From 12c3c34ea26ff20e39c9b67f698e9c8b99ef11ee Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Fri, 13 Mar 2015 15:38:31 +0100 Subject: STORK PEPS-conform logging --- .../moa/id/auth/AuthenticationServer.java | 24 ++++++++++++++++++++++ .../moa/id/auth/servlet/PEPSConnectorServlet.java | 20 ++++++++++++++++++ .../modules/stork/tasks/PepsConnectorTask.java | 20 ++++++++++++++++++ 3 files changed, 64 insertions(+) (limited to 'id/server') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java index fd7c7f237..c4d6859db 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java @@ -11,9 +11,11 @@ import java.io.InputStream; import java.io.StringWriter; import java.io.UnsupportedEncodingException; import java.math.BigInteger; +import java.net.URL; import java.security.NoSuchAlgorithmException; import java.security.Principal; import java.security.cert.CertificateException; +import java.text.SimpleDateFormat; import java.util.ArrayList; //import java.security.cert.CertificateFactory; import java.util.Calendar; @@ -1845,6 +1847,17 @@ public class AuthenticationServer implements MOAIDAuthConstants { //send moasession.setStorkAuthnRequest(authnRequest); + // do PEPS-conform logging for easier evaluation + try { + // 2015-03-12 16:44:27.144#S-PEPS receives request from SP#spurl#spepsurl#spapp#spdomain#citizen country#qaa#msghash#msg_id id1# + Logger.info(new SimpleDateFormat("yyyy-MM-dd HH:mm:ss.SSS").format(new Date()) + "#S-PEPS receives request from SP#" + + moasession.getPublicOAURLPrefix() + "#" + issuerValue + "#" + spApplication + "#" + + new URL(moasession.getPublicOAURLPrefix()).getHost() + "#" + moasession.getCcc() + "#" + oaParam.getQaaLevel() + + "#_hash_#" + moasession.getProcessInstanceId() + "#"); + } catch (Exception e1) { + Logger.info("STORK PEPS conform logging failed because of: " + e1.getMessage()); + } + AuthenticationSessionStoreage.changeSessionID(moasession, authnRequest.getSamlId()); @@ -1877,6 +1890,17 @@ public class AuthenticationServer implements MOAIDAuthConstants { } Logger.info("STORK AuthnRequest successfully successfully prepared for client with target location: " + authnRequest.getDestination()); + + // do PEPS-conform logging for easier evaluation + try { + // 2015-03-12 16:44:27.144#S-PEPS generates request to C-PEPS#spepsurl#cpepsurl#spapp#spdomain#citizen country#qaa#msghash#msg_id id1#id2# + Logger.info(new SimpleDateFormat("yyyy-MM-dd HH:mm:ss.SSS").format(new Date()) + "#S-PEPS generates request to C-PEPS#" + + issuerValue + "#" + destination + "#" + spApplication + "#" + + new URL(moasession.getPublicOAURLPrefix()).getHost() + "#" + moasession.getCcc() + "#" + oaParam.getQaaLevel() + + "#_hash_#" + moasession.getProcessInstanceId() + "#" + authnRequest.getSamlId() + "#"); + } catch (Exception e1) { + Logger.info("STORK PEPS conform logging failed because of: " + e1.getMessage()); + } } private static String generateDssSignRequest(String text, String mimeType, String citizenCountry) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java index 7357818c8..24daa76a3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java @@ -28,8 +28,10 @@ import java.io.IOException; import java.io.InputStream; import java.io.StringWriter; import java.net.URL; +import java.text.SimpleDateFormat; import java.util.ArrayList; import java.util.Arrays; +import java.util.Date; import java.util.List; import java.util.Properties; @@ -201,6 +203,15 @@ public class PEPSConnectorServlet extends AuthServlet { Logger.debug("STORK response: "); Logger.debug(authnResponse.toString()); + // do PEPS-conform logging for easier evaluation + try { + // 2015-03-12 16:44:27.144#S-PEPS receives response from C-PEPS#orig_msg_id id2 (in response to)#orig_msg_id id1 (in response to)#status#msghash#msg_id id3# + Logger.info(new SimpleDateFormat("yyyy-MM-dd HH:mm:ss.SSS").format(new Date()) + "#S-PEPS receives response from C-PEPS#" + + authnResponse.getInResponseTo() + "#NA#" + authnResponse.getMessage() + "#_hash_#" + authnResponse.getSamlId() + "#"); + } catch (Exception e1) { + Logger.info("STORK PEPS conform logging failed because of: " + e1.getMessage()); + } + Logger.debug("Trying to find MOA Session-ID ..."); //String moaSessionID = request.getParameter(PARAM_SESSIONID); //first use SAML2 relayState @@ -554,6 +565,15 @@ public class PEPSConnectorServlet extends AuthServlet { // stork did the authentication step moaSession.setAuthenticated(true); + // do PEPS-conform logging for easier evaluation + try { + // 2015-03-12 16:44:27.144#S-PEPS generates response to SP#orig_msg_id id1 (in response to)#status#msghash#msg_id id4# + Logger.info(new SimpleDateFormat("yyyy-MM-dd HH:mm:ss.SSS").format(new Date()) + "#S-PEPS generates response to SP#" + + "#NA#" + authnResponse.getMessage() + "#_hash_#" + moaSession.getProcessInstanceId() + "#"); + } catch (Exception e1) { + Logger.info("STORK PEPS conform logging failed because of: " + e1.getMessage()); + } + // //TODO: found better solution, but QAA Level in response could be not supported yet // try { // diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java index 59f54f957..d233f88c4 100644 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java +++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java @@ -6,8 +6,10 @@ import java.io.IOException; import java.io.InputStream; import java.io.StringWriter; import java.net.URL; +import java.text.SimpleDateFormat; import java.util.ArrayList; import java.util.Arrays; +import java.util.Date; import java.util.List; import java.util.Properties; @@ -170,6 +172,15 @@ public class PepsConnectorTask extends AbstractAuthServletTask { Logger.debug("STORK response: "); Logger.debug(authnResponse.toString()); + // do PEPS-conform logging for easier evaluation + try { + // 2015-03-12 16:44:27.144#S-PEPS receives response from C-PEPS#orig_msg_id id2 (in response to)#orig_msg_id id1 (in response to)#status#msghash#msg_id id3# + Logger.info(new SimpleDateFormat("yyyy-MM-dd HH:mm:ss.SSS").format(new Date()) + "#S-PEPS receives response from C-PEPS#" + + authnResponse.getInResponseTo() + "#NA#" + authnResponse.getMessage() + "#_hash_#" + authnResponse.getSamlId() + "#"); + } catch (Exception e1) { + Logger.info("STORK PEPS conform logging failed because of: " + e1.getMessage()); + } + Logger.debug("Trying to find MOA Session-ID ..."); // String moaSessionID = request.getParameter(PARAM_SESSIONID); // first use SAML2 relayState @@ -549,6 +560,15 @@ public class PepsConnectorTask extends AbstractAuthServletTask { // stork did the authentication step moaSession.setAuthenticated(true); + // do PEPS-conform logging for easier evaluation + try { + // 2015-03-12 16:44:27.144#S-PEPS generates response to SP#orig_msg_id id1 (in response to)#status#msghash#msg_id id4# + Logger.info(new SimpleDateFormat("yyyy-MM-dd HH:mm:ss.SSS").format(new Date()) + "#S-PEPS generates response to SP#" + + "#" + moaSession.getProcessInstanceId() + "#" + authnResponse.getMessage() + "#_hash_#" + moaSession.getProcessInstanceId() + "#"); + } catch (Exception e1) { + Logger.info("STORK PEPS conform logging failed because of: " + e1.getMessage()); + } + // TODO: found better solution, but QAA Level in STORK response is not be supported yet // try { // -- cgit v1.2.3