From 3f5365c0036b5aa38c0b5a15b9b1215c6004fa36 Mon Sep 17 00:00:00 2001
From: Andreas Fitzek <afitzek@iaik.tugraz.at>
Date: Thu, 4 Apr 2013 14:35:49 +0200
Subject: added new Servlet definitions added URL rewrite modul

---
 id/server/auth/pom.xml                             |   5 +
 .../src/main/webapp/WEB-INF/server-config.wsdd     |   2 +-
 .../auth/src/main/webapp/WEB-INF/urlrewrite.xml    | 124 +++++++++++++++++++++
 id/server/auth/src/main/webapp/WEB-INF/web.xml     | 115 ++++++++++++++-----
 4 files changed, 216 insertions(+), 30 deletions(-)
 create mode 100644 id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml

(limited to 'id/server')

diff --git a/id/server/auth/pom.xml b/id/server/auth/pom.xml
index 816e41df0..e403c5ba7 100644
--- a/id/server/auth/pom.xml
+++ b/id/server/auth/pom.xml
@@ -59,6 +59,11 @@
 			<artifactId>axis</artifactId>
 			<version>1.1</version>
 		</dependency>
+		<dependency>
+    		<groupId>org.tuckey</groupId>
+    		<artifactId>urlrewritefilter</artifactId>
+    		<version>4.0.3</version>
+		</dependency>
 		<dependency>
 			<groupId>MOA.spss.server</groupId>
 			<artifactId>moa-spss-lib</artifactId>
diff --git a/id/server/auth/src/main/webapp/WEB-INF/server-config.wsdd b/id/server/auth/src/main/webapp/WEB-INF/server-config.wsdd
index 0f0eb49d1..121ec3cf9 100644
--- a/id/server/auth/src/main/webapp/WEB-INF/server-config.wsdd
+++ b/id/server/auth/src/main/webapp/WEB-INF/server-config.wsdd
@@ -11,7 +11,7 @@
   <service name="GetAuthenticationData" provider="java:MSG">
     <namespace>urn:oasis:names:tc:SAML:1.0:protocol</namespace>
     <parameter name="allowedMethods" value="Request"/>
-    <parameter name="className" value="at.gv.egovernment.moa.id.auth.servlet.GetAuthenticationDataService"/>
+    <parameter name="className" value="at.gv.egovernment.moa.id.protocols.saml1.GetAuthenticationDataService"/>
     <wsdlFile>/resources/wsdl/MOA-ID-1.x.wsdl</wsdlFile>
     <requestFlow>
     </requestFlow>
diff --git a/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml b/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml
new file mode 100644
index 000000000..1d75053f2
--- /dev/null
+++ b/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml
@@ -0,0 +1,124 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!DOCTYPE urlrewrite PUBLIC "-//tuckey.org//DTD UrlRewrite 4.0//EN"
+        "http://www.tuckey.org/res/dtds/urlrewrite4.0.dtd">
+
+<!--
+
+    Configuration file for UrlRewriteFilter
+    http://www.tuckey.org/urlrewrite/
+
+-->
+<urlrewrite>
+
+    <rule>
+        <note>
+            The rule means that requests to /test/status/ will be redirected to /rewrite-status
+            the url will be rewritten.
+        </note>
+        <from>/test/status/</from>
+        <to type="redirect">%{context-path}/rewrite-status</to>
+    </rule>
+
+    <!-- Legacy Rules -->
+    <rule match-type="regex">
+        <from>^/StartAuthentication$</from>
+        <to type="forward">/AuthDispatcher?mod=id_saml1&amp;action=GetArtifact</to>
+    </rule>
+    <rule match-type="regex">
+        <from>^/StartAuthentication\?(.*)$</from>
+        <to type="forward">/AuthDispatcher?mod=id_saml1&amp;action=GetArtifact&amp;$1</to>
+    </rule>
+    
+	<rule match-type="regex">
+		<from>^/auth/([a-zA-Z0-9]+)/([a-zA-Z0-9]+)$</from>
+		<to type="forward">/AuthDispatcher?mod=$1&amp;action=$2</to>
+	</rule>
+	<rule match-type="regex">
+		<from>^/auth/([a-zA-Z0-9]+)/([a-zA-Z0-9]+)\?(.*)$</from>
+		<to type="forward">/AuthDispatcher?mod=$1&amp;action=$2&amp;$3</to>
+	</rule>
+
+
+    <outbound-rule>
+        <note>
+            The outbound-rule specifies that when response.encodeURL is called (if you are using JSTL c:url)
+            the url /rewrite-status will be rewritten to /test/status/.
+
+            The above rule and this outbound-rule means that end users should never see the
+            url /rewrite-status only /test/status/ both in thier location bar and in hyperlinks
+            in your pages.
+        </note>
+        <from>/rewrite-status</from>
+        <to>/test/status/</to>
+    </outbound-rule>
+
+	<outbound-rule>
+		<from>^/AuthDispatcher?mod=([a-zA-Z0-9]+)&amp;action=([a-zA-Z0-9]+)$</from>
+		<to>/auth/$1/$2</to>
+	</outbound-rule>
+
+	<outbound-rule>
+		<from>^/AuthDispatcher?mod=([a-zA-Z0-9]+)&amp;action=([a-zA-Z0-9]+)&amp;(.*)$</from>
+		<to>/auth/$1/$2&amp;$3</to>
+	</outbound-rule>
+
+    <!--
+
+    INSTALLATION
+
+        in your web.xml add...
+
+        <filter>
+            <filter-name>UrlRewriteFilter</filter-name>
+            <filter-class>org.tuckey.web.filters.urlrewrite.UrlRewriteFilter</filter-class>
+            <init-param>
+                <param-name>logLevel</param-name>
+                <param-value>WARN</param-value>
+            </init-param>
+        </filter>
+        <filter-mapping>
+            <filter-name>UrlRewriteFilter</filter-name>
+            <url-pattern>/*</url-pattern>
+        </filter-mapping>
+
+     EXAMPLES
+
+     Redirect one url
+        <rule>
+            <from>/some/old/page.html</from>
+            <to type="redirect">/very/new/page.html</to>
+        </rule>
+
+    Redirect a directory
+        <rule>
+            <from>/some/olddir/(.*)</from>
+            <to type="redirect">/very/newdir/$1</to>
+        </rule>
+
+    Clean a url
+        <rule>
+            <from>/products/([0-9]+)</from>
+            <to>/products/index.jsp?product_id=$1</to>
+        </rule>
+    eg, /products/1234 will be passed on to /products/index.jsp?product_id=1234 without the user noticing.
+
+    Browser detection
+        <rule>
+            <condition name="user-agent">Mozilla/[1-4]</condition>
+            <from>/some/page.html</from>
+            <to>/some/page-for-old-browsers.html</to>
+        </rule>
+    eg, will pass the request for /some/page.html on to /some/page-for-old-browsers.html only for older
+    browsers whose user agent srtings match Mozilla/1, Mozilla/2, Mozilla/3 or Mozilla/4.
+
+    Centralised browser detection
+        <rule>
+            <condition name="user-agent">Mozilla/[1-4]</condition>
+            <set type="request" name="browser">moz</set>
+        </rule>
+    eg, all requests will be checked against the condition and if matched
+    request.setAttribute("browser", "moz") will be called.
+
+    -->
+
+</urlrewrite>
diff --git a/id/server/auth/src/main/webapp/WEB-INF/web.xml b/id/server/auth/src/main/webapp/WEB-INF/web.xml
index 2a1d093d9..dcacce819 100644
--- a/id/server/auth/src/main/webapp/WEB-INF/web.xml
+++ b/id/server/auth/src/main/webapp/WEB-INF/web.xml
@@ -34,19 +34,19 @@
 		<description>Get the MIS session ID coming from security layer</description>
 		<servlet-class>at.gv.egovernment.moa.id.auth.servlet.GetMISSessionIDServlet</servlet-class>
 	</servlet>
-	
+
 	<servlet>
 		<servlet-name>GetForeignID</servlet-name>
 		<display-name>GetForeignID</display-name>
 		<description>Gets the foreign eID from security layer</description>
 		<servlet-class>at.gv.egovernment.moa.id.auth.servlet.GetForeignIDServlet</servlet-class>
 	</servlet>
-    <servlet>
-        <servlet-name>ProcessInput</servlet-name>
-        <display-name>ProcessInput</display-name>
-        <description>Process user input needed by infobox validators</description>
-        <servlet-class>at.gv.egovernment.moa.id.auth.servlet.ProcessValidatorInputServlet</servlet-class>
-    </servlet>
+	<servlet>
+		<servlet-name>ProcessInput</servlet-name>
+		<display-name>ProcessInput</display-name>
+		<description>Process user input needed by infobox validators</description>
+		<servlet-class>at.gv.egovernment.moa.id.auth.servlet.ProcessValidatorInputServlet</servlet-class>
+	</servlet>
 	<servlet>
 		<servlet-name>VerifyAuthBlock</servlet-name>
 		<display-name>VerifyAuthBlock</display-name>
@@ -56,7 +56,8 @@
 	<servlet>
 		<servlet-name>ConfigurationUpdate</servlet-name>
 		<display-name>ConfigurationUpdate</display-name>
-		<description>Update MOA-ID Auth configuration from the configuration file</description>
+		<description>Update MOA-ID Auth configuration from the configuration
+			file</description>
 		<servlet-class>at.gv.egovernment.moa.id.auth.servlet.ConfigurationServlet</servlet-class>
 	</servlet>
 	<servlet>
@@ -67,28 +68,62 @@
 
 	<!-- JSP servlet -->
 	<servlet>
-        <servlet-name>jspservlet</servlet-name>
-        <servlet-class>org.apache.jasper.servlet.JspServlet</servlet-class>
-    </servlet>
+		<servlet-name>jspservlet</servlet-name>
+		<servlet-class>org.apache.jasper.servlet.JspServlet</servlet-class>
+	</servlet>
 	<servlet>
 		<servlet-name>PEPSConnectorServlet</servlet-name>
 		<display-name>PEPSConnectorServlet</display-name>
-		<description>Servlet receiving STORK SAML Response Messages from different C-PEPS</description>
+		<description>Servlet receiving STORK SAML Response Messages from
+			different C-PEPS</description>
 		<servlet-class>
-		at.gv.egovernment.moa.id.auth.servlet.PEPSConnectorServlet</servlet-class>
+			at.gv.egovernment.moa.id.auth.servlet.PEPSConnectorServlet</servlet-class>
 	</servlet>
-    
+
+	<!-- Dispatcher servlets -->
+	<servlet>
+		<servlet-name>AuthDispatcherServlet</servlet-name>
+		<display-name>AuthDispatcher Servlet</display-name>
+		<servlet-class>at.gv.egovernment.moa.id.entrypoints.AuthDispatcherServlet</servlet-class>
+		<load-on-startup>1</load-on-startup>
+	</servlet>
+	<servlet>
+		<servlet-name>UnauthDispatcherServlet</servlet-name>
+		<display-name>UnauthDispatcher Servlet</display-name>
+		<servlet-class>at.gv.egovernment.moa.id.entrypoints.DispatcherServlet</servlet-class>
+		<load-on-startup>1</load-on-startup>
+	</servlet>
+
+	<!-- Servlet Registration -->
+	<servlet>
+		<servlet-name>at.gv.egovernment.moa.id.protocols.saml1.GetArtifactServlet</servlet-name>
+		<servlet-class>at.gv.egovernment.moa.id.protocols.saml1.GetArtifactServlet</servlet-class>
+	</servlet>
+
+
+
+
+	<servlet-mapping>
+		<servlet-name>UnauthDispatcherServlet</servlet-name>
+		<url-pattern>/UnauthDispatcher</url-pattern>
+	</servlet-mapping>
+	<servlet-mapping>
+		<servlet-name>AuthDispatcherServlet</servlet-name>
+		<url-pattern>/AuthDispatcher</url-pattern>
+	</servlet-mapping>
+
+
 	<!-- servlet mapping for jsp pages -->
 	<!-- errorpage.jsp (customizeable) -->
 	<servlet-mapping>
-        <servlet-name>jspservlet</servlet-name>
-        <url-pattern>/errorpage-auth.jsp</url-pattern>
-    </servlet-mapping>		
-    <!-- message.jsp (customizeable) used for non error messages (e.g. ConfigurationUpdate) -->
+		<servlet-name>jspservlet</servlet-name>
+		<url-pattern>/errorpage-auth.jsp</url-pattern>
+	</servlet-mapping>
+	<!-- message.jsp (customizeable) used for non error messages (e.g. ConfigurationUpdate) -->
 	<servlet-mapping>
-        <servlet-name>jspservlet</servlet-name>
-        <url-pattern>/message-auth.jsp</url-pattern>
-    </servlet-mapping>		
+		<servlet-name>jspservlet</servlet-name>
+		<url-pattern>/message-auth.jsp</url-pattern>
+	</servlet-mapping>
 
 	<servlet-mapping>
 		<servlet-name>SelectBKU</servlet-name>
@@ -96,7 +131,7 @@
 	</servlet-mapping>
 	<servlet-mapping>
 		<servlet-name>StartAuthentication</servlet-name>
-		<url-pattern>/StartAuthentication</url-pattern>
+		<url-pattern>/StartBKUAuthentication</url-pattern>
 	</servlet-mapping>
 	<servlet-mapping>
 		<servlet-name>VerifyIdentityLink</servlet-name>
@@ -114,15 +149,15 @@
 		<servlet-name>GetForeignID</servlet-name>
 		<url-pattern>/GetForeignID</url-pattern>
 	</servlet-mapping>
-	
+
 	<servlet-mapping>
 		<servlet-name>ProcessInput</servlet-name>
 		<url-pattern>/ProcessInput</url-pattern>
 	</servlet-mapping>
-    <servlet-mapping>
-        <servlet-name>VerifyAuthBlock</servlet-name>
-        <url-pattern>/VerifyAuthBlock</url-pattern>
-    </servlet-mapping>
+	<servlet-mapping>
+		<servlet-name>VerifyAuthBlock</servlet-name>
+		<url-pattern>/VerifyAuthBlock</url-pattern>
+	</servlet-mapping>
 	<servlet-mapping>
 		<servlet-name>ConfigurationUpdate</servlet-name>
 		<url-pattern>/ConfigurationUpdate</url-pattern>
@@ -135,6 +170,28 @@
 		<servlet-name>PEPSConnectorServlet</servlet-name>
 		<url-pattern>/PEPSConnector</url-pattern>
 	</servlet-mapping>
+
+	<!-- Filters -->
+	<!-- <filter> <filter-name>DispatcherDecoratorFilter</filter-name> <filter-class>at.gv.egovernment.moa.id.sso.DispatcherDecoratorFilter</filter-class> 
+		</filter> -->
+
+	<filter>
+		<filter-name>UrlRewriteFilter</filter-name>
+		<filter-class>org.tuckey.web.filters.urlrewrite.UrlRewriteFilter</filter-class>
+	</filter>
+
+	<filter-mapping>
+		<filter-name>UrlRewriteFilter</filter-name>
+		<url-pattern>/*</url-pattern>
+		<dispatcher>REQUEST</dispatcher>
+		<dispatcher>FORWARD</dispatcher>
+	</filter-mapping>
+	<!-- <filter-mapping> <filter-name>DispatcherDecoratorFilter</filter-name> 
+		<url-pattern>/AuthDispatcher</url-pattern> <dispatcher>REQUEST</dispatcher> 
+		<dispatcher>FORWARD</dispatcher> </filter-mapping> <filter-mapping> <filter-name>DispatcherDecoratorFilter</filter-name> 
+		<url-pattern>/StartAuthentication</url-pattern> <dispatcher>REQUEST</dispatcher> 
+		<dispatcher>FORWARD</dispatcher> </filter-mapping> -->
+
 	<session-config>
 		<session-timeout>5</session-timeout>
 	</session-config>
@@ -157,8 +214,8 @@
 	</login-config>
 	<security-role>
 		<description>
-		    The role that is required to log in to the moa Application
-  		</description>
+			The role that is required to log in to the moa Application
+		</description>
 		<role-name>moa-admin</role-name>
 	</security-role>
 </web-app>
-- 
cgit v1.2.3