From 42e2547a52439611b52e6a42c6e1098acff997c6 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Fri, 7 Feb 2014 12:46:53 +0100
Subject: * use MOADefaultBootstrap to set SHA256 as default security parameter
 * SAMLEngine: deaktivate DefaultBootStrap.

---
 .../moa/id/demoOA/servlet/pvp2/DemoApplication.java         | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

(limited to 'id/oa')

diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/DemoApplication.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/DemoApplication.java
index 0b30d7d86..dcd478864 100644
--- a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/DemoApplication.java
+++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/DemoApplication.java
@@ -23,6 +23,7 @@
 package at.gv.egovernment.moa.id.demoOA.servlet.pvp2;
 
 import java.io.IOException;
+import java.security.Key;
 import java.security.KeyStore;
 import java.util.ArrayList;
 import java.util.List;
@@ -55,6 +56,7 @@ import org.opensaml.xml.encryption.InlineEncryptedKeyResolver;
 import org.opensaml.xml.encryption.SimpleRetrievalMethodEncryptedKeyResolver;
 import org.opensaml.xml.parse.BasicParserPool;
 import org.opensaml.xml.security.CriteriaSet;
+import org.opensaml.xml.security.SecurityHelper;
 import org.opensaml.xml.security.credential.UsageType;
 import org.opensaml.xml.security.criteria.EntityIDCriteria;
 import org.opensaml.xml.security.criteria.UsageCriteria;
@@ -149,6 +151,11 @@ public class DemoApplication extends HttpServlet {
 				
 				Logger.info("PVP2 Assertion is valid");
 				
+				//set assertion
+				org.w3c.dom.Document doc = SAML2Utils.asDOMDocument(samlResponse);
+				String assertion = DOMUtils.serializeNode(doc);				
+				bean.setAssertion(assertion);
+				
 				if (samlResponse.getStatus().getStatusCode().getValue().equals(StatusCode.SUCCESS_URI)) {
 			
 					List<org.opensaml.saml2.core.Assertion> saml2assertions = new ArrayList<org.opensaml.saml2.core.Assertion>();
@@ -177,7 +184,7 @@ public class DemoApplication extends HttpServlet {
 						encryptedKeyResolver.getResolverChain().add( new SimpleRetrievalMethodEncryptedKeyResolver() );
 						
 						Decrypter samlDecrypter =
-								  new Decrypter(null, skicr, encryptedKeyResolver);
+								new Decrypter(null, skicr, encryptedKeyResolver);
 						
 						for (EncryptedAssertion encAssertion : encryAssertionList) {							
 							saml2assertions.add(samlDecrypter.decrypt(encAssertion));
@@ -219,10 +226,6 @@ public class DemoApplication extends HttpServlet {
 						}
 					}
 					
-					org.w3c.dom.Document doc = SAML2Utils.asDOMDocument(samlResponse);
-					String assertion = DOMUtils.serializeNode(doc);
-					
-					bean.setAssertion(assertion);
 					bean.setDateOfBirth(birthday);
 					bean.setFamilyName(familyName);
 					bean.setGivenName(givenName);
-- 
cgit v1.2.3


From 9b67dbb64ed665be5430c213607854c8c7e3584b Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Tue, 11 Feb 2014 08:07:20 +0100
Subject: change metadata validto area to 24 hours

---
 .../gv/egovernment/moa/id/demoOA/servlet/pvp2/BuildMetadata.java   | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'id/oa')

diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/BuildMetadata.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/BuildMetadata.java
index 652960bbc..4c9bc6d76 100644
--- a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/BuildMetadata.java
+++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/BuildMetadata.java
@@ -82,6 +82,8 @@ import at.iaik.commons.util.MiscUtil;
 public class BuildMetadata extends HttpServlet {
 	private static final long serialVersionUID = 1L;
 	
+	private static final int VALIDUNTIL_IN_HOURS = 24;
+	
 	/**
 	 * @see HttpServlet#HttpServlet()
 	 */
@@ -111,6 +113,9 @@ public class BuildMetadata extends HttpServlet {
 			EntitiesDescriptor spEntitiesDescriptor = SAML2Utils.
 					createSAMLObject(EntitiesDescriptor.class);
 			
+			DateTime date = new DateTime();	
+			spEntitiesDescriptor.setValidUntil(date.plusHours(VALIDUNTIL_IN_HOURS));
+			
 			String name = config.getPVP2MetadataEntitiesName();
 			if (MiscUtil.isEmpty(name)) {
 				Logger.info("NO Metadata EntitiesName configurated");
@@ -128,6 +133,8 @@ public class BuildMetadata extends HttpServlet {
 			EntityDescriptor spEntityDescriptor = SAML2Utils
 					.createSAMLObject(EntityDescriptor.class);
 
+			spEntityDescriptor.setValidUntil(date.plusDays(VALIDUNTIL_IN_HOURS));
+			
 			spEntitiesDescriptor.getEntityDescriptors().add(spEntityDescriptor);
 			
 			//set OA-ID (PublicURL Prefix) as identifier
-- 
cgit v1.2.3