From 3f5365c0036b5aa38c0b5a15b9b1215c6004fa36 Mon Sep 17 00:00:00 2001 From: Andreas Fitzek Date: Thu, 4 Apr 2013 14:35:49 +0200 Subject: added new Servlet definitions added URL rewrite modul --- .../src/main/webapp/WEB-INF/server-config.wsdd | 2 +- .../auth/src/main/webapp/WEB-INF/urlrewrite.xml | 124 +++++++++++++++++++++ id/server/auth/src/main/webapp/WEB-INF/web.xml | 115 ++++++++++++++----- 3 files changed, 211 insertions(+), 30 deletions(-) create mode 100644 id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml (limited to 'id/server/auth/src/main') diff --git a/id/server/auth/src/main/webapp/WEB-INF/server-config.wsdd b/id/server/auth/src/main/webapp/WEB-INF/server-config.wsdd index 0f0eb49d1..121ec3cf9 100644 --- a/id/server/auth/src/main/webapp/WEB-INF/server-config.wsdd +++ b/id/server/auth/src/main/webapp/WEB-INF/server-config.wsdd @@ -11,7 +11,7 @@ urn:oasis:names:tc:SAML:1.0:protocol - + /resources/wsdl/MOA-ID-1.x.wsdl diff --git a/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml b/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml new file mode 100644 index 000000000..1d75053f2 --- /dev/null +++ b/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml @@ -0,0 +1,124 @@ + + + + + + + + + The rule means that requests to /test/status/ will be redirected to /rewrite-status + the url will be rewritten. + + /test/status/ + %{context-path}/rewrite-status + + + + + ^/StartAuthentication$ + /AuthDispatcher?mod=id_saml1&action=GetArtifact + + + ^/StartAuthentication\?(.*)$ + /AuthDispatcher?mod=id_saml1&action=GetArtifact&$1 + + + + ^/auth/([a-zA-Z0-9]+)/([a-zA-Z0-9]+)$ + /AuthDispatcher?mod=$1&action=$2 + + + ^/auth/([a-zA-Z0-9]+)/([a-zA-Z0-9]+)\?(.*)$ + /AuthDispatcher?mod=$1&action=$2&$3 + + + + + + The outbound-rule specifies that when response.encodeURL is called (if you are using JSTL c:url) + the url /rewrite-status will be rewritten to /test/status/. + + The above rule and this outbound-rule means that end users should never see the + url /rewrite-status only /test/status/ both in thier location bar and in hyperlinks + in your pages. + + /rewrite-status + /test/status/ + + + + ^/AuthDispatcher?mod=([a-zA-Z0-9]+)&action=([a-zA-Z0-9]+)$ + /auth/$1/$2 + + + + ^/AuthDispatcher?mod=([a-zA-Z0-9]+)&action=([a-zA-Z0-9]+)&(.*)$ + /auth/$1/$2&$3 + + + + + diff --git a/id/server/auth/src/main/webapp/WEB-INF/web.xml b/id/server/auth/src/main/webapp/WEB-INF/web.xml index 2a1d093d9..dcacce819 100644 --- a/id/server/auth/src/main/webapp/WEB-INF/web.xml +++ b/id/server/auth/src/main/webapp/WEB-INF/web.xml @@ -34,19 +34,19 @@ Get the MIS session ID coming from security layer at.gv.egovernment.moa.id.auth.servlet.GetMISSessionIDServlet - + GetForeignID GetForeignID Gets the foreign eID from security layer at.gv.egovernment.moa.id.auth.servlet.GetForeignIDServlet - - ProcessInput - ProcessInput - Process user input needed by infobox validators - at.gv.egovernment.moa.id.auth.servlet.ProcessValidatorInputServlet - + + ProcessInput + ProcessInput + Process user input needed by infobox validators + at.gv.egovernment.moa.id.auth.servlet.ProcessValidatorInputServlet + VerifyAuthBlock VerifyAuthBlock @@ -56,7 +56,8 @@ ConfigurationUpdate ConfigurationUpdate - Update MOA-ID Auth configuration from the configuration file + Update MOA-ID Auth configuration from the configuration + file at.gv.egovernment.moa.id.auth.servlet.ConfigurationServlet @@ -67,28 +68,62 @@ - jspservlet - org.apache.jasper.servlet.JspServlet - + jspservlet + org.apache.jasper.servlet.JspServlet + PEPSConnectorServlet PEPSConnectorServlet - Servlet receiving STORK SAML Response Messages from different C-PEPS + Servlet receiving STORK SAML Response Messages from + different C-PEPS - at.gv.egovernment.moa.id.auth.servlet.PEPSConnectorServlet + at.gv.egovernment.moa.id.auth.servlet.PEPSConnectorServlet - + + + + AuthDispatcherServlet + AuthDispatcher Servlet + at.gv.egovernment.moa.id.entrypoints.AuthDispatcherServlet + 1 + + + UnauthDispatcherServlet + UnauthDispatcher Servlet + at.gv.egovernment.moa.id.entrypoints.DispatcherServlet + 1 + + + + + at.gv.egovernment.moa.id.protocols.saml1.GetArtifactServlet + at.gv.egovernment.moa.id.protocols.saml1.GetArtifactServlet + + + + + + + UnauthDispatcherServlet + /UnauthDispatcher + + + AuthDispatcherServlet + /AuthDispatcher + + + - jspservlet - /errorpage-auth.jsp - - + jspservlet + /errorpage-auth.jsp + + - jspservlet - /message-auth.jsp - + jspservlet + /message-auth.jsp + SelectBKU @@ -96,7 +131,7 @@ StartAuthentication - /StartAuthentication + /StartBKUAuthentication VerifyIdentityLink @@ -114,15 +149,15 @@ GetForeignID /GetForeignID - + ProcessInput /ProcessInput - - VerifyAuthBlock - /VerifyAuthBlock - + + VerifyAuthBlock + /VerifyAuthBlock + ConfigurationUpdate /ConfigurationUpdate @@ -135,6 +170,28 @@ PEPSConnectorServlet /PEPSConnector + + + + + + UrlRewriteFilter + org.tuckey.web.filters.urlrewrite.UrlRewriteFilter + + + + UrlRewriteFilter + /* + REQUEST + FORWARD + + + 5 @@ -157,8 +214,8 @@ - The role that is required to log in to the moa Application - + The role that is required to log in to the moa Application + moa-admin -- cgit v1.2.3