From a727c54ba5f7eb56e55a337de15a34c606fec00e Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Tue, 6 May 2014 12:33:04 +0200 Subject: add first parts of interfederation configuration --- .../moa/id/configuration/data/OAListElement.java | 17 +- .../data/oa/OAMOAIDPInterfederationConfig.java | 195 +++++++++++ .../data/oa/OATargetConfiguration.java | 368 +++++++++++++++++++++ .../id/configuration/helper/FormDataHelper.java | 45 ++- .../struts/action/InterfederationIDPAction.java | 215 ++++++++++++ .../configuration/struts/action/ListOAsAction.java | 11 +- .../struts/action/OpenAdminRequestsAction.java | 2 +- .../resources/applicationResources_de.properties | 12 + .../resources/applicationResources_en.properties | 18 +- id/ConfigWebTool/src/main/resources/struts.xml | 23 ++ id/ConfigWebTool/src/main/webapp/css/index.css | 6 + .../main/webapp/jsp/interfederation/idplist.jsp | 48 +++ .../main/webapp/jsp/interfederation/moa_idp.jsp | 64 ++++ .../src/main/webapp/jsp/interfederation/vidp.jsp | 46 +++ id/ConfigWebTool/src/main/webapp/jsp/listOAs.jsp | 4 +- .../webapp/jsp/snippets/OA/interfederation.jsp | 33 ++ .../src/main/webapp/jsp/snippets/OA/pvp2.jsp | 2 +- .../src/main/webapp/jsp/snippets/main_menu.jsp | 4 + .../src/main/webapp/jsp/snippets/oas_list.jsp | 14 +- 19 files changed, 1103 insertions(+), 24 deletions(-) create mode 100644 id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAMOAIDPInterfederationConfig.java create mode 100644 id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OATargetConfiguration.java create mode 100644 id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java create mode 100644 id/ConfigWebTool/src/main/webapp/jsp/interfederation/idplist.jsp create mode 100644 id/ConfigWebTool/src/main/webapp/jsp/interfederation/moa_idp.jsp create mode 100644 id/ConfigWebTool/src/main/webapp/jsp/interfederation/vidp.jsp create mode 100644 id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/interfederation.jsp (limited to 'id/ConfigWebTool/src/main') diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/OAListElement.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/OAListElement.java index 69bf5dc0c..c4a825589 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/OAListElement.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/OAListElement.java @@ -24,11 +24,21 @@ package at.gv.egovernment.moa.id.configuration.data; public class OAListElement { + public enum ServiceType {OA, VIDP, IDP} + private long dataBaseID; private String oaIdentifier; private String oaFriendlyName; private String oaType; private boolean isActive; + private ServiceType serviceType; + + /** + * + */ + public OAListElement(ServiceType type) { + this.serviceType = type; + } /** @@ -95,5 +105,10 @@ public class OAListElement { public String getIsActive(){ return String.valueOf(isActive); } - + /** + * @return the serviceType + */ + public String getServiceType() { + return serviceType.name(); + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAMOAIDPInterfederationConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAMOAIDPInterfederationConfig.java new file mode 100644 index 000000000..41271858f --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAMOAIDPInterfederationConfig.java @@ -0,0 +1,195 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.configuration.data.oa; + +import java.util.ArrayList; +import java.util.List; + +import javax.servlet.http.HttpServletRequest; + +import org.apache.log4j.Logger; + +import at.gv.egovernment.moa.id.commons.db.dao.config.InterfederationIDPType; +import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; +import at.gv.egovernment.moa.id.commons.validation.ValidationHelper; +import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; +import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; +import at.gv.egovernment.moa.util.MiscUtil; + +/** + * @author tlenz + * + */ +public class OAMOAIDPInterfederationConfig implements IOnlineApplicationData { + + private static final Logger log = Logger.getLogger(OAMOAIDPInterfederationConfig.class); + + private String queryURL; + private boolean inboundSSO = true; + private boolean outboundSSO = true; + private boolean storeSSOSession = true; + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName() + */ + @Override + public String getName() { + return "MOAIDPInterfederation"; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest) + */ + @Override + public List parse(OnlineApplication dbOA, + AuthenticatedUser authUser, HttpServletRequest request) { + + InterfederationIDPType moaIDP = dbOA.getInterfederationIDP(); + if (moaIDP != null) { + this.queryURL = moaIDP.getAttributeQueryURL(); + this.inboundSSO = moaIDP.isInboundSSO(); + this.outboundSSO = moaIDP.isOutboundSSO(); + this.storeSSOSession = moaIDP.isStoreSSOSession(); + } + + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest) + */ + @Override + public String store(OnlineApplication dbOA, AuthenticatedUser authUser, + HttpServletRequest request) { + + if (authUser.isAdmin()) { + + InterfederationIDPType moaIDP = dbOA.getInterfederationIDP(); + if (moaIDP == null) { + moaIDP = new InterfederationIDPType(); + dbOA.setInterfederationIDP(moaIDP); + } + + moaIDP.setAttributeQueryURL(queryURL); + moaIDP.setInboundSSO(inboundSSO); + moaIDP.setOutboundSSO(outboundSSO); + moaIDP.setStoreSSOSession(storeSSOSession); + } + + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest) + */ + @Override + public List validate(OAGeneralConfig general, + AuthenticatedUser authUser, HttpServletRequest request) { + + List errors = new ArrayList(); + + if (MiscUtil.isNotEmpty(queryURL)) { + if (!ValidationHelper.validateURL(queryURL)) { + log.info("AttributeQuery URL is not valid"); + errors.add(LanguageHelper.getErrorString("validation.interfederation.moaidp.queryurl.valid", request)); + + } + + boolean publicServiceAllowed = ValidationHelper.isPublicServiceAllowed(queryURL); + if (!publicServiceAllowed && !general.isBusinessService()) { + log.info("AttributQuery Service URL " + queryURL + " does not allow PublicService."); + errors.add(LanguageHelper.getErrorString("validation.interfederation.moaidp.queryurl.publicservice", + new Object[] {queryURL}, request )); + general.setBusinessService(true); + + } + + } + + if (inboundSSO && MiscUtil.isEmpty(queryURL)) { + log.info("Inbound Single Sign-On requires AttributQueryURL configuration."); + errors.add(LanguageHelper.getErrorString("validation.interfederation.moaidp.queryurl.empty", request)); + } + + return errors; + } + + /** + * @return the queryURL + */ + protected String getQueryURL() { + return queryURL; + } + + /** + * @param queryURL the queryURL to set + */ + protected void setQueryURL(String queryURL) { + this.queryURL = queryURL; + } + + /** + * @return the inboundSSO + */ + protected boolean isInboundSSO() { + return inboundSSO; + } + + /** + * @param inboundSSO the inboundSSO to set + */ + protected void setInboundSSO(boolean inboundSSO) { + this.inboundSSO = inboundSSO; + } + + /** + * @return the outboundSSO + */ + protected boolean isOutboundSSO() { + return outboundSSO; + } + + /** + * @param outboundSSO the outboundSSO to set + */ + protected void setOutboundSSO(boolean outboundSSO) { + this.outboundSSO = outboundSSO; + } + + /** + * @return the storeSSOSession + */ + protected boolean isStoreSSOSession() { + return storeSSOSession; + } + + /** + * @param storeSSOSession the storeSSOSession to set + */ + protected void setStoreSSOSession(boolean storeSSOSession) { + this.storeSSOSession = storeSSOSession; + } + + + +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OATargetConfiguration.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OATargetConfiguration.java new file mode 100644 index 000000000..4036bc25f --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OATargetConfiguration.java @@ -0,0 +1,368 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.configuration.data.oa; + +import java.util.Arrays; +import java.util.List; + +import javax.servlet.http.HttpServletRequest; + +import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA; +import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber; +import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; +import at.gv.egovernment.moa.id.commons.validation.TargetValidator; +import at.gv.egovernment.moa.id.configuration.Constants; +import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; +import at.gv.egovernment.moa.id.configuration.validation.oa.OATargetConfigValidation; +import at.gv.egovernment.moa.util.MiscUtil; + +/** + * @author tlenz + * + */ +public class OATargetConfiguration implements IOnlineApplicationData { + + private boolean deaktivededBusinessService = false; + + private boolean subTargetSet = false; + + private String target = null; + private String target_subsector = null; + private String target_admin = null; + private static List targetList = null; + private String targetFriendlyName = null; + private boolean isAdminTarget = false; + + private String identificationNumber = null; + private String identificationType = null; + private static List identificationTypeList = null; + + public OATargetConfiguration() { + targetList = TargetValidator.getListOfTargets(); + target = ""; + + identificationTypeList = Arrays.asList( + Constants.IDENIFICATIONTYPE_FN, + Constants.IDENIFICATIONTYPE_ZVR, + Constants.IDENIFICATIONTYPE_ERSB, + Constants.IDENIFICATIONTYPE_STORK); + } + + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName() + */ + @Override + public String getName() { + return "OATargetConfig"; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest) + */ + @Override + public List parse(OnlineApplication dbOA, + AuthenticatedUser authUser, HttpServletRequest request) { + subTargetSet = MiscUtil.isNotEmpty(getTarget_subsector()); + + String target_full = dbOA.getTarget(); + if (MiscUtil.isNotEmpty(target_full)) { + if (TargetValidator.isValidTarget(target_full)) { + target = target_full; + + } else { + String[] target_split = target_full.split("-"); + + if (TargetValidator.isValidTarget(target_split[0])) { + target = target_split[0]; + if (target_split.length > 1) + target_subsector = target_split[1]; + + } else { + target = ""; + target_subsector = null; + target_admin = target_full; + isAdminTarget = true; + } + } + targetFriendlyName = dbOA.getTargetFriendlyName(); + } + + AuthComponentOA oaauth = dbOA.getAuthComponentOA(); + if (oaauth != null) { + + IdentificationNumber idnumber = oaauth.getIdentificationNumber(); + if (idnumber != null) { + String number = idnumber.getValue(); + if (MiscUtil.isNotEmpty(number)) { + String[] split = number.split("\\+"); + + if (Constants.PREFIX_WPBK.startsWith(split[0]) && split.length >= 2) { + identificationType = split[1]; + identificationNumber = split[2]; + } else if (Constants.PREFIX_STORK.startsWith(split[0]) && split.length >= 2) { + //identificationType = split[1]; // setting at as iden category ? + identificationType = Constants.IDENIFICATIONTYPE_STORK; + identificationNumber = split[2]; // setting sp country as ident type -> sp ident + } + } + + if (authUser.isOnlyBusinessService()) { + deaktivededBusinessService = authUser.isOnlyBusinessService(); + + identificationType = authUser.getBusinessServiceType(); + identificationNumber = authUser.getBusinessServiceNumber(); + + } + + } + } + + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest) + */ + @Override + public String store(OnlineApplication dbOA, AuthenticatedUser authUser, + HttpServletRequest request) { + + AuthComponentOA authoa = dbOA.getAuthComponentOA(); + if (authoa == null) { + authoa = new AuthComponentOA(); + dbOA.setAuthComponentOA(authoa); + } + + if (isBusinessService(dbOA) || authUser.isOnlyBusinessService()) { + + dbOA.setType(Constants.MOA_CONFIG_BUSINESSSERVICE); + + String num = null; + if (authUser.isOnlyBusinessService()) { + deaktivededBusinessService = authUser.isOnlyBusinessService(); + num = authUser.getBusinessServiceType() + authUser.getBusinessServiceNumber(); + + } else { + + num = getIdentificationNumber().replaceAll(" ", ""); + if (num.startsWith(Constants.IDENIFICATIONTYPE_FN)) { + num = num.substring(Constants.IDENIFICATIONTYPE_FN.length()); + + num = at.gv.egovernment.moa.util.StringUtils.deleteLeadingZeros(num); + + // num = StringUtils.leftPad(num, 7, '0'); + } + + if (num.startsWith(Constants.IDENIFICATIONTYPE_ZVR)) + num = num.substring(Constants.IDENIFICATIONTYPE_ZVR.length()); + + if (num.startsWith(Constants.IDENIFICATIONTYPE_ERSB)) + num = num.substring(Constants.IDENIFICATIONTYPE_ERSB.length()); + } + + IdentificationNumber idnumber = new IdentificationNumber(); + + if (getIdentificationType().equals(Constants.IDENIFICATIONTYPE_STORK)) { + idnumber.setValue(Constants.PREFIX_STORK + "AT" + "+" + num); + idnumber.setType(Constants.BUSINESSSERVICENAMES.get(getIdentificationType())); + } else { + idnumber.setValue(Constants.PREFIX_WPBK + getIdentificationType() + "+" + num); + idnumber.setType(Constants.BUSINESSSERVICENAMES.get(getIdentificationType())); + } + + authoa.setIdentificationNumber(idnumber); + + } else { + dbOA.setType(null); + + if (authUser.isAdmin()) { + if (MiscUtil.isNotEmpty(getTarget_admin()) && isAdminTarget()) { + dbOA.setTarget(getTarget_admin()); + dbOA.setTargetFriendlyName(getTargetFriendlyName()); + + } else { + + String target = getTarget(); + + if (MiscUtil.isNotEmpty(getTarget_subsector()) && subTargetSet) + dbOA.setTarget(target + "-" + getTarget_subsector()); + else + dbOA.setTarget(target); + + String targetname = TargetValidator.getTargetFriendlyName(target); + if (MiscUtil.isNotEmpty(targetname)) dbOA.setTargetFriendlyName(targetname); + + } + + } else { + + if (MiscUtil.isNotEmpty(getTarget())) { + + String target = getTarget(); + + if (MiscUtil.isNotEmpty(getTarget_subsector()) && subTargetSet) + dbOA.setTarget(target + "-" + getTarget_subsector()); + + else + dbOA.setTarget(target); + + String targetname = TargetValidator.getTargetFriendlyName(target); + if (MiscUtil.isNotEmpty(targetname)) dbOA.setTargetFriendlyName(targetname); + + } + } + } + return null; + } + + /** + * @return + */ + private boolean isBusinessService(OnlineApplication dbOA) { + if (dbOA.getType().equals(Constants.MOA_CONFIG_BUSINESSSERVICE)) + return true; + else + return false; + } + + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest) + */ + @Override + public List validate(OAGeneralConfig general, + AuthenticatedUser authUser, HttpServletRequest request) { + return new OATargetConfigValidation().validate(this, authUser.isAdmin(), general, request); + } + + public String getTarget() { + return target; + } + + public void setTarget(String target) { + this.target = target; + } + + public String getTargetFriendlyName() { + return targetFriendlyName; + } + + public void setTargetFriendlyName(String targetFriendlyName) { + this.targetFriendlyName = targetFriendlyName; + } + + public String getIdentificationNumber() { + return identificationNumber; + } + + public void setIdentificationNumber(String identificationNumber) { + this.identificationNumber = identificationNumber; + } + + public String getIdentificationType() { + return identificationType; + } + + public void setIdentificationType(String identificationType) { + this.identificationType = identificationType; + } + + /** + * @return the target_subsector + */ + public String getTarget_subsector() { + return target_subsector; + } + + + /** + * @param target_subsector the target_subsector to set + */ + public void setTarget_subsector(String target_subsector) { + this.target_subsector = target_subsector; + } + + + /** + * @return the target_admin + */ + public String getTarget_admin() { + return target_admin; + } + + + /** + * @param target_admin the target_admin to set + */ + public void setTarget_admin(String target_admin) { + this.target_admin = target_admin; + } + + + /** + * @return the targetList + */ + public List getTargetList() { + return targetList; + } + + + /** + * @return the identificationTypeList + */ + public List getIdentificationTypeList() { + return identificationTypeList; + } + + + /** + * @return the isAdminTarget + */ + public boolean isAdminTarget() { + return isAdminTarget; + } + + + /** + * @param isAdminTarget the isAdminTarget to set + */ + public void setAdminTarget(boolean isAdminTarget) { + this.isAdminTarget = isAdminTarget; + } + + /** + * @return the deaktivededBusinessService + */ + public boolean isDeaktivededBusinessService() { + return deaktivededBusinessService; + } + + + /** + * @param deaktivededBusinessService the deaktivededBusinessService to set + */ + public void setDeaktivededBusinessService(boolean deaktivededBusinessService) { + this.deaktivededBusinessService = deaktivededBusinessService; + } +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/FormDataHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/FormDataHelper.java index 8e58f7bde..24ee653f3 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/FormDataHelper.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/FormDataHelper.java @@ -29,26 +29,53 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; import at.gv.egovernment.moa.id.configuration.data.OAListElement; +import at.gv.egovernment.moa.id.configuration.data.OAListElement.ServiceType; public class FormDataHelper { - public static ArrayList addFormOAs(List dbOAs) { + public static ArrayList populateFormWithInderfederationIDPs(List dbOAs) { ArrayList formOAs = new ArrayList(); for (OnlineApplication dboa : dbOAs) { - OAListElement listoa = new OAListElement(); - listoa.setActive(dboa.isIsActive()); - listoa.setDataBaseID(dboa.getHjid()); - listoa.setOaFriendlyName(dboa.getFriendlyName()); - listoa.setOaIdentifier(dboa.getPublicURLPrefix()); - listoa.setOaType(dboa.getType()); - formOAs.add(listoa); - } + + if (dboa.isIsInterfederationIDP()!= null && dboa.isIsInterfederationIDP()) + formOAs.add(addOAFormListElement(dboa, ServiceType.IDP)); + + else if (dboa.getAuthComponentOA().getOASTORK() != null + && dboa.getAuthComponentOA().getOASTORK().isVidpEnabled() != null + && dboa.getAuthComponentOA().getOASTORK().isVidpEnabled()) + formOAs.add(addOAFormListElement(dboa, ServiceType.VIDP)); + } + return formOAs; + } + + public static ArrayList populateFormWithOAs(List dbOAs) { + ArrayList formOAs = new ArrayList(); + + for (OnlineApplication dboa : dbOAs) { + + if ( !((dboa.isIsInterfederationIDP() != null && dboa.isIsInterfederationIDP()) || + (dboa.getAuthComponentOA().getOASTORK() != null + && dboa.getAuthComponentOA().getOASTORK().isVidpEnabled() != null + && dboa.getAuthComponentOA().getOASTORK().isVidpEnabled()))) { + formOAs.add(addOAFormListElement(dboa, ServiceType.OA)); + } + } return formOAs; } + private static OAListElement addOAFormListElement(OnlineApplication dboa, ServiceType type) { + OAListElement listoa = new OAListElement(type); + listoa.setActive(dboa.isIsActive()); + listoa.setDataBaseID(dboa.getHjid()); + listoa.setOaFriendlyName(dboa.getFriendlyName()); + listoa.setOaIdentifier(dboa.getPublicURLPrefix()); + listoa.setOaType(dboa.getType()); + return listoa; + } + public static ArrayList addFormUsers(List dbuserlist) { ArrayList userlist = new ArrayList(); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java new file mode 100644 index 000000000..769b92649 --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/InterfederationIDPAction.java @@ -0,0 +1,215 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.configuration.struts.action; + +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +import org.apache.log4j.Logger; + +import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; +import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; +import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; +import at.gv.egovernment.moa.id.configuration.Constants; +import at.gv.egovernment.moa.id.configuration.data.FormularCustomization; +import at.gv.egovernment.moa.id.configuration.data.OAListElement; +import at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData; +import at.gv.egovernment.moa.id.configuration.data.oa.OAAuthenticationData; +import at.gv.egovernment.moa.id.configuration.data.oa.OAMOAIDPInterfederationConfig; +import at.gv.egovernment.moa.id.configuration.data.oa.OAPVP2Config; +import at.gv.egovernment.moa.id.configuration.data.oa.OASTORKConfig; +import at.gv.egovernment.moa.id.configuration.exception.BasicActionException; +import at.gv.egovernment.moa.id.configuration.exception.BasicOAActionException; +import at.gv.egovernment.moa.id.configuration.helper.FormDataHelper; +import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; +import at.gv.egovernment.moa.id.util.FormBuildUtils; +import at.gv.egovernment.moa.id.util.Random; + +/** + * @author tlenz + * + */ +public class InterfederationIDPAction extends BasicOAAction { + private static final Logger log = Logger.getLogger(InterfederationIDPAction.class); + private static final long serialVersionUID = 2879192135387083131L; + + public static final String STRUTS_IDP_VIDP = "-VIDP"; + public static final String STRUTS_IDP_MOA = "-MOAIDP"; + + private List formOAs; + + public InterfederationIDPAction() { + super(); + + } + + public String listAllIDPs() { + try { + populateBasicInformations(); + + if (authUser.isAdmin()) { + List dbOAs = ConfigurationDBRead.getAllOnlineApplications(); + + if (dbOAs == null || dbOAs.size() == 0) { + addActionError(LanguageHelper.getErrorString("errors.listOAs.noOA", request)); + + } else { + formOAs = FormDataHelper.populateFormWithInderfederationIDPs(dbOAs); + } + + session.setAttribute(Constants.SESSION_RETURNAREA, + Constants.STRUTS_RETURNAREA_VALUES.main.name()); + + ConfigurationDBUtils.closeSession(); + + return Constants.STRUTS_SUCCESS; + + } else { + log.warn("User with ID " + authUser.getUserID() + " not allowed to manage interfederation IDPs."); + addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); + return Constants.STRUTS_NOTALLOWED; + } + + } catch (BasicActionException e) { + return Constants.STRUTS_ERROR; + + } + } + + public String loadIDPInformation() { + try { + populateBasicInformations(); + + OnlineApplication oa = populateOnlineApplicationFromRequest(); + + if (oa.isIsInterfederationIDP() != null + && oa.isIsInterfederationIDP()) { + + buildMOAIDPFormList(); + parseOAToForm(oa); + + return Constants.STRUTS_SUCCESS + STRUTS_IDP_MOA; + + } else if (oa.getAuthComponentOA().getOASTORK() != null + && oa.getAuthComponentOA().getOASTORK().isVidpEnabled() != null + && oa.getAuthComponentOA().getOASTORK().isVidpEnabled()) { + + buildVIDPFormList(); + parseOAToForm(oa); + + return Constants.STRUTS_SUCCESS + STRUTS_IDP_VIDP; + + } else { + log.warn("Requested application is not an interfederation IDP."); + return Constants.STRUTS_NOTALLOWED; + } + + + + } catch (BasicActionException e) { + return Constants.STRUTS_ERROR; + + } catch (BasicOAActionException e) { + addActionError(e.getStrutsError()); + return e.getStrutsReturnValue(); + + } + } + + /** + * @param oa + */ + private void parseOAToForm(OnlineApplication oa) { + List errors = new ArrayList(); + for (IOnlineApplicationData form : formList.values()) { + List error = form.parse(oa, authUser, request); + if (error != null) + errors.addAll(error); + } + if (errors.size() > 0) { + for (String el : errors) + addActionError(el); + } + + setNewOA(false); + + ConfigurationDBUtils.closeSession(); + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + session.setAttribute(Constants.SESSION_OAID, oaid); + } + + private void buildMOAIDPFormList() { + + OAPVP2Config pvp2OA = new OAPVP2Config(); + formList.put(pvp2OA.getName(), pvp2OA); + + OAMOAIDPInterfederationConfig moaidp = new OAMOAIDPInterfederationConfig(); + formList.put(moaidp.getName(), moaidp); + + } + + /** + * + */ + private void buildVIDPFormList() { + + OAAuthenticationData authOA = new OAAuthenticationData(); + formList.put(authOA.getName(), authOA); + + OASTORKConfig storkOA = new OASTORKConfig(); + formList.put(storkOA.getName(), storkOA); + + Map map = new HashMap(); + map.putAll(FormBuildUtils.getDefaultMap()); + FormularCustomization formOA = new FormularCustomization(map); + formList.put(formOA.getName(), formOA); + + } + + /** + * @return the formOAs + */ + public List getFormOAs() { + return formOAs; + } + + public OAPVP2Config getPvp2OA() { + return (OAPVP2Config) formList.get(new OAPVP2Config().getName()); + } + + public void setPvp2OA(OAPVP2Config pvp2oa) { + formList.put(pvp2oa.getName(), pvp2oa); + } + + public OAMOAIDPInterfederationConfig getMOAIDP() { + return (OAMOAIDPInterfederationConfig) formList.get(new OAMOAIDPInterfederationConfig().getName()); + } + + public void setMOAIDP(OAMOAIDPInterfederationConfig pvp2oa) { + formList.put(pvp2oa.getName(), pvp2oa); + } +} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java index fdef558a9..7f7f083c9 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java @@ -88,7 +88,7 @@ public class ListOAsAction extends BasicAction { addActionError(LanguageHelper.getErrorString("errors.listOAs.noOA", request)); } else { - formOAs = FormDataHelper.addFormOAs(dbOAs); + formOAs = FormDataHelper.populateFormWithOAs(dbOAs); } session.setAttribute(Constants.SESSION_RETURNAREA, @@ -160,14 +160,11 @@ public class ListOAsAction extends BasicAction { } if (dbOAs == null || dbOAs.size() == 0) { - log.debug("No OAs found with Identifier " + friendlyname); + log.debug("No IDPs found with Identifier " + friendlyname); addActionError(LanguageHelper.getErrorString("errors.listOAs.noOA", request)); - } else { - - formOAs = FormDataHelper.addFormOAs(dbOAs); - session.setAttribute(Constants.SESSION_RETURNAREA, - Constants.STRUTS_RETURNAREA_VALUES.main.name()); + } else { + formOAs = FormDataHelper.populateFormWithOAs(dbOAs); } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/OpenAdminRequestsAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/OpenAdminRequestsAction.java index a4c768eda..283b3604a 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/OpenAdminRequestsAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/OpenAdminRequestsAction.java @@ -67,7 +67,7 @@ public class OpenAdminRequestsAction extends BasicAction { List dbOAs = ConfigurationDBRead.getAllNewOnlineApplications(); if (dbOAs != null) { - formOAs = FormDataHelper.addFormOAs(dbOAs); + formOAs = FormDataHelper.populateFormWithOAs(dbOAs); } List dbUsers = ConfigurationDBRead.getAllNewUsers(); diff --git a/id/ConfigWebTool/src/main/resources/applicationResources_de.properties b/id/ConfigWebTool/src/main/resources/applicationResources_de.properties index 3606eab38..0df2a1d85 100644 --- a/id/ConfigWebTool/src/main/resources/applicationResources_de.properties +++ b/id/ConfigWebTool/src/main/resources/applicationResources_de.properties @@ -11,6 +11,7 @@ error.title=Fehler: error.login.internal=W\u00E4hrend der Verarbeitung ist ein interner Fehler auftetreten. Bitte Versuchen Sie es nocheinmal oder kontaktieren Sie den Administrator. error.general.text=W\u00E4hrend der Verarbeitung ist ein interner Fehler auftetreten. Bitte Versuchen Sie es nocheinmal oder kontaktieren Sie den Administrator. errors.listOAs.noOA=Es wurden keine Online-Applikationen in der Datenbank gefunden. +errors.listIDPs.noIDP=Es wurden kein IdentityProvider f\u00FCr Interfederation in der Datenbank gefunden. errors.edit.oa.oaid=Es wurde keine g\u00FCtige Online-Applikations-ID \u00FCbergeben. errors.edit.oa.oaid.allowed=Sie besitzen nicht die ben\u00F6tigen Rechte um auf diese Online-Applikation zuzugreifen. error.oa.pvp2.certificate=Das hinterlegte PVP2 Zertifikat konnte nicht gelesen werden. @@ -98,6 +99,12 @@ webpages.mainpage.menu.interfederation=Interfederation webpages.interfederation.header=IDP Interfederation Konfiguration webpages.interfederation.list.header=Liste aller konfiguerierten IDPs +webpages.inderfederation.moaid.header=Interfederation +webpages.inderfederation.moaid.businessServiceIDP=Privatwirtschaftlicher IDP +webpages.inderfederation.moaid.inboundSSO=Eingehendes SSO erlauben +webpages.inderfederation.moaid.outboundSSO=Ausgehendes SSO erlauben +webpages.inderfederation.moaid.storeSSOSession=SSO Session speichern +webpages.inderfederation.moaid.attributQueryURL=AttributQuery Service URL webpages.moaconfig.save.success=Die MOA-ID Konfiguration wurde erfolgreich gespeichert. webpages.moaconfig.header=Allgemeine Konfiguration @@ -156,6 +163,7 @@ webpages.moaconfig.sl.transormations.header=SecurityLayer Transformationen webpages.moaconfig.sl.transormations.filename=Dateiname webpages.moaconfig.sl.transormations.upload=Neue Transformation hochladen +webpages.listOAs.list.elInfo=Type webpages.listOAs.list.first=Eindeutige Kennung webpages.listOAs.list.second=Name der Online-Applikation @@ -447,6 +455,10 @@ validation.pvp2.certificate.notfound=Kein PVP2 Zertifikat eingef\u00FCgt. validation.sso.logouturl.empty=Eine URL zum Single Log-Out Service ist erforderlich. validation.sso.logouturl.valid=Die URL zum Single Log-Out Service wei\u00DFt kein g\u00FCltiges Format auf. +validation.interfederation.moaidp.queryurl.valid=Die URL zum zum AttributQuery Service wei\u00DFt kein g\u00FCltiges Format auf. +validation.interfederation.moaidp.queryurl.empty=Die URL zum zum AttributQuery Service muss f\u00FCr eingehende Single Sign-On Interfederation konfiguriert werden. +validation.interfederation.moaidp.queryurl.publicservice=Die Domain des AttributQuery Services f\u00FCr diesen IDP erlaubt nur Applikationen aus dem privatwirtschaftlichen Bereich. + validation.saml1.providestammzahl=ProvideStammZahl kann nicht mit Applikationen aus dem privatwirtschaftlichen Bereich kombiniert werden. validation.general.bkuselection.specialfeatures.valid=Die speziellen Einstellungen f\u00FCr die BKU Auswahl (Vollmachtsanmeldung ausblenden / zwingend voraussetzen) k\u00F6nnen nicht in Kombination mit SSO verwendet werden. diff --git a/id/ConfigWebTool/src/main/resources/applicationResources_en.properties b/id/ConfigWebTool/src/main/resources/applicationResources_en.properties index 256530a97..3f0d7d3fe 100644 --- a/id/ConfigWebTool/src/main/resources/applicationResources_en.properties +++ b/id/ConfigWebTool/src/main/resources/applicationResources_en.properties @@ -11,6 +11,7 @@ error.title=Error: error.login.internal=The error occurred during the processing. Please try again or contact Administrator. error.general.text=During the processing the error condition occured. Please try again or contact the administrator. errors.listOAs.noOA=There is no Online-Application found in the database. +errors.listIDPs.noIDP=There is no interfederation IdentityProvider found in the database. errors.edit.oa.oaid=There is no valid Online-Application ID transfered. errors.edit.oa.oaid.allowed=You do not possess the necessary rights in order to access this Online-Application. error.oa.pvp2.certificate=Provided PVP2 certificate could not be read. @@ -96,8 +97,14 @@ webpages.mainpage.menu.general.usermanagement=User management webpages.mainpage.menu.general.adminrequests=Open requests webpages.mainpage.menu.interfederation=Interfederation -webpages.interfederation.header=IDP Interfederation Konfiguration -webpages.interfederation.list.header=Liste aller konfiguerierten IDPs +webpages.interfederation.header=IDP Interfederation Configuration +webpages.interfederation.list.header=List of all interfederation IDPs +webpages.inderfederation.moaid.businessServiceIDP=BusinessService IDP +webpages.inderfederation.moaid.header=Interfederation +webpages.inderfederation.moaid.inboundSSO=Allow inbound SSO +webpages.inderfederation.moaid.outboundSSO=Allow outbound SSO +webpages.inderfederation.moaid.storeSSOSession=Store SSO session +webpages.inderfederation.moaid.attributQueryURL=AttributQuery Service URL webpages.moaconfig.save.success=MOA-ID has been successfully saved. @@ -157,6 +164,7 @@ webpages.moaconfig.sl.transormations.header=SecurityLayer Transformations webpages.moaconfig.sl.transormations.filename=File name webpages.moaconfig.sl.transormations.upload=Upload new transformations +webpages.listOAs.list.elInfo=Type webpages.listOAs.list.first=Unique identifier webpages.listOAs.list.second=Name of the Online-Application @@ -448,10 +456,14 @@ validation.pvp2.certificate.notfound=There is no PVP2 inserted. validation.sso.logouturl.empty=URL for Single Log-Out Service is necessary. validation.sso.logouturl.valid=URL for Single Log-Out Service has incorrect format. +validation.interfederation.moaidp.queryurl.valid=URL for AttributQuery Service has incorrect format. +validation.interfederation.moaidp.queryurl.empty=URL for AttributQuery Service is necessary for inbound Single Sign-On interfederation. +validation.interfederation.moaidp.queryurl.publicservice=The domain of AttributQuery service for that IDP permits private sector only. + validation.saml1.providestammzahl=ProvideSourcePIN cannot be combined with applications from private sector. validation.general.bkuselection.specialfeatures.valid=The special settings for the selection of CCE (Hide mandate login / compulsory required) could not be used in combination with SSO. -validation.general.bkuselection.specialfeatures.combination=Required mandate based in combination with hidden checkfbox for selection of mandating is not possible. +validation.general.bkuselection.specialfeatures.combination=Required mandate based in combination with hidden checkbox for selection of mandating is not possible. validation.general.form.color.background=Background color for CCE selection contains invalid hexadecimal value. (e.g. \\\#FFFFFF) validation.general.form.color.front=Foreground color for CCE selection contains invalid hexadecimal value. (e.g. \\\#FFFFFF) validation.general.form.header.color.back=Background color for the caption of CCE selection contains no valid hexadecimal value. (e.g. \\\#FFFFFF) diff --git a/id/ConfigWebTool/src/main/resources/struts.xml b/id/ConfigWebTool/src/main/resources/struts.xml index 4b006ffd9..28297c9e6 100644 --- a/id/ConfigWebTool/src/main/resources/struts.xml +++ b/id/ConfigWebTool/src/main/resources/struts.xml @@ -365,6 +365,29 @@ + + /jsp/interfederation/idplist.jsp + main + /error.jsp + + logout + / + + + + + + /jsp/interfederation/vidp.jsp + /jsp/interfederation/moa_idp.jsp + main + /error.jsp + + logout + / + + + + \ No newline at end of file diff --git a/id/ConfigWebTool/src/main/webapp/css/index.css b/id/ConfigWebTool/src/main/webapp/css/index.css index eb984a896..2c7a880f0 100644 --- a/id/ConfigWebTool/src/main/webapp/css/index.css +++ b/id/ConfigWebTool/src/main/webapp/css/index.css @@ -356,6 +356,12 @@ div .wwgrp br { font-size: 1.1em; } +.listElInfo { + position: relative; + width: 50px; + float: left; +} + .listFirst { position: relative; width: 450px; diff --git a/id/ConfigWebTool/src/main/webapp/jsp/interfederation/idplist.jsp b/id/ConfigWebTool/src/main/webapp/jsp/interfederation/idplist.jsp new file mode 100644 index 000000000..db36cb2ec --- /dev/null +++ b/id/ConfigWebTool/src/main/webapp/jsp/interfederation/idplist.jsp @@ -0,0 +1,48 @@ +<%@page import="at.gv.egovernment.moa.id.configuration.helper.LanguageHelper"%> + +<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%> +<%@ taglib prefix="s" uri="/struts-tags" %> + + + + + + + <%=LanguageHelper.getGUIString("title", request) %> + + + + + + + + + + +
+ +
+ + +
+
+ + + +
+

<%=LanguageHelper.getGUIString("webpages.interfederation.list.header", request) %>

+ + loadIDP + +
+ + + +
+ +
+ + + + + \ No newline at end of file diff --git a/id/ConfigWebTool/src/main/webapp/jsp/interfederation/moa_idp.jsp b/id/ConfigWebTool/src/main/webapp/jsp/interfederation/moa_idp.jsp new file mode 100644 index 000000000..5dd769757 --- /dev/null +++ b/id/ConfigWebTool/src/main/webapp/jsp/interfederation/moa_idp.jsp @@ -0,0 +1,64 @@ +<%@page import="at.gv.egovernment.moa.id.configuration.helper.LanguageHelper"%> + +<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%> +<%@ taglib prefix="s" uri="/struts-tags" %> + + + + + + + <%=LanguageHelper.getGUIString("title", request) %> + + + + + + + + + + +
+ +
+ + +
+
+ + +
+

<%=LanguageHelper.getGUIString("webpages.interfederation.header", request) %>

+ + + + + + + + + "" + + + + +
+ + + + + +
+ +
+ +
+
+ +
+ + + + + \ No newline at end of file diff --git a/id/ConfigWebTool/src/main/webapp/jsp/interfederation/vidp.jsp b/id/ConfigWebTool/src/main/webapp/jsp/interfederation/vidp.jsp new file mode 100644 index 000000000..5f51d9f86 --- /dev/null +++ b/id/ConfigWebTool/src/main/webapp/jsp/interfederation/vidp.jsp @@ -0,0 +1,46 @@ +<%@page import="at.gv.egovernment.moa.id.configuration.helper.LanguageHelper"%> + +<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%> +<%@ taglib prefix="s" uri="/struts-tags" %> + + + + + + + <%=LanguageHelper.getGUIString("title", request) %> + + + + + + + + + + +
+ +
+ + +
+
+ +

<%=LanguageHelper.getGUIString("webpages.interfederation.header", request) %>

+ + + +
+

<%=LanguageHelper.getGUIString("webpages.interfederation.list.header", request) %>

+ +
+ +
+ +
+ + + + + \ No newline at end of file diff --git a/id/ConfigWebTool/src/main/webapp/jsp/listOAs.jsp b/id/ConfigWebTool/src/main/webapp/jsp/listOAs.jsp index 11953ec86..bad50262d 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/listOAs.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/listOAs.jsp @@ -27,7 +27,9 @@ - + + loadOA + diff --git a/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/interfederation.jsp b/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/interfederation.jsp new file mode 100644 index 000000000..97d21bcb4 --- /dev/null +++ b/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/interfederation.jsp @@ -0,0 +1,33 @@ +<%@page import="at.gv.egovernment.moa.id.configuration.helper.LanguageHelper"%> +<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%> +<%@ taglib prefix="s" uri="/struts-tags" %> + + +
+

<%=LanguageHelper.getGUIString("webpages.inderfederation.moaid.header", request) %>

+ + + + + + + + + + +
+ + \ No newline at end of file diff --git a/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/pvp2.jsp b/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/pvp2.jsp index cb437309a..f9471816c 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/pvp2.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/pvp2.jsp @@ -3,7 +3,7 @@ <%@ taglib prefix="s" uri="/struts-tags" %> -