From 583d95af8f722f60cf848e603f12f6c0be0e9a59 Mon Sep 17 00:00:00 2001 From: kstranacher Date: Fri, 10 Feb 2012 16:21:09 +0000 Subject: * Ausbau MOASecurityManager (nicht anwendbar da SecurityManager nur systemweit gesetzt werden kann) * Update ExternalURIResolver mit ExternalURIVerifier der gegen Blackliste checkt git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@1238 d688527b-c9ab-4aba-bd8d-4036d912da1d --- .../moa/id/auth/AuthenticationServer.java | 2 +- .../servlet/VerifyAuthenticationBlockServlet.java | 139 +++++++++++---------- 2 files changed, 71 insertions(+), 70 deletions(-) (limited to 'id/server/idserverlib/src') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java index b8fa4f412..355918f2d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java @@ -419,7 +419,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { templateURL = session.getTemplateURL(); } if (templateURL != null) { - try { + try { template = new String(FileUtils.readURL(templateURL)); } catch (IOException ex) { throw new AuthenticationException( diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java index 5ae508358..a51fa483f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java @@ -225,12 +225,13 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet { } else { redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(), AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, session.getSessionID()); } - + resp.setContentType("text/html"); resp.setStatus(302); - resp.addHeader("Location", redirectURL); - Logger.debug("REDIRECT TO: " + redirectURL); + resp.addHeader("Location", redirectURL); + Logger.debug("REDIRECT TO: " + redirectURL); + } } @@ -254,72 +255,72 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet { * @param session * @throws IOException */ - private void callMISService(AuthenticationSession session, HttpServletRequest req, HttpServletResponse resp) throws IOException { - - try { - AuthConfigurationProvider authConf= AuthConfigurationProvider.getInstance(); - ConnectionParameter connectionParameters = authConf.getOnlineMandatesConnectionParameter(); - SSLSocketFactory sslFactory = SSLUtils.getSSLSocketFactory(AuthConfigurationProvider.getInstance(), connectionParameters); - - // get identitity link as byte[] - Element elem = session.getIdentityLink().getSamlAssertion(); - String s = DOMUtils.serializeNode(elem); - - System.out.println("IDL: " + s); - - byte[] idl = s.getBytes(); - - // redirect url - // build redirect(to the GetMISSessionIdSerlvet) - String redirectURL = - new DataURLBuilder().buildDataURL( - session.getAuthURL(), - GET_MIS_SESSIONID, - session.getSessionID()); - - String oaURL = session.getOAURLRequested(); - OAAuthParameter oaParam = authConf.getOnlineApplicationParameter(oaURL); - String profiles = oaParam.getMandateProfiles(); - - if (profiles == null) { - Logger.error("No Mandate/Profile for OA configured."); - throw new AuthenticationException("auth.16", new Object[] { GET_MIS_SESSIONID}); - } - - String profilesArray[] = profiles.split(","); - for(int i = 0; i < profilesArray.length; i++) { - profilesArray[i] = profilesArray[i].trim(); - } - - String oaFriendlyName = oaParam.getFriendlyName(); - String mandateReferenceValue = session.getMandateReferenceValue(); - X509Certificate cert = session.getSignerCertificate(); - MISSessionId misSessionID = MISSimpleClient.sendSessionIdRequest(connectionParameters.getUrl(), idl, cert.getEncoded(), oaFriendlyName, redirectURL, mandateReferenceValue, profilesArray, sslFactory); - String redirectMISGUI = misSessionID.getRedirectURL(); - - if (misSessionID == null) { - Logger.error("Fehler bei Anfrage an Vollmachten Service. MIS Session ID ist null."); - throw new MISSimpleClientException("Fehler bei Anfrage an Vollmachten Service."); - } - - session.setMISSessionID(misSessionID.getSessiondId()); - - resp.setStatus(302); - resp.addHeader("Location", redirectMISGUI); - Logger.debug("REDIRECT TO: " + redirectURL); - } - catch (MOAIDException ex) { - handleError(null, ex, req, resp); - } catch (GeneralSecurityException ex) { - handleError(null, ex, req, resp); - } catch (PKIException e) { - handleError(null, e, req, resp); - } catch (MISSimpleClientException e) { - handleError(null, e, req, resp); - } catch (TransformerException e) { - handleError(null, e, req, resp); - } - } +// private void callMISService(AuthenticationSession session, HttpServletRequest req, HttpServletResponse resp) throws IOException { +// +// try { +// AuthConfigurationProvider authConf= AuthConfigurationProvider.getInstance(); +// ConnectionParameter connectionParameters = authConf.getOnlineMandatesConnectionParameter(); +// SSLSocketFactory sslFactory = SSLUtils.getSSLSocketFactory(AuthConfigurationProvider.getInstance(), connectionParameters); +// +// // get identitity link as byte[] +// Element elem = session.getIdentityLink().getSamlAssertion(); +// String s = DOMUtils.serializeNode(elem); +// +// System.out.println("IDL: " + s); +// +// byte[] idl = s.getBytes(); +// +// // redirect url +// // build redirect(to the GetMISSessionIdSerlvet) +// String redirectURL = +// new DataURLBuilder().buildDataURL( +// session.getAuthURL(), +// GET_MIS_SESSIONID, +// session.getSessionID()); +// +// String oaURL = session.getOAURLRequested(); +// OAAuthParameter oaParam = authConf.getOnlineApplicationParameter(oaURL); +// String profiles = oaParam.getMandateProfiles(); +// +// if (profiles == null) { +// Logger.error("No Mandate/Profile for OA configured."); +// throw new AuthenticationException("auth.16", new Object[] { GET_MIS_SESSIONID}); +// } +// +// String profilesArray[] = profiles.split(","); +// for(int i = 0; i < profilesArray.length; i++) { +// profilesArray[i] = profilesArray[i].trim(); +// } +// +// String oaFriendlyName = oaParam.getFriendlyName(); +// String mandateReferenceValue = session.getMandateReferenceValue(); +// X509Certificate cert = session.getSignerCertificate(); +// MISSessionId misSessionID = MISSimpleClient.sendSessionIdRequest(connectionParameters.getUrl(), idl, cert.getEncoded(), oaFriendlyName, redirectURL, mandateReferenceValue, profilesArray, sslFactory); +// String redirectMISGUI = misSessionID.getRedirectURL(); +// +// if (misSessionID == null) { +// Logger.error("Fehler bei Anfrage an Vollmachten Service. MIS Session ID ist null."); +// throw new MISSimpleClientException("Fehler bei Anfrage an Vollmachten Service."); +// } +// +// session.setMISSessionID(misSessionID.getSessiondId()); +// +// resp.setStatus(302); +// resp.addHeader("Location", redirectMISGUI); +// Logger.debug("REDIRECT TO: " + redirectURL); +// } +// catch (MOAIDException ex) { +// handleError(null, ex, req, resp); +// } catch (GeneralSecurityException ex) { +// handleError(null, ex, req, resp); +// } catch (PKIException e) { +// handleError(null, e, req, resp); +// } catch (MISSimpleClientException e) { +// handleError(null, e, req, resp); +// } catch (TransformerException e) { +// handleError(null, e, req, resp); +// } +// } /** * Adds a parameter to a URL. * @param url the URL -- cgit v1.2.3