From 7b6f65663145b228991794d6390567fbb84dc9c0 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Mon, 20 Jul 2015 13:58:32 +0200
Subject: remove deprecated MOA-ID 2.x configuration DAO functionality
---
.../moa/id/advancedlogging/StatisticLogger.java | 6 +-
.../moa/id/auth/AuthenticationServer.java | 99 +-
.../auth/invoke/SignatureVerificationInvoker.java | 2 +-
.../internal/tasks/CertificateReadRequestTask.java | 4 +-
.../internal/tasks/CreateIdentityLinkFormTask.java | 4 +-
.../internal/tasks/GetMISSessionIDTask.java | 4 +-
.../tasks/PrepareAuthBlockSignatureTask.java | 4 +-
.../tasks/VerifyAuthenticationBlockTask.java | 4 +-
.../internal/tasks/VerifyCertificateTask.java | 4 +-
.../internal/tasks/VerifyIdentityLinkTask.java | 4 +-
.../servlet/GenerateIFrameTemplateServlet.java | 5 +-
.../moa/id/auth/servlet/LogOutServlet.java | 4 +-
.../moa/id/auth/servlet/RedirectServlet.java | 4 +-
.../gv/egovernment/moa/id/config/OAParameter.java | 176 ---
.../moa/id/config/auth/AuthConfigLoader.java | 4 +-
.../moa/id/config/auth/AuthConfiguration.java | 8 -
.../id/config/auth/AuthConfigurationProvider.java | 4 +-
.../moa/id/config/auth/OAAuthParameter.java | 8 +-
.../PropertyBasedAuthConfigurationProvider.java | 57 -
.../config/auth/data/DynamicOAAuthParameters.java | 8 +-
.../id/config/legacy/BuildFromLegacyConfig.java | 1138 ++++++++++----------
.../moa/id/entrypoints/DispatcherServlet.java | 40 +-
.../gv/egovernment/moa/id/moduls/SSOManager.java | 20 +
.../protocols/pvp2x/utils/MOASAMLSOAPClient.java | 1 -
.../metadata/MetadataSignatureFilter.java | 4 +-
.../protocols/stork2/AttributeProviderFactory.java | 1 -
.../moa/id/protocols/stork2/ConsentEvaluator.java | 2 +-
.../SignedDocAttributeRequestProvider.java | 14 +-
.../main/resources/moaid.configuration.beans.xml | 5 -
29 files changed, 683 insertions(+), 955 deletions(-)
delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/OAParameter.java
(limited to 'id/server/idserverlib/src/main')
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java
index 67547d8a2..0d9c1ec20 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java
@@ -44,7 +44,7 @@ import at.gv.egovernment.moa.id.auth.exception.MISSimpleClientException;
import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
import at.gv.egovernment.moa.id.auth.exception.ServiceException;
import at.gv.egovernment.moa.id.client.SZRGWClientException;
-import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
+
import at.gv.egovernment.moa.id.commons.db.StatisticLogDBUtils;
import at.gv.egovernment.moa.id.commons.db.dao.statistic.StatisticLog;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
@@ -212,7 +212,7 @@ public class StatisticLogger {
}
}
- ConfigurationDBUtils.closeSession();
+
try {
StatisticLogDBUtils.saveOrUpdate(dblog);
@@ -284,7 +284,7 @@ public class StatisticLogger {
generateErrorLogFormThrowable(throwable, dblog);
- ConfigurationDBUtils.closeSession();
+
try {
StatisticLogDBUtils.saveOrUpdate(dblog);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index d7694ac2c..91a91642d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -1084,7 +1084,7 @@ public class AuthenticationServer extends MOAIDAuthConstants {
* BASE64</strike><br/>New id of the authenticated MOA session or {@code null} in case of mandate mode (???)
* @throws BKUException
*/
- public String verifyAuthenticationBlock(IRequest pendingReq, AuthenticationSession session,
+ public void verifyAuthenticationBlock(IRequest pendingReq, AuthenticationSession session,
String xmlCreateXMLSignatureReadResponse)
throws AuthenticationException, BuildException, ParseException,
ConfigurationException, ServiceException, ValidateException, BKUException {
@@ -1132,24 +1132,6 @@ public class AuthenticationServer extends MOAIDAuthConstants {
// invokes the call
domVsresp = new SignatureVerificationInvoker()
.verifyXMLSignature(domVsreq);
- // debug output
-
- // } catch ( ServiceException e) {
- // Logger.error("Signature verification error. ", e);
- // Logger.error("Signed Data: " + session.getAuthBlock());
- // try {
- // Logger.error("VerifyRequest: " + DOMUtils.serializeNode(domVsreq));
- // } catch (TransformerException e1) {
- // e1.printStackTrace();
- //
- // } catch (IOException e1) {
- // e1.printStackTrace();
- //
- // }
- //
- // throw e;
- // }
-
// parses the <VerifyXMLSignatureResponse>
VerifyXMLSignatureResponse vsresp = new VerifyXMLSignatureResponseParser(
@@ -1202,80 +1184,20 @@ public class AuthenticationServer extends MOAIDAuthConstants {
throw e;
}
-
- // // post processing of the infoboxes
- // Iterator iter = session.getInfoboxValidatorIterator();
- // boolean formpending = false;
- // if (iter != null) {
- // while (!formpending && iter.hasNext()) {
- // Vector infoboxValidatorVector = (Vector) iter.next();
- // String identifier = (String) infoboxValidatorVector.get(0);
- // String friendlyName = (String) infoboxValidatorVector.get(1);
- // InfoboxValidator infoboxvalidator = (InfoboxValidator) infoboxValidatorVector
- // .get(2);
- // InfoboxValidationResult infoboxValidationResult = null;
- // try {
- // infoboxValidationResult = infoboxvalidator.validate(csresp
- // .getSamlAssertion());
- // } catch (ValidateException e) {
- // Logger.error("Error validating " + identifier + " infobox:"
- // + e.getMessage());
- // throw new ValidateException("validator.44",
- // new Object[]{friendlyName});
- // }
- // if (!infoboxValidationResult.isValid()) {
- // Logger.info("Validation of " + identifier
- // + " infobox failed.");
- // throw new ValidateException("validator.40", new Object[]{
- // friendlyName,
- // infoboxValidationResult.getErrorMessage()});
- // }
- // String form = infoboxvalidator.getForm();
- // if (ParepUtils.isEmpty(form)) {
- // AddAdditionalSAMLAttributes(
- // session,
- // infoboxValidationResult.getExtendedSamlAttributes(),
- // identifier, friendlyName);
- // } else {
- // return "Redirect to Input Processor";
- // }
- // }
- // }
-
+
session.setXMLVerifySignatureResponse(vsresp);
session.setSignerCertificate(vsresp.getX509certificate());
vsresp.setX509certificate(null);
session.setForeigner(false);
+ //set QAA Level four in case of card authentifcation
+ session.setQAALevel(PVPConstants.STORK_QAA_1_4);
+
MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(),
pendingReq, MOAIDEventConstants.AUTHPROCESS_AUTHBLOCK_VALIDATED);
MOAReversionLogger.getInstance().logPersonalInformationEvent(pendingReq, session.getIdentityLink()
);
-
- if (session.getUseMandate()) {
- // mandate mode
- return null;
-
- } else {
-
- session.setAuthenticatedUsed(false);
- session.setAuthenticated(true);
-
- //set QAA Level four in case of card authentifcation
- session.setQAALevel(PVPConstants.STORK_QAA_1_4);
-
-
- String oldsessionID = session.getSessionID();
-
- //Session is implicte stored in changeSessionID!!!
- String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(session);
-
- Logger.info("Changed MOASession " + oldsessionID + " to Session " + newMOASessionID);
- Logger.info("Daten angelegt zu MOASession " + newMOASessionID);
-
- return newMOASessionID;
- }
}
/**
@@ -1358,10 +1280,10 @@ public class AuthenticationServer extends MOAIDAuthConstants {
* @param sessionID session ID of the running authentication session
* @return String "new Session"
*/
- public String getForeignAuthenticationData(AuthenticationSession session)
+ public void getForeignAuthenticationData(AuthenticationSession session)
throws AuthenticationException, BuildException, ParseException,
ConfigurationException, ServiceException, ValidateException {
-
+
if (session == null)
throw new AuthenticationException("auth.10", new Object[]{
REQ_VERIFY_AUTH_BLOCK, PARAM_SESSIONID});
@@ -1369,17 +1291,10 @@ public class AuthenticationServer extends MOAIDAuthConstants {
X509Certificate cert = session.getSignerCertificate();
vsresp.setX509certificate(cert);
- session.setAuthenticatedUsed(false);
- session.setAuthenticated(true);
-
-
session.setXMLVerifySignatureResponse(vsresp);
session.setSignerCertificate(vsresp.getX509certificate());
vsresp.setX509certificate(null);
session.setForeigner(true);
-
- //TODO: regenerate MOASession ID!
- return "new Session";
}
/**
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationInvoker.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationInvoker.java
index 1a311993e..72a7d3ba1 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationInvoker.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationInvoker.java
@@ -127,7 +127,7 @@ public class SignatureVerificationInvoker {
VerifyXMLSignatureResponse vsresponse = svs.verifyXMLSignature(vsrequest);
Document result = new VerifyXMLSignatureResponseBuilder().build(vsresponse);
- Logger.setHierarchy("moa.id.auth");
+ //Logger.setHierarchy("moa.id.auth");
return result.getDocumentElement();
}
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CertificateReadRequestTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CertificateReadRequestTask.java
index ed3089a41..0cfd16262 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CertificateReadRequestTask.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CertificateReadRequestTask.java
@@ -19,7 +19,7 @@ import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
-import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
+
import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
@@ -95,7 +95,7 @@ public class CertificateReadRequestTask extends AbstractAuthServletTask {
throw new TaskExecutionException(e.getMessage(), e);
} finally {
- ConfigurationDBUtils.closeSession();
+
}
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java
index 183467d87..df3d90aab 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java
@@ -21,7 +21,7 @@ import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
import at.gv.egovernment.moa.id.auth.servlet.GenerateIFrameTemplateServlet;
-import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
+
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.moduls.IRequest;
import at.gv.egovernment.moa.id.moduls.RequestStorage;
@@ -129,7 +129,7 @@ public class CreateIdentityLinkFormTask extends AbstractAuthServletTask {
}
finally {
- ConfigurationDBUtils.closeSession();
+
TransactionIDUtils.removeTransactionId();
TransactionIDUtils.removeSessionId();
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java
index 2931d26e2..4951dcab8 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java
@@ -24,7 +24,7 @@ import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
-import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
+
import at.gv.egovernment.moa.id.config.ConnectionParameter;
import at.gv.egovernment.moa.id.config.auth.AuthConfiguration;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
@@ -176,7 +176,7 @@ public class GetMISSessionIDTask extends AbstractAuthServletTask {
}
finally {
- ConfigurationDBUtils.closeSession();
+
}
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java
index fc5fb6c58..c172fc6f3 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java
@@ -13,7 +13,7 @@ import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
-import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
+
import at.gv.egovernment.moa.id.config.auth.AuthConfiguration;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
@@ -98,7 +98,7 @@ public class PrepareAuthBlockSignatureTask extends AbstractAuthServletTask {
}
finally {
- ConfigurationDBUtils.closeSession();
+
}
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java
index 25e0dd37f..6a30e40c1 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java
@@ -28,7 +28,7 @@ import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
-import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
+
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.config.ConnectionParameter;
import at.gv.egovernment.moa.id.config.auth.AuthConfiguration;
@@ -147,7 +147,7 @@ public class VerifyAuthenticationBlockTask extends AbstractAuthServletTask {
finally {
- ConfigurationDBUtils.closeSession();
+
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java
index 26c10399d..5e0be0f2c 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java
@@ -22,7 +22,7 @@ import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
-import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
+
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.moduls.IRequest;
import at.gv.egovernment.moa.id.moduls.RequestStorage;
@@ -166,7 +166,7 @@ public class VerifyCertificateTask extends AbstractAuthServletTask {
finally {
- ConfigurationDBUtils.closeSession();
+
}
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyIdentityLinkTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyIdentityLinkTask.java
index 821bb572a..f0a0024e5 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyIdentityLinkTask.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyIdentityLinkTask.java
@@ -19,7 +19,7 @@ import at.gv.egovernment.moa.id.auth.exception.ParseException;
import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
-import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
+
import at.gv.egovernment.moa.id.moduls.IRequest;
import at.gv.egovernment.moa.id.moduls.RequestStorage;
import at.gv.egovernment.moa.id.process.api.ExecutionContext;
@@ -104,7 +104,7 @@ public class VerifyIdentityLinkTask extends AbstractAuthServletTask {
}
finally {
- ConfigurationDBUtils.closeSession();
+
}
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java
index 1d4b442da..a840b34e2 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java
@@ -40,8 +40,7 @@ import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
import at.gv.egovernment.moa.id.auth.modules.registration.ModuleRegistration;
import at.gv.egovernment.moa.id.auth.parser.StartAuthentificationParameterParser;
-import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
-import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType;
+
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
@@ -207,7 +206,7 @@ public class GenerateIFrameTemplateServlet extends AuthServlet {
}
finally {
- ConfigurationDBUtils.closeSession();
+
}
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java
index 77675175e..c1e084a59 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java
@@ -53,7 +53,7 @@ import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
+
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
import at.gv.egovernment.moa.id.moduls.AuthenticationManager;
@@ -122,7 +122,7 @@ public class LogOutServlet extends AuthServlet {
return;
} finally {
- ConfigurationDBUtils.closeSession();
+
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java
index 431a7e0f7..7dd8645c6 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java
@@ -31,7 +31,7 @@ import javax.servlet.http.HttpServletResponse;
import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.auth.builder.RedirectFormBuilder;
-import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
+
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
import at.gv.egovernment.moa.id.moduls.SSOManager;
@@ -135,7 +135,7 @@ public class RedirectServlet extends AuthServlet{
return;
} finally {
- ConfigurationDBUtils.closeSession();
+
}
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/OAParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/OAParameter.java
deleted file mode 100644
index e9019ded4..000000000
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/OAParameter.java
+++ /dev/null
@@ -1,176 +0,0 @@
-/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- ******************************************************************************/
-/*
- * Copyright 2003 Federal Chancellery Austria MOA-ID has been developed in a cooperation between
- * BRZ, the Federal Chancellery Austria - ICT staff unit, and Graz University of Technology.
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by the European
- * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
- * compliance with the Licence. You may obtain a copy of the Licence at: http://www.osor.eu/eupl/
- * Unless required by applicable law or agreed to in writing, software distributed under the Licence
- * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
- * or implied. See the Licence for the specific language governing permissions and limitations under
- * the Licence. This product combines work with different licenses. See the "NOTICE" text file for
- * details on the various modules and licenses. The "NOTICE" text file is part of the distribution.
- * Any derivative works that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-package at.gv.egovernment.moa.id.config;
-
-import java.io.Serializable;
-
-import at.gv.egovernment.moa.id.commons.db.dao.config.OAOAUTH20;
-import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
-
-/**
- * Configuration parameters belonging to an online application, to be used within both, the MOA ID
- * Auth and the MOA ID PROXY component.
- *
- * @author Harald Bratko
- */
-public class OAParameter implements Serializable {
-
- private static final long serialVersionUID = 1L;
-
- public OAParameter() { }
-
- public OAParameter(OnlineApplication oa) {
-
- this.oaType = oa.getType();
-
- if (this.oaType.equals("businessService"))
- this.businessService = true;
- else
- this.businessService = false;
-
- this.publicURLPrefix = oa.getPublicURLPrefix();
-
- this.friendlyName = oa.getFriendlyName();
-
- this.target = oa.getTarget();
-
- this.targetFriendlyName = oa.getTargetFriendlyName();
-
- this.removePBKFromAuthblock = oa.isRemoveBPKFromAuthBlock();
-
- this.oAuth20Config = oa.getAuthComponentOA().getOAOAUTH20();
-
- this.isInderfederationIDP = oa.isIsInterfederationIDP();
-
- this.isSTORKPVPGateway = oa.isIsInterfederationGateway();
-
- }
-
- /**
- * type of the online application (maybe "PublicService" or "BusinessService")
- */
- private String oaType;
-
- /**
- * specifies whether the online application is a business application or not (<code>true</code>
- * if value of {@link #oaType} is "businessService"
- */
- protected boolean businessService;
-
-
- /**
- * public URL prefix of the online application
- */
- protected String publicURLPrefix;
-
- /**
- * specifies a human readable name of the Online Application
- */
- protected String friendlyName;
-
- /**
- * specified a specific target for the Online Application (overwrites the target in der request)
- */
- protected String target;
- /**
- * specifies a friendly name for the target
- */
- protected String targetFriendlyName;
-
- protected boolean removePBKFromAuthblock;
-
- protected Boolean isInderfederationIDP;
-
- protected Boolean isSTORKPVPGateway;
-
- /**
- * Contains the oAuth 2.0 configuration (client id, secret and redirect uri)
- */
- private OAOAUTH20 oAuth20Config;
-
- public String getOaType() {
- return oaType;
- }
-
- public boolean getBusinessService() {
- return businessService;
- }
-
- public String getPublicURLPrefix() {
- return publicURLPrefix;
- }
-
- public String getFriendlyName() {
- return friendlyName;
- }
-
- public String getTarget() {
- return target;
- }
-
- public String getTargetFriendlyName() {
- return targetFriendlyName;
- }
-
- public boolean isRemovePBKFromAuthBlock() {
- return removePBKFromAuthblock;
- }
-
- public OAOAUTH20 getoAuth20Config() {
- return oAuth20Config;
- }
-
- /**
- * @return the isInderfederationIDP
- */
- public boolean isInderfederationIDP() {
- if (isInderfederationIDP == null)
- return false;
-
- return isInderfederationIDP;
- }
-
- public boolean isSTORKPVPGateway() {
- if (isSTORKPVPGateway == null)
- return false;
-
- return isSTORKPVPGateway;
- }
-
-
-
-}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigLoader.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigLoader.java
index 87e40c1b3..1f43a0d8a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigLoader.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigLoader.java
@@ -22,7 +22,7 @@
*******************************************************************************/
package at.gv.egovernment.moa.id.config.auth;
-import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
+
import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider;
import at.gv.egovernment.moa.logging.Logger;
@@ -43,7 +43,7 @@ public class AuthConfigLoader implements Runnable {
Logger.warn("MOA-ID Configuration validation is not possible, actually. Reuse old configuration.", e);
} finally {
- ConfigurationDBUtils.closeSession();
+
}
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfiguration.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfiguration.java
index 4f321764a..ebe08b615 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfiguration.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfiguration.java
@@ -4,8 +4,6 @@ import java.util.List;
import java.util.Map;
import java.util.Properties;
-import at.gv.egovernment.moa.id.commons.db.dao.config.PVP2;
-import at.gv.egovernment.moa.id.commons.db.dao.config.TimeOuts;
import at.gv.egovernment.moa.id.config.ConfigurationException;
import at.gv.egovernment.moa.id.config.ConfigurationProvider;
import at.gv.egovernment.moa.id.config.ConnectionParameter;
@@ -23,16 +21,10 @@ public interface AuthConfiguration extends ConfigurationProvider{
public ProtocolAllowed getAllowedProtocols();
- @Deprecated
- public PVP2 getGeneralPVP2DBConfig();
-
public Map<String, String> getConfigurationWithPrefix(final String Prefix);
public String getConfigurationWithKey(final String key);
- @Deprecated
- public TimeOuts getTimeOuts() throws ConfigurationException;
-
public int getTransactionTimeOut();
public int getSSOCreatedTimeOut();
public int getSSOUpdatedTimeOut();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
index 03f4a300a..c25751aa4 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
@@ -70,7 +70,7 @@
//import at.gv.egovernment.moa.id.auth.modules.internal.tasks.GetMISSessionIDTask;
//import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
//import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
-//import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
+//
//import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils;
//import at.gv.egovernment.moa.id.commons.db.StatisticLogDBUtils;
//import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral;
@@ -791,7 +791,7 @@
// }
//
// //close Database
-// // ConfigurationDBUtils.closeSession();
+// //
//
// date = new Date();
// }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
index d3292b021..963d1f50e 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
@@ -47,6 +47,7 @@
package at.gv.egovernment.moa.id.config.auth;
import java.io.IOException;
+import java.io.Serializable;
import java.security.PrivateKey;
import java.util.ArrayList;
import java.util.Collection;
@@ -85,8 +86,13 @@ import at.gv.egovernment.moa.util.MiscUtil;
*
* @author Thomas Lenz
*/
-public class OAAuthParameter implements IOAAuthParameters {
+public class OAAuthParameter implements IOAAuthParameters, Serializable{
+ /**
+ *
+ */
+ private static final long serialVersionUID = -6522544229837934376L;
+
final public static String DEFAULT_KEYBOXIDENTIFIER = "SecureSignatureKeypair";
private Map<String, String> oaConfiguration;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java
index f706bb376..a151d6dbe 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java
@@ -24,8 +24,6 @@ import org.springframework.context.support.ClassPathXmlApplicationContext;
import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
import at.gv.egovernment.moa.id.commons.config.persistence.MOAIDConfiguration;
-import at.gv.egovernment.moa.id.commons.db.dao.config.PVP2;
-import at.gv.egovernment.moa.id.commons.db.dao.config.TimeOuts;
import at.gv.egovernment.moa.id.config.ConfigurationException;
import at.gv.egovernment.moa.id.config.ConfigurationProviderImpl;
import at.gv.egovernment.moa.id.config.ConfigurationUtils;
@@ -231,19 +229,6 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
}
-
-
- /**
- * Returns the general PVP2 configuration. NOTE: may return {@code null}.
- *
- * @return the general PVP2 configuration or {@code null}.
- *
- * @deprecated
- */
- public PVP2 getGeneralPVP2DBConfig() {
- return null;
- }
-
/* (non-Javadoc)
* @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#getTransactionTimeOut()
@@ -290,48 +275,6 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
}
}
-
- /**
- * Returns the configured timeouts, or a default timeout.
- *
- * @return the configured timeout, or the default (never {@code null}).
- * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral}.
- *
- * @deprecated
- */
- public TimeOuts getTimeOuts() throws ConfigurationException {
-
- TimeOuts timeouts = new TimeOuts();
-
- // set default timeouts
- timeouts.setAssertion(new BigInteger("300"));
- timeouts.setMOASessionCreated(new BigInteger("2700"));
- timeouts.setMOASessionUpdated(new BigInteger("1200"));
-
-// AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral();
-// // search timeouts in config
-// GeneralConfiguration generalConfiguration = authComponentGeneral.getGeneralConfiguration();
-// if (generalConfiguration != null) {
-// if (generalConfiguration.getTimeOuts() != null) {
-// if (generalConfiguration.getTimeOuts().getAssertion() != null) {
-// timeouts.setAssertion(generalConfiguration.getTimeOuts().getAssertion());
-// }
-//
-// if (generalConfiguration.getTimeOuts().getMOASessionCreated() != null) {
-// timeouts.setMOASessionCreated(generalConfiguration.getTimeOuts().getMOASessionCreated());
-// }
-//
-// if (generalConfiguration.getTimeOuts().getMOASessionUpdated() != null) {
-// timeouts.setMOASessionUpdated(generalConfiguration.getTimeOuts().getMOASessionUpdated());
-// }
-//
-// } else {
-// Logger.info("No TimeOuts defined. Use default values");
-// }
-// }
- return timeouts;
- }
-
/**
* Returns an alternative source ID. NOTE: may return {@code null}.
*
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java
index 44f4da027..e59ac827b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java
@@ -22,6 +22,7 @@
*/
package at.gv.egovernment.moa.id.config.auth.data;
+import java.io.Serializable;
import java.security.PrivateKey;
import java.util.Collection;
import java.util.List;
@@ -35,8 +36,13 @@ import at.gv.egovernment.moa.id.config.stork.StorkAttributeProviderPlugin;
* @author tlenz
*
*/
-public class DynamicOAAuthParameters implements IOAAuthParameters {
+public class DynamicOAAuthParameters implements IOAAuthParameters, Serializable{
+ /**
+ *
+ */
+ private static final long serialVersionUID = 1648437815185614566L;
+
private String publicURLPrefix;
private String businessTarget;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java
index 54156330f..887a7e40f 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java
@@ -1,570 +1,570 @@
-/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-package at.gv.egovernment.moa.id.config.legacy;
-
-import java.io.BufferedInputStream;
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.math.BigInteger;
-import java.net.URI;
-import java.nio.file.Path;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.Collections;
-import java.util.List;
-import java.util.Map;
-import java.util.Properties;
-import java.util.Set;
-
-import org.w3c.dom.Element;
-
-import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral;
-import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA;
-import at.gv.egovernment.moa.id.commons.db.dao.config.BKUURLS;
-import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModeType;
-import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModes;
-import at.gv.egovernment.moa.id.commons.db.dao.config.ConnectionParameterClientAuthType;
-import at.gv.egovernment.moa.id.commons.db.dao.config.Contact;
-import at.gv.egovernment.moa.id.commons.db.dao.config.DefaultBKUs;
-import at.gv.egovernment.moa.id.commons.db.dao.config.ForeignIdentities;
-import at.gv.egovernment.moa.id.commons.db.dao.config.GeneralConfiguration;
-import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber;
-import at.gv.egovernment.moa.id.commons.db.dao.config.IdentityLinkSigners;
-import at.gv.egovernment.moa.id.commons.db.dao.config.LegacyAllowed;
-import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration;
-import at.gv.egovernment.moa.id.commons.db.dao.config.MOAKeyBoxSelector;
-import at.gv.egovernment.moa.id.commons.db.dao.config.MOASP;
-import at.gv.egovernment.moa.id.commons.db.dao.config.Mandates;
-import at.gv.egovernment.moa.id.commons.db.dao.config.MandatesProfileNameItem;
-import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2;
-import at.gv.egovernment.moa.id.commons.db.dao.config.OASAML1;
-import at.gv.egovernment.moa.id.commons.db.dao.config.OASSO;
-import at.gv.egovernment.moa.id.commons.db.dao.config.OAuth;
-import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
-import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineMandates;
-import at.gv.egovernment.moa.id.commons.db.dao.config.Organization;
-import at.gv.egovernment.moa.id.commons.db.dao.config.PVP2;
-import at.gv.egovernment.moa.id.commons.db.dao.config.Protocols;
-import at.gv.egovernment.moa.id.commons.db.dao.config.SAML1;
-import at.gv.egovernment.moa.id.commons.db.dao.config.SLRequestTemplates;
-import at.gv.egovernment.moa.id.commons.db.dao.config.SSO;
-import at.gv.egovernment.moa.id.commons.db.dao.config.SecurityLayer;
-import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType;
-import at.gv.egovernment.moa.id.commons.db.dao.config.TemplatesType;
-import at.gv.egovernment.moa.id.commons.db.dao.config.TimeOuts;
-import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType;
-import at.gv.egovernment.moa.id.commons.db.dao.config.TrustAnchor;
-import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyAuthBlock;
-import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyIdentityLink;
-import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.ConfigurationProvider;
-
-import at.gv.egovernment.moa.id.data.IssuerAndSerial;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.Base64Utils;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.FileUtils;
-import at.gv.egovernment.moa.util.MiscUtil;
-
-public class BuildFromLegacyConfig {
-
- private static final String GENERIC_CONFIG_PARAM_SOURCEID = "AuthenticationServer.SourceID";
-
- private static final String SEARCHBKUTEMPLATE_LOCAL = "https://127.0.0.1:3496/";
- private static final String SEARCHBKUTEMPLATE_HANDY = "https://www.handy-signatur.at";
- private static final String SEARCHBKUTEMPLATE_ONLINE = "bkuonline/http-security-layer-request";
-
- public static final String AUTH_SESSION_TIMEOUT_PROPERTY =
- "AuthenticationSession.TimeOut";
- /**
- * The name of the generic configuration property giving the authentication data time out.
- */
- public static final String AUTH_DATA_TIMEOUT_PROPERTY =
- "AuthenticationData.TimeOut";
-
-
- public static MOAIDConfiguration build(File fileName, String rootConfigFileDir, MOAIDConfiguration oldconfig) throws ConfigurationException {
- InputStream stream = null;
- Element configElem;
- ConfigurationBuilder builder;
-
- Logger.info("Load Legacy-Configuration from file=" + fileName);
-
- try {
- // load the main config file
- stream = new BufferedInputStream(new FileInputStream(fileName));
- configElem = DOMUtils.parseXmlValidating(stream);
-
- } catch (Throwable t) {
- throw new ConfigurationException("config.03", null, t);
- }
-
- finally {
- try {
- if (stream != null) {
- stream.close();
- }
- } catch (IOException e) {
-
- }
- }
-
- try {
- String oldbkuonline = "";
- String oldbkulocal = "";
- String oldbkuhandy = "";
-
- // build the internal datastructures
- builder = new ConfigurationBuilder(configElem, rootConfigFileDir);
-
-
- MOAIDConfiguration moaIDConfig = new MOAIDConfiguration();
-
- AuthComponentGeneral generalAuth = new AuthComponentGeneral();
- moaIDConfig.setAuthComponentGeneral(generalAuth);
-
-
- //not supported by MOA-ID 2.0
- //ConnectionParameter bKUConnectionParameter = builder.buildAuthBKUConnectionParameter();
- //bKUSelectable = (bKUConnectionParameter!=null);
- //bKUSelectionType = builder.buildAuthBKUSelectionType();
-
-
- //Load generic Config
- Map<String, String> genericConfiguration = builder.buildGenericConfiguration();
- GeneralConfiguration authGeneral = new GeneralConfiguration();
-
- if (genericConfiguration.containsKey(ConfigurationProvider.TRUST_MANAGER_REVOCATION_CHECKING))
- authGeneral.setTrustManagerRevocationChecking(
- Boolean.valueOf((String)genericConfiguration.get(ConfigurationProvider.TRUST_MANAGER_REVOCATION_CHECKING)));
- else
- authGeneral.setTrustManagerRevocationChecking(true);
-
- if (genericConfiguration.containsKey(ConfigurationProvider.DIRECTORY_CERTSTORE_PARAMETER_PROPERTY))
- authGeneral.setCertStoreDirectory(
- (String)genericConfiguration.get(ConfigurationProvider.DIRECTORY_CERTSTORE_PARAMETER_PROPERTY));
- else
- authGeneral.setTrustManagerRevocationChecking(true);
-
-
- //Load Assertion and Session timeouts
- TimeOuts timeOuts = new TimeOuts();
- if (genericConfiguration.containsKey(AUTH_DATA_TIMEOUT_PROPERTY))
- timeOuts.setAssertion(BigInteger.valueOf(Long.valueOf((String)genericConfiguration.get(AUTH_DATA_TIMEOUT_PROPERTY))));
- else
- timeOuts.setAssertion(BigInteger.valueOf(2*60)); //default 2min
-
- if (genericConfiguration.containsKey(AUTH_SESSION_TIMEOUT_PROPERTY))
- timeOuts.setAssertion(BigInteger.valueOf(Long.valueOf((String)genericConfiguration.get(AUTH_SESSION_TIMEOUT_PROPERTY))));
- else
- timeOuts.setAssertion(BigInteger.valueOf(30*60)); //default 30min
-
- timeOuts.setMOASessionUpdated(BigInteger.valueOf(15*60)); //default 15min
- authGeneral.setTimeOuts(timeOuts);
- generalAuth.setGeneralConfiguration(authGeneral);
-
- Protocols auth_protocols = new Protocols();
- generalAuth.setProtocols(auth_protocols);
-
- LegacyAllowed prot_legacy = new LegacyAllowed();
- auth_protocols.setLegacyAllowed(prot_legacy);
- final List<String> PROTOCOLS_LEGACY_ALLOWED = Arrays.asList("id_saml1","id_pvp2x");
- prot_legacy.setProtocolName(PROTOCOLS_LEGACY_ALLOWED);
-
- //set SAML1 config
- SAML1 saml1 = new SAML1();
- saml1.setIsActive(true);
- if (genericConfiguration.containsKey(GENERIC_CONFIG_PARAM_SOURCEID))
- saml1.setSourceID((String)genericConfiguration.get(GENERIC_CONFIG_PARAM_SOURCEID));
- auth_protocols.setSAML1(saml1);
-
- //set OAuth config
- OAuth oauth = new OAuth();
- oauth.setIsActive(true);
- auth_protocols.setOAuth(oauth);
-
- //set PVP2.1 config
- PVP2 prot_pvp2 = new PVP2();
- auth_protocols.setPVP2(prot_pvp2);
- prot_pvp2.setPublicURLPrefix("https://....");
- prot_pvp2.setIssuerName("MOA-ID 2.x IDP");
-
- Organization pvp2_org = new Organization();
- prot_pvp2.setOrganization(pvp2_org);
- pvp2_org.setDisplayName("OrganisationDisplayName");
- pvp2_org.setName("OrganisatioName");
- pvp2_org.setURL("http://testorganisation.at");
-
- List<Contact> pvp2_contacts = new ArrayList<Contact>();
- prot_pvp2.setContact(pvp2_contacts);
-
- Contact pvp2_contact = new Contact();
- pvp2_contact.setCompany("OrganisationDisplayName");
- pvp2_contact.setGivenName("Max");
-
-
- List<String> mails = new ArrayList<String>();
- pvp2_contact.setMail(mails);
- mails.add("max@muster.mann");
-
- List<String> phones = new ArrayList<String>();
- pvp2_contact.setPhone(phones);
- phones.add("01 5555 5555");
-
- pvp2_contact.setSurName("Mustermann");
- pvp2_contact.setType("technical");
- pvp2_contacts.add(pvp2_contact);
-
- //SSO
- SSO auth_sso = new SSO();
- generalAuth.setSSO(auth_sso);
- auth_sso.setTarget("");
- auth_sso.setFriendlyName("");
-
-
- //set SecurityLayer Transformations
- String[] transformsInfoFileNames = builder.buildTransformsInfoFileNames(builder.getConfigElem(), ConfigurationBuilder.AUTH_SECLAYER_TRANSFORMS_INFO_FILENAME_XPATH);
- String[] transformsInfos = builder.loadTransformsInfos(transformsInfoFileNames);
-
- List<TransformsInfoType> auth_transformInfos = new ArrayList<TransformsInfoType>();
- if (transformsInfos != null && transformsInfos.length > 0) {
- for (int i=0; i<transformsInfos.length; i++) {
-
- TransformsInfoType transforminfotype = new TransformsInfoType();
-
- if (transformsInfoFileNames[i] != null &&
- transformsInfos[i] != null) {
- String fileURL = FileUtils.makeAbsoluteURL(transformsInfoFileNames[i], rootConfigFileDir);
- Path fileName_ = new File(new URI(fileURL)).toPath().getFileName();
- transforminfotype.setFilename(fileName_.toString());
-
- transforminfotype.setTransformation(Base64Utils.encode(transformsInfos[i].getBytes("UTF-8")).getBytes("UTF-8"));
- auth_transformInfos.add(transforminfotype);
-
- } else
- Logger.warn("AuthBlock Transformation " + transformsInfoFileNames[i]
- + "not found.");
- }
-
- }
-
- SecurityLayer auth_securityLayer = new SecurityLayer();
- auth_securityLayer.setTransformsInfo(auth_transformInfos);
- generalAuth.setSecurityLayer(auth_securityLayer);
-
-
- //set MOASP configuration
- MOASP auth_moaSP = new MOASP();
- generalAuth.setMOASP(auth_moaSP);
-
- //set MOASP connection
- ConnectionParameter moaSpConnectionParameter = builder.buildMoaSpConnectionParameter();
- if (moaSpConnectionParameter != null) {
- ConnectionParameterClientAuthType auth_moaSP_connection =
- parseConnectionParameterClientAuth(moaSpConnectionParameter);
- auth_moaSP.setConnectionParameter(auth_moaSP_connection);
- }
-
- //set VerifyIdentityLink
- String moaSpIdentityLinkTrustProfileID = builder.getMoaSpIdentityLinkTrustProfileID();
- VerifyIdentityLink auth_moaSP_verifyIdentityLink = new VerifyIdentityLink();
- auth_moaSP_verifyIdentityLink.setTrustProfileID(moaSpIdentityLinkTrustProfileID);
- auth_moaSP.setVerifyIdentityLink(auth_moaSP_verifyIdentityLink);
-
- //set VerifyAuthBlock
- String moaSpAuthBlockTrustProfileID = builder.getMoaSpAuthBlockTrustProfileID();
- VerifyAuthBlock auth_moaSP_verifyAuthBlock = new VerifyAuthBlock();
- auth_moaSP_verifyAuthBlock.setTrustProfileID(moaSpAuthBlockTrustProfileID);
- String[] moaSpAuthBlockVerifyTransformsInfoIDs = builder.buildMoaSpAuthBlockVerifyTransformsInfoIDs();
- List<String> transformlist = new ArrayList<String>();
- Collections.addAll(transformlist, moaSpAuthBlockVerifyTransformsInfoIDs);
- auth_moaSP_verifyAuthBlock.setVerifyTransformsInfoProfileID(transformlist);
- auth_moaSP.setVerifyAuthBlock(auth_moaSP_verifyAuthBlock);
-
-
- //set IdentityLinkSigners
- IdentityLinkSigners auth_idsigners = new IdentityLinkSigners();
- generalAuth.setIdentityLinkSigners(auth_idsigners);
- List<String> identityLinkX509SubjectNames = builder.getIdentityLink_X509SubjectNames();
- auth_idsigners.setX509SubjectName(identityLinkX509SubjectNames);
-
-
- //not supported by MOA-ID 2.0
- VerifyInfoboxParameters defaultVerifyInfoboxParameters = null;
-// Node defaultVerifyInfoboxParamtersElem = XPathUtils.selectSingleNode(configElem, ConfigurationBuilder.AUTH_VERIFY_INFOBOXES_XPATH);
-// if (defaultVerifyInfoboxParamtersElem != null) {
-// defaultVerifyInfoboxParameters =
-// builder.buildVerifyInfoboxParameters((Element)defaultVerifyInfoboxParamtersElem, null, moaSpIdentityLinkTrustProfileID);
+///*******************************************************************************
+// * Copyright 2014 Federal Chancellery Austria
+// * MOA-ID has been developed in a cooperation between BRZ, the Federal
+// * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+// *
+// * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+// * the European Commission - subsequent versions of the EUPL (the "Licence");
+// * You may not use this work except in compliance with the Licence.
+// * You may obtain a copy of the Licence at:
+// * http://www.osor.eu/eupl/
+// *
+// * Unless required by applicable law or agreed to in writing, software
+// * distributed under the Licence is distributed on an "AS IS" basis,
+// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// * See the Licence for the specific language governing permissions and
+// * limitations under the Licence.
+// *
+// * This product combines work with different licenses. See the "NOTICE" text
+// * file for details on the various modules and licenses.
+// * The "NOTICE" text file is part of the distribution. Any derivative works
+// * that you distribute must include a readable copy of the "NOTICE" text file.
+// *******************************************************************************/
+//package at.gv.egovernment.moa.id.config.legacy;
+//
+//import java.io.BufferedInputStream;
+//import java.io.File;
+//import java.io.FileInputStream;
+//import java.io.IOException;
+//import java.io.InputStream;
+//import java.math.BigInteger;
+//import java.net.URI;
+//import java.nio.file.Path;
+//import java.util.ArrayList;
+//import java.util.Arrays;
+//import java.util.Collections;
+//import java.util.List;
+//import java.util.Map;
+//import java.util.Properties;
+//import java.util.Set;
+//
+//import org.w3c.dom.Element;
+//
+//import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral;
+//import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA;
+//import at.gv.egovernment.moa.id.commons.db.dao.config.BKUURLS;
+//import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModeType;
+//import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModes;
+//import at.gv.egovernment.moa.id.commons.db.dao.config.ConnectionParameterClientAuthType;
+//import at.gv.egovernment.moa.id.commons.db.dao.config.Contact;
+//import at.gv.egovernment.moa.id.commons.db.dao.config.DefaultBKUs;
+//import at.gv.egovernment.moa.id.commons.db.dao.config.ForeignIdentities;
+//import at.gv.egovernment.moa.id.commons.db.dao.config.GeneralConfiguration;
+//import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber;
+//import at.gv.egovernment.moa.id.commons.db.dao.config.IdentityLinkSigners;
+//import at.gv.egovernment.moa.id.commons.db.dao.config.LegacyAllowed;
+//import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration;
+//import at.gv.egovernment.moa.id.commons.db.dao.config.MOAKeyBoxSelector;
+//import at.gv.egovernment.moa.id.commons.db.dao.config.MOASP;
+//import at.gv.egovernment.moa.id.commons.db.dao.config.Mandates;
+//import at.gv.egovernment.moa.id.commons.db.dao.config.MandatesProfileNameItem;
+//import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2;
+//import at.gv.egovernment.moa.id.commons.db.dao.config.OASAML1;
+//import at.gv.egovernment.moa.id.commons.db.dao.config.OASSO;
+//import at.gv.egovernment.moa.id.commons.db.dao.config.OAuth;
+//import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
+//import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineMandates;
+//import at.gv.egovernment.moa.id.commons.db.dao.config.Organization;
+//import at.gv.egovernment.moa.id.commons.db.dao.config.PVP2;
+//import at.gv.egovernment.moa.id.commons.db.dao.config.Protocols;
+//import at.gv.egovernment.moa.id.commons.db.dao.config.SAML1;
+//import at.gv.egovernment.moa.id.commons.db.dao.config.SLRequestTemplates;
+//import at.gv.egovernment.moa.id.commons.db.dao.config.SSO;
+//import at.gv.egovernment.moa.id.commons.db.dao.config.SecurityLayer;
+//import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType;
+//import at.gv.egovernment.moa.id.commons.db.dao.config.TemplatesType;
+//import at.gv.egovernment.moa.id.commons.db.dao.config.TimeOuts;
+//import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType;
+//import at.gv.egovernment.moa.id.commons.db.dao.config.TrustAnchor;
+//import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyAuthBlock;
+//import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyIdentityLink;
+//import at.gv.egovernment.moa.id.config.ConfigurationException;
+//import at.gv.egovernment.moa.id.config.ConfigurationProvider;
+//
+//import at.gv.egovernment.moa.id.data.IssuerAndSerial;
+//import at.gv.egovernment.moa.logging.Logger;
+//import at.gv.egovernment.moa.util.Base64Utils;
+//import at.gv.egovernment.moa.util.DOMUtils;
+//import at.gv.egovernment.moa.util.FileUtils;
+//import at.gv.egovernment.moa.util.MiscUtil;
+//
+//public class BuildFromLegacyConfig {
+//
+// private static final String GENERIC_CONFIG_PARAM_SOURCEID = "AuthenticationServer.SourceID";
+//
+// private static final String SEARCHBKUTEMPLATE_LOCAL = "https://127.0.0.1:3496/";
+// private static final String SEARCHBKUTEMPLATE_HANDY = "https://www.handy-signatur.at";
+// private static final String SEARCHBKUTEMPLATE_ONLINE = "bkuonline/http-security-layer-request";
+//
+// public static final String AUTH_SESSION_TIMEOUT_PROPERTY =
+// "AuthenticationSession.TimeOut";
+// /**
+// * The name of the generic configuration property giving the authentication data time out.
+// */
+// public static final String AUTH_DATA_TIMEOUT_PROPERTY =
+// "AuthenticationData.TimeOut";
+//
+//
+// public static MOAIDConfiguration build(File fileName, String rootConfigFileDir, MOAIDConfiguration oldconfig) throws ConfigurationException {
+// InputStream stream = null;
+// Element configElem;
+// ConfigurationBuilder builder;
+//
+// Logger.info("Load Legacy-Configuration from file=" + fileName);
+//
+// try {
+// // load the main config file
+// stream = new BufferedInputStream(new FileInputStream(fileName));
+// configElem = DOMUtils.parseXmlValidating(stream);
+//
+// } catch (Throwable t) {
+// throw new ConfigurationException("config.03", null, t);
+// }
+//
+// finally {
+// try {
+// if (stream != null) {
+// stream.close();
+// }
+// } catch (IOException e) {
+//
+// }
+// }
+//
+// try {
+// String oldbkuonline = "";
+// String oldbkulocal = "";
+// String oldbkuhandy = "";
+//
+// // build the internal datastructures
+// builder = new ConfigurationBuilder(configElem, rootConfigFileDir);
+//
+//
+// MOAIDConfiguration moaIDConfig = new MOAIDConfiguration();
+//
+// AuthComponentGeneral generalAuth = new AuthComponentGeneral();
+// moaIDConfig.setAuthComponentGeneral(generalAuth);
+//
+//
+// //not supported by MOA-ID 2.0
+// //ConnectionParameter bKUConnectionParameter = builder.buildAuthBKUConnectionParameter();
+// //bKUSelectable = (bKUConnectionParameter!=null);
+// //bKUSelectionType = builder.buildAuthBKUSelectionType();
+//
+//
+// //Load generic Config
+// Map<String, String> genericConfiguration = builder.buildGenericConfiguration();
+// GeneralConfiguration authGeneral = new GeneralConfiguration();
+//
+// if (genericConfiguration.containsKey(ConfigurationProvider.TRUST_MANAGER_REVOCATION_CHECKING))
+// authGeneral.setTrustManagerRevocationChecking(
+// Boolean.valueOf((String)genericConfiguration.get(ConfigurationProvider.TRUST_MANAGER_REVOCATION_CHECKING)));
+// else
+// authGeneral.setTrustManagerRevocationChecking(true);
+//
+// if (genericConfiguration.containsKey(ConfigurationProvider.DIRECTORY_CERTSTORE_PARAMETER_PROPERTY))
+// authGeneral.setCertStoreDirectory(
+// (String)genericConfiguration.get(ConfigurationProvider.DIRECTORY_CERTSTORE_PARAMETER_PROPERTY));
+// else
+// authGeneral.setTrustManagerRevocationChecking(true);
+//
+//
+// //Load Assertion and Session timeouts
+// TimeOuts timeOuts = new TimeOuts();
+// if (genericConfiguration.containsKey(AUTH_DATA_TIMEOUT_PROPERTY))
+// timeOuts.setAssertion(BigInteger.valueOf(Long.valueOf((String)genericConfiguration.get(AUTH_DATA_TIMEOUT_PROPERTY))));
+// else
+// timeOuts.setAssertion(BigInteger.valueOf(2*60)); //default 2min
+//
+// if (genericConfiguration.containsKey(AUTH_SESSION_TIMEOUT_PROPERTY))
+// timeOuts.setAssertion(BigInteger.valueOf(Long.valueOf((String)genericConfiguration.get(AUTH_SESSION_TIMEOUT_PROPERTY))));
+// else
+// timeOuts.setAssertion(BigInteger.valueOf(30*60)); //default 30min
+//
+// timeOuts.setMOASessionUpdated(BigInteger.valueOf(15*60)); //default 15min
+// authGeneral.setTimeOuts(timeOuts);
+// generalAuth.setGeneralConfiguration(authGeneral);
+//
+// Protocols auth_protocols = new Protocols();
+// generalAuth.setProtocols(auth_protocols);
+//
+// LegacyAllowed prot_legacy = new LegacyAllowed();
+// auth_protocols.setLegacyAllowed(prot_legacy);
+// final List<String> PROTOCOLS_LEGACY_ALLOWED = Arrays.asList("id_saml1","id_pvp2x");
+// prot_legacy.setProtocolName(PROTOCOLS_LEGACY_ALLOWED);
+//
+// //set SAML1 config
+// SAML1 saml1 = new SAML1();
+// saml1.setIsActive(true);
+// if (genericConfiguration.containsKey(GENERIC_CONFIG_PARAM_SOURCEID))
+// saml1.setSourceID((String)genericConfiguration.get(GENERIC_CONFIG_PARAM_SOURCEID));
+// auth_protocols.setSAML1(saml1);
+//
+// //set OAuth config
+// OAuth oauth = new OAuth();
+// oauth.setIsActive(true);
+// auth_protocols.setOAuth(oauth);
+//
+// //set PVP2.1 config
+// PVP2 prot_pvp2 = new PVP2();
+// auth_protocols.setPVP2(prot_pvp2);
+// prot_pvp2.setPublicURLPrefix("https://....");
+// prot_pvp2.setIssuerName("MOA-ID 2.x IDP");
+//
+// Organization pvp2_org = new Organization();
+// prot_pvp2.setOrganization(pvp2_org);
+// pvp2_org.setDisplayName("OrganisationDisplayName");
+// pvp2_org.setName("OrganisatioName");
+// pvp2_org.setURL("http://testorganisation.at");
+//
+// List<Contact> pvp2_contacts = new ArrayList<Contact>();
+// prot_pvp2.setContact(pvp2_contacts);
+//
+// Contact pvp2_contact = new Contact();
+// pvp2_contact.setCompany("OrganisationDisplayName");
+// pvp2_contact.setGivenName("Max");
+//
+//
+// List<String> mails = new ArrayList<String>();
+// pvp2_contact.setMail(mails);
+// mails.add("max@muster.mann");
+//
+// List<String> phones = new ArrayList<String>();
+// pvp2_contact.setPhone(phones);
+// phones.add("01 5555 5555");
+//
+// pvp2_contact.setSurName("Mustermann");
+// pvp2_contact.setType("technical");
+// pvp2_contacts.add(pvp2_contact);
+//
+// //SSO
+// SSO auth_sso = new SSO();
+// generalAuth.setSSO(auth_sso);
+// auth_sso.setTarget("");
+// auth_sso.setFriendlyName("");
+//
+//
+// //set SecurityLayer Transformations
+// String[] transformsInfoFileNames = builder.buildTransformsInfoFileNames(builder.getConfigElem(), ConfigurationBuilder.AUTH_SECLAYER_TRANSFORMS_INFO_FILENAME_XPATH);
+// String[] transformsInfos = builder.loadTransformsInfos(transformsInfoFileNames);
+//
+// List<TransformsInfoType> auth_transformInfos = new ArrayList<TransformsInfoType>();
+// if (transformsInfos != null && transformsInfos.length > 0) {
+// for (int i=0; i<transformsInfos.length; i++) {
+//
+// TransformsInfoType transforminfotype = new TransformsInfoType();
+//
+// if (transformsInfoFileNames[i] != null &&
+// transformsInfos[i] != null) {
+// String fileURL = FileUtils.makeAbsoluteURL(transformsInfoFileNames[i], rootConfigFileDir);
+// Path fileName_ = new File(new URI(fileURL)).toPath().getFileName();
+// transforminfotype.setFilename(fileName_.toString());
+//
+// transforminfotype.setTransformation(Base64Utils.encode(transformsInfos[i].getBytes("UTF-8")).getBytes("UTF-8"));
+// auth_transformInfos.add(transforminfotype);
+//
+// } else
+// Logger.warn("AuthBlock Transformation " + transformsInfoFileNames[i]
+// + "not found.");
+// }
+//
+// }
+//
+// SecurityLayer auth_securityLayer = new SecurityLayer();
+// auth_securityLayer.setTransformsInfo(auth_transformInfos);
+// generalAuth.setSecurityLayer(auth_securityLayer);
+//
+//
+// //set MOASP configuration
+// MOASP auth_moaSP = new MOASP();
+// generalAuth.setMOASP(auth_moaSP);
+//
+// //set MOASP connection
+// ConnectionParameter moaSpConnectionParameter = builder.buildMoaSpConnectionParameter();
+// if (moaSpConnectionParameter != null) {
+// ConnectionParameterClientAuthType auth_moaSP_connection =
+// parseConnectionParameterClientAuth(moaSpConnectionParameter);
+// auth_moaSP.setConnectionParameter(auth_moaSP_connection);
+// }
+//
+// //set VerifyIdentityLink
+// String moaSpIdentityLinkTrustProfileID = builder.getMoaSpIdentityLinkTrustProfileID();
+// VerifyIdentityLink auth_moaSP_verifyIdentityLink = new VerifyIdentityLink();
+// auth_moaSP_verifyIdentityLink.setTrustProfileID(moaSpIdentityLinkTrustProfileID);
+// auth_moaSP.setVerifyIdentityLink(auth_moaSP_verifyIdentityLink);
+//
+// //set VerifyAuthBlock
+// String moaSpAuthBlockTrustProfileID = builder.getMoaSpAuthBlockTrustProfileID();
+// VerifyAuthBlock auth_moaSP_verifyAuthBlock = new VerifyAuthBlock();
+// auth_moaSP_verifyAuthBlock.setTrustProfileID(moaSpAuthBlockTrustProfileID);
+// String[] moaSpAuthBlockVerifyTransformsInfoIDs = builder.buildMoaSpAuthBlockVerifyTransformsInfoIDs();
+// List<String> transformlist = new ArrayList<String>();
+// Collections.addAll(transformlist, moaSpAuthBlockVerifyTransformsInfoIDs);
+// auth_moaSP_verifyAuthBlock.setVerifyTransformsInfoProfileID(transformlist);
+// auth_moaSP.setVerifyAuthBlock(auth_moaSP_verifyAuthBlock);
+//
+//
+// //set IdentityLinkSigners
+// IdentityLinkSigners auth_idsigners = new IdentityLinkSigners();
+// generalAuth.setIdentityLinkSigners(auth_idsigners);
+// List<String> identityLinkX509SubjectNames = builder.getIdentityLink_X509SubjectNames();
+// auth_idsigners.setX509SubjectName(identityLinkX509SubjectNames);
+//
+//
+// //not supported by MOA-ID 2.0
+// VerifyInfoboxParameters defaultVerifyInfoboxParameters = null;
+//// Node defaultVerifyInfoboxParamtersElem = XPathUtils.selectSingleNode(configElem, ConfigurationBuilder.AUTH_VERIFY_INFOBOXES_XPATH);
+//// if (defaultVerifyInfoboxParamtersElem != null) {
+//// defaultVerifyInfoboxParameters =
+//// builder.buildVerifyInfoboxParameters((Element)defaultVerifyInfoboxParamtersElem, null, moaSpIdentityLinkTrustProfileID);
+//// }
+//
+//
+// //Set ForeignIdentities
+// ForeignIdentities auth_foreign = new ForeignIdentities();
+// generalAuth.setForeignIdentities(auth_foreign);
+//
+// //set Connection parameters
+// ConnectionParameter foreignIDConnectionParameter = builder.buildForeignIDConnectionParameter();
+// ConnectionParameterClientAuthType auth_foreign_connection =
+// parseConnectionParameterClientAuth(foreignIDConnectionParameter);
+// auth_foreign.setConnectionParameter(auth_foreign_connection);
+//
+// //set OnlineMandates config
+// ConnectionParameter onlineMandatesConnectionParameter = builder.buildOnlineMandatesConnectionParameter();
+// if (onlineMandatesConnectionParameter != null) {
+// OnlineMandates auth_mandates = new OnlineMandates();
+// generalAuth.setOnlineMandates(auth_mandates);
+// auth_mandates.setConnectionParameter(
+// parseConnectionParameterClientAuth(onlineMandatesConnectionParameter));
// }
-
-
- //Set ForeignIdentities
- ForeignIdentities auth_foreign = new ForeignIdentities();
- generalAuth.setForeignIdentities(auth_foreign);
-
- //set Connection parameters
- ConnectionParameter foreignIDConnectionParameter = builder.buildForeignIDConnectionParameter();
- ConnectionParameterClientAuthType auth_foreign_connection =
- parseConnectionParameterClientAuth(foreignIDConnectionParameter);
- auth_foreign.setConnectionParameter(auth_foreign_connection);
-
- //set OnlineMandates config
- ConnectionParameter onlineMandatesConnectionParameter = builder.buildOnlineMandatesConnectionParameter();
- if (onlineMandatesConnectionParameter != null) {
- OnlineMandates auth_mandates = new OnlineMandates();
- generalAuth.setOnlineMandates(auth_mandates);
- auth_mandates.setConnectionParameter(
- parseConnectionParameterClientAuth(onlineMandatesConnectionParameter));
- }
-
-
- //TODO: add auth template configuration!!!
-
-
- if (oldconfig != null) {
- if (oldconfig.getDefaultBKUs() != null) {
- oldbkuhandy = oldconfig.getDefaultBKUs().getHandyBKU();
- oldbkulocal = oldconfig.getDefaultBKUs().getLocalBKU();
- oldbkuonline = oldconfig.getDefaultBKUs().getOnlineBKU();
- }
- } else {
- List<String> trustbkus = builder.getTrustedBKUs();
- for (String trustbku : trustbkus) {
- if (MiscUtil.isEmpty(oldbkuonline) && trustbku.endsWith(SEARCHBKUTEMPLATE_ONLINE))
- oldbkuonline = trustbku;
-
- if (MiscUtil.isEmpty(oldbkuhandy) && trustbku.startsWith(SEARCHBKUTEMPLATE_HANDY))
- oldbkuhandy = trustbku;
-
- if (MiscUtil.isEmpty(oldbkulocal) && trustbku.startsWith(SEARCHBKUTEMPLATE_LOCAL))
- oldbkulocal = trustbku;
- }
-
- }
-
-
- //set OnlineApplications
- OAAuthParameter[] onlineApplicationAuthParameters = builder.buildOnlineApplicationAuthParameters(defaultVerifyInfoboxParameters, moaSpIdentityLinkTrustProfileID);
-
- ArrayList<OnlineApplication> moa_oas = new ArrayList<OnlineApplication>();
- moaIDConfig.setOnlineApplication(moa_oas);
-
- for (OAAuthParameter oa : onlineApplicationAuthParameters) {
- OnlineApplication moa_oa = new OnlineApplication();
-
- //set general OA configuration
- moa_oa.setCalculateHPI(false); //TODO: Bernd fragen warum das nicht direkt über den Bereichsidentifyer definert wird
- moa_oa.setFriendlyName(oa.getFriendlyName());
- moa_oa.setKeyBoxIdentifier(MOAKeyBoxSelector.fromValue(oa.getKeyBoxIdentifier()));
- moa_oa.setPublicURLPrefix(oa.getPublicURLPrefix());
- moa_oa.setTarget(oa.getTarget());
- moa_oa.setTargetFriendlyName(oa.getTargetFriendlyName());
- moa_oa.setType(oa.getOaType());
- moa_oa.setIsActive(true);
-
-
- AuthComponentOA oa_auth = new AuthComponentOA();
- moa_oa.setAuthComponentOA(oa_auth);
-
- //SLLayer Version / useIframe
-// oa_auth.setSlVersion(oa.getSlVersion());
-// oa_auth.setUseIFrame(false);
-// oa_auth.setUseUTC(oa.getUseUTC());
-
- //BKUURLs
- BKUURLS bkuurls = new BKUURLS();
- bkuurls.setOnlineBKU(oldbkuonline);
- bkuurls.setHandyBKU(oldbkuhandy);
- bkuurls.setLocalBKU(oldbkulocal);
- oa_auth.setBKUURLS(bkuurls);
-
- //IdentificationNumber
- IdentificationNumber idnumber = new IdentificationNumber();
- idnumber.setValue(oa.getIdentityLinkDomainIdentifier());
- idnumber.setType(oa.getIdentityLinkDomainIdentifierType());
- oa_auth.setIdentificationNumber(idnumber);
-
- //set Templates
- TemplatesType templates = new TemplatesType();
- oa_auth.setTemplates(templates);
- templates.setAditionalAuthBlockText("");
- TemplateType template = new TemplateType();
- template.setURL(oa.getTemplateURL());
- ArrayList<TemplateType> template_list = new ArrayList<TemplateType>();
- template_list.add(template);
- templates.setTemplate(template_list);
-
-
- //TransformsInfo not supported by MOAID 2.0
- String[] transforminfos = oa.getTransformsInfos();
- for (String e1 : transforminfos) {
- if (MiscUtil.isNotEmpty(e1)) {
- Logger.warn("OA specific transformation for OA " + oa.getPublicURLPrefix()
- + " are not supported. USE AdditionalAuthBlock text!");
- }
- }
-
- //VerifyInfoBoxes not supported by MOAID 2.0
-
- //set Mandates
- Mandates oa_mandates = new Mandates();
- oa_auth.setMandates(oa_mandates);
- List<MandatesProfileNameItem> profileList = new ArrayList<MandatesProfileNameItem>();
-
- String oldProfiles = oa.getMandateProfiles();
- if (MiscUtil.isNotEmpty(oldProfiles)) {
- String[] oldprofileList = oldProfiles.split(",");
- for (int i=0; i<oldprofileList.length; i++) {
- MandatesProfileNameItem item = new MandatesProfileNameItem();
- item.setItem(oldprofileList[i].trim());
- profileList.add(item);
- }
- oa_mandates.setProfileNameItems(profileList );
- }
-
- //STORK
- //TODO: OA specific STORK config is deactivated in MOA 1.5.2
-
- //SSO
- OASSO oa_sso = new OASSO();
- oa_auth.setOASSO(oa_sso);
- oa_sso.setUseSSO(true);
- oa_sso.setSingleLogOutURL("");
- oa_sso.setAuthDataFrame(true);
-
- //OA_SAML1
- OASAML1 oa_saml1 = new OASAML1();
- oa_auth.setOASAML1(oa_saml1);
- oa_saml1.setConditionLength(BigInteger.valueOf(oa.getConditionLength()));
- oa_saml1.setProvideAUTHBlock(oa.getProvideAuthBlock());
- oa_saml1.setProvideCertificate(oa.getProvideCertifcate());
- oa_saml1.setProvideFullMandatorData(oa.getProvideFullMandatorData());
- oa_saml1.setProvideIdentityLink(oa.getProvideIdentityLink());
- oa_saml1.setProvideStammzahl(oa.getProvideStammzahl());
- oa_saml1.setUseCondition(oa.getUseCondition());
- oa_saml1.setIsActive(true);
- oa_saml1.setProvideAllErrors(false);
-
- //OA_PVP2
- OAPVP2 oa_pvp2 = new OAPVP2();
- oa_auth.setOAPVP2(oa_pvp2);
-
- moa_oas.add(moa_oa);
- //ConfigurationDBUtils.save(moa_oa);
- }
-
- //removed from MOAID 2.0 config
- //identityLinkX509SubjectNames = builder.getIdentityLink_X509SubjectNames();
-
-
- //set chaining modes
- ChainingModes moa_chainingModes = new ChainingModes();
- moaIDConfig.setChainingModes(moa_chainingModes);
-
-
-
- String defaultmode = builder.getDefaultChainingMode();
- ChainingModeType type;
- if (defaultmode.equals(iaik.pki.pathvalidation.ChainingModes.CHAIN_MODE))
- type = ChainingModeType.CHAINING;
- else
- type = ChainingModeType.PKIX;
-
-
- moa_chainingModes.setSystemDefaultMode(type);
-
- Map<IssuerAndSerial, String> chainingModes = builder.buildChainingModes();
- List<TrustAnchor> chaining_anchor = new ArrayList<TrustAnchor>();
- Set<IssuerAndSerial> chaining_anchor_map = chainingModes.keySet();
- for (IssuerAndSerial e1 : chaining_anchor_map) {
- TrustAnchor trustanchor = new TrustAnchor();
-
- ChainingModeType type1 = ChainingModeType.fromValue(chainingModes.get(e1));
- trustanchor.setMode(type1);
-
- trustanchor.setX509IssuerName(e1.getIssuerDN());
- trustanchor.setX509SerialNumber(e1.getSerial());
- chaining_anchor.add(trustanchor);
- }
- moa_chainingModes.setTrustAnchor(chaining_anchor);
-
-
- //set trustedCACertificate path
- moaIDConfig.setTrustedCACertificates(builder.getTrustedCACertificates());
-
-
- //Not required in MOAID 2.0 config (DefaultBKUs & SLRequestTemplates)
- //trustedBKUs = builder.getTrustedBKUs();
- //trustedTemplateURLs = builder.getTrustedTemplateURLs();
-
-
- //set DefaultBKUs
- DefaultBKUs moa_defaultbkus = new DefaultBKUs();
- moaIDConfig.setDefaultBKUs(moa_defaultbkus);
- moa_defaultbkus.setOnlineBKU(oldbkuonline);
- moa_defaultbkus.setHandyBKU(oldbkuhandy);
- moa_defaultbkus.setLocalBKU(oldbkulocal);
-
-
- //set SLRequest Templates
- SLRequestTemplates moa_slrequesttemp = new SLRequestTemplates();
- moaIDConfig.setSLRequestTemplates(moa_slrequesttemp);
- moa_slrequesttemp.setOnlineBKU("http://localhost:8080/moa-id-auth/template_onlineBKU.html");
- moa_slrequesttemp.setHandyBKU("http://localhost:8080/moa-id-auth/template_handyBKU.html");
- moa_slrequesttemp.setLocalBKU("http://127.0.0.1:8080/moa-id-auth/template_localBKU.html");
-
- return moaIDConfig;
-
- } catch (Throwable t) {
- throw new ConfigurationException("config.02", null, t);
- }
- }
-
- private static ConnectionParameterClientAuthType parseConnectionParameterClientAuth(
- ConnectionParameter old) {
- ConnectionParameterClientAuthType auth_moaSP_connection = new ConnectionParameterClientAuthType();
- auth_moaSP_connection.setURL(old.getUrl());
-
- //TODO: remove from Database config!!!!!
-// auth_moaSP_connection.setAcceptedServerCertificates(old.getAcceptedServerCertificates());
-// ClientKeyStore auth_moaSP_connection_keyStore = new ClientKeyStore();
-// auth_moaSP_connection_keyStore.setValue(old.getClientKeyStore());
-// auth_moaSP_connection_keyStore.setPassword(old.getClientKeyStorePassword());
-// auth_moaSP_connection.setClientKeyStore(auth_moaSP_connection_keyStore);
- return auth_moaSP_connection;
- }
-
- private static Properties getGeneralPVP2ProperiesConfig(Properties props) {
- Properties configProp = new Properties();
- for (Object key : props.keySet()) {
- String propPrefix = "protocols.pvp2.";
- if (key.toString().startsWith(propPrefix)) {
- String propertyName = key.toString().substring(propPrefix.length());
- configProp.put(propertyName, props.get(key.toString()));
- }
- }
- return configProp;
- }
-}
+//
+//
+// //TODO: add auth template configuration!!!
+//
+//
+// if (oldconfig != null) {
+// if (oldconfig.getDefaultBKUs() != null) {
+// oldbkuhandy = oldconfig.getDefaultBKUs().getHandyBKU();
+// oldbkulocal = oldconfig.getDefaultBKUs().getLocalBKU();
+// oldbkuonline = oldconfig.getDefaultBKUs().getOnlineBKU();
+// }
+// } else {
+// List<String> trustbkus = builder.getTrustedBKUs();
+// for (String trustbku : trustbkus) {
+// if (MiscUtil.isEmpty(oldbkuonline) && trustbku.endsWith(SEARCHBKUTEMPLATE_ONLINE))
+// oldbkuonline = trustbku;
+//
+// if (MiscUtil.isEmpty(oldbkuhandy) && trustbku.startsWith(SEARCHBKUTEMPLATE_HANDY))
+// oldbkuhandy = trustbku;
+//
+// if (MiscUtil.isEmpty(oldbkulocal) && trustbku.startsWith(SEARCHBKUTEMPLATE_LOCAL))
+// oldbkulocal = trustbku;
+// }
+//
+// }
+//
+//
+// //set OnlineApplications
+// OAAuthParameter[] onlineApplicationAuthParameters = builder.buildOnlineApplicationAuthParameters(defaultVerifyInfoboxParameters, moaSpIdentityLinkTrustProfileID);
+//
+// ArrayList<OnlineApplication> moa_oas = new ArrayList<OnlineApplication>();
+// moaIDConfig.setOnlineApplication(moa_oas);
+//
+// for (OAAuthParameter oa : onlineApplicationAuthParameters) {
+// OnlineApplication moa_oa = new OnlineApplication();
+//
+// //set general OA configuration
+// moa_oa.setCalculateHPI(false); //TODO: Bernd fragen warum das nicht direkt über den Bereichsidentifyer definert wird
+// moa_oa.setFriendlyName(oa.getFriendlyName());
+// moa_oa.setKeyBoxIdentifier(MOAKeyBoxSelector.fromValue(oa.getKeyBoxIdentifier()));
+// moa_oa.setPublicURLPrefix(oa.getPublicURLPrefix());
+// moa_oa.setTarget(oa.getTarget());
+// moa_oa.setTargetFriendlyName(oa.getTargetFriendlyName());
+// moa_oa.setType(oa.getOaType());
+// moa_oa.setIsActive(true);
+//
+//
+// AuthComponentOA oa_auth = new AuthComponentOA();
+// moa_oa.setAuthComponentOA(oa_auth);
+//
+// //SLLayer Version / useIframe
+//// oa_auth.setSlVersion(oa.getSlVersion());
+//// oa_auth.setUseIFrame(false);
+//// oa_auth.setUseUTC(oa.getUseUTC());
+//
+// //BKUURLs
+// BKUURLS bkuurls = new BKUURLS();
+// bkuurls.setOnlineBKU(oldbkuonline);
+// bkuurls.setHandyBKU(oldbkuhandy);
+// bkuurls.setLocalBKU(oldbkulocal);
+// oa_auth.setBKUURLS(bkuurls);
+//
+// //IdentificationNumber
+// IdentificationNumber idnumber = new IdentificationNumber();
+// idnumber.setValue(oa.getIdentityLinkDomainIdentifier());
+// idnumber.setType(oa.getIdentityLinkDomainIdentifierType());
+// oa_auth.setIdentificationNumber(idnumber);
+//
+// //set Templates
+// TemplatesType templates = new TemplatesType();
+// oa_auth.setTemplates(templates);
+// templates.setAditionalAuthBlockText("");
+// TemplateType template = new TemplateType();
+// template.setURL(oa.getTemplateURL());
+// ArrayList<TemplateType> template_list = new ArrayList<TemplateType>();
+// template_list.add(template);
+// templates.setTemplate(template_list);
+//
+//
+// //TransformsInfo not supported by MOAID 2.0
+// String[] transforminfos = oa.getTransformsInfos();
+// for (String e1 : transforminfos) {
+// if (MiscUtil.isNotEmpty(e1)) {
+// Logger.warn("OA specific transformation for OA " + oa.getPublicURLPrefix()
+// + " are not supported. USE AdditionalAuthBlock text!");
+// }
+// }
+//
+// //VerifyInfoBoxes not supported by MOAID 2.0
+//
+// //set Mandates
+// Mandates oa_mandates = new Mandates();
+// oa_auth.setMandates(oa_mandates);
+// List<MandatesProfileNameItem> profileList = new ArrayList<MandatesProfileNameItem>();
+//
+// String oldProfiles = oa.getMandateProfiles();
+// if (MiscUtil.isNotEmpty(oldProfiles)) {
+// String[] oldprofileList = oldProfiles.split(",");
+// for (int i=0; i<oldprofileList.length; i++) {
+// MandatesProfileNameItem item = new MandatesProfileNameItem();
+// item.setItem(oldprofileList[i].trim());
+// profileList.add(item);
+// }
+// oa_mandates.setProfileNameItems(profileList );
+// }
+//
+// //STORK
+// //TODO: OA specific STORK config is deactivated in MOA 1.5.2
+//
+// //SSO
+// OASSO oa_sso = new OASSO();
+// oa_auth.setOASSO(oa_sso);
+// oa_sso.setUseSSO(true);
+// oa_sso.setSingleLogOutURL("");
+// oa_sso.setAuthDataFrame(true);
+//
+// //OA_SAML1
+// OASAML1 oa_saml1 = new OASAML1();
+// oa_auth.setOASAML1(oa_saml1);
+// oa_saml1.setConditionLength(BigInteger.valueOf(oa.getConditionLength()));
+// oa_saml1.setProvideAUTHBlock(oa.getProvideAuthBlock());
+// oa_saml1.setProvideCertificate(oa.getProvideCertifcate());
+// oa_saml1.setProvideFullMandatorData(oa.getProvideFullMandatorData());
+// oa_saml1.setProvideIdentityLink(oa.getProvideIdentityLink());
+// oa_saml1.setProvideStammzahl(oa.getProvideStammzahl());
+// oa_saml1.setUseCondition(oa.getUseCondition());
+// oa_saml1.setIsActive(true);
+// oa_saml1.setProvideAllErrors(false);
+//
+// //OA_PVP2
+// OAPVP2 oa_pvp2 = new OAPVP2();
+// oa_auth.setOAPVP2(oa_pvp2);
+//
+// moa_oas.add(moa_oa);
+// //ConfigurationDBUtils.save(moa_oa);
+// }
+//
+// //removed from MOAID 2.0 config
+// //identityLinkX509SubjectNames = builder.getIdentityLink_X509SubjectNames();
+//
+//
+// //set chaining modes
+// ChainingModes moa_chainingModes = new ChainingModes();
+// moaIDConfig.setChainingModes(moa_chainingModes);
+//
+//
+//
+// String defaultmode = builder.getDefaultChainingMode();
+// ChainingModeType type;
+// if (defaultmode.equals(iaik.pki.pathvalidation.ChainingModes.CHAIN_MODE))
+// type = ChainingModeType.CHAINING;
+// else
+// type = ChainingModeType.PKIX;
+//
+//
+// moa_chainingModes.setSystemDefaultMode(type);
+//
+// Map<IssuerAndSerial, String> chainingModes = builder.buildChainingModes();
+// List<TrustAnchor> chaining_anchor = new ArrayList<TrustAnchor>();
+// Set<IssuerAndSerial> chaining_anchor_map = chainingModes.keySet();
+// for (IssuerAndSerial e1 : chaining_anchor_map) {
+// TrustAnchor trustanchor = new TrustAnchor();
+//
+// ChainingModeType type1 = ChainingModeType.fromValue(chainingModes.get(e1));
+// trustanchor.setMode(type1);
+//
+// trustanchor.setX509IssuerName(e1.getIssuerDN());
+// trustanchor.setX509SerialNumber(e1.getSerial());
+// chaining_anchor.add(trustanchor);
+// }
+// moa_chainingModes.setTrustAnchor(chaining_anchor);
+//
+//
+// //set trustedCACertificate path
+// moaIDConfig.setTrustedCACertificates(builder.getTrustedCACertificates());
+//
+//
+// //Not required in MOAID 2.0 config (DefaultBKUs & SLRequestTemplates)
+// //trustedBKUs = builder.getTrustedBKUs();
+// //trustedTemplateURLs = builder.getTrustedTemplateURLs();
+//
+//
+// //set DefaultBKUs
+// DefaultBKUs moa_defaultbkus = new DefaultBKUs();
+// moaIDConfig.setDefaultBKUs(moa_defaultbkus);
+// moa_defaultbkus.setOnlineBKU(oldbkuonline);
+// moa_defaultbkus.setHandyBKU(oldbkuhandy);
+// moa_defaultbkus.setLocalBKU(oldbkulocal);
+//
+//
+// //set SLRequest Templates
+// SLRequestTemplates moa_slrequesttemp = new SLRequestTemplates();
+// moaIDConfig.setSLRequestTemplates(moa_slrequesttemp);
+// moa_slrequesttemp.setOnlineBKU("http://localhost:8080/moa-id-auth/template_onlineBKU.html");
+// moa_slrequesttemp.setHandyBKU("http://localhost:8080/moa-id-auth/template_handyBKU.html");
+// moa_slrequesttemp.setLocalBKU("http://127.0.0.1:8080/moa-id-auth/template_localBKU.html");
+//
+// return moaIDConfig;
+//
+// } catch (Throwable t) {
+// throw new ConfigurationException("config.02", null, t);
+// }
+// }
+//
+// private static ConnectionParameterClientAuthType parseConnectionParameterClientAuth(
+// ConnectionParameter old) {
+// ConnectionParameterClientAuthType auth_moaSP_connection = new ConnectionParameterClientAuthType();
+// auth_moaSP_connection.setURL(old.getUrl());
+//
+// //TODO: remove from Database config!!!!!
+//// auth_moaSP_connection.setAcceptedServerCertificates(old.getAcceptedServerCertificates());
+//// ClientKeyStore auth_moaSP_connection_keyStore = new ClientKeyStore();
+//// auth_moaSP_connection_keyStore.setValue(old.getClientKeyStore());
+//// auth_moaSP_connection_keyStore.setPassword(old.getClientKeyStorePassword());
+//// auth_moaSP_connection.setClientKeyStore(auth_moaSP_connection_keyStore);
+// return auth_moaSP_connection;
+// }
+//
+// private static Properties getGeneralPVP2ProperiesConfig(Properties props) {
+// Properties configProp = new Properties();
+// for (Object key : props.keySet()) {
+// String propPrefix = "protocols.pvp2.";
+// if (key.toString().startsWith(propPrefix)) {
+// String propertyName = key.toString().substring(propPrefix.length());
+// configProp.put(propertyName, props.get(key.toString()));
+// }
+// }
+// return configProp;
+// }
+//}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
index 0b45bb461..59b3a632a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
@@ -30,6 +30,8 @@ import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
+import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
import at.gv.egovernment.moa.id.advancedlogging.StatisticLogger;
import at.gv.egovernment.moa.id.advancedlogging.TransactionIDUtils;
@@ -43,7 +45,7 @@ import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
import at.gv.egovernment.moa.id.auth.exception.ProtocolNotActiveException;
import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
import at.gv.egovernment.moa.id.auth.servlet.AuthServlet;
-import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
+
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
import at.gv.egovernment.moa.id.data.IAuthData;
@@ -132,6 +134,7 @@ public class DispatcherServlet extends AuthServlet{
if (errorRequest != null) {
RequestStorage.removePendingRequest(pendingRequestID);
+ MOAReversionLogger.getInstance().logEvent(errorRequest, MOAIDEventConstants.TRANSACTION_ERROR);
try {
IModulInfo handlingModule = ModulStorage
@@ -247,6 +250,7 @@ public class DispatcherServlet extends AuthServlet{
String ssoId = ssomanager.getSSOSessionID(req);
IRequest protocolRequest = null;
+ String uniqueSessionIdentifier = null;
try {
Object idObject = req.getParameter(PARAM_TARGET_PENDINGREQUESTID);
@@ -268,6 +272,22 @@ public class DispatcherServlet extends AuthServlet{
}
} else {
try {
+
+ //load unique session identifier with SSO-sessionID
+ uniqueSessionIdentifier = ssomanager.getUniqueSessionIdentifier(ssoId);
+ if (MiscUtil.isEmpty(uniqueSessionIdentifier))
+ uniqueSessionIdentifier = Random.nextRandom();
+ TransactionIDUtils.setSessionId(uniqueSessionIdentifier);
+
+ //set transactionID to Logger
+ protocolRequestID = Random.nextRandom();
+ TransactionIDUtils.setTransactionId(protocolRequestID);
+
+ //log information for security and process reversion
+ MOAReversionLogger.getInstance().logEvent(MOAIDEventConstants.SESSION_CREATED, uniqueSessionIdentifier);
+ MOAReversionLogger.getInstance().logEvent(MOAIDEventConstants.TRANSACTION_CREATED, protocolRequestID);
+ MOAReversionLogger.getInstance().logEvent(uniqueSessionIdentifier, protocolRequestID, MOAIDEventConstants.SESSION_IP, req.getRemoteAddr());
+
protocolRequest = info.preProcess(req, resp, action);
//request is a valid interfederation response
@@ -394,6 +414,9 @@ public class DispatcherServlet extends AuthServlet{
Logger.warn("Request sends an old SSO Session ID("+ssoId+")! " +
"Invalidate the corresponding MOASession with ID="+ correspondingMOASession);
+ MOAReversionLogger.getInstance().logEvent(protocolRequest.getOnlineApplicationConfiguration(),
+ protocolRequest, MOAIDEventConstants.AUTHPROCESS_SSO_INVALID);
+
AuthenticationSessionStoreage.destroySession(correspondingMOASession);
ssomanager.deleteSSOSessionID(req, resp);
}
@@ -424,6 +447,10 @@ public class DispatcherServlet extends AuthServlet{
boolean tryperform = authmanager.tryPerformAuthentication(
req, resp);
+ if (tryperform)
+ MOAReversionLogger.getInstance().logEvent(protocolRequest.getOnlineApplicationConfiguration(),
+ protocolRequest, MOAIDEventConstants.AUTHPROCESS_FINISHED);
+
if (protocolRequest.forceAuth()) {
if (!tryperform) {
authmanager.doAuthentication(req, resp,
@@ -452,6 +479,9 @@ public class DispatcherServlet extends AuthServlet{
if (useSSOOA && isValidSSOSession) {
+ MOAReversionLogger.getInstance().logEvent(protocolRequest.getOnlineApplicationConfiguration(),
+ protocolRequest, MOAIDEventConstants.AUTHPROCESS_SSO);
+
moasessionID = ssomanager.getMOASession(ssoId);
moasession = AuthenticationSessionStoreage.getSession(moasessionID);
@@ -535,6 +565,9 @@ public class DispatcherServlet extends AuthServlet{
}
+ //log transaction_destroy to reversionslog
+ MOAReversionLogger.getInstance().logEvent(MOAIDEventConstants.TRANSACTION_DESTROYED, protocolRequestID);
+
} catch (WrongParametersException ex) {
handleWrongParameters(ex, req, resp);
@@ -547,7 +580,10 @@ public class DispatcherServlet extends AuthServlet{
}
finally {
- ConfigurationDBUtils.closeSession();
+
+
+ TransactionIDUtils.removeTransactionId();
+ TransactionIDUtils.removeSessionId();
}
Logger.info("Clossing Dispatcher processing loop");
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
index 5fc1f3c4d..3fd99f6fc 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
@@ -42,11 +42,13 @@ import org.hibernate.Query;
import org.hibernate.Session;
import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionExtensions;
import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils;
import at.gv.egovernment.moa.id.commons.db.dao.session.AuthenticatedSessionStore;
import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore;
import at.gv.egovernment.moa.id.commons.db.dao.session.OldSSOSessionIDStore;
+import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.config.ConfigurationException;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
@@ -176,6 +178,24 @@ public class SSOManager {
}
+ public String getUniqueSessionIdentifier(String ssoSessionID) {
+ try {
+ if (MiscUtil.isNotEmpty(ssoSessionID)) {
+ String moaSessionID = AuthenticationSessionStoreage.getMOASessionSSOID(ssoSessionID);
+ if (MiscUtil.isNotEmpty(moaSessionID)) {
+ AuthenticationSessionExtensions extSessionInformation = AuthenticationSessionStoreage.getAuthenticationSessionExtensions(moaSessionID);
+ return extSessionInformation.getUniqueSessionId();
+
+ }
+ }
+ } catch (MOADatabaseException e) {
+ Logger.debug("No SSO Session with SSO sessionID: " + ssoSessionID);
+ }
+
+ return null;
+ }
+
+
public String existsOldSSOSession(String ssoId) {
Logger.trace("Check that the SSOID has already been used");
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/MOASAMLSOAPClient.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/MOASAMLSOAPClient.java
index 2915ff683..4d12c38da 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/MOASAMLSOAPClient.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/MOASAMLSOAPClient.java
@@ -35,7 +35,6 @@ import org.opensaml.xml.XMLObject;
import org.opensaml.xml.parse.BasicParserPool;
import org.opensaml.xml.security.SecurityException;
-import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModeType;
import at.gv.egovernment.moa.id.commons.ex.MOAHttpProtocolSocketFactoryException;
import at.gv.egovernment.moa.id.commons.utils.MOAHttpProtocolSocketFactory;
import at.gv.egovernment.moa.id.config.ConfigurationException;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/MetadataSignatureFilter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/MetadataSignatureFilter.java
index 6dac4bba1..149874ce0 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/MetadataSignatureFilter.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/MetadataSignatureFilter.java
@@ -37,7 +37,7 @@ import org.opensaml.xml.XMLObject;
import org.opensaml.xml.security.x509.BasicX509Credential;
import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
-import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
+
import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NoCredentialsException;
import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.filter.SignatureValidationException;
import at.gv.egovernment.moa.id.protocols.pvp2x.verification.EntityVerifier;
@@ -151,7 +151,7 @@ public class MetadataSignatureFilter implements MetadataFilter {
throw new MOAIDException("Invalid Metadata file Root element is no EntitiesDescriptor", null);
}
- ConfigurationDBUtils.closeSession();
+
Logger.info("Metadata signature policy check done OK");
} catch (MOAIDException e) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java
index de1924ba1..8c34d4806 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java
@@ -23,7 +23,6 @@
package at.gv.egovernment.moa.id.protocols.stork2;
import at.gv.egovernment.moa.id.commons.MOAIDConstants;
-import at.gv.egovernment.moa.id.commons.db.dao.config.AttributeProviderPlugin;
import at.gv.egovernment.moa.id.config.stork.StorkAttributeProviderPlugin;
import at.gv.egovernment.moa.id.protocols.stork2.attributeproviders.AttributeProvider;
import at.gv.egovernment.moa.id.protocols.stork2.attributeproviders.EHvdAttributeProviderPlugin;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java
index 30c59af6d..bde0f362d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java
@@ -91,7 +91,7 @@ public class ConsentEvaluator implements IAction {
}
//TODO: CHECK: req.getOAURL() should return the unique OA identifier
- OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(req.getOAURL());
+ OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(req.getOAURL());
if (oaParam == null)
throw new AuthenticationException("stork.12", new Object[]{req.getOAURL()});
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/SignedDocAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/SignedDocAttributeRequestProvider.java
index ea0062620..def89d0d9 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/SignedDocAttributeRequestProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/SignedDocAttributeRequestProvider.java
@@ -31,29 +31,24 @@ import java.net.URL;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
-import java.util.Properties;
import javax.activation.DataSource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.xml.namespace.QName;
import javax.xml.transform.Source;
-import javax.xml.transform.TransformerConfigurationException;
-import javax.xml.transform.TransformerException;
-import javax.xml.transform.TransformerFactoryConfigurationError;
import javax.xml.transform.stream.StreamSource;
import javax.xml.ws.Service;
import javax.xml.ws.soap.SOAPBinding;
import javax.xml.ws.BindingProvider;
import eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion.AttributeStatusType;
-import org.apache.commons.codec.binary.Base64;
+
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang.NotImplementedException;
import org.apache.velocity.Template;
import org.apache.velocity.VelocityContext;
import org.apache.velocity.app.VelocityEngine;
-import org.bouncycastle.util.encoders.UrlBase64;
import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
import at.gv.egovernment.moa.id.config.auth.AuthConfiguration;
@@ -65,11 +60,11 @@ import at.gv.egovernment.moa.id.protocols.stork2.MOASTORKRequest;
import at.gv.egovernment.moa.id.protocols.stork2.UnsupportedAttributeException;
import at.gv.egovernment.moa.id.util.VelocityProvider;
import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.Base64Utils;
import eu.stork.oasisdss.api.ApiUtils;
import eu.stork.oasisdss.api.LightweightSourceResolver;
import eu.stork.oasisdss.api.ResultMajor;
import eu.stork.oasisdss.api.exceptions.ApiUtilsException;
-import eu.stork.oasisdss.api.exceptions.UtilsException;
import eu.stork.oasisdss.profile.AnyType;
import eu.stork.oasisdss.profile.Base64Data;
import eu.stork.oasisdss.profile.DocumentType;
@@ -85,7 +80,6 @@ import eu.stork.peps.auth.commons.STORKAttrQueryRequest;
import eu.stork.peps.auth.engine.STORKSAMLEngine;
import eu.stork.peps.exceptions.STORKSAMLEngineException;
import eu.stork.documentservice.DocumentService;
-import eu.stork.documentservice.data.DatabaseConnectorMySQLImpl;
/**
* Forwards a signedDoc attribute request to the oasis-dss service instance
*/
@@ -175,7 +169,7 @@ public class SignedDocAttributeRequestProvider extends AttributeProvider {
Logger.debug("signresponse method: " + httpReq.getMethod());
Logger.debug("signresponse content type: " + httpReq.getContentType());
Logger.debug("signresponse parameter:"+base64);
- String signResponseString = new String(Base64.decodeBase64(base64), "UTF8");
+ String signResponseString = new String(Base64Utils.decode(base64, false), "UTF8");
Logger.debug("RECEIVED signresponse:"+signResponseString);
//create SignResponse object
Source response = new StreamSource(new java.io.StringReader(signResponseString));
@@ -445,7 +439,7 @@ public class SignedDocAttributeRequestProvider extends AttributeProvider {
e.printStackTrace();
}
- context.put("signrequest", Base64.encodeBase64String(signRequestString.getBytes("UTF8")));
+ context.put("signrequest", Base64Utils.encode(signRequestString.getBytes("UTF8")));
context.put("clienturl", url);
context.put("action", oasisDssWebFormURL);
diff --git a/id/server/idserverlib/src/main/resources/moaid.configuration.beans.xml b/id/server/idserverlib/src/main/resources/moaid.configuration.beans.xml
index e9e4eb23d..f2b2f5adf 100644
--- a/id/server/idserverlib/src/main/resources/moaid.configuration.beans.xml
+++ b/id/server/idserverlib/src/main/resources/moaid.configuration.beans.xml
@@ -26,11 +26,6 @@
<bean id="jpaVendorAdapter" class="org.springframework.orm.jpa.vendor.HibernateJpaVendorAdapter">
<property name="showSql" value="true" />
<property name="generateDdl" value="${jpaVendorAdapter.generateDdl}" />
-<!-- <property name="generateDdl">
- <bean class="java.lang.Boolean">
- <constructor-arg value="${jpaVendorAdapter.generateDdl}"/>
- </bean>
- </property> -->
<property name="databasePlatform" value="${configuration.hibernate.dialect}" />
</bean>
--
cgit v1.2.3