data
- * @throws IOException on data-reading problems
- * @throws PKIException while initializing the IAIKX509TrustManager
- */
- public static TrustManager[] getTrustManagers(
- ConfigurationProvider conf, String trustStoreURL, String acceptedServerCertURL)
- throws ConfigurationException, PKIException, IOException, GeneralSecurityException {
-
- PKIConfiguration cfg = null;
- if (! PKIFactory.getInstance().isAlreadyConfigured())
- cfg = new PKIConfigurationImpl(conf);
- String boolString = conf.getGenericConfigurationParameter(ConfigurationProvider.TRUST_MANAGER_REVOCATION_CHECKING);
- //not using BoolUtils because default value hast to be true!
- boolean checkRevocation = !("false".equals(boolString) || "0".equals(boolString));
- PKIProfile profile = new PKIProfileImpl(trustStoreURL, checkRevocation);
- // This call fixes a bug occuring when PKIConfiguration is
- // initialized by the MOA-SP initialization code, in case
- // MOA-SP is called by API
- MOAIDTrustManager.initializeLoggingContext();
- IAIKX509TrustManager tm = new MOAIDTrustManager(acceptedServerCertURL);
- tm.init(cfg, profile);
- return new TrustManager[] {tm};
- }
- /**
- * Reads a file, given by URL, into a byte array,
- * securing the connection by IAIKX509TrustManager.
- * @param connParam containing URL and accepted server certificates
- * @param conf ConfigurationProvider for reading
- * @return String representation of content
- * @throws ConfigurationException on invalid configuration data
- * @throws PKIException on invalid configuration data
- * @throws IOException on data-reading problems
- * @throws GeneralSecurityException on security issues
- */
- public static String readHttpsURL(ConfigurationProvider conf, ConnectionParameter connParam)
- throws ConfigurationException, PKIException, IOException, GeneralSecurityException {
-
- URL url = new URL(connParam.getUrl());
- HttpsURLConnection conn = (HttpsURLConnection)url.openConnection();
- conn.setRequestMethod("GET");
- conn.setDoInput(true);
- SSLSocketFactory sslSocketFactory = getSSLSocketFactory(conf, connParam);
- conn.setSSLSocketFactory(sslSocketFactory);
- conn.connect();
- String contentType = conn.getContentType();
- RE regExp = new RE("(;.*charset=)(\"*)(.*[^\"])");
- boolean charsetSupplied = regExp.match(contentType);
- String encoding = "ISO-8859-1"; //default HTTP encoding
- if (charsetSupplied) {
- encoding = regExp.getParen(3);
- }
- //TODO RS TEST if this works on other platforms
- InputStream instream = new BufferedInputStream(conn.getInputStream());
- InputStreamReader isr = new InputStreamReader(instream, encoding);
- Reader in = new BufferedReader(isr);
- int ch;
- StringBuffer buffer = new StringBuffer();
- while ((ch = in.read()) > -1) {
- buffer.append((char)ch);
- }
- in.close();
- conn.disconnect();
- return buffer.toString();
- }
-}
diff --git a/id.server/src/test/MOAIDTestCase.java b/id.server/src/test/MOAIDTestCase.java
deleted file mode 100644
index 725fa1386..000000000
--- a/id.server/src/test/MOAIDTestCase.java
+++ /dev/null
@@ -1,203 +0,0 @@
-package test;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-
-import javax.xml.transform.TransformerException;
-
-import org.w3c.dom.Element;
-
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.FileUtils;
-import at.gv.egovernment.moa.util.StreamUtils;
-import at.gv.egovernment.moa.util.XPathUtils;
-
-import iaik.ixsil.algorithms.Transform;
-import iaik.ixsil.algorithms.TransformImplExclusiveCanonicalXML;
-import iaik.ixsil.exceptions.AlgorithmException;
-import iaik.ixsil.exceptions.InitException;
-import iaik.ixsil.exceptions.URIException;
-import iaik.ixsil.init.IXSILInit;
-import iaik.ixsil.util.URI;
-import test.at.gv.egovernment.moa.MOATestCase;
-
-/*
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class MOAIDTestCase extends MOATestCase implements Constants {
-
- public static final String XML_DECL =
- "";
- protected static final String nl = "\n";
-
- public MOAIDTestCase(String name) {
- super(name);
- }
-
- protected void initIxsil() throws InitException, URIException {
- IXSILInit.init(new URI("init/properties/init.properties"));
- // Switch on debug information
- IXSILInit.setPrintDebugLog(true);
- }
- //STRING <==> STRING
- protected void assertXmlEquals(String xml1, String xml2)
- throws AlgorithmException, IOException, InitException, URIException{
- initIxsil();
- String canXml1 = canonicalTransform(xml1);
- String canXml2 = canonicalTransform(xml2);
- assertEquals(canXml1, canXml2); }
- // ELEMENT <==> ELEMENT
- protected void assertXmlEquals(Element xml1, Element xml2)
- throws AlgorithmException, IOException, InitException , URIException, TransformerException{
- initIxsil();
- assertEquals(canonicalTransform(DOMUtils.serializeNode(xml1)),canonicalTransform(DOMUtils.serializeNode(xml2)));
- }
- // INPUTSTREAM <==> INPUTSTREAM
- protected void assertXmlEquals(InputStream xml1, InputStream xml2)
- throws AlgorithmException, IOException, InitException , URIException{
- initIxsil();
- assertEquals(canonicalTransform(xml1),canonicalTransform(xml2));
- }
- // ELEMENT <==> STRING
- protected void assertXmlEquals(Element xml1, String xml2)
- throws AlgorithmException, IOException, InitException , URIException, TransformerException {
- initIxsil();
- assertEquals(canonicalTransform(xml1),canonicalTransform(xml2));
- }
- // ELEMENT <==> INPUTSTREAM
- protected void assertXmlEquals(Element xml1, InputStream xml2)
- throws AlgorithmException, IOException, InitException , URIException, TransformerException{
- initIxsil();
- assertEquals(canonicalTransform(xml1),canonicalTransform(xml2));
- }
- // STRING <==> INPUTSTREAM
- protected void assertXmlEquals(String xml1, InputStream xml2)
- throws AlgorithmException, IOException, InitException , URIException{
- initIxsil();
- assertEquals(canonicalTransform(xml1),canonicalTransform(xml2));
- }
-
- /**
- * Method canonicalTransform.
- * @param input as STRING
- * @return String
- */
- protected String canonicalTransform(String input)
- throws AlgorithmException, IOException {
-
- Transform tr = new TransformImplExclusiveCanonicalXML();
- InputStream s = new ByteArrayInputStream(input.getBytes("UTF-8"));
- tr.setInput(s, null);
- ByteArrayInputStream transResult = (ByteArrayInputStream) tr.transform();
- return killWhiteSpace(readString(transResult));
- }
- /**
- * Method canonicalTransform.
- * @param input as Element
- * @return String
- */
- protected String canonicalTransform(Element input)
- throws AlgorithmException, IOException {
-
- Transform tr = new TransformImplExclusiveCanonicalXML();
- tr.setInput(XPathUtils.selectNodeList(input, XPathUtils.ALL_NODES_XPATH), null);
- ByteArrayInputStream transResult = (ByteArrayInputStream) tr.transform();
-
- return killWhiteSpace(readString(transResult));
- }
-
- /**
- * Method canonicalTransform.
- * @param input as InputStream
- * @return String
- */
- protected String canonicalTransform(InputStream input)
- throws AlgorithmException, IOException {
-
- Transform tr = new TransformImplExclusiveCanonicalXML(); tr.setInput(input, null);
- ByteArrayInputStream transResult = (ByteArrayInputStream) tr.transform();
-
- return killWhiteSpace(readString(transResult));
- }
-
- public static String killWhiteSpace(String input)
- {
- int start=0;
- int ende;
- String result;
- String middle;
- result = input;
- do {
- start = result.indexOf(">", start);
- ende = result.indexOf("<", start);
- middle = result.substring(start+1,ende).trim();
- result = result.substring(0,start+1) +middle + result.substring(ende,result.length());
- start++;
- } while (result.indexOf("<", ende + 1)>0);
-
- return result;
- }
-
- /**
- * Method killExclusive.: The values startsWith and endsWith will be included into the answer.
- * @param input
- * @param startsWith
- * @param endsWith
- * @param newValue
- * @return String
- */
- public static String killExclusive(String input, String startsWith, String endsWith, String newValue)
- {
- int start=0;
- int ende;
- String result;
- result = input;
- do {
- start = result.indexOf(startsWith, start) + startsWith.length();
- ende = result.indexOf(endsWith, start);
- result = result.substring(0,start) + newValue + result.substring(ende,result.length());
- start++;
- } while (result.indexOf(startsWith, ende + 1)>0);
-
- return result;
- }
-
- /**
- * Method killInclusive. : The values startsWith and endsWith will NOT be included into the answer.
- * @param input
- * @param startsWith
- * @param endsWith
- * @param newValue
- * @return String
- */
- public static String killInclusive(String input, String startsWith, String endsWith, String newValue)
- {
- int start=0;
- int ende;
- String result;
- result = input;
- do {
- start = result.indexOf(startsWith, start) + startsWith.length();
- ende = result.indexOf(endsWith, start);
- result = result.substring(0,start - startsWith.length() ) + newValue + result.substring(ende + endsWith.length(),result.length());
- start++;
- } while (result.indexOf(startsWith, ende + 1)>0);
-
- return result;
- }
-
- protected String readFile(String filename) throws IOException {
- return readFile(filename, "UTF-8");
- }
- protected String readFile(String filename, String encoding) throws IOException {
- return FileUtils.readFile(filename, encoding);
- }
- protected String readString(InputStream input) throws IOException
- {
- return StreamUtils.readStream(input, "UTF-8");
- }
-
-}
diff --git a/id.server/src/test/abnahme/A/Test100StartAuthentication.java b/id.server/src/test/abnahme/A/Test100StartAuthentication.java
deleted file mode 100644
index 0d72691aa..000000000
--- a/id.server/src/test/abnahme/A/Test100StartAuthentication.java
+++ /dev/null
@@ -1,171 +0,0 @@
-package test.abnahme.A;
-
-import test.abnahme.AbnahmeTestCase;
-import at.gv.egovernment.moa.id.AuthenticationException;
-import at.gv.egovernment.moa.id.auth.WrongParametersException;
-
-/**
- * @author Stefan Knirsch
- * @version $Id$
- *
- */
-public class Test100StartAuthentication extends AbnahmeTestCase {
-
- public Test100StartAuthentication(String name) {
- super(name);
- }
-
- public void testA101() throws Exception {
- try {
- String htmlForm = server.startAuthentication("https://localhost:8443/auth", //authURL
- "gb", //target
- "http://localhost:9080/", //oaURL
- "file:" + findXmldata("AuthTemplate.html"),
- "http://localhost:3495/http-security-layer-request",
- null);
- htmlForm = killExclusive(htmlForm, "MOASessionID=","\"","DELETED");
- //writeXmldata("htmlForm_out.html",htmlForm.getBytes("UTF-8"));
- assertEquals(readXmldata("htmlForm.html"),htmlForm);
- System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA102() throws Exception {
- try {
- String htmlForm = server.startAuthentication("https://localhost:8443/auth", //authURL
- "gb", //target
- "http://localhost:9080/", //oaURL
- null,
- "http://localhost:3495/http-security-layer-request", null);
- htmlForm = killExclusive(htmlForm, "MOASessionID=","\"","DELETED");
- //writeXmldata("htmlForm_out.html",htmlForm.getBytes("UTF-8"));
- assertEquals(readXmldata("htmlForm.html"),htmlForm);
-
- System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA103() throws Exception {
- try {
- String htmlForm = server.startAuthentication("https://localhost:8443/auth", //authURL
- "gb", //target
- "http://localhost:9080/", //oaURL
- "file:" + findXmldata("AuthTemplate.html"),
- null,
- null);
- htmlForm = killExclusive(htmlForm, "MOASessionID=","\"","DELETED");
- //writeXmldata("htmlForm_out.html",htmlForm.getBytes("UTF-8"));
- assertEquals(readXmldata("htmlForm.html"),htmlForm);
- System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA151() throws Exception {
- try {
- try {
- server.startAuthentication(null, //authURL
- "gb", //target
- "http://localhost:9080/", //oaURL
- null, null, null);
- //assertEquals("",htmlForm);
- System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
- fail(this.getName() + " hat KEINE FEHLER geworfen");
- }
- catch (WrongParametersException e) {
- System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
- }
-
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA152() throws Exception {
- try {
- try {
- server.startAuthentication("http://localhost:8080/auth", //authURL
- "gb", "http://localhost:9080/", //oaURL
- null, null, null);
- System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
- fail(this.getName() + " hat KEINE FEHLER geworfen");
- }
- catch (AuthenticationException e) {
- System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA153() throws Exception {
- try {
- try {
- server.startAuthentication("https://localhost:8443/auth", //authURL
- "gb", "http://host_not_in_config/", //oaURL
- null, null, null);
- System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
- fail(this.getName() + " hat KEINE FEHLER geworfen");
- }
- catch (AuthenticationException e) {
- System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
- }
-
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA154() throws Exception {
- try {
- try {
- server.startAuthentication("https://localhost:8443/auth", //authURL
- "gb", null, //oaURL
- null, null, null);
- System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
- fail(this.getName() + " hat KEINE FEHLER geworfen");
- }
- catch (WrongParametersException e) {
- System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA155() throws Exception {
- try {
- try {
- server.startAuthentication("https://localhost:8443/auth", //authURL
- null, "http://localhost:9080/", //oaURL
- null, null, null);
- System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
- fail(this.getName() + " hat KEINE FEHLER geworfen");
- }
- catch (WrongParametersException e) {
- System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
- }
- //assertEquals("",htmlForm);
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
-}
diff --git a/id.server/src/test/abnahme/A/Test200VerifyIdentityLink.java b/id.server/src/test/abnahme/A/Test200VerifyIdentityLink.java
deleted file mode 100644
index ed4410521..000000000
--- a/id.server/src/test/abnahme/A/Test200VerifyIdentityLink.java
+++ /dev/null
@@ -1,336 +0,0 @@
-package test.abnahme.A;
-
-import org.w3c.dom.Element;
-import test.abnahme.AbnahmeTestCase;
-
-import at.gv.egovernment.moa.id.AuthenticationException;
-import at.gv.egovernment.moa.id.ParseException;
-import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder;
-import at.gv.egovernment.moa.id.auth.data.IdentityLink;
-import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker;
-import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser;
-import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser;
-import at.gv.egovernment.moa.id.auth.validator.ValidateException;
-import at.gv.egovernment.moa.id.auth.validator.VerifyXMLSignatureResponseValidator;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
-
-/**
- * @author Stefan Knirsch
- * @version $Id$
- *
- */
-public class Test200VerifyIdentityLink extends AbnahmeTestCase {
-
- public Test200VerifyIdentityLink(String name) {
- super(name);
- }
-
- public void testA201() throws Exception {
- try {
- String sessionID = startAuthentication();
- System.out.println(sessionID);
- String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
-
- String createXMLSignatureRequest = server.verifyIdentityLink(sessionID, infoboxReadResponse);
-
- InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse);
- IdentityLink idl = irrp.parseIdentityLink();
- Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID());
- Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest);
-
- VerifyXMLSignatureResponseParser respParser = new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse);
- VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames(), VerifyXMLSignatureResponseValidator.CHECK_IDENTITY_LINK);
-
- /*
- * HINWEIS: clearSamlAssertion löscht aus einer beliebiegen String-Repräsentation einer XML-Struktur
- * AUSSLIESSLICH die Attribute IssueInstand und die AssertionID heraus, von dem her ist diese
- * Method hier verwendbar
- */
-
- assertXmlEquals(clearSamlAssertion(readXmldata("CreateXMLSignatureRequest.xml")), clearSamlAssertion(createXMLSignatureRequest));
- System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
-
- }
- public void testA251() throws Exception {
- try {
- startAuthentication();
- String sessionID = "0";
- String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
- try {
- server.verifyIdentityLink(sessionID, infoboxReadResponse);
- System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
- fail(this.getName() + " hat KEINE FEHLER geworfen");
- }
- catch (AuthenticationException e) {
- System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA252() throws Exception {
- try {
- String sessionID = startAuthentication();
-
- server.setSecondsSessionTimeOut(-100);
- server.cleanup();
- server.setSecondsSessionTimeOut(1000);
-
- System.out.println(sessionID);
- String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
- try {
- server.verifyIdentityLink(sessionID, infoboxReadResponse);
- System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
- fail(this.getName() + " hat KEINE FEHLER geworfen");
- }
- catch (AuthenticationException e) {
- System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
- }
-
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA253() throws Exception {
- try {
- String sessionID = startAuthentication();
- System.out.println(sessionID);
- String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
- try {
- server.verifyIdentityLink(sessionID, infoboxReadResponse);
- server.verifyIdentityLink(sessionID, infoboxReadResponse);
- System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
- fail(this.getName() + " hat KEINE FEHLER geworfen");
- }
- catch (AuthenticationException e) {
- System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA254() throws Exception {
- try {
- String sessionID = startAuthentication();
- String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
- try {
- server.verifyIdentityLink(sessionID, infoboxReadResponse);
- System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
- fail(this.getName() + " hat KEINE FEHLER geworfen");
- }
- catch (ValidateException e) {
- System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA255() throws Exception {
- try {
- String sessionID = startAuthentication();
- System.out.println(sessionID);
- String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
- try {
- server.verifyIdentityLink(sessionID, infoboxReadResponse);
- }
- catch (ParseException e) {
- System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA256() throws Exception {
- try {
- String sessionID = startAuthentication();
- System.out.println(sessionID);
- String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
- try {
- server.verifyIdentityLink(sessionID, infoboxReadResponse);
- }
- catch (ValidateException e) {
- System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
- }
-
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA257() throws Exception {
- try {
- String sessionID = startAuthentication();
- System.out.println(sessionID);
- String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
- try {
- server.verifyIdentityLink(sessionID, infoboxReadResponse);
- System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
- fail(this.getName() + " hat KEINE FEHLER geworfen");
-
- }
- catch (ValidateException e) {
- System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA258() throws Exception {
- try {
- String sessionID = startAuthentication();
- System.out.println(sessionID);
- String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
- try {
- server.verifyIdentityLink(sessionID, infoboxReadResponse);
- System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
- fail(this.getName() + " hat KEINE FEHLER geworfen");
- }
- catch (ValidateException e) {
- System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA259() throws Exception {
- try {
- String sessionID = startAuthentication();
- System.out.println(sessionID);
- String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
- try {
- server.verifyIdentityLink(sessionID, infoboxReadResponse);
- System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
- fail(this.getName() + " hat KEINE FEHLER geworfen");
- }
- catch (ValidateException e) {
- System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA260() throws Exception {
- try {
- String sessionID = startAuthentication();
- System.out.println(sessionID);
- String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
- try {
- server.verifyIdentityLink(sessionID, infoboxReadResponse);
- System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
- fail(this.getName() + " hat KEINE FEHLER geworfen");
- }
- catch (ValidateException e) {
- System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA261() throws Exception {
- try {
- String sessionID = startAuthentication();
- System.out.println(sessionID);
- String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
-
- try {
- server.verifyIdentityLink(sessionID, infoboxReadResponse);
- System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
- fail(this.getName() + " hat KEINE FEHLER geworfen");
- }
- catch (ValidateException e) {
- System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
- }
-
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA262() throws Exception {
- try {
- String sessionID = startAuthentication();
- System.out.println(sessionID);
- String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
- new InfoboxReadResponseParser(infoboxReadResponse).parseIdentityLink();
- // System.out.println(infoboxReadResponse);
-
- try {
- server.verifyIdentityLink(sessionID, infoboxReadResponse);
- System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
- fail(this.getName() + " hat KEINE FEHLER geworfen");
- }
- catch (ValidateException e) {
- System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA263() throws Exception {
- try {
- String sessionID = startAuthentication();
- System.out.println(sessionID);
- String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
- server.verifyIdentityLink(sessionID, infoboxReadResponse);
- InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse);
- IdentityLink idl = irrp.parseIdentityLink();
- Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID());
- Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest);
-
- VerifyXMLSignatureResponseParser respParser = new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse);
-
- // String createXMLSignatureRequest = server.verifyIdentityLink(sessionID, infoboxReadResponse);
- // System.out.println(createXMLSignatureRequest);
- // String createXMLSignatureResponse = readFile(TESTDATA_ROOT + "xmldata/standard/"+"CreateXMLSignatureResponse.xml");
- // String samlArtifact = server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse);
- try {
- VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), new String[] { "CN=TEST,OU=TEST,O=TEST,C=AT" }, VerifyXMLSignatureResponseValidator.CHECK_IDENTITY_LINK);
- System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
- fail(this.getName() + " hat KEINE FEHLER geworfen");
- }
- catch (ValidateException e) {
- System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-}
diff --git a/id.server/src/test/abnahme/A/Test300VerifyAuthBlock.java b/id.server/src/test/abnahme/A/Test300VerifyAuthBlock.java
deleted file mode 100644
index de4fe8fbf..000000000
--- a/id.server/src/test/abnahme/A/Test300VerifyAuthBlock.java
+++ /dev/null
@@ -1,597 +0,0 @@
-package test.abnahme.A;
-
-import java.util.Calendar;
-
-import org.w3c.dom.Element;
-import test.abnahme.AbnahmeTestCase;
-
-import at.gv.egovernment.moa.id.AuthenticationException;
-import at.gv.egovernment.moa.id.BuildException;
-import at.gv.egovernment.moa.id.ParseException;
-import at.gv.egovernment.moa.id.auth.AuthenticationServer;
-import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataAssertionBuilder;
-import at.gv.egovernment.moa.id.auth.builder.PersonDataBuilder;
-import at.gv.egovernment.moa.id.auth.builder.BPKBuilder;
-import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder;
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
-import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse;
-import at.gv.egovernment.moa.id.auth.data.IdentityLink;
-import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse;
-import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker;
-import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser;
-import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser;
-import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser;
-import at.gv.egovernment.moa.id.auth.validator.CreateXMLSignatureResponseValidator;
-import at.gv.egovernment.moa.id.auth.validator.ValidateException;
-import at.gv.egovernment.moa.id.auth.validator.VerifyXMLSignatureResponseValidator;
-import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
-import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
-import at.gv.egovernment.moa.id.data.AuthenticationData;
-import at.gv.egovernment.moa.id.util.Random;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.DateTimeUtils;
-
-/**
- * @author Stefan Knirsch
- * @version $Id$
- *
- */
-
-public class Test300VerifyAuthBlock extends AbnahmeTestCase {
-
- public Test300VerifyAuthBlock(String name) {
- super(name);
- }
-
- public void testA301() throws Exception {
- try {
- String sessionID = startAuthentication();
- AuthenticationData authData = initServer(sessionID);
- //authDataWriter(authData,this.getName()+"new.xml");
- assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
- System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA302() throws Exception {
- try {
- String sessionID = startAuthentication();
- AuthenticationData authData = initServer(sessionID);
- //authDataWriter(authData,this.getName()+"new.xml");
- assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
- System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA303() throws Exception {
- try {
- String sessionID = startAuthentication();
- AuthenticationData authData = initServer(sessionID);
- assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
- System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA304() throws Exception {
- try {
- String sessionID = startAuthentication();
- AuthenticationData authData = initServer(sessionID);
- assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
- System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA305() throws Exception {
- try {
- String sessionID = startAuthentication();
- AuthenticationData authData = initServer(sessionID);
- assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
- System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA306() throws Exception {
- try {
- String sessionID = startAuthentication();
- AuthenticationData authData = initServer(sessionID);
- assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
- System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA307() throws Exception {
- try {
- String sessionID = startAuthentication();
- AuthenticationData authData = initServer(sessionID);
- assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
- System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA308() throws Exception {
- try {
- String sessionID = startAuthentication();
- AuthenticationData authData = initServer(sessionID);
- assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
- System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
-
- }
-
- public void testA309() throws Exception {
- try {
- String sessionID = startAuthentication();
- AuthenticationData authData = initServerWithoutValidateAuthBlock(sessionID);
- assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
- System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA310() throws Exception {
- try {
- String sessionID = startAuthentication();
- AuthenticationData authData = initServerWithoutValidateAuthBlock(sessionID);
- assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
- System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA311() throws Exception {
- try {
- String sessionID = startAuthentication();
- AuthenticationData authData = initServerWithoutValidateAuthBlock(sessionID);
- assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
- System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA351() throws Exception {
- try {
- String sessionID = startAuthentication();
- System.out.println(sessionID);
- String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
- server.verifyIdentityLink(sessionID, infoboxReadResponse);
- InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse);
- IdentityLink idl = irrp.parseIdentityLink();
- Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID());
- Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest);
- new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse);
- //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames());
- // System.out.println(createXMLSignatureRequest);
- String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml");
-
- // nicht existierende Session....
- try {
- server.verifyAuthenticationBlock("0", createXMLSignatureResponse);
- fail();
- }
- catch (AuthenticationException e) {
- System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
- }
-
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA352() throws Exception {
- try {
- String sessionID = startAuthentication();
- System.out.println(sessionID);
- String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
- server.verifyIdentityLink(sessionID, infoboxReadResponse);
- server.setSecondsSessionTimeOut(-100);
- server.cleanup();
- InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse);
- IdentityLink idl = irrp.parseIdentityLink();
- Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID());
- Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest);
- new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse);
- //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames());
- // System.out.println(createXMLSignatureRequest);
- String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml");
-
- // abgelaufene Session....
- server.setSecondsSessionTimeOut(1000);
- try {
- server.verifyAuthenticationBlock("0", createXMLSignatureResponse);
- fail();
- }
- catch (AuthenticationException e) {
- System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
- }
-
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA353() throws Exception {
- try {
- String sessionID = startAuthentication();
- System.out.println(sessionID);
-
- String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml");
-
- // Session for VerifyIdentityLink-Aufruf
- try {
-
- server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse);
- fail();
- }
- //NOCH SEHR UNSCHÖN..... (fliegt raus im AuthenticationServer, Methode buildAuthenticationData
- // ( IdentityLink identityLink = session.getIdentityLink(); ==> liefert dann NULL...
- catch (NullPointerException e) {
- System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA354() throws Exception {
- try {
- String sessionID = startAuthentication();
- System.out.println(sessionID);
- String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
- server.verifyIdentityLink(sessionID, infoboxReadResponse);
- InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse);
- IdentityLink idl = irrp.parseIdentityLink();
- Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID());
- Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest);
- new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse);
- //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames());
- // System.out.println(createXMLSignatureRequest);
- String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml");
-
- // nicht existierende Session....
-
- server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse);
- try {
- server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse);
- fail();
- }
- catch (AuthenticationException e) {
- System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA355() throws Exception {
- try {
- String sessionID = startAuthentication();
- try {
- initServer(sessionID);
- fail();
- }
- catch (ParseException e) {
- System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA356() throws Exception {
- try {
- String sessionID = startAuthentication();
- try {
- initServer(sessionID);
- fail();
- }
- catch (ParseException e) {
- System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA357() throws Exception {
- try {
- String sessionID = startAuthentication();
- try {
- initServer(sessionID);
- fail();
- }
- catch (ValidateException e) {
- System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA358() throws Exception {
- try {
- String sessionID = startAuthentication();
- try {
- initServer(sessionID);
- fail();
- }
- catch (ValidateException e) {
- System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA359() throws Exception {
- try {
- String sessionID = startAuthentication();
- try {
- initServer(sessionID);
- fail();
- }
- catch (ValidateException e) {
- System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA360() throws Exception {
- try {
- String sessionID = startAuthentication();
- try {
- initServer(sessionID);
- fail();
- }
- catch (ValidateException e) {
- System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA361() throws Exception {
- try {
- String sessionID = startAuthentication();
- try {
- initServer(sessionID);
- fail();
- }
- catch (ValidateException e) {
- System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA362() throws Exception {
- try {
- String sessionID = startAuthentication();
- try {
- initServer(sessionID);
- fail();
- }
- catch (ValidateException e) {
- System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA363() throws Exception {
- try {
- String sessionID = startAuthentication();
- try {
- initServer(sessionID);
- fail();
- }
- catch (ValidateException e) {
- System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA364() throws Exception {
- try {
- String sessionID = startAuthentication();
- try {
-
- initServer(sessionID);
- fail();
- }
- catch (ValidateException e) {
- System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- /* public void testA365() throws Exception {
- String sessionID = startAuthentication();
- try {
- // wegen sinnlosigkeit gestrichen
- initServer(sessionID);
- fail();
- }
- catch (ValidateException e) {System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage()+ "-----------------------");}
- }*/
-
- public void testA366() throws Exception {
-
- String sessionID = startAuthentication();
- try {
- initServer(sessionID);
- fail();
- }
- catch (ValidateException e) {System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage()+ "-----------------------");}
- }
- public void testA367() throws Exception {
- String sessionID = startAuthentication();
- try {
- initServer(sessionID);
- fail();
- }
- catch (ValidateException e) {System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage()+ "-----------------------");}
- }
-
-
- private AuthenticationData initServer(String sessionID) throws Exception {
- String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
- server.verifyIdentityLink(sessionID, infoboxReadResponse);
- InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse);
- IdentityLink idl = irrp.parseIdentityLink();
- Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, "TrustProfile1");
- Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest);
- new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse);
- //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames());
- // System.out.println(createXMLSignatureRequest);
- String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml");
- // CreateXMLSignatureResponseValidator.getInstance().validate(new CreateXMLSignatureResponseParser(createXMLSignatureResponse).parseResponse(),"gb","https://localhost:9443/");
- String samlArtifact = server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse);
- AuthenticationData authData = server.getAuthenticationData(samlArtifact);
- return authData;
- }
-
- private AuthenticationData initServerWithoutValidateAuthBlock(String sessionID) throws Exception {
- String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
- server.verifyIdentityLink(sessionID, infoboxReadResponse);
- InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse);
- IdentityLink idl = irrp.parseIdentityLink();
- Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, "TrustProfile1");
- Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest);
- new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse);
- //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames());
- // System.out.println(createXMLSignatureRequest);
- String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml");
- // CreateXMLSignatureResponseValidator.getInstance().validate(new CreateXMLSignatureResponseParser(createXMLSignatureResponse).parseResponse(),"gb","https://localhost:9443/");
-
- AuthenticationSession session = AuthenticationServer.getSession(sessionID);
- AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance();
- // parses