From a0f9ce4fcc9860acdf5fa0a4c23728c0bd0e1077 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Thu, 30 Oct 2014 09:16:20 +0100
Subject: set PVP SP metadata wantAssertionSigned=false

---
 .../java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'id/server')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java
index dbf54951f..0a8a6a581 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java
@@ -194,7 +194,7 @@ public class MetadataAction implements IAction {
 				.createSAMLObject(SPSSODescriptor.class);
 
 		spSSODescriptor.setAuthnRequestsSigned(true);
-		spSSODescriptor.setWantAssertionsSigned(true);
+		spSSODescriptor.setWantAssertionsSigned(false);
 	
  		
 		//Set AuthRequest Signing certificate
-- 
cgit v1.2.3


From 915aaa6beeb1ca911ab8d557a6c162b84e107f9e Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Thu, 30 Oct 2014 09:17:58 +0100
Subject: if no PVP EID-SECTOR-FOR-IDENTIFIER attribute is found, parse target
 from bPK attribute value prefix

---
 .../id/auth/builder/AuthenticationDataBuilder.java | 24 ++++++++++++++++++++--
 1 file changed, 22 insertions(+), 2 deletions(-)

(limited to 'id/server')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
index 48933d5c9..5c0e497a3 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
@@ -364,8 +364,28 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants {
 		authData.setIdentificationType(extractor.getSingleAttributeValue(PVPConstants.EID_SOURCE_PIN_TYPE_NAME));
 		
 		if (extractor.containsAttribute(PVPConstants.BPK_NAME)) {
-			String pvpbPK = extractor.getSingleAttributeValue(PVPConstants.BPK_NAME);				
-			authData.setBPK(pvpbPK.split(":")[1]);
+			String pvpbPK = extractor.getSingleAttributeValue(PVPConstants.BPK_NAME);
+			String[] spitted = pvpbPK.split(":");
+			authData.setBPK(spitted[1]);
+			if (MiscUtil.isEmpty(authData.getBPKType())) {
+				Logger.debug("PVP assertion contains NO bPK/wbPK target attribute. " +
+						"Starting target extraction from bPK/wbPK prefix ...");
+				//exract bPK/wbPK type from bpk attribute value prefix if type is 
+				//not transmitted as single attribute
+			    Pattern pattern = Pattern.compile("[a-zA-Z]{2}(-[a-zA-Z]+)?");
+			    Matcher matcher = pattern.matcher(spitted[0]);
+			    if (matcher.matches()) {
+			    	//find public service bPK
+			    	authData.setBPKType(Constants.URN_PREFIX_CDID + "+" + spitted[0]);
+			    	Logger.debug("Found bPK prefix. Set target to " + authData.getBPKType());
+			    	   
+			    } else {
+			    	//find business service wbPK
+			    	authData.setBPKType(Constants.URN_PREFIX_WBPK+ "+" + spitted[0]);
+			    	Logger.debug("Found wbPK prefix. Set target to " + authData.getBPKType());
+			    	   
+			    }			    	  				
+			}
 		}
 		
 		boolean foundEncryptedbPKForOA = false;
-- 
cgit v1.2.3


From 1dd834817623fec5d7cb4055627ba86ed057f9f7 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Thu, 30 Oct 2014 09:18:25 +0100
Subject: update PVPRole to ECRole mapping

---
 .../resources/resources/properties/pvp-stork_role_mapping.properties  | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'id/server')

diff --git a/id/server/idserverlib/src/main/resources/resources/properties/pvp-stork_role_mapping.properties b/id/server/idserverlib/src/main/resources/resources/properties/pvp-stork_role_mapping.properties
index 5bcfc7bd2..91a19f272 100644
--- a/id/server/idserverlib/src/main/resources/resources/properties/pvp-stork_role_mapping.properties
+++ b/id/server/idserverlib/src/main/resources/resources/properties/pvp-stork_role_mapping.properties
@@ -1,2 +1,2 @@
-xxpvprole=CIRCABC/viewer
-yypvprole=CIRCABC/admin
\ No newline at end of file
+viewer=CIRCABC/viewer
+CIRCABC/viewer=CIRCABC/viewer
\ No newline at end of file
-- 
cgit v1.2.3


From f875f9fbca20f5be3ec5a18ef905ae6e68091b7d Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Thu, 30 Oct 2014 14:40:58 +0100
Subject: update PVPRole to ECRole mapping

---
 .../resources/resources/properties/pvp-stork_role_mapping.properties    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'id/server')

diff --git a/id/server/idserverlib/src/main/resources/resources/properties/pvp-stork_role_mapping.properties b/id/server/idserverlib/src/main/resources/resources/properties/pvp-stork_role_mapping.properties
index 91a19f272..295d381cd 100644
--- a/id/server/idserverlib/src/main/resources/resources/properties/pvp-stork_role_mapping.properties
+++ b/id/server/idserverlib/src/main/resources/resources/properties/pvp-stork_role_mapping.properties
@@ -1,2 +1,2 @@
 viewer=CIRCABC/viewer
-CIRCABC/viewer=CIRCABC/viewer
\ No newline at end of file
+CIRCABC-viewer=CIRCABC/viewer
\ No newline at end of file
-- 
cgit v1.2.3


From 0a2bc8013cc6dc737bd653a4ec8a221d35d9538f Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Thu, 30 Oct 2014 16:46:31 +0100
Subject: update log messages

---
 .../at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java   |  3 +--
 .../moa/id/protocols/pvp2x/builder/PVPAttributeBuilder.java |  4 ++--
 .../pvp2x/builder/assertion/PVP2AssertionBuilder.java       | 13 +++++++++++++
 3 files changed, 16 insertions(+), 4 deletions(-)

(limited to 'id/server')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java
index a2570ed7e..063d7d8e4 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java
@@ -277,11 +277,10 @@ public class BPKBuilder {
             MessageDigest md = MessageDigest.getInstance("SHA-1");
             byte[] hash = md.digest(basisbegriff.getBytes("ISO-8859-1"));
             String hashBase64 = Base64Utils.encode(hash);
-            Logger.debug("STORK identification defined as: " + hashBase64);
             return hashBase64;
             
         } catch (Exception ex) {
-            throw new BuildException("builder.00", new Object[]{"storkid", ex.toString()}, ex);
+            throw new BuildException("builder.00", new Object[]{"bPK/wbPK", ex.toString()}, ex);
         }
     	
     }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPAttributeBuilder.java
index 8b6e71e6b..3d8661143 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPAttributeBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPAttributeBuilder.java
@@ -150,14 +150,14 @@ public class PVPAttributeBuilder {
 	}
 	
 	public static Attribute buildAttribute(String name, OAAuthParameter oaParam,
-			IAuthData authData) throws PVP2Exception {
+			IAuthData authData) throws PVP2Exception, AttributeException {
 		if (builders.containsKey(name)) {
 			try {
 				return builders.get(name).build(oaParam, authData, generator);
 			}
 			catch (AttributeException e) {
 				if (e instanceof UnavailableAttributeException) {
-					throw new UnprovideableAttributeException(((UnavailableAttributeException) e).getAttributeName());
+					throw e;
 				} else if (e instanceof InvalidDateFormatAttributeException) {
 					throw new InvalidDateFormatException();
 				} else if (e instanceof NoMandateDataAttributeException) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java
index 3b01e91ad..7c2476b3d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java
@@ -70,6 +70,8 @@ import at.gv.egovernment.moa.id.data.IAuthData;
 import at.gv.egovernment.moa.id.data.SLOInformationImpl;
 import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
 import at.gv.egovernment.moa.id.protocols.pvp2x.builder.PVPAttributeBuilder;
+import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException;
+import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.UnavailableAttributeException;
 import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration;
 import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.MandateAttributesNotHandleAbleException;
 import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NoMandateDataAvailableException;
@@ -251,6 +253,17 @@ public class PVP2AssertionBuilder implements PVPConstants {
 						} else {
 							attrList.add(attr);
 						}
+					
+					} catch (UnavailableAttributeException e) {
+						Logger.info(
+								"Attribute generation for "
+										+ reqAttribut.getFriendlyName() + " not possible.");
+						if (reqAttribut.isRequired()) {
+							throw new UnprovideableAttributeException(
+									reqAttribut.getName());
+						}
+						
+					
 					} catch (PVP2Exception e) {
 						Logger.error(
 								"Attribute generation failed! for "
-- 
cgit v1.2.3


From 5202dc81fd956baac83e0b6551faa455e3de0797 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Thu, 30 Oct 2014 16:48:14 +0100
Subject: fix dependency problems

---
 id/server/idserverlib/pom.xml                          | 12 ++++++++++++
 .../id/protocols/saml1/SAML1AuthenticationServer.java  | 18 ++++++++----------
 2 files changed, 20 insertions(+), 10 deletions(-)

(limited to 'id/server')

diff --git a/id/server/idserverlib/pom.xml b/id/server/idserverlib/pom.xml
index 32c8f5705..52e064d3f 100644
--- a/id/server/idserverlib/pom.xml
+++ b/id/server/idserverlib/pom.xml
@@ -75,6 +75,10 @@
 					<artifactId>axis-wsdl4j</artifactId>
 					<groupId>axis</groupId>
 				</exclusion>
+				<exclusion>
+					<artifactId>jaxb-impl</artifactId>
+					<groupId>com.sun.xml.bind</groupId>
+				</exclusion>
 			</exclusions>
 		</dependency>
 		<dependency>
@@ -115,6 +119,14 @@
                 	<artifactId>bcprov-jdk16</artifactId>
                 	<groupId>bouncycastle</groupId>
                 </exclusion>
+                <exclusion>
+                	<artifactId>jaxb-impl</artifactId>
+                	<groupId>com.sun.xml.bind</groupId>
+                </exclusion>
+                <exclusion>
+                	<artifactId>jaxb-core</artifactId>
+                	<groupId>com.sun.xml.bind</groupId>
+                </exclusion>
             </exclusions>
         </dependency>
 		
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
index 7d3c72630..65e520cc3 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
@@ -36,8 +36,6 @@ import javax.xml.transform.TransformerException;
 import org.w3c.dom.Element;
 import org.xml.sax.SAXException;
 
-import com.sun.xml.bind.marshaller.NamespacePrefixMapper;
-
 import at.gv.egovernment.moa.id.auth.AuthenticationServer;
 import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataAssertionBuilder;
 import at.gv.egovernment.moa.id.auth.builder.BPKBuilder;
@@ -235,14 +233,14 @@ public class SAML1AuthenticationServer extends AuthenticationServer {
 				Marshaller m = jc.createMarshaller();
 				m.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE);
 				
-				m.setProperty("com.sun.xml.bind.namespacePrefixMapper", new NamespacePrefixMapper() {
-		            public String getPreferredPrefix(String arg0, String arg1, boolean arg2) {
-		            	if (Constants.PD_NS_URI.equals(arg0))
-		            		return Constants.PD_PREFIX;
-		            	else
-		            		return arg1;
-		            }
-		        });
+//				m.setProperty("com.sun.xml.bind.namespacePrefixMapper", new NamespacePrefixMapper() {
+//		            public String getPreferredPrefix(String arg0, String arg1, boolean arg2) {
+//		            	if (Constants.PD_NS_URI.equals(arg0))
+//		            		return Constants.PD_PREFIX;
+//		            	else
+//		            		return arg1;
+//		            }
+//		        });
 				
 				ByteArrayOutputStream stream = new ByteArrayOutputStream();
 				m.marshal(
-- 
cgit v1.2.3


From e0d39d0b27baf321aa93fa6fbfc5a3f9a266e47c Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Thu, 30 Oct 2014 16:48:38 +0100
Subject: change version in handbook and mainpage

---
 id/server/auth/src/main/webapp/index.html | 2 +-
 id/server/doc/handbook/index.html         | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

(limited to 'id/server')

diff --git a/id/server/auth/src/main/webapp/index.html b/id/server/auth/src/main/webapp/index.html
index 968f211bc..391195def 100644
--- a/id/server/auth/src/main/webapp/index.html
+++ b/id/server/auth/src/main/webapp/index.html
@@ -14,7 +14,7 @@
     </tr>
   </table>
   <hr/> 
-  <p class="title">MOA-ID 2.1.1</p> 
+  <p class="title">MOA-ID 2.1.2</p> 
 <hr/>
   <h1>Inhalt</h1>
   <ol>
diff --git a/id/server/doc/handbook/index.html b/id/server/doc/handbook/index.html
index 892a82484..c3b25b390 100644
--- a/id/server/doc/handbook/index.html
+++ b/id/server/doc/handbook/index.html
@@ -15,7 +15,7 @@
   </table>
   <hr/> 
   <p class="title">MOA-ID (Identifikation) </p> 
-  <p class="subtitle">&Uuml;bersicht zur Dokumentation der Version 2.1.1 </p> 
+  <p class="subtitle">&Uuml;bersicht zur Dokumentation der Version 2.1.2 </p> 
   <hr/>
   <dl>
     <dt><a href="./intro/intro.html">Einf&uuml;hrung</a></dt>
-- 
cgit v1.2.3


From b04fbacb74bfcf4addaf16d72a819afd7161fd6f Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Fri, 31 Oct 2014 07:10:11 +0100
Subject: add .gitignore files

---
 id/server/auth/.gitignore               | 2 ++
 id/server/idserverlib/.gitignore        | 1 +
 id/server/idserverlib/bin/.gitignore    | 2 ++
 id/server/moa-id-commons/.gitignore     | 1 +
 id/server/proxy/.gitignore              | 2 ++
 id/server/stork2-commons/.gitignore     | 1 +
 id/server/stork2-saml-engine/.gitignore | 1 +
 7 files changed, 10 insertions(+)
 create mode 100644 id/server/auth/.gitignore
 create mode 100644 id/server/idserverlib/.gitignore
 create mode 100644 id/server/idserverlib/bin/.gitignore
 create mode 100644 id/server/moa-id-commons/.gitignore
 create mode 100644 id/server/proxy/.gitignore
 create mode 100644 id/server/stork2-commons/.gitignore
 create mode 100644 id/server/stork2-saml-engine/.gitignore

(limited to 'id/server')

diff --git a/id/server/auth/.gitignore b/id/server/auth/.gitignore
new file mode 100644
index 000000000..4dc009173
--- /dev/null
+++ b/id/server/auth/.gitignore
@@ -0,0 +1,2 @@
+/target
+/bin
diff --git a/id/server/idserverlib/.gitignore b/id/server/idserverlib/.gitignore
new file mode 100644
index 000000000..ea8c4bf7f
--- /dev/null
+++ b/id/server/idserverlib/.gitignore
@@ -0,0 +1 @@
+/target
diff --git a/id/server/idserverlib/bin/.gitignore b/id/server/idserverlib/bin/.gitignore
new file mode 100644
index 000000000..e2c1dc811
--- /dev/null
+++ b/id/server/idserverlib/bin/.gitignore
@@ -0,0 +1,2 @@
+/src
+/src
diff --git a/id/server/moa-id-commons/.gitignore b/id/server/moa-id-commons/.gitignore
new file mode 100644
index 000000000..ea8c4bf7f
--- /dev/null
+++ b/id/server/moa-id-commons/.gitignore
@@ -0,0 +1 @@
+/target
diff --git a/id/server/proxy/.gitignore b/id/server/proxy/.gitignore
new file mode 100644
index 000000000..4dc009173
--- /dev/null
+++ b/id/server/proxy/.gitignore
@@ -0,0 +1,2 @@
+/target
+/bin
diff --git a/id/server/stork2-commons/.gitignore b/id/server/stork2-commons/.gitignore
new file mode 100644
index 000000000..ea8c4bf7f
--- /dev/null
+++ b/id/server/stork2-commons/.gitignore
@@ -0,0 +1 @@
+/target
diff --git a/id/server/stork2-saml-engine/.gitignore b/id/server/stork2-saml-engine/.gitignore
new file mode 100644
index 000000000..ea8c4bf7f
--- /dev/null
+++ b/id/server/stork2-saml-engine/.gitignore
@@ -0,0 +1 @@
+/target
-- 
cgit v1.2.3


From bf13ac04e47f615ac0de207ee991c241d310419d Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Fri, 31 Oct 2014 08:56:43 +0100
Subject: add SZR Client configuration to handbook and default config

---
 .../data/deploy/conf/moa-id/moa-id.properties      |  28 +++++
 id/server/doc/handbook/config/config.html          | 124 +++++++++++++++++++++
 2 files changed, 152 insertions(+)

(limited to 'id/server')

diff --git a/id/server/data/deploy/conf/moa-id/moa-id.properties b/id/server/data/deploy/conf/moa-id/moa-id.properties
index 4290b1985..9d1e931e9 100644
--- a/id/server/data/deploy/conf/moa-id/moa-id.properties
+++ b/id/server/data/deploy/conf/moa-id/moa-id.properties
@@ -125,3 +125,31 @@ advancedlogging.hibernate.c3p0.timeout=300
 advancedlogging.hibernate.c3p0.max_size=20
 advancedlogging.hibernate.c3p0.max_statements=0
 advancedlogging.hibernate.c3p0.min_size=3
+
+
+################SZR Client configuration####################################
+##  The SZR client is only required if MOA-ID-Auth should be 
+##  use as STORK <-> PVP Gateway. 
+########
+service.egovutil.szr.test=true
+service.egovutil.szr.test.url=https://pvawp.bmi.gv.at/bmi.gv.at/soap/SZ2Services-T/services/SZR
+service.egovutil.szr.prod.url=https://pvawp.bmi.gv.at/bmi.gv.at/soap/SZ2Services/services/SZR
+service.egovutil.szr.token.version=1.8
+service.egovutil.szr.token.participantid=
+service.egovutil.szr.token.gvoudomain=
+service.egovutil.szr.token.userid=
+service.egovutil.szr.token.cn=
+service.egovutil.szr.token.gvouid=
+service.egovutil.szr.token.ou=
+service.egovutil.szr.token.gvsecclass=
+service.egovutil.szr.token.gvfunction=
+service.egovutil.szr.token.gvgid=
+service.egovutil.szr.roles=
+service.egovutil.szr.ssl.keystore.file=
+service.egovutil.szr.ssl.keystore.password=
+service.egovutil.szr.ssl.keystore.type=
+service.egovutil.szr.ssl.truststore.file=
+service.egovutil.szr.ssl.truststore.password=
+service.egovutil.szr.ssl.truststore.type=
+service.egovutil.szr.ssl.trustall=false
+service.egovutil.szr.ssl.laxhostnameverification=false    
\ No newline at end of file
diff --git a/id/server/doc/handbook/config/config.html b/id/server/doc/handbook/config/config.html
index 2d2709bcc..9b4190035 100644
--- a/id/server/doc/handbook/config/config.html
+++ b/id/server/doc/handbook/config/config.html
@@ -74,6 +74,7 @@
   </ol>
     </li>
   <li>  <a href="#basisconfig_moa_id_auth_param_testing">Testing</a></li>
+  <li><a href="#basisconfig_moa_id_auth_szrclient">SZR Client f&uuml;r STORK &lt;-&gt; PVP Gateway Betrieb</a></li>
 </ol>
 </li>
           </ol>
@@ -904,7 +905,130 @@ https://&lt;host&gt;:&lt;port&gt;/moa-id-auth/MonitoringServlet</pre>
       <p><strong>Defaultwert:</strong> true</p></td>
     </tr>
   </table>
+  <h4><a name="basisconfig_moa_id_auth_szrclient" id="uebersicht_bekanntmachung16"></a>2.2.2.6 SZR Client f&uuml;r STORK &lt;-&gt; PVP Gateway Betrieb</h4>
+  <p>Die Konfiguration des Stammzahlenregister (SZR) Clients ist nur erforderlich wenn das Modul MOA-ID-Auth als STORK &lt;-&gt; PVP Gateway betrieben wird. Da in diesem Fall die Benutzerin oder der Benutzer &uuml;ber ein PVP Stammportal authentifiziert wird ist eine direkte Generierung der STORK eID w&auml;hrend des Anmeldevorgangs nicht m&ouml;glich. Somit erfolgt f&uuml;r diese Personen einen Stammzahlenregisterabfrage zur Bestimmung der STORK eID.</p>
+  <p>F&uuml;r den in MOA-ID-Auth verwendeten SZR Client sind folgende Konfigurationsparameter erforderlich.</p>
+  <table width="1247" border="1">
+    <tr>
+      <th width="281" scope="col">Name</th>
+      <th width="261" scope="col">Beispielwert</th>
+      <th width="683" scope="col">Beschreibung</th>
+    </tr>
+    <tr>
+      <td>service.egovutil.szr.test</td>
+      <td>false</td>
+      <td>Definiert ob das Produktivsystem oder das Testsystem des SZR Webservice verwendet werden soll</td>
+    </tr>
+    <tr>
+      <td>service.egovutil.szr.test.url</td>
+      <td>&nbsp;</td>
+      <td>URL auf das Test SZR Webservice</td>
+    </tr>
+    <tr>
+      <td>service.egovutil.szr.prod.url</td>
+      <td>&nbsp;</td>
+      <td>URL auf das produktive SZR Webservice</td>
+    </tr>
+    <tr>
+      <td>service.egovutil.szr.token.version</td>
+      <td>1.8</td>
+      <td><p>Verwendete PVP Version</p>
+      <p><strong>Hinweis: </strong>der Client implementiert die PVP Version 1.8</p></td>
+    </tr>
+    <tr>
+      <td>service.egovutil.szr.token.participantid</td>
+      <td>&nbsp;</td>
+      <td>Org-ID des Portalverbund-Teilnehmers bei dem der Benutzer registriert ist.</td>
+    </tr>
+    <tr>
+      <td>service.egovutil.szr.token.gvoudomain</td>
+      <td>&nbsp;</td>
+      <td>Organisations-Dom&auml;ne des Benutzers</td>
+    </tr>
+    <tr>
+      <td>service.egovutil.szr.token.userid</td>
+      <td>&nbsp;</td>
+      <td>UserID, mit dem der Benutzer am Stammportal authentifiziert ist</td>
+    </tr>
+    <tr>
+      <td>service.egovutil.szr.token.cn</td>
+      <td>&nbsp;</td>
+      <td>Name des Benutzers oder des System-Principals in der Form Anwendung.Subsystem</td>
+    </tr>
+    <tr>
+      <td>service.egovutil.szr.token.gvouid</td>
+      <td>&nbsp;</td>
+      <td>Stammdienststelle: Eindeutige Kennung f&uuml;r die Organisation des Benutzers</td>
+    </tr>
+    <tr>
+      <td>service.egovutil.szr.token.ou</td>
+      <td>&nbsp;</td>
+      <td>Stammdienststelle: Verwaltungskennzeichen der mit gvouid bezeichneten Organisation</td>
+    </tr>
+    <tr>
+      <td>service.egovutil.szr.token.gvsecclass</td>
+      <td>&nbsp;</td>
+      <td>Sicherheitsklasse</td>
+    </tr>
+    <tr>
+      <td>service.egovutil.szr.token.gvfunction</td>
+      <td>&nbsp;</td>
+      <td>Entspricht Funktion in gvPersonenFunktion.</td>
+    </tr>
+    <tr>
+      <td>service.egovutil.szr.token.gvgid</td>
+      <td>&nbsp;</td>
+      <td>Globaler Identifier des Benutzers</td>
+    </tr>
+    <tr>
+      <td>service.egovutil.szr.roles</td>
+      <td>szr-bpk-abfrage,szr-stammzahl-abfrage</td>
+      <td><p>PVP Rolle f&uuml;r den Zugriff auf das SZR</p>
+      <p>Hinweis: mehrere Rollen werden mittels ',' getrennt. </p></td>
+    </tr>
+    <tr>
+      <td>service.egovutil.szr.ssl.keystore.file</td>
+      <td>keys/szr-key.p12</td>
+      <td>Dateiname des Java Keystore oder PKCS12 Keystore zur Authentifizierung mittels Client Zertifikat am SZR Webservice.</td>
+    </tr>
+    <tr>
+      <td>service.egovutil.szr.ssl.keystore.password</td>
+      <td>password</td>
+      <td>Passwort f&uuml;r den Keystore mit dem Client Zertifikat</td>
+    </tr>
+    <tr>
+      <td>service.egovutil.szr.ssl.keystore.type</td>
+      <td>PKCS12</td>
+      <td>Typ des Keystore mit dem Client Zertifikat (PKCS12 oder JKS)</td>
+    </tr>
+    <tr>
+      <td>service.egovutil.szr.ssl.truststore.file</td>
+      <td>keys/truststore.jks</td>
+      <td>Dateiname des Truststores zur Validierung von SSL Servicerzertifikaten</td>
+    </tr>
+    <tr>
+      <td>service.egovutil.szr.ssl.truststore.password</td>
+      <td>password</td>
+      <td>Passwort f&uuml;r den Truststore</td>
+    </tr>
+    <tr>
+      <td>service.egovutil.szr.ssl.truststore.type</td>
+      <td>JKS</td>
+      <td>Typ des TrustStore (PKCS12 oder JKS)</td>
+    </tr>
+    <tr>
+      <td>service.egovutil.szr.ssl.trustall</td>
+      <td>false</td>
+      <td>Deaktiviert die SSL Serverzertifikatsvalidierung</td>
+    </tr>
+    <tr>
+      <td>service.egovutil.szr.ssl.laxhostnameverification</td>
+      <td>false</td>
+      <td>Deaktiviert die Validierung des Hostname mit dem SSL Serverzertifikat</td>
+    </tr>
+  </table>
   <p>&nbsp;</p>
+  <p><strong>Hinweis:</strong> Detaillierte Informationen zu den einzelnen PVP spezifischen Konfigurationsparametern finden Sie in der entsprechenden PVP Spezifikation.</p>
 <h2><a name="uebersicht_logging" id="uebersicht_logging"></a>2.3 Konfiguration des Loggings</h2>
   <p>Die Module MOA-ID-Auth und MOA-ID-Configuration verwendet als Framework f&uuml;r Logging-Information die Open Source Software <code>log4j</code>. Die Konfiguration der Logging-Information erfolgt  nicht direkt durch die einzelnen Module, sondern &uuml;ber eine eigene Konfigurationsdatei, die der <span class="term">Java Virtual Machine</span> durch eine <span class="term">System Property </span>  mitgeteilt wird. Der Name der <span class="term">System Property </span>  lautet <code>log4j.configuration</code>; als Wert der <span class="term">System Property </span>  ist eine URL anzugeben, die auf die <code>log4j</code>-Konfigurationsdatei verweist, z.B.  </p>
 <pre>log4j.configuration=file:/C:/Programme/apache/tomcat-4.1.30/conf/moa-id/log4j.properties</pre>
-- 
cgit v1.2.3


From a3f530aa7637f3be6c67653f63fbedb4d6bd16d3 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Fri, 31 Oct 2014 09:42:48 +0100
Subject: add depentency jaxrpc-impl for MOA-SPSS API calls

---
 id/server/idserverlib/pom.xml | 12 ++++++++++++
 1 file changed, 12 insertions(+)

(limited to 'id/server')

diff --git a/id/server/idserverlib/pom.xml b/id/server/idserverlib/pom.xml
index 52e064d3f..65004490b 100644
--- a/id/server/idserverlib/pom.xml
+++ b/id/server/idserverlib/pom.xml
@@ -135,6 +135,14 @@
     		<artifactId>jaxb-api</artifactId>
 		</dependency>
 		
+		<!-- Required for MOA-SPSS API access -->
+		<dependency>
+			<groupId>com.sun.xml.rpc</groupId>
+			<artifactId>jaxrpc-impl</artifactId>
+			<version>1.1.3_01</version>
+		</dependency>
+		
+		
 		<dependency>
 			<groupId>javax.mail</groupId>
 			<artifactId>mail</artifactId>
@@ -382,6 +390,10 @@
 					<artifactId>bcprov-jdk16</artifactId>
 					<groupId>org.bouncycastle</groupId>
 				</exclusion>
+				<exclusion>
+					<artifactId>jaxws-tools</artifactId>
+					<groupId>com.sun.xml.ws</groupId>
+				</exclusion>
 			</exclusions>
 		</dependency>
 	</dependencies>
-- 
cgit v1.2.3


From 1d17cc2cb30c5ad9f419b7d619805e3823283acc Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Fri, 31 Oct 2014 10:23:40 +0100
Subject: fix STORK DateFormat

---
 .../moa/id/protocols/stork2/MOAAttributeProvider.java         | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

(limited to 'id/server')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java
index 021eaee37..88c0e3245 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java
@@ -36,12 +36,17 @@ import eu.stork.peps.auth.commons.STORKStatusCode;
 
 import java.lang.reflect.InvocationTargetException;
 import java.lang.reflect.Method;
+import java.text.DateFormat;
+import java.text.SimpleDateFormat;
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 
+import org.joda.time.format.DateTimeFormat;
+import org.joda.time.format.DateTimeFormatter;
+
 import javassist.expr.Instanceof;
 
 /**
@@ -132,9 +137,11 @@ public class MOAAttributeProvider {
     }
 
     private String getFormatedDateOfBirth() {
-    	if (authData.getDateOfBirth() != null)
-    		return authData.getFormatedDateOfBirth();
+		if (authData.getDateOfBirth() != null) {
+			DateFormat fmt = new SimpleDateFormat("yyyyMMdd");
+    		return  fmt.format(authData.getDateOfBirth());
     		
+		}
    		else
    			return null;
     	
-- 
cgit v1.2.3


From a12bbb135540bd2b62e4a8d6f4614dd1dbe5ea12 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Fri, 31 Oct 2014 10:36:06 +0100
Subject: change PVP attribute provider logging

---
 .../id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java    | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'id/server')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java
index 7c2476b3d..b301b6e5e 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java
@@ -265,9 +265,9 @@ public class PVP2AssertionBuilder implements PVPConstants {
 						
 					
 					} catch (PVP2Exception e) {
-						Logger.error(
+						Logger.warn(
 								"Attribute generation failed! for "
-										+ reqAttribut.getFriendlyName(), e);
+										+ reqAttribut.getFriendlyName());
 						if (reqAttribut.isRequired()) {
 							throw new UnprovideableAttributeException(
 									reqAttribut.getName());
-- 
cgit v1.2.3


From c669d1660fc96dd797929daeb23ec5dd9c44ee3c Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Fri, 31 Oct 2014 13:01:56 +0100
Subject: remove debug code

---
 .../at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'id/server')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java
index 88c0e3245..5dcff3707 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java
@@ -121,7 +121,7 @@ public class MOAAttributeProvider {
     private List<String> getECApplicationRole() {    	
     	List<String> storkRoles = null;
     	    	
-    	if (true || authData.getAuthenticationRoles() != null 
+    	if (authData.getAuthenticationRoles() != null 
     			&& authData.getAuthenticationRoles().size() > 0) {
 
     		storkRoles = new ArrayList<String>();
-- 
cgit v1.2.3


From 2886006ba2ca141377e66a330df5fc52797c2755 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Fri, 31 Oct 2014 13:56:47 +0100
Subject: fix STORK dateOfBirth attribute

---
 .../at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'id/server')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java
index 5dcff3707..aaded0ce6 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java
@@ -70,7 +70,7 @@ public class MOAAttributeProvider {
         Map<String, String> tempFunctionMap = new HashMap<String, String>();
         tempFunctionMap.put("eIdentifier", "geteIdentifier");
         tempFunctionMap.put("ECApplicationRole","getECApplicationRole");
-        tempSimpleMap.put("dateOfBirth", "getFormatedDateOfBirth");
+        tempFunctionMap.put("dateOfBirth", "getFormatedDateOfBirth");
         storkAttributeFunctionMapping = Collections.unmodifiableMap(tempFunctionMap);
     }
 
-- 
cgit v1.2.3