From f912da9959267d214bb10a2be8e412af731141ed Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Wed, 26 Jul 2017 10:24:55 +0200 Subject: refactor MOA metadataprovider to load metadata from file system --- .../moa/id/auth/IPostStartupInitializable.java | 41 ++++++++++++++++++++++ .../moa/id/auth/MOAIDAuthInitializer.java | 2 +- .../PropertyBasedAuthConfigurationProvider.java | 5 +++ .../pvp2x/metadata/SimpleMOAMetadataProvider.java | 9 +++-- .../resources/properties/id_messages_de.properties | 2 +- 5 files changed, 52 insertions(+), 7 deletions(-) create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/IPostStartupInitializable.java (limited to 'id/server/idserverlib/src/main') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/IPostStartupInitializable.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/IPostStartupInitializable.java new file mode 100644 index 000000000..d918be463 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/IPostStartupInitializable.java @@ -0,0 +1,41 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth; + + +/** + * + * @author tlenz + * + * Interface initialize a Object when the MOA-ID-Auth start-up process is fully completed + * + */ +public interface IPostStartupInitializable { + + /** + * This method is called once when MOA-ID-Auth start-up process is fully completed + * + */ + public void executeAfterStartup(); + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java index 65ea2fd90..3d45e2468 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java @@ -127,7 +127,7 @@ public class MOAIDAuthInitializer { Random.seedRandom(); Logger.debug("Random-number generator is seeded."); - // Initialize configuration provider + // Initialize configuration provider for non-spring managed parts AuthConfiguration authConf = AuthConfigurationProviderFactory.reload(rootContext); //test, if MOA-ID is already configured diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java index 7e0f48744..35d052acd 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java @@ -235,6 +235,11 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide return properties.getProperty(key, defaultValue); } + + public Map getBasicMOAIDConfigurationWithPrefix(final String prefix) { + return KeyValueUtils.getSubSetWithPrefix(KeyValueUtils.concertPropertiesToMap(properties), prefix); + + } /* (non-Javadoc) diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/SimpleMOAMetadataProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/SimpleMOAMetadataProvider.java index e060e18e1..6c2235654 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/SimpleMOAMetadataProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/SimpleMOAMetadataProvider.java @@ -39,7 +39,6 @@ import org.springframework.beans.factory.annotation.Autowired; import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; import at.gv.egovernment.moa.id.commons.ex.MOAHttpProtocolSocketFactoryException; import at.gv.egovernment.moa.id.commons.utils.MOAHttpProtocolSocketFactory; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.filter.SchemaValidationException; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.filter.SignatureValidationException; @@ -177,12 +176,12 @@ public abstract class SimpleMOAMetadataProvider implements MetadataProvider{ //FIX: change hostname validation default flag to true when httpClient is updated to > 4.4 MOAHttpProtocolSocketFactory protoSocketFactory = new MOAHttpProtocolSocketFactory( PVPConstants.SSLSOCKETFACTORYNAME, - AuthConfigurationProviderFactory.getInstance().getTrustedCACertificates(), + authConfig.getTrustedCACertificates(), null, AuthConfiguration.DEFAULT_X509_CHAININGMODE, - AuthConfigurationProviderFactory.getInstance().isTrustmanagerrevoationchecking(), - AuthConfigurationProviderFactory.getInstance().getRevocationMethodOrder(), - AuthConfigurationProviderFactory.getInstance().getBasicMOAIDConfigurationBoolean( + authConfig.isTrustmanagerrevoationchecking(), + authConfig.getRevocationMethodOrder(), + authConfig.getBasicMOAIDConfigurationBoolean( AuthConfiguration.PROP_KEY_SSL_HOSTNAME_VALIDATION, false)); httpClient.setCustomSSLTrustStore(metadataURL, protoSocketFactory); diff --git a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties index 1a2f0d1d3..50b2c5ece 100644 --- a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties +++ b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties @@ -53,7 +53,7 @@ auth.32=Federated authentication FAILED. No configuration for IDP {0} auth.33=Federated authentication FAILED. Configuration of IDP {0} does not allow inbound messages. auth.34=Federated authentication FAILED. Configuration of IDP {0} is marked as BusinessService-IDP, but Public-Service attributes are requested. -init.00=MOA ID Authentisierung wurde erfolgreich gestartet +init.00=MOA-ID-Auth wurde erfolgreich gestartet init.01=Fehler beim Aktivieren des IAIK-JCE/JSSE/JDK1.3 Workaround\: SSL ist m\u00F6glicherweise nicht verf\u00FCgbar init.02=Fehler beim Starten des Service MOA-ID-Auth init.04=Fehler beim Datenbankzugriff mit der SessionID {0} -- cgit v1.2.3