From f1d374bb66f3b48f2a14a8d550c4125c04dde7a8 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Mon, 24 Feb 2014 11:40:49 +0100 Subject: * add default configuration values * add MOA-ID-Auth publicURLPreFix as mandatory configuration value * remove ReloadConfiguration serlet * change moa-id-lib to use publicURLPreFix * update repository --- .../moa/id/auth/AuthenticationServer.java | 4 +- .../StartAuthentificationParameterParser.java | 21 +--- .../moa/id/auth/servlet/ConfigurationServlet.java | 133 --------------------- .../servlet/GenerateIFrameTemplateServlet.java | 22 ++-- .../moa/id/auth/servlet/LogOutServlet.java | 18 +-- .../CreateXMLSignatureResponseValidator.java | 2 +- .../id/config/auth/AuthConfigurationProvider.java | 115 ++++++++---------- .../moa/id/entrypoints/DispatcherServlet.java | 2 +- .../moa/id/moduls/AuthenticationManager.java | 3 +- .../protocols/pvp2x/config/PVPConfiguration.java | 2 +- .../resources/properties/id_messages_de.properties | 2 +- 11 files changed, 83 insertions(+), 241 deletions(-) delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ConfigurationServlet.java (limited to 'id/server/idserverlib/src') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java index 7608f9f93..bebae89db 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java @@ -811,9 +811,9 @@ public class AuthenticationServer implements MOAIDAuthConstants { if (session.isSsoRequested()) { - String oaURL =new String(); + String oaURL = new String(); try { - oaURL = AuthConfigurationProvider.getInstance().getSSOPublicUrl(); + oaURL = AuthConfigurationProvider.getInstance().getPublicURLPrefix(); if (MiscUtil.isNotEmpty(oaURL)) oaURL = oaURL.replaceAll("&", "&"); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java index f0de8b2e3..71d2aae37 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java @@ -205,26 +205,13 @@ public class StartAuthentificationParameterParser implements MOAIDAuthConstants{ authURL = authURL.concat(":" + req.getServerPort()); } authURL = authURL.concat(req.getContextPath() + "/"); - - if (isEmpty(authURL)) - throw new WrongParametersException("StartAuthentication", - "AuthURL", "auth.05"); - - // check if HTTP Connection may be allowed (through - // FRONTEND_SERVLETS_ENABLE_HTTP_CONNECTION_PROPERTY) - //INFO: removed from MOA-ID 2.0 Config -// String boolStr = AuthConfigurationProvider -// .getInstance() -// .getGenericConfigurationParameter( -// AuthConfigurationProvider.FRONTEND_SERVLETS_ENABLE_HTTP_CONNECTION_PROPERTY); - - if ((!authURL.startsWith("https:")) -// && (false == BoolUtils.valueOf(boolStr)) - ) + + if (!authURL.startsWith("https:")) throw new AuthenticationException("auth.07", new Object[] { authURL + "*" }); - moasession.setAuthURL(authURL); + //set Auth URL from configuration + moasession.setAuthURL(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/"); //check and set SourceID if (oaParam.getSAML1Parameter() != null) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ConfigurationServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ConfigurationServlet.java deleted file mode 100644 index 0c2bb66c0..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ConfigurationServlet.java +++ /dev/null @@ -1,133 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.id.auth.servlet; - -import java.io.IOException; -import java.text.DateFormat; -import java.util.Date; -import java.util.Locale; - -import javax.servlet.ServletConfig; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServlet; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.auth.MOAIDAuthInitializer; -import at.gv.egovernment.moa.id.util.HTTPRequestJSPForwarder; -import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; -import at.gv.egovernment.moa.logging.Logger; - -/** - * Servlet requested for updating the MOA-ID Auth configuration from configuration file - * - * @author Paul Ivancsics - * @version $Id$ - */ -public class ConfigurationServlet extends HttpServlet { - - /** - * - */ - private static final long serialVersionUID = 7455620886605337681L; - -/** - * Handle a HTTP GET request, used to indicated that the MOA - * configuration needs to be updated (reloaded). - * - * @see javax.servlet.http.HttpServlet#doGet(HttpServletRequest, HttpServletResponse) - */ - public void doGet(HttpServletRequest request, HttpServletResponse response) - throws ServletException, IOException { - - - response.setHeader(MOAIDAuthConstants.HEADER_EXPIRES,MOAIDAuthConstants.HEADER_VALUE_EXPIRES); - response.setHeader(MOAIDAuthConstants.HEADER_PRAGMA,MOAIDAuthConstants.HEADER_VALUE_PRAGMA); - response.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL); - response.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE); - - MOAIDMessageProvider msg = MOAIDMessageProvider.getInstance(); - - try { - MOAIDAuthInitializer.initialized=false; - MOAIDAuthInitializer.initialize(); - String message = msg.getMessage("config.00", new Object[] - { DateFormat.getTimeInstance(DateFormat.MEDIUM, Locale.GERMAN).format(new Date())} ); - - Logger.info(message); - HTTPRequestJSPForwarder.forwardNamed(message, "/message-auth.jsp", getServletContext(), request, response); - - } catch (Throwable t) { - String errorMessage = msg.getMessage("config.04", null); - Logger.error(errorMessage, t); - HTTPRequestJSPForwarder.forwardNamed(errorMessage, "/message-auth.jsp", getServletContext(), request, response); - } - } - - /** - * Do the same as doGet. - * - * @see javax.servlet.http.HttpServlet#doPost(HttpServletRequest, HttpServletResponse) - */ - public void doPost(HttpServletRequest request, HttpServletResponse response) - throws ServletException, IOException { - doGet(request, response); - } - - /** - * Calls the web application initializer. - * - * @see javax.servlet.Servlet#init(ServletConfig) - */ - public void init(ServletConfig servletConfig) throws ServletException { - super.init(servletConfig); - } - -} - - diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java index deec69c7f..0a0355bd7 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java @@ -57,17 +57,17 @@ public class GenerateIFrameTemplateServlet extends AuthServlet { private static final long serialVersionUID = 1L; public void init(ServletConfig servletConfig) throws ServletException { - try { - super.init(servletConfig); - MOAIDAuthInitializer.initialize(); - Logger.debug("default platform file.encoding: " + System.getProperty("file.encoding")); - Logger.info(MOAIDMessageProvider.getInstance().getMessage("init.00", null)); - } - catch (Exception ex) { - Logger.fatal(MOAIDMessageProvider.getInstance().getMessage("init.02", null), ex); - throw new ServletException(ex); - } - } +// try { +// super.init(servletConfig); +// MOAIDAuthInitializer.initialize(); +// Logger.debug("default platform file.encoding: " + System.getProperty("file.encoding")); +// Logger.info(MOAIDMessageProvider.getInstance().getMessage("init.00", null)); +// } +// catch (Exception ex) { +// Logger.fatal(MOAIDMessageProvider.getInstance().getMessage("init.02", null), ex); +// throw new ServletException(ex); +// } + } protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java index c87a17c7f..f3495966a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java @@ -123,15 +123,15 @@ public class LogOutServlet extends AuthServlet { * @see javax.servlet.Servlet#init(ServletConfig) */ public void init(ServletConfig servletConfig) throws ServletException { - try { - super.init(servletConfig); - MOAIDAuthInitializer.initialize(); - Logger.info(MOAIDMessageProvider.getInstance().getMessage("init.00", null)); - } - catch (Exception ex) { - Logger.fatal(MOAIDMessageProvider.getInstance().getMessage("init.02", null), ex); - throw new ServletException(ex); - } +// try { +// super.init(servletConfig); +// MOAIDAuthInitializer.initialize(); +// Logger.info(MOAIDMessageProvider.getInstance().getMessage("init.00", null)); +// } +// catch (Exception ex) { +// Logger.fatal(MOAIDMessageProvider.getInstance().getMessage("init.02", null), ex); +// throw new ServletException(ex); +// } } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java index 5471c03f5..b2c47fac0 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java @@ -417,7 +417,7 @@ public class CreateXMLSignatureResponseValidator { String oaURL; try { - oaURL = AuthConfigurationProvider.getInstance().getSSOPublicUrl(); + oaURL = AuthConfigurationProvider.getInstance().getPublicURLPrefix(); } catch (ConfigurationException e1) { oaURL = new String(); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java index c0f47d781..1a3c1b0a1 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java @@ -212,6 +212,8 @@ public class AuthConfigurationProvider extends ConfigurationProvider { private static Date date = null; + private String publicURLPreFix = null; + /** * Return the single instance of configuration data. * @@ -487,32 +489,41 @@ public class AuthConfigurationProvider extends ConfigurationProvider { //set TrustManagerRevocationChecking setTrustManagerRevocationChecking(); - //set TimeOuts - if (auth.getGeneralConfiguration() != null) { - if (auth.getGeneralConfiguration().getTimeOuts() != null) { - - timeouts = new TimeOuts(); - if (auth.getGeneralConfiguration().getTimeOuts().getAssertion() == null) - timeouts.setAssertion(new BigInteger("120")); - else - timeouts.setAssertion(auth.getGeneralConfiguration().getTimeOuts().getAssertion()); - - if (auth.getGeneralConfiguration().getTimeOuts().getMOASessionCreated() == null) - timeouts.setMOASessionCreated(new BigInteger("2700")); - else - timeouts.setMOASessionCreated(auth.getGeneralConfiguration().getTimeOuts().getMOASessionCreated()); - - if (auth.getGeneralConfiguration().getTimeOuts().getMOASessionUpdated() == null) - timeouts.setMOASessionUpdated(new BigInteger("1200")); - else - timeouts.setMOASessionUpdated(auth.getGeneralConfiguration().getTimeOuts().getMOASessionUpdated()); - } - } - else { - Logger.warn("Error in MOA-ID Configuration. No TimeOuts defined."); - throw new ConfigurationException("config.02", null); - } + //set default timeouts + timeouts = new TimeOuts(); + timeouts.setAssertion(new BigInteger("300")); + timeouts.setMOASessionCreated(new BigInteger("2700")); + timeouts.setMOASessionUpdated(new BigInteger("1200")); + //search timeouts in config + if (auth.getGeneralConfiguration() != null) { + if (auth.getGeneralConfiguration().getTimeOuts() != null) { + if (auth.getGeneralConfiguration().getTimeOuts().getAssertion() != null) + timeouts.setAssertion(auth.getGeneralConfiguration().getTimeOuts().getAssertion()); + + if (auth.getGeneralConfiguration().getTimeOuts().getMOASessionCreated() != null) + timeouts.setMOASessionCreated(auth.getGeneralConfiguration().getTimeOuts().getMOASessionCreated()); + + if (auth.getGeneralConfiguration().getTimeOuts().getMOASessionUpdated() != null) + timeouts.setMOASessionUpdated(auth.getGeneralConfiguration().getTimeOuts().getMOASessionUpdated()); + + } else { + Logger.info("No TimeOuts defined. Use default values"); + } + } + + // sets the authentication session and authentication data time outs + AuthenticationServer.getInstance() + .setSecondsSessionTimeOutCreated(timeouts.getMOASessionCreated().longValue()); + + AuthenticationServer.getInstance() + .setSecondsSessionTimeOutUpdated(timeouts.getMOASessionUpdated().longValue()); + + AuthenticationServer.getInstance() + .setSecondsAuthDataTimeOut(timeouts.getAssertion().longValue()); + + + //set PVP2 general config Protocols protocols = auth.getProtocols(); if (protocols != null) { @@ -569,39 +580,21 @@ public class AuthConfigurationProvider extends ConfigurationProvider { } //set alternativeSourceID - if (auth.getGeneralConfiguration() != null) + if (auth.getGeneralConfiguration() != null) { //TODO: can be removed in a further version, because it is moved to SAML1 config if (MiscUtil.isEmpty(alternativesourceid)) alternativesourceid = auth.getGeneralConfiguration().getAlternativeSourceID(); - - // sets the authentication session and authentication data time outs - BigInteger param = auth.getGeneralConfiguration().getTimeOuts().getMOASessionCreated(); - - if (param != null) { - long sessionTimeOut = param.longValue(); - if (sessionTimeOut > 0) - AuthenticationServer.getInstance() - .setSecondsSessionTimeOutCreated(sessionTimeOut); - } - - param = auth.getGeneralConfiguration().getTimeOuts().getMOASessionUpdated(); - if (param != null) { - long sessionTimeOut = param.longValue(); - if (sessionTimeOut > 0) - AuthenticationServer.getInstance() - .setSecondsSessionTimeOutUpdated(sessionTimeOut); - } - - param = auth.getGeneralConfiguration().getTimeOuts().getAssertion(); - if (param != null) { - long authDataTimeOut = param.longValue(); - if (authDataTimeOut > 0) - AuthenticationServer.getInstance() - .setSecondsAuthDataTimeOut(authDataTimeOut); - } - - else { + + if (MiscUtil.isNotEmpty(auth.getGeneralConfiguration().getPublicURLPreFix())) + publicURLPreFix = auth.getGeneralConfiguration().getPublicURLPreFix(); + + else { + Logger.error("No Public URL Prefix configured."); + throw new ConfigurationException("config.05", new Object[]{"Public URL Prefix"}); + } + + } else { Logger.warn("Error in MOA-ID Configuration. No GeneralConfig defined."); throw new ConfigurationException("config.02", null); } @@ -947,16 +940,6 @@ public class AuthConfigurationProvider extends ConfigurationProvider { return new String(); } - public String getSSOPublicUrl() { - if (ssoconfig!= null) { - String url = ssoconfig.getPublicURL(); - if (MiscUtil.isEmpty(url)) - url = new String(); - return url; - } - return new String(); - } - public String getMOASessionEncryptionKey() { String prop = props.getProperty("configuration.moasession.key"); @@ -1005,6 +988,10 @@ public class AuthConfigurationProvider extends ConfigurationProvider { return Boolean.valueOf(prop); } + public String getPublicURLPrefix() { + return publicURLPreFix; + } + /** * Retruns the STORK Configuration * @return STORK Configuration diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java index b5f0a7557..c9fc07b70 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java @@ -86,7 +86,7 @@ public class DispatcherServlet extends AuthServlet{ null), ex); throw new ServletException(ex); } - Logger.info("Dispatcher Servlet initialization"); + Logger.info("Dispatcher Servlet initialization finished."); } protected void processRequest(HttpServletRequest req, diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java index 90863890f..666224b3a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java @@ -238,8 +238,9 @@ public class AuthenticationManager extends AuthServlet { //Build authentication form + String publicURLPreFix = AuthConfigurationProvider.getInstance().getPublicURLPrefix(); String loginForm = LoginFormBuilder.buildLoginForm(target.requestedModule(), - target.requestedAction(), oaParam, request.getContextPath(), moasession.getSessionID()); + target.requestedAction(), oaParam, publicURLPreFix, moasession.getSessionID()); //store MOASession try { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java index bf82efb79..ebfffb648 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java @@ -124,7 +124,7 @@ public class PVPConfiguration { } public String getIDPPublicPath() throws ConfigurationException { - String publicPath = AuthConfigurationProvider.getInstance().getGeneralPVP2DBConfig().getPublicURLPrefix(); + String publicPath = AuthConfigurationProvider.getInstance().getPublicURLPrefix(); if(publicPath != null) { if(publicPath.endsWith("/")) { int length = publicPath.length(); diff --git a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties index 93e8cdb99..2559d3d18 100644 --- a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties +++ b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties @@ -69,7 +69,7 @@ config.15=Das Personenbindungs-Trust-Profil (TrustProfileID \= {0}) darf nicht f config.16=MOA ID Proxy konnte nicht gestartet werden. Das Element ConnnectionParameter im allgemeinen Konfigurationsteil der MOA-ID-PROXY Konfigurationsdatei fehlt. config.17=Fehler beim initialisieren von Hibernate config.18=Keine MOA-ID 2.x Konfiguration gefunden. -config.19=Kein Schl?ssel f\u00FCr die Resignierung der Personenbindung gefunden. +config.19=Kein Schl\u00FCssel f\u00FCr die Resignierung der Personenbindung gefunden. config.20=Umgebungsvariable "moa.id.proxy.configuration" nicht gesetzt parser.00=Leichter Fehler beim Parsen: {0} -- cgit v1.2.3