From f3befac4266567d37f52970e57486af7b87b0b7f Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Mon, 20 Jul 2015 10:31:55 +0200 Subject: split AuthBlock validation and MIS sessionID request into discrete task --- .../internal/tasks/FinalizeAuthenticationTask.java | 119 ++++++++++++ .../modules/internal/tasks/GetForeignIDTask.java | 15 +- .../internal/tasks/GetMISSessionIDTask.java | 22 +-- .../internal/tasks/PrepareGetMISMandateTask.java | 200 +++++++++++++++++++++ .../tasks/VerifyAuthenticationBlockTask.java | 117 +----------- 5 files changed, 330 insertions(+), 143 deletions(-) create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/FinalizeAuthenticationTask.java create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java (limited to 'id/server/idserverlib/src/main/java/at/gv') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/FinalizeAuthenticationTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/FinalizeAuthenticationTask.java new file mode 100644 index 000000000..45b5e3a7e --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/FinalizeAuthenticationTask.java @@ -0,0 +1,119 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.internal.tasks; + +import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.PARAM_SESSIONID; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; +import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; +import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.id.moduls.IRequest; +import at.gv.egovernment.moa.id.moduls.ModulUtils; +import at.gv.egovernment.moa.id.moduls.RequestStorage; +import at.gv.egovernment.moa.id.process.api.ExecutionContext; +import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; + +/** + * @author tlenz + * + */ +public class FinalizeAuthenticationTask extends AbstractAuthServletTask { + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.process.springweb.MoaIdTask#execute(at.gv.egovernment.moa.id.process.api.ExecutionContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) + */ + @Override + public void execute(ExecutionContext executionContext, + HttpServletRequest request, HttpServletResponse response) + throws TaskExecutionException { + + try { + IRequest pendingReq = RequestStorage.getPendingRequest( + (String) executionContext.get("pendingRequestID")); + + //get Session from context + String moasessionid = (String) executionContext.get(PARAM_SESSIONID); + AuthenticationSession session = null; + if (MiscUtil.isEmpty(moasessionid)) { + Logger.warn("MOASessionID is empty."); + throw new MOAIDException("auth.18", new Object[] {}); + } + + try { + session = AuthenticationSessionStoreage.getSession(moasessionid); + AuthenticationSessionStoreage.changeSessionID(session); + + } catch (MOADatabaseException e) { + Logger.info("MOASession with SessionID=" + moasessionid + " is not found in Database"); + throw new MOAIDException("init.04", new Object[] { moasessionid }); + + } catch (Throwable e) { + Logger.info("No HTTP Session found!"); + throw new MOAIDException("auth.18", new Object[] {}); + + } finally { + executionContext.remove(PARAM_SESSIONID); + + } + + + session.setAuthenticatedUsed(false); + session.setAuthenticated(true); + + + String oldsessionID = session.getSessionID(); + + //Session is implicte stored in changeSessionID!!! + String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(session); + + Logger.info("Changed MOASession " + oldsessionID + " to Session " + newMOASessionID); + Logger.info("Daten angelegt zu MOASession " + newMOASessionID); + + String redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(), + ModulUtils.buildAuthURL(session.getModul(), session.getAction(), pendingReq.getRequestID()), newMOASessionID); + + response.setContentType("text/html"); + response.setStatus(302); + response.addHeader("Location", redirectURL); + Logger.debug("REDIRECT TO: " + redirectURL); + + } catch (MOAIDException e) { + throw new TaskExecutionException(e.getMessage(), e); + + } catch (Exception e) { + Logger.warn("FinalizeAuthenticationTask has an internal error", e); + throw new TaskExecutionException(e.getMessage(), e); + + } + + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetForeignIDTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetForeignIDTask.java index 8f1cd8cfe..215a7a809 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetForeignIDTask.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetForeignIDTask.java @@ -163,14 +163,7 @@ public class GetForeignIDTask extends AbstractAuthServletTask { Logger.info("Changed MOASession " + sessionID + " to Session " + newMOASessionID); Logger.info("Daten angelegt zu MOASession " + newMOASessionID); - - redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(), - ModulUtils.buildAuthURL(session.getModul(), session.getAction(), pendingRequestID), - newMOASessionID); - redirectURL = resp.encodeRedirectURL(redirectURL); - - // TODO[branch]: Final step back to /dispatcher - + MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(), pendingReq, MOAIDEventConstants.AUTHPROCESS_FOREIGN_SZRGW_RECEIVED); @@ -180,10 +173,8 @@ public class GetForeignIDTask extends AbstractAuthServletTask { throw new MOAIDException("Session store error", null); } - resp.setContentType("text/html"); - resp.setStatus(302); - resp.addHeader("Location", redirectURL); - Logger.debug("REDIRECT TO: " + redirectURL); + //put session to context + executionContext.put(PARAM_SESSIONID, session.getSessionID()); } } catch (MOAIDException ex) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java index 67d42e442..2931d26e2 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java @@ -139,15 +139,10 @@ public class GetMISSessionIDTask extends AbstractAuthServletTask { AuthenticationServer.getInstance().verifyMandate(session, mandate); session.setMISMandate(mandate); - session.setAuthenticatedUsed(false); - session.setAuthenticated(true); //log mandate specific set of events MOAReversionLogger.getInstance().logMandateEventSet(pendingReq, mandate); - - //set QAA Level four in case of card authentifcation - session.setQAALevel(PVPConstants.STORK_QAA_1_4); - + String oldsessionID = session.getSessionID(); //Session is implicite stored in changeSessionID!!! @@ -155,19 +150,10 @@ public class GetMISSessionIDTask extends AbstractAuthServletTask { Logger.info("Changed MOASession " + oldsessionID + " to Session " + newMOASessionID); Logger.info("Daten angelegt zu MOASession " + newMOASessionID); - - String redirectURL = new DataURLBuilder().buildDataURL( - session.getAuthURL(), - ModulUtils.buildAuthURL(session.getModul(), - session.getAction(), pendingRequestID), newMOASessionID); - redirectURL = resp.encodeRedirectURL(redirectURL); - - // TODO[branch]: Final step back to /dispatcher + + //put session to context + executionContext.put(PARAM_SESSIONID, session.getSessionID()); - resp.setContentType("text/html"); - resp.setStatus(302); - resp.addHeader("Location", redirectURL); - Logger.debug("REDIRECT TO: " + redirectURL); } catch (MOAIDException ex) { throw new TaskExecutionException(ex.getMessage(), ex); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java new file mode 100644 index 000000000..132fa927f --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java @@ -0,0 +1,200 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.internal.tasks; + +import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.GET_MIS_SESSIONID; +import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.PARAM_SESSIONID; + +import java.util.List; + +import javax.net.ssl.SSLSocketFactory; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import org.w3c.dom.Element; + +import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; +import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger; +import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; +import at.gv.egovernment.moa.id.auth.exception.BuildException; +import at.gv.egovernment.moa.id.auth.exception.MISSimpleClientException; +import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; +import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; +import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.id.config.ConnectionParameter; +import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.moduls.IRequest; +import at.gv.egovernment.moa.id.moduls.RequestStorage; +import at.gv.egovernment.moa.id.process.api.ExecutionContext; +import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; +import at.gv.egovernment.moa.id.util.SSLUtils; +import at.gv.egovernment.moa.id.util.client.mis.simple.MISSessionId; +import at.gv.egovernment.moa.id.util.client.mis.simple.MISSimpleClient; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.DOMUtils; +import at.gv.egovernment.moa.util.MiscUtil; + +/** + * @author tlenz + * + */ +public class PrepareGetMISMandateTask extends AbstractAuthServletTask { + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.process.springweb.MoaIdTask#execute(at.gv.egovernment.moa.id.process.api.ExecutionContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) + */ + @Override + public void execute(ExecutionContext executionContext, + HttpServletRequest request, HttpServletResponse response) + throws TaskExecutionException { + + //mandate Mode + try { + IRequest pendingReq = RequestStorage.getPendingRequest( + (String) executionContext.get("pendingRequestID")); + + //get Session from context + String moasessionid = (String) executionContext.get(PARAM_SESSIONID); + AuthenticationSession session = null; + if (MiscUtil.isEmpty(moasessionid)) { + Logger.warn("MOASessionID is empty."); + throw new MOAIDException("auth.18", new Object[] {}); + } + + try { + session = AuthenticationSessionStoreage.getSession(moasessionid); + AuthenticationSessionStoreage.changeSessionID(session); + + } catch (MOADatabaseException e) { + Logger.info("MOASession with SessionID=" + moasessionid + " is not found in Database"); + throw new MOAIDException("init.04", new Object[] { moasessionid }); + + } catch (Throwable e) { + Logger.info("No HTTP Session found!"); + throw new MOAIDException("auth.18", new Object[] {}); + + } finally { + executionContext.remove(PARAM_SESSIONID); + + } + + + AuthConfiguration authConf= AuthConfigurationProviderFactory.getInstance(); + ConnectionParameter connectionParameters = authConf.getOnlineMandatesConnectionParameter(); + SSLSocketFactory sslFactory = SSLUtils.getSSLSocketFactory(AuthConfigurationProviderFactory.getInstance(), connectionParameters); + + // get identitity link as byte[] + Element elem = session.getIdentityLink().getSamlAssertion(); + String s = DOMUtils.serializeNode(elem); + + //System.out.println("IDL: " + s); + + byte[] idl = s.getBytes("UTF-8"); + + // redirect url + // build redirect(to the GetMISSessionIdSerlvet) + + //change MOASessionID before MIS request + String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(session); + + String redirectURL = new DataURLBuilder().buildDataURL( + session.getAuthURL(), + GET_MIS_SESSIONID, + newMOASessionID); + + String oaURL = session.getOAURLRequested(); + OAAuthParameter oaParam = authConf.getOnlineApplicationParameter(oaURL); + List profiles = oaParam.getMandateProfiles(); + + if (profiles == null) { + Logger.error("No Mandate/Profile for OA configured."); + throw new AuthenticationException("config.21", new Object[] { GET_MIS_SESSIONID}); + } + + String oaFriendlyName = oaParam.getFriendlyName(); + String mandateReferenceValue = session.getMandateReferenceValue(); + byte[] cert = session.getEncodedSignerCertificate(); + byte[] authBlock = session.getAuthBlock().getBytes("UTF-8"); + + //TODO: check in case of SSO!!! + String targetType = null; + if(oaParam.getBusinessService()) { + String id = oaParam.getIdentityLinkDomainIdentifier(); + if (id.startsWith(AuthenticationSession.REGISTERANDORDNR_PREFIX_)) + targetType = id; + else + targetType = AuthenticationSession.REGISTERANDORDNR_PREFIX_+session.getDomainIdentifier(); + + } else { + targetType = AuthenticationSession.TARGET_PREFIX_ + oaParam.getTarget(); + } + + MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(), + pendingReq, MOAIDEventConstants.AUTHPROCESS_MANDATE_SERVICE_REQUESTED, mandateReferenceValue); + + MISSessionId misSessionID = MISSimpleClient.sendSessionIdRequest( + connectionParameters.getUrl(), + idl, + cert, + oaFriendlyName, + redirectURL, + mandateReferenceValue, + profiles, + targetType, + authBlock, + sslFactory); + + if (misSessionID == null) { + Logger.error("Fehler bei Anfrage an Vollmachten Service. MIS Session ID ist null."); + throw new MISSimpleClientException("Fehler bei Anfrage an Vollmachten Service."); + } + + String redirectMISGUI = misSessionID.getRedirectURL(); + session.setMISSessionID(misSessionID.getSessiondId()); + + try { + AuthenticationSessionStoreage.storeSession(session); + + } catch (MOADatabaseException | BuildException e) { + throw new MOAIDException("Session store error", null); + + } + + MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(), + pendingReq, MOAIDEventConstants.AUTHPROCESS_MANDATE_REDIRECT); + + response.setStatus(302); + response.addHeader("Location", redirectMISGUI); + Logger.debug("REDIRECT TO: " + redirectMISGUI); + + } catch (Exception e ) { + throw new TaskExecutionException(e.getMessage(), e); + + } + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java index fd1400ed1..25e0dd37f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java @@ -127,126 +127,17 @@ public class VerifyAuthenticationBlockTask extends AbstractAuthServletTask { //change MOASessionID sessionID = AuthenticationSessionStoreage.changeSessionID(session); - String authenticatedMOASessionId = AuthenticationServer.getInstance().verifyAuthenticationBlock(pendingReq, session, createXMLSignatureResponse); + AuthenticationServer.getInstance().verifyAuthenticationBlock(pendingReq, session, createXMLSignatureResponse); - if (authenticatedMOASessionId == null) { - //mandate Mode - - AuthConfiguration authConf= AuthConfigurationProviderFactory.getInstance(); - ConnectionParameter connectionParameters = authConf.getOnlineMandatesConnectionParameter(); - SSLSocketFactory sslFactory = SSLUtils.getSSLSocketFactory(AuthConfigurationProviderFactory.getInstance(), connectionParameters); - - // get identitity link as byte[] - Element elem = session.getIdentityLink().getSamlAssertion(); - String s = DOMUtils.serializeNode(elem); - - //System.out.println("IDL: " + s); - - byte[] idl = s.getBytes("UTF-8"); - - // redirect url - // build redirect(to the GetMISSessionIdSerlvet) - - //change MOASessionID before MIS request - String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(session); - - redirectURL = - new DataURLBuilder().buildDataURL( - session.getAuthURL(), - GET_MIS_SESSIONID, - newMOASessionID); - - String oaURL = session.getOAURLRequested(); - OAAuthParameter oaParam = authConf.getOnlineApplicationParameter(oaURL); - List profiles = oaParam.getMandateProfiles(); - - if (profiles == null) { - Logger.error("No Mandate/Profile for OA configured."); - throw new AuthenticationException("config.21", new Object[] { GET_MIS_SESSIONID}); - } - - String oaFriendlyName = oaParam.getFriendlyName(); - String mandateReferenceValue = session.getMandateReferenceValue(); - byte[] cert = session.getEncodedSignerCertificate(); - byte[] authBlock = session.getAuthBlock().getBytes("UTF-8"); - - //TODO: check in case of SSO!!! - String targetType = null; - if(oaParam.getBusinessService()) { - String id = oaParam.getIdentityLinkDomainIdentifier(); - if (id.startsWith(AuthenticationSession.REGISTERANDORDNR_PREFIX_)) - targetType = id; - else - targetType = AuthenticationSession.REGISTERANDORDNR_PREFIX_+session.getDomainIdentifier(); - - } else { - targetType = AuthenticationSession.TARGET_PREFIX_ + oaParam.getTarget(); - } - - MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(), - pendingReq, MOAIDEventConstants.AUTHPROCESS_MANDATE_SERVICE_REQUESTED, mandateReferenceValue); - - MISSessionId misSessionID = MISSimpleClient.sendSessionIdRequest( - connectionParameters.getUrl(), - idl, - cert, - oaFriendlyName, - redirectURL, - mandateReferenceValue, - profiles, - targetType, - authBlock, - sslFactory); - - if (misSessionID == null) { - Logger.error("Fehler bei Anfrage an Vollmachten Service. MIS Session ID ist null."); - throw new MISSimpleClientException("Fehler bei Anfrage an Vollmachten Service."); - } - - String redirectMISGUI = misSessionID.getRedirectURL(); - session.setMISSessionID(misSessionID.getSessiondId()); - - try { - AuthenticationSessionStoreage.storeSession(session); - } catch (MOADatabaseException e) { - throw new MOAIDException("Session store error", null); - } - - // TODO[branch]: Mandate; redirect to MIS website; website redirects back to "/GetMISSessionID" - - MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(), - pendingReq, MOAIDEventConstants.AUTHPROCESS_MANDATE_REDIRECT); - - resp.setStatus(302); - resp.addHeader("Location", redirectMISGUI); - Logger.debug("REDIRECT TO: " + redirectURL); - } - else { - // TODO[branch]: Final step back to /dispatcher - redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(), - ModulUtils.buildAuthURL(session.getModul(), session.getAction(), pendingRequestID), authenticatedMOASessionId); - - resp.setContentType("text/html"); - resp.setStatus(302); - - resp.addHeader("Location", redirectURL); - Logger.debug("REDIRECT TO: " + redirectURL); - - } + //put session to context + executionContext.put(PARAM_SESSIONID, session.getSessionID()); } catch (MOAIDException ex) { throw new TaskExecutionException(ex.getMessage(), ex); - } catch (GeneralSecurityException e) { - throw new TaskExecutionException(e.getMessage(), e); - - } catch (PKIException e) { - throw new TaskExecutionException(e.getMessage(), e); - - } catch (TransformerException e) { - throw new TaskExecutionException(e.getMessage(), e); + } catch (Exception e) { Logger.error("AuthBlockValidation has an interal Error.", e); -- cgit v1.2.3