From 2c82d41a98e2617088cdcf3db72b40d9747ae292 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Thu, 26 Sep 2013 08:05:52 +0200 Subject: Features: -- Add additional parameters to customize BKUSelectionForm and SendAssertionForm -- change Target configuration -- insert some logging Bugfixes: -- Nullpointerexceptions in combination of an old userdatabase entry and a actual configuration tool version --- .../moa/id/configuration/Constants.java | 3 + .../id/configuration/auth/pvp2/Authenticate.java | 4 +- .../config/ConfigurationProvider.java | 1 - .../id/configuration/data/oa/OAGeneralConfig.java | 80 +- .../configuration/filter/AuthenticationFilter.java | 12 +- .../configuration/struts/action/EditOAAction.java | 184 ++++- .../configuration/struts/action/IndexAction.java | 16 +- .../configuration/validation/TargetValidator.java | 8 +- .../configuration/validation/ValidationHelper.java | 24 +- .../validation/oa/OAGeneralConfigValidation.java | 20 +- .../main/resources/applicationResources.properties | 9 +- id/ConfigWebTool/src/main/webapp/js/common.js | 12 + .../src/main/webapp/jsp/editOAGeneral.jsp | 211 +++--- .../auth/src/main/webapp/css/2.0/stammzahl.css | 192 ----- .../auth/src/main/webapp/css/2.0/stylesinput.css | 251 ------- .../auth/src/main/webapp/css/2.0/stylesnew.css | 830 --------------------- id/server/auth/src/main/webapp/css/index.css | 3 +- .../auth/src/main/webapp/template_onlineBKU.html | 2 +- .../moa/id/auth/AuthenticationServer.java | 93 +-- .../auth/builder/GetIdentityLinkFormBuilder.java | 17 +- .../moa/id/auth/builder/LoginFormBuilder.java | 36 +- .../moa/id/auth/builder/SelectBKUFormBuilder.java | 87 --- .../id/auth/builder/SendAssertionFormBuilder.java | 17 +- .../moa/id/auth/data/AuthenticationSession.java | 2 - .../servlet/GenerateIFrameTemplateServlet.java | 6 + .../id/config/auth/AuthConfigurationProvider.java | 10 - .../moa/id/config/auth/OAAuthParameter.java | 39 + .../id/config/legacy/BuildFromLegacyConfig.java | 39 +- .../moa/id/moduls/AuthenticationManager.java | 4 +- .../gv/egovernment/moa/id/moduls/SSOManager.java | 4 +- .../moa/id/monitoring/DatabaseTestModule.java | 54 +- .../moa/id/protocols/pvp2x/PVP2XProtocol.java | 8 +- .../protocols/pvp2x/binding/ArtifactBinding.java | 7 +- .../pvp2x/requestHandler/AuthnRequestHandler.java | 4 + .../moa/id/protocols/saml1/SAML1Protocol.java | 27 +- .../resources/templates/loginFormFull.html | 35 +- .../resources/templates/sendAssertionFormFull.html | 6 +- .../builder/GetIdentityLinkFormBuilderTest.java | 4 +- .../id/commons/db/dao/statistic/StatisticLog.java | 9 +- .../src/main/resources/config/moaid_config_2.0.xsd | 8 + 40 files changed, 653 insertions(+), 1725 deletions(-) delete mode 100644 id/server/auth/src/main/webapp/css/2.0/stammzahl.css delete mode 100644 id/server/auth/src/main/webapp/css/2.0/stylesinput.css delete mode 100644 id/server/auth/src/main/webapp/css/2.0/stylesnew.css delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SelectBKUFormBuilder.java (limited to 'id') diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java index 2705659cb..915ddf8ff 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java @@ -46,5 +46,8 @@ public class Constants { public static final String IDENIFICATIONTYPE_ZVR = "ZVR"; public static final String IDENIFICATIONTYPE_BASEID = "urn:publicid:gv.at:baseid+"; + public static final String IDENIFICATIONTYPE_BASEID_FN = IDENIFICATIONTYPE_BASEID + "X" + IDENIFICATIONTYPE_FN; + public static final String IDENIFICATIONTYPE_BASEID_ZVR = IDENIFICATIONTYPE_BASEID + "X" + IDENIFICATIONTYPE_ZVR; + public static final String PREFIX_WPBK = "urn:publicid:gv.at:wbpk+"; } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/Authenticate.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/Authenticate.java index ed496ae16..8b775f692 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/Authenticate.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/Authenticate.java @@ -83,8 +83,8 @@ public class Authenticate extends HttpServlet { try { builder = factory.newDocumentBuilder(); } catch (ParserConfigurationException e) { - // TODO Auto-generated catch block - e.printStackTrace(); + log.warn("PVP2 AuthenticationServlet can not be initialized.", e); + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java index f08632d83..39d276701 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java @@ -100,7 +100,6 @@ public class ConfigurationProvider { DefaultBootstrap.bootstrap(); log.info("OPENSAML initialized"); - //TODO: start CleanUP Thread UserRequestCleaner.start(); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java index 2b4ea53c1..90c02e0e4 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java @@ -5,10 +5,10 @@ import java.util.Arrays; import java.util.HashMap; import java.util.List; import java.util.Map; -import java.util.Set; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA; +import at.gv.egovernment.moa.id.commons.db.dao.config.BKUSelectionCustomizationType; import at.gv.egovernment.moa.id.commons.db.dao.config.BKUURLS; import at.gv.egovernment.moa.id.commons.db.dao.config.DefaultBKUs; import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber; @@ -63,6 +63,10 @@ public class OAGeneralConfig { private boolean isHideBPKAuthBlock = false; + private boolean showMandateLoginButton = true; + private boolean onlyMandateAllowed = false; + private String bkuSelectionBackGroundColor = null; + private Map transformations; @@ -98,16 +102,13 @@ public class OAGeneralConfig { identifier = dbOAConfig.getPublicURLPrefix(); String target_full = dbOAConfig.getTarget(); - if (MiscUtil.isNotEmpty(target_full)) { - String[] target_split = target_full.split("-"); - if (TargetValidator.isValidTarget(target_full)) { - target = dbOAConfig.getTarget(); - if (target_split.length > 1) - target_subsector = target_split[1]; - + target = target_full; + } else { + String[] target_split = target_full.split("-"); + if (TargetValidator.isValidTarget(target_split[0])) { target = target_split[0]; if (target_split.length > 1) @@ -196,6 +197,19 @@ public class OAGeneralConfig { SLTemplates.add(el.getURL()); } } + + BKUSelectionCustomizationType bkuselectioncustom = templates.getBKUSelectionCustomization(); + if (bkuselectioncustom != null) { + + if (MiscUtil.isNotEmpty(bkuselectioncustom.getBackGroundColor())) + bkuSelectionBackGroundColor = bkuselectioncustom.getBackGroundColor(); + + if (bkuselectioncustom.isMandateLoginButton() != null) + showMandateLoginButton = bkuselectioncustom.isMandateLoginButton(); + + if (bkuselectioncustom.isOnlyMandateLoginAllowed() != null) + onlyMandateAllowed = bkuselectioncustom.isOnlyMandateLoginAllowed(); + } } if (SLTemplates != null && SLTemplates.size() > 0) @@ -211,7 +225,6 @@ public class OAGeneralConfig { isHideBPKAuthBlock = dbOAConfig.isRemoveBPKFromAuthBlock(); - } public String getIdentifier() { @@ -559,5 +572,54 @@ public class OAGeneralConfig { public void setHideBPKAuthBlock(boolean isHideBPKAuthBlock) { this.isHideBPKAuthBlock = isHideBPKAuthBlock; } + + + /** + * @return the showMandateLoginButton + */ + public boolean isShowMandateLoginButton() { + return showMandateLoginButton; + } + + + /** + * @param showMandateLoginButton the showMandateLoginButton to set + */ + public void setShowMandateLoginButton(boolean showMandateLoginButton) { + this.showMandateLoginButton = showMandateLoginButton; + } + + + /** + * @return the onlyMandateAllowed + */ + public boolean isOnlyMandateAllowed() { + return onlyMandateAllowed; + } + + + /** + * @param onlyMandateAllowed the onlyMandateAllowed to set + */ + public void setOnlyMandateAllowed(boolean onlyMandateAllowed) { + this.onlyMandateAllowed = onlyMandateAllowed; + } + + + /** + * @return the bkuSelectionBackGroundColor + */ + public String getBkuSelectionBackGroundColor() { + return bkuSelectionBackGroundColor; + } + + + /** + * @param bkuSelectionBackGroundColor the bkuSelectionBackGroundColor to set + */ + public void setBkuSelectionBackGroundColor(String bkuSelectionBackGroundColor) { + this.bkuSelectionBackGroundColor = bkuSelectionBackGroundColor; + } + } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java index 9f81e1212..e7e1beb45 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java @@ -147,24 +147,14 @@ public class AuthenticationFilter implements Filter{ } } else { - //check login Daten - - //loginPageForward = true; - - if (MiscUtil.isNotEmpty(getAuthenticatedPage())) { log.debug("Unable to find authentication data. Authenticated page is given so there is no need to save original request url. " + (loginPageForward ? "Forwarding" : "Redirecting") + " to login page \"" + loginPage + "\"."); - - } else { log.debug("Unable to find authentication data. Storing request url and " + (loginPageForward ? "forwarding" : "redirecting") + " to login page \"" + loginPage + "\"."); - // TODO: save HttpServletRequest - // log.debug("new CustomHttpServletRequest(request).toString() = - // {}", new - // CustomHttpServletRequest(httpServletRequest).toString()); session.setAttribute(STORED_REQUEST_URL_ID, requestURL); + } if (loginPageForward) { diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java index e07a0ba77..1a8e0048b 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java @@ -18,6 +18,7 @@ import org.apache.struts2.interceptor.ServletResponseAware; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA; +import at.gv.egovernment.moa.id.commons.db.dao.config.BKUSelectionCustomizationType; import at.gv.egovernment.moa.id.commons.db.dao.config.BKUURLS; import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber; import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; @@ -72,8 +73,13 @@ ServletResponseAware { private boolean newOA; private String formID; - private String nextPage; + private boolean onlyBusinessService = false; + private boolean subTargetSet = false; + private boolean deaktivededBusinessService = false; + private boolean isMetaDataRefreshRequired = false; + private String nextPage; + private OAGeneralConfig generalOA = new OAGeneralConfig(); private OAPVP2Config pvp2OA = new OAPVP2Config(); private OASAML1Config saml1OA = new OASAML1Config(); @@ -99,13 +105,15 @@ ServletResponseAware { return Constants.STRUTS_ERROR; } oaid = Long.valueOf(oaidobj); - + + UserDatabase userdb = null; OnlineApplication onlineapplication = null;; + if (authUser.isAdmin()) onlineapplication = ConfigurationDBRead.getOnlineApplication(oaid); else { - UserDatabase userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID()); + userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID()); if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) { @@ -113,6 +121,8 @@ ServletResponseAware { addActionError(LanguageHelper.getErrorString("error.editoa.mailverification")); } + + //TODO: change to direct Database operation List oas = userdb.getOnlineApplication(); for (OnlineApplication oa : oas) { if (oa.getHjid() == oaid) { @@ -129,6 +139,7 @@ ServletResponseAware { generalOA.parse(onlineapplication); ssoOA.parse(onlineapplication); saml1OA.parse(onlineapplication); + List errors = pvp2OA.parse(onlineapplication); if (errors.size() > 0) { @@ -136,8 +147,13 @@ ServletResponseAware { addActionError(el); } + subTargetSet = MiscUtil.isNotEmpty(generalOA.getTarget_subsector()); + + //set UserSpezific OA Parameters + if (!authUser.isAdmin()) + generateUserSpecificConfigurationOptions(userdb); + ConfigurationDBUtils.closeSession(); - session.setAttribute(Constants.SESSION_OAID, oaid); formID = Random.nextRandom(); @@ -165,14 +181,18 @@ ServletResponseAware { authUser = (AuthenticatedUser) authUserObj; UserDatabase userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID()); + if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) { log.info("Online-Applikation managemant disabled. Mail address is not verified."); addActionError(LanguageHelper.getErrorString("error.editoa.mailverification")); } + + //set UserSpezific OA Parameters + if (!authUser.isAdmin()) + generateUserSpecificConfigurationOptions(userdb); newOA = true; - formID = Random.nextRandom(); session.setAttribute(Constants.SESSION_FORMID, formID); @@ -205,7 +225,8 @@ ServletResponseAware { session.setAttribute(Constants.SESSION_FORMID, null); UserDatabase userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID()); - if (!authUser.isAdmin() && !userdb.isIsMailAddressVerified()) { + if (!authUser.isAdmin() && + userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) { log.info("Online-Applikation managemant disabled. Mail address is not verified."); addActionError(LanguageHelper.getErrorString("error.editoa.mailverification")); return Constants.STRUTS_SUCCESS; @@ -265,7 +286,11 @@ ServletResponseAware { } } } - + + //set UserSpezific OA Parameters + if (!authUser.isAdmin()) + generateUserSpecificConfigurationOptions(userdb); + //check form OAGeneralConfigValidation validatior_general = new OAGeneralConfigValidation(); OAPVP2ConfigValidation validatior_pvp2 = new OAPVP2ConfigValidation(); @@ -279,6 +304,13 @@ ServletResponseAware { errors.addAll(validatior_sso.validate(ssoOA, authUser.isAdmin())); errors.addAll(validator_stork.validate(storkOA)); + //Do not allow SSO in combination with special BKUSelection features + if (ssoOA.isUseSSO() && + ( generalOA.isOnlyMandateAllowed() || !generalOA.isShowMandateLoginButton()) ) { + log.warn("Special BKUSelection features can not be used in combination with SSO"); + errors.add(LanguageHelper.getErrorString("validation.general.bkuselection.specialfeatures.valid")); + } + if (errors.size() > 0) { log.info("OAConfiguration with ID " + generalOA.getIdentifier() + " has some errors."); for (String el : errors) @@ -289,7 +321,7 @@ ServletResponseAware { return Constants.STRUTS_ERROR_VALIDATION; } else { - + boolean newentry = false; if (onlineapplication == null) { @@ -300,7 +332,8 @@ ServletResponseAware { if (!authUser.isAdmin()) { onlineapplication.setIsAdminRequired(true); - } + } else + isMetaDataRefreshRequired = true; } else { @@ -321,6 +354,7 @@ ServletResponseAware { && onlineapplication.isIsAdminRequired()) ) { onlineapplication.setIsAdminRequired(false); + isMetaDataRefreshRequired = true; if (onlineapplication.getHjid() != null) userdb = ConfigurationDBRead.getUsersWithOADBID(onlineapplication.getHjid()); @@ -342,9 +376,10 @@ ServletResponseAware { if (pvp2OA.getMetaDataURL() != null) { try { - if (newentry || !pvp2OA.getMetaDataURL() - .equals(onlineapplication.getAuthComponentOA().getOAPVP2().getMetadataURL())) { + if (isMetaDataRefreshRequired || !pvp2OA.getMetaDataURL(). + equals(onlineapplication.getAuthComponentOA().getOAPVP2().getMetadataURL())) { + log.debug("Set PVP2 Metadata refresh flag."); MOAIDConfiguration moaconfig = ConfigurationDBRead.getMOAIDConfiguration(); moaconfig.setPvp2RefreshItem(new Date()); ConfigurationDBUtils.saveOrUpdate(moaconfig); @@ -576,7 +611,8 @@ ServletResponseAware { dboa.setPublicURLPrefix(generalOA.getIdentifier()); - if (generalOA.isBusinessService()) { + if (generalOA.isBusinessService() || onlyBusinessService) { + dboa.setType(Constants.MOA_CONFIG_BUSINESSSERVICE); String num = generalOA.getIdentificationNumber().replaceAll(" ", ""); @@ -609,37 +645,36 @@ ServletResponseAware { dboa.setTargetFriendlyName(generalOA.getTargetFriendlyName()); } else { - String target_full = generalOA.getTarget(); - String[] target_split = target_full.split("-"); - if (MiscUtil.isNotEmpty(generalOA.getTarget_subsector())) - dboa.setTarget(target_split[0] + "-" + generalOA.getTarget_subsector()); + + String target = generalOA.getTarget(); + + if (MiscUtil.isNotEmpty(generalOA.getTarget_subsector()) && subTargetSet) + dboa.setTarget(target + "-" + generalOA.getTarget_subsector()); else - dboa.setTarget(target_full); + dboa.setTarget(target); - String targetname = TargetValidator.getTargetFriendlyName(target_full); + String targetname = TargetValidator.getTargetFriendlyName(target); if (MiscUtil.isNotEmpty(targetname)) dboa.setTargetFriendlyName(targetname); - else - dboa.setTargetFriendlyName(TargetValidator.getTargetFriendlyName(target_split[0])); + } } else { + if (MiscUtil.isNotEmpty(generalOA.getTarget())) { - String target_full = generalOA.getTarget(); - String[] target_split = target_full.split("-"); - dboa.setTarget(target_split[0] + "-" + generalOA.getTarget_subsector()); - if (MiscUtil.isNotEmpty(generalOA.getTarget_subsector())) - dboa.setTarget(target_split[0] + "-" + generalOA.getTarget_subsector()); + String target = generalOA.getTarget(); + + if (MiscUtil.isNotEmpty(generalOA.getTarget_subsector()) && subTargetSet) + dboa.setTarget(target + "-" + generalOA.getTarget_subsector()); else - dboa.setTarget(target_full); + dboa.setTarget(target); - String targetname = TargetValidator.getTargetFriendlyName(target_full); + String targetname = TargetValidator.getTargetFriendlyName(target); if (MiscUtil.isNotEmpty(targetname)) dboa.setTargetFriendlyName(targetname); - else - dboa.setTargetFriendlyName(TargetValidator.getTargetFriendlyName(target_split[0])); + } } } @@ -693,6 +728,30 @@ ServletResponseAware { if (template != null && template.size() > 0) template.clear(); } + + + BKUSelectionCustomizationType bkuselectioncustom = templates.getBKUSelectionCustomization(); + if (bkuselectioncustom == null) { + bkuselectioncustom = new BKUSelectionCustomizationType(); + templates.setBKUSelectionCustomization(bkuselectioncustom); + } + + if (MiscUtil.isNotEmpty(generalOA.getBkuSelectionBackGroundColor())) { + String value; + if (!generalOA.getBkuSelectionBackGroundColor().startsWith("#")) + value = "#" + generalOA.getBkuSelectionBackGroundColor(); + else + value = generalOA.getBkuSelectionBackGroundColor(); + + bkuselectioncustom.setBackGroundColor(value); + + } else { + bkuselectioncustom.setBackGroundColor(""); + } + + bkuselectioncustom.setMandateLoginButton(generalOA.isShowMandateLoginButton()); + bkuselectioncustom.setOnlyMandateLoginAllowed(generalOA.isOnlyMandateAllowed()); + } //set default transformation if it is empty @@ -784,6 +843,29 @@ ServletResponseAware { return null; } + private void generateUserSpecificConfigurationOptions(UserDatabase userdb) { + + if (userdb.isIsMandateUser() != null && userdb.isIsMandateUser()) { + String bpk = userdb.getBpk(); + if (bpk.startsWith(Constants.IDENIFICATIONTYPE_BASEID_FN) || + bpk.startsWith(Constants.IDENIFICATIONTYPE_BASEID_ZVR)) { + + onlyBusinessService = true; + generalOA.setBusinessService(true); + + } + + deaktivededBusinessService = true; + String[] split = bpk.split("\\+"); + generalOA.setIdentificationType(split[1].substring(1)); + generalOA.setIdentificationNumber(split[2]); + + } + + + + } + public String setGeneralOAConfig() { return Constants.STRUTS_SUCCESS; @@ -925,8 +1007,46 @@ ServletResponseAware { public void setFormID(String formID) { this.formID = formID; } - - - + /** + * @return the onlyBusinessService + */ + public boolean isOnlyBusinessService() { + return onlyBusinessService; + } + + /** + * @param onlyBusinessService the onlyBusinessService to set + */ + public void setOnlyBusinessService(boolean onlyBusinessService) { + this.onlyBusinessService = onlyBusinessService; + } + + /** + * @return the subTargetSet + */ + public boolean isSubTargetSet() { + return subTargetSet; + } + + /** + * @param subTargetSet the subTargetSet to set + */ + public void setSubTargetSet(boolean subTargetSet) { + this.subTargetSet = subTargetSet; + } + + /** + * @return the deaktivededBusinessService + */ + public boolean isDeaktivededBusinessService() { + return deaktivededBusinessService; + } + + /** + * @param deaktivededBusinessService the deaktivededBusinessService to set + */ + public void setDeaktivededBusinessService(boolean deaktivededBusinessService) { + this.deaktivededBusinessService = deaktivededBusinessService; + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java index 5a88b1324..f07022394 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java @@ -379,6 +379,11 @@ public class IndexAction extends ActionSupport implements ServletRequestAware, return Constants.STRUTS_ERROR; } + //TODO: maybe remove this default value in a later version + boolean ismandateuser = false; + if (dbuser.isIsMandateUser() != null) + ismandateuser = dbuser.isIsMandateUser(); + authUser = new AuthenticatedUser( dbuser.getHjid(), dbuser.getGivenname(), @@ -387,7 +392,7 @@ public class IndexAction extends ActionSupport implements ServletRequestAware, dbuser.getUsername(), true, dbuser.isIsAdmin(), - dbuser.isIsMandateUser(), + ismandateuser, true); Date date = DateTimeHelper.parseDateTime(dbuser.getLastLogin()); @@ -414,23 +419,24 @@ public class IndexAction extends ActionSupport implements ServletRequestAware, } log.info("PVP2 Assertion was maybe not well formed, because no Assertion element could be found."); - addActionError(LanguageHelper.getErrorString("error.login")); + addActionError(LanguageHelper.getErrorString("error.login.internal")); return Constants.STRUTS_ERROR; } else { log.info("Receive Error Assertion."); + addActionError(LanguageHelper.getErrorString("error.login")); return Constants.STRUTS_ERROR; } } catch (Exception e) { - log.warn("Only http POST Requests can be used", e); - addActionError(LanguageHelper.getErrorString("error.login")); + log.warn("An internal error occurs.", e); + addActionError(LanguageHelper.getErrorString("error.login.internal")); return Constants.STRUTS_ERROR; } } else { log.info("Only http POST Requests can be used"); - addActionError(LanguageHelper.getErrorString("error.login")); + addActionError(LanguageHelper.getErrorString("error.login.internal")); return Constants.STRUTS_ERROR; } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/TargetValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/TargetValidator.java index 65e8a549e..c30ee46b7 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/TargetValidator.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/TargetValidator.java @@ -25,7 +25,7 @@ public class TargetValidator { targetList.put("EF", "Ein- und Ausfuhr"); targetList.put("GH", "Gesundheit"); targetList.put("GS", "Gesellschaft und Soziales"); - targetList.put("GS-RE", "Restitution"); +// targetList.put("GS-RE", "Restitution"); targetList.put("JR", "Justiz/Zivilrechtswesen"); targetList.put("KL", "Kultus"); targetList.put("KU", "Kunst und Kultur"); @@ -35,8 +35,8 @@ public class TargetValidator { targetList.put("SA", "Steuern und Abgaben"); targetList.put("SA", "Sport und Freizeit"); targetList.put("SO", "Sicherheit und Ordnung"); - targetList.put("SO-VR", "Vereinsregister"); - targetList.put("SR-RG", "Strafregister"); +// targetList.put("SO-VR", "Vereinsregister"); +// targetList.put("SR-RG", "Strafregister"); targetList.put("SV", "Sozialversicherung"); targetList.put("UW", "Umwelt"); targetList.put("VT", "Verkehr und Technik"); @@ -50,7 +50,7 @@ public class TargetValidator { targetList.put("PV", "Personalverwaltung"); targetList.put("RD", "Zentraler Rechtsdienst"); targetList.put("VS", "Zentrale Durchführung von Verwaltungsstrafverfahren"); - targetList.put("VS-RG", "Zentrales Verwaltungsstrafregister"); +// targetList.put("VS-RG", "Zentrales Verwaltungsstrafregister"); targetList.put("ZU", "Zustellungen"); } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java index eadf15f84..17da83286 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java @@ -35,6 +35,9 @@ public class ValidationHelper { private static final Logger log = Logger.getLogger(ValidationHelper.class); + private static final String TEMPLATE_DATEFORMAT = "dd.MM.yyyy"; + + public static boolean isPublicServiceAllowed(String identifier) { SSLSocket socket = null; @@ -216,7 +219,10 @@ public class ValidationHelper { } public static boolean isDateFormat(String dateString) { - SimpleDateFormat sdf = new SimpleDateFormat("dd.MM.yyyy"); + if (dateString.length() > TEMPLATE_DATEFORMAT.length()) + return false; + + SimpleDateFormat sdf = new SimpleDateFormat(TEMPLATE_DATEFORMAT); try { sdf.parse(dateString); return true; @@ -300,4 +306,20 @@ public class ValidationHelper { return "; % \" ' ` < >"; } + + public static boolean isValidHexValue(String param) { + + try { + if (param.startsWith("#") && param.length() <= 7) { + Long test = Long.decode(param); + return true; + } + + } catch (Exception e) { + + } + return false; + + } + } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java index 99371a0e7..8ef7c44cf 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java @@ -6,11 +6,8 @@ import java.util.Map; import org.apache.log4j.Logger; -import at.gv.egovernment.moa.id.commons.db.dao.config.MOAKeyBoxSelector; import at.gv.egovernment.moa.id.configuration.Constants; -import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider; import at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig; -import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.id.configuration.validation.CompanyNumberValidator; import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper; @@ -35,6 +32,23 @@ public class OAGeneralConfigValidation { new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); } } + + check = form.getBkuSelectionBackGroundColor(); + if (MiscUtil.isNotEmpty(check)) { + if (!check.startsWith("#")) + check = "#" + check; + + if (!ValidationHelper.isValidHexValue(check)) { + log.warn("BKUSelectionBackGroundColor is not a valid hex value " + check); + errors.add(LanguageHelper.getErrorString("validation.general.bkuselectioncolor.valid")); + } + + } + + if (form.isOnlyMandateAllowed() && !form.isShowMandateLoginButton()) { + log.warn("OnlyMandateAllowed in combination with hidden MandateLoginCheckbox is not possible."); + errors.add(LanguageHelper.getErrorString("validation.general.bkuselection.specialfeatures.combination")); + } } //Check BKU URLs diff --git a/id/ConfigWebTool/src/main/resources/applicationResources.properties b/id/ConfigWebTool/src/main/resources/applicationResources.properties index eaa9b981a..5e337c7a5 100644 --- a/id/ConfigWebTool/src/main/resources/applicationResources.properties +++ b/id/ConfigWebTool/src/main/resources/applicationResources.properties @@ -22,7 +22,7 @@ errors.importexport.export.noconfig=Die Konfiguration kann nicht exportiert werd errors.edit.user.userid=Es wurde keine g\u00FCtige User ID \u00FCbergeben. errors.edit.user.save=Der Benutzer konnte nicht in die Datenbank eingetragen werden. errors.edit.user.notallowed=Das Bearbeiten fremder Benutzereinstellungen ist nur dem Admin erlaubt. -error.login=Der Anmeldevorgang durch einen internen Fehler unterbrochen. Bitte Versuchen sie es noch einmal. +error.login=Der Anmeldevorgang wurde abgebrochen. Bitte Versuchen sie es noch einmal. error.mail.send=An die angegebene Mailadresse konnte keine Nachticht versendet werden. error.mail.verification=Der Verifikationsvorgang wurde durch einen internen Fehler unterbrochen. Bitte Versuchen sie es noch einmal. error.editoa.mailverification=Die Verwaltung von Online-Applikationen ist vor\u00FCbergehend deaktiviert, da die Mailadresse des Benutzeraccounts noch nicht verifiziert wurde. @@ -172,6 +172,7 @@ webpages.oaconfig.general.target.friendlyname.disabled=Bezeichnung des Bereichs webpages.oaconfig.general.target.admin.disabled=Bereich (vom Administrator eingestellt) webpages.oaconfig.general.target=Bereich (Target) webpages.oaconfig.general.target.subsector=Sub-Bereich +webpages.oaconfig.general.target.subsector.checkbox=Target verfeinern webpages.oaconfig.general.business.header=Privatwirtschaftlicher Bereich webpages.oaconfig.general.business.value=Identifikationsnummer webpages.oaconfig.general.business.type=Type der Identifikationsnummer @@ -181,6 +182,9 @@ webpages.oaconfig.general.aditional.iframe=B\u00FCrgerkartenauswahl im IFrame webpages.oaconfig.general.aditional.useUTC=UTC Zeit verwenden webpages.oaconfig.general.aditional.calculateHPI="TODO!" webpages.oaconfig.general.isHideBPKAuthBlock=bPK/wbPK im AuthBlock ausblenden +webpages.oaconfig.general.BKUSelection.isMandateLoginCheckboxVisible=Vollmachtenanmeldung anzeigen +webpages.oaconfig.general.BKUSelection.isOnlyMandateLoginAllowed=Nur Vollmachtenanmeldung erlauben +webpages.oaconfig.general.BKUSelection.backgroundcolor=Hintergrundfarbe der BKU-Auswahl webpages.oaconfig.menu.saml1.show=SAML1 Konfiguration einblenden webpages.oaconfig.menu.saml1.hidden=SAML1 Konfiguration ausblenden @@ -299,6 +303,9 @@ validation.general.slrequest.filename.valid=Der Dateiname der angegebenen Securt validation.general.slrequest.file.valid=Die angegebenen SecurtityLayer Transformation konnte nicht geladen werden. validation.general.aditionalauthblocktext=Der Zusatztext f\u00FCr den AuthBlock enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} +validation.general.bkuselectioncolor.valid=Die Hintergrundfarbe f\u00FCr die BKU Auswahl enth\u00E4lt keinen g\u00FCltigen Hexadezimalwert. (z.B. \#FFFFFF) +validation.general.bkuselection.specialfeatures.valid=Die speziellen Einstellungen f\u00FCr die BKU Auswahl (Vollmachtsanmeldung ausblenden / zwingend voraussetzen) k\u00F6nnen nicht in Kombination mit SSO verwendet werden. +validation.general.bkuselection.specialfeatures.combination=Eine zwingend erforderliche Vollmachtenanmeldung in Kombination mit einer ausgeblendeten Vollmachtenauswahlcheckbox ist nicht m\u00F6glich. validation.general.bku.handy.empty=Die URL f\u00FCr die Handy-BKU ist leer. validation.general.bku.handy.valid=Die URL f\u00FCr die Handy-BKU hat kein g\u00FCltiges Format. validation.general.bku.local.empty=Die URL f\u00FCr die lokale BKU ist leer. diff --git a/id/ConfigWebTool/src/main/webapp/js/common.js b/id/ConfigWebTool/src/main/webapp/js/common.js index 0b69854da..ce2e51863 100644 --- a/id/ConfigWebTool/src/main/webapp/js/common.js +++ b/id/ConfigWebTool/src/main/webapp/js/common.js @@ -78,6 +78,17 @@ function HideAdminTarget() { $('#adminTarget').removeAttr("checked"); $('#admin_target_area').css('display', "none"); } +function oaTargetSubSector() { + if ($('#OAisTargetSubSector').attr('checked') == 'checked') { + + $('#wwgrp_OAtarget_subsector').css('display', "block"); + + } else { + + $('#wwgrp_OAtarget_subsector').css('display', "none"); + + } +} function UseUserNamePassword() { if ($('#isusernamepasswordallowed').size() == 0) { $('#usernamepassword_area').css('display', "none"); @@ -122,5 +133,6 @@ function oaOnLoad() { oaSSOService(); oaLegacyService(); AdminTarget(); + oaTargetSubSector(); return true; } \ No newline at end of file diff --git a/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp b/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp index 68d47d6b8..6bca21435 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp @@ -64,121 +64,119 @@ key="webpages.oaconfig.general.isbusinessservice" cssClass="checkbox" onclick="oaBusinessService();" - id="OAisbusinessservice"> + id="OAisbusinessservice" + disabled="%{isOnlyBusinessService()}">

<%=LanguageHelper.getGUIString("webpages.oaconfig.general.business.header", request) %>

-<%-- - --%> - + name="generalOA.identificationType" + disabled="%{isDeaktivededBusinessService()}"> -<%-- - --%> - + cssClass="textfield_middle" + disabled="%{isDeaktivededBusinessService()}">
-
-

<%=LanguageHelper.getGUIString("webpages.oaconfig.general.public.header", request) %>

- - - - - - - - - - - - - - - - - - -
- - - - -
-
- - - - + +
+

<%=LanguageHelper.getGUIString("webpages.oaconfig.general.public.header", request) %>

+ + + + -<%-- - - - --%> - - - -
+ + + + + + + + + + + + + + + + +
+ + + + +
+
+ + + + + + <%-- + + + --%> + +
+
@@ -396,6 +394,27 @@ key="webpages.oaconfig.general.aditional.authblocktext" cssClass="textfield_large"> + + + + + + + + +
diff --git a/id/server/auth/src/main/webapp/css/2.0/stammzahl.css b/id/server/auth/src/main/webapp/css/2.0/stammzahl.css deleted file mode 100644 index 99c9ab425..000000000 --- a/id/server/auth/src/main/webapp/css/2.0/stammzahl.css +++ /dev/null @@ -1,192 +0,0 @@ -#header { - position: relative; - top: -5px; padding-top : 114px; -/* background: url("../../img/2.0/logo_dsk_szr_header.png") right top no-repeat; */ - text-align: right; - padding-top: 114px; -} - -html { - height: 100%; -} - -body { - margin: 0px; background : url(../../../img/2.0/bg_header.png) 0 0 repeat-x; - padding-bottom: 2em; - font-weight: inherit; - font-style: inherit; - font-size: 100%; - font-family: Verdana, Arial, Helvetica, sans-serif; - line-height: 1; - min-height: 101%; - background: url(../../img/2.0/bg_header.png) 0 0 repeat-x; -} - -ol,ul { - list-style-type: none; - list-style-image: none; - list-style-position: outside; -} - -#pagebase { - background: url(../../img/2.0/bg_footer.png) repeat-x left bottom; - width: 100%; -} - -#page { - min-width: 800px; - max-width: 1000px; - margin: 0 auto 5px auto; - padding: 0 5px; -} - -#homelink { - position: absolute; - top: 20px; - left: 0; -} - -#homelink a:hover,#homelink a:focus,#homelink a:active { - border-bottom: 3px solid #c51713; -} - -#mainnav { - margin-top: 0px; - margin-bottom: 0px; - margin-left: 95px; - background: url(../../img/2.0/bg_mainnav.png) right bottom repeat-x; - float: right; - padding-top: 0pt; - padding-right: 0pt; - padding-bottom: 0pt; - padding-left: 0pt; -} - -#mainnav li { - float: left; - /*font-size: 0.9em;*/ - background: #fff url(../../img/2.0/bg_mainnav_right.png) right top no-repeat; - margin-left: 2px; -} - -#mainnav li.first-item { - margin-left: 0; -} - -#mainnav li a { - display: block; - font-weight: bold; - padding: 7px 0.75em; - text-decoration: none; - color: Black; - background: url(../../img/2.0/bg_mainnav_left.png) left top no-repeat; -} - -#mainnav li a.current { - color: #c51713; -} - -#mainnav li a:hover,#mainnav li a:focus,#mainnav li a:active { - color: #c51713; - text-decoration: underline; -} - -#footer { - position: relative; - clear: both; - display: block; - height: 48px; -} - -#footer ul { - float: right; - margin-top: 0.5em; - background: url(../../img/2.0/bg_bottom_line.png) 0 3px repeat-x; -} - -#footer li { - float: left; - font-size: 0.8em; - display: inline; -} - -#footer li a { - display: block; - padding: 0 1em; - margin-top: 3px; - text-decoration: none; - border-right: 1px solid white; - color: white; -} - -#footer li a.last-item { - border-right: none; - padding-right: 0; -} - -#footer li a:hover,#footer li a:focus,#footer li a:active { - text-decoration: underline; -} - -#servicenav { - margin: 0px; - padding: 0px; position : absolute; - top: 0; - left: 0; - width: 100%; - text-align: right; - margin-top: 3px; - position: absolute; -} - -#servicenav li { - display: inline; - font-size: 0.8em; - line-height: 1.2; -} - -#servicenav li a,#servicenav li span.current { - padding: 0 0.5em; - text-decoration: none; - border-right: 1px solid white; - color: white; -} - -#servicenav li a:hover,#servicenav li a:focus,#servicenav li a:active { - text-decoration: underline; -} - -#servicenav li span.current { - color: #c51713; - font-weight: bold; -} - -#servicenav li a.last-item { - border-right: none; - padding-right: 2px; -} - -.hidden { - position: absolute; - top: -1000em; - left: -1000em; - height: 1px; - width: 1px; - overflow: hidden; -} - -.clearfix:after { - content: "."; - display: block; - height: 0; - clear: both; - visibility: hidden; -} - -.clearfix { - display: inline-block; -} - -.clearfix { - display: block; -} \ No newline at end of file diff --git a/id/server/auth/src/main/webapp/css/2.0/stylesinput.css b/id/server/auth/src/main/webapp/css/2.0/stylesinput.css deleted file mode 100644 index 000888b7b..000000000 --- a/id/server/auth/src/main/webapp/css/2.0/stylesinput.css +++ /dev/null @@ -1,251 +0,0 @@ -@CHARSET "utf-8"; - -/* ************************************* */ -/* * generated css (see input.css.jsp) * */ -/* ************************************* */ -/* **** classes for value **** */ - -fieldset label.value, textarea.value, input.value { - width: 150px !important; -} - -textarea.value { - height: 50px !important; -} - -select.value { - /* Firefox ... */ - width: 154px !important; - /* IE5 - IE6 */ - _width: 156px !important; - /* IE7 */ - !width: 156px !important; -} -/* **** classes for xs **** */ - -fieldset label.xs, textarea.xs, input.xs { - width: 25px !important; -} - -select.xs { - /* Firefox ... */ - width: 29px !important; - /* IE5 - IE6 */ - _width: 31px !important; - /* IE7 */ - !width: 31px !important; -} - -/* **** classes for s **** */ - -fieldset label.s, textarea.s, input.s { - width: 50px !important; -} - -select.s { - /* Firefox ... */ - width: 54px !important; - /* IE5 - IE6 */ - _width: 56px !important; - /* IE7 */ - !width: 56px !important; -} - -/* **** classes for m **** */ - -fieldset label.m, textarea.m, input.m { - width: 75px !important; -} - -select.m { - /* Firefox ... */ - width: 79px !important; - /* IE5 - IE6 */ - _width: 81px !important; - /* IE7 */ - !width: 81px !important; -} - -/* **** classes for l **** */ - -fieldset label.l, textarea.l, input.l { - width: 100px !important; -} - -select.l { - /* Firefox ... */ - width: 104px !important; - /* IE5 - IE6 */ - _width: 106px !important; - /* IE7 */ - !width: 106px !important; -} - -/* **** classes for xl **** */ - -fieldset label.xl, textarea.xl, input.xl { - width: 200px !important; -} - -select.xl { - /* Firefox ... */ - width: 204px !important; - /* IE5 - IE6 */ - _width: 206px !important; - /* IE7 */ - !width: 206px !important; -} - -/* **** classes for xll **** */ - -fieldset label.xll, textarea.xll, input.xll { - width: 250px !important; -} - -select.xll { - /* Firefox ... */ - width: 254px !important; - /* IE5 - IE6 */ - _width: 256px !important; - /* IE7 */ - !width: 256px !important; -} - -/* **** classes for xlll **** */ - -fieldset label.xlll, textarea.xlll, input.xlll { - width: 300px !important; -} - -select.xlll { - /* Firefox ... */ - width: 304px !important; - /* IE5 - IE6 */ - _width: 306px !important; - /* IE7 */ - !width: 306px !important; -} - -/* **** classes for xllll **** */ - -fieldset label.xllll, textarea.xllll, input.xllll { - width: 350px !important; -} - -select.xllll { - /* Firefox ... */ - width: 354px !important; - /* IE5 - IE6 */ - _width: 356px !important; - /* IE7 */ - !width: 356px !important; -} - -/* **** classes for xxl **** */ - -fieldset label.xxl, textarea.xxl, input.xxl { - width: 400px !important; -} - -fieldset input[type=file].xxl { - margin-right: 5px; - width: 250px !important; - !width: 400px !important; - _width: 400px !important; -} - - - -textarea.xxl { - height: 100px !important; -} - -select.xxl { - /* Firefox ... */ - width: 404px !important; - /* IE5 - IE6 */ - _width: 406px !important; - /* IE7 */ - !width: 406px !important; -} - -/* **** classes for xxll **** */ - -fieldset label.xxll, textarea.xxll, input.xxll { - width: 450px !important; -} - -select.xxll { - /* Firefox ... */ - width: 454px !important; - /* IE5 - IE6 */ - _width: 456px !important; - /* IE7 */ - !width: 456px !important; -} - -/* **** classes for xxlll **** */ - -fieldset label.xxlll, textarea.xxlll, input.xxlll { - width: 500px !important; -} - -select.xxlll { - /* Firefox ... */ - width: 504px !important; - /* IE5 - IE6 */ - _width: 506px !important; - /* IE7 */ - !width: 506px !important; -} - -/* **** classes for xxllll **** */ - -fieldset label.xxllll, textarea.xxllll, input.xxllll { - width: 550px !important; -} - -select.xxllll { - /* Firefox ... */ - width: 554px !important; - /* IE5 - IE6 */ - _width: 556px !important; - /* IE7 */ - !width: 556px !important; -} - -/* **** classes for xxxl **** */ - -fieldset label.xxxl, textarea.xxxl, input.xxxl { - width: 600px !important; -} - -textarea.xxxl { - height: 200px !important; -} - -select.xxxl { - /* Firefox ... */ - width: 604px !important; - /* IE5 - IE6 */ - _width: 606px !important; - /* IE7 */ - !width: 606px !important; -} -fieldset label.xxxxl, textarea.xxxxl, input.xxxxl { - width: 700px !important; -} - -textarea.xxxxl { - height: 250px !important; -} - -select.xxxxl { - /* Firefox ... */ - width: 704px !important; - /* IE5 - IE6 */ - _width: 706px !important; - /* IE7 */ - !width: 706px !important; -} - diff --git a/id/server/auth/src/main/webapp/css/2.0/stylesnew.css b/id/server/auth/src/main/webapp/css/2.0/stylesnew.css deleted file mode 100644 index e9c02120f..000000000 --- a/id/server/auth/src/main/webapp/css/2.0/stylesnew.css +++ /dev/null @@ -1,830 +0,0 @@ -@CHARSET "utf-8"; - -/* TODO: check min-width for all styles */ - -/* ********************************** */ -/* Neudefinition von bestehenden Tags */ -/* ********************************** */ - -html { - margin: 0px; - padding: 0px; -} - -body { - margin: 0px; - padding: 0px; - -} - -input, textarea, html, body { - font-family: Arial, Helvetica, sans-serif; - font-size: 10pt; -} - -h1 { - font-weight: bold; - font-size: 14pt; - color: #006464; - margin: 10px 0px 10px 0px; -} - -h2, h3, h4, h5, h6 { - background-color: #CCCCCC; - font-size: 11pt; - padding: 3px; - margin: 3px 2px 4px 2px; -} - - p { - margin: 1px; - padding: 4px 3px 0px 3px; -} - -img { - border: 0px; -} - -fieldset { - border: 0px; - margin: 0px; -} - -a { - color: #D60029; - text-decoration: none; -} - -a:hover { - text-decoration: underline; -} - -textarea { - overflow: auto; -} - -/* ****************** */ -/* allgemeine Klassen */ -/* ****************** */ - -.pageWidth { - min-width: 982px; /* wegen padding vom body, 950+20px */ - margin: 5px; - /* IE 6 hack */ - _width: 982px; -} - -.info-label{ - padding:6px; - white-space:nowrap; - width:100%; - font-size: 10pt; - font-weight: normal; -} - - - -.box, .overflowedBox, .whiteBox, .debugBox { - padding: 0px 0px; -} - -.box, .overflowedBox, .debugBox { - /*background-color: #EEEEEE;*/ -} - -.box { - padding-bottom: 4px; -} - -/*.whiteBox { - background-color: #FFFFFF; - border: 2px solid #EEEEEE; -}*/ - -.overflowedBox { - overflow: auto; -} - -.marginBottomNegative { - margin-bottom: -10px; - margin-top: 5px; -} - -.redColor { - color: #CC0000; -} - -.emcolor { - color: #006464; -} - -.subheader{ - font-weight: bold; - font-size:14pt; - color: #CC0000; - padding: 0px; - border: none; - background: #FFFFF; - padding: 0px; -} - -.pathnavigation { - border: none; - font-weight: bold; - font-family: Helvetica, sans-serif; - font-size: .9em; - margin-bottom: 10px; - padding: 3px; - cursor: pointer; - margin-right: 5px; -} - -.pathnavigation.selected { - color: #FFFFFF; - background: #006464; -} - -.pathnavigation.deselected { - color: #006464; - background: #FFFFFF; -} - -.upload-remove { - margin: 0px 2px 0px 2px; - width: 75px !important; -/* display: inline !important; - float: none !important;*/ -} - -.upload { - margin-top:2px; - padding:4px 1px 0px 3px; -} - -.repeat-evenindex, tr.repeat-item.repeat-evenindex td { - background-color: #dddddd; -} - -.repeat-minimal { - margin-bottom: 0px; -} - -.repeat-minimal, .repeat-minimal-item { - overflow: auto; -} - -fieldset.box .repeat-minimal-item input, -fieldset.box .repeat-minimal-item select, -fieldset.box .repeat-minimal-item textarea { - !margin-top: 1px; -} - -.repeat-minimal-item { - padding: 2px 0px; - margin: 2px; - _height: 100%; -} - -/* vertical centering ?? */ -/*.repeat-minimal-item span, .repeat-minimal-item a, .repeat-minimal-item input { - display: block; - float: left; - vertical-align: middle; - margin-right: 3px; -}*/ - -.repeat-selector { - width: auto !important; -} - -.full-repeat-box { - overflow: auto; - margin: 10px 0px 10px 0px; -} - -.disabled, .deselected-case { - display: none !important; -} - -.output-spaced { - display: block; -} - -.output{ - padding-top: 6px; - padding-left: 6px; - vertical-align: top; - text-align: left; -} - -fieldset.box span.verylarge{ - width: 650px; -} - -fieldset.box span.selector-item { - margin: 0px 5px; -} - -.groupwide { - width: 900px; -} - -fieldset.box span { - display: block; - float: left; - padding: 0px 3px; - min-height: 14px; - _height: 14px; -} - -fieldset.box span.output { - padding-top: 4px; -} - -dl.ic { - padding: 0px; - margin: 0px; - clear: both; -} - -dl.ic dt { - width: 200px; - font-weight: bold; - float: left; - clear: none; - text-align: right; - padding: 2px 0px 2px 10px; - margin: 0 2px 0 0; -} -dl.ic dd { - padding: 2px 3px 2px 0px; - margin-left: 215px; -} - -fieldset.box div { - padding-top: 0px; - !padding-top: 0px; - _padding-top: 0px; -} - -fieldset.box div span.selector-item { - float: none; - display: inline; -} - -fieldset.box div span.selector-item span, fieldset.box div span.selector-item input { - float: none; - display: inline; - vertical-align: middle; -} - - -/*fieldset.box div span, fieldset.box span span { - display: inline; - float: none; -}*/ - -.group { - background: #EEEEEE; - padding: 2px; - margin: 5px 0px; -} - -.groupwhite { - background: #FFFFFF; - padding: 2px; - margin: 5px 0px; -} - -.repeat-item { - padding: 0px; - margin: 0px; -} - -.repeated-evenindex { - background: #dddddd; - overflow: auto; -} - -div.spacing{ - overflow: hidden; - float: left; - !margin_bottom: 2px; - _height: 100%; -} - - -/* ******************** */ -/* tag specific classes */ -/* ******************** */ - -h2.label { - /*min-width: 954px;*/ - -} - -h3.inputcommit, h4.inputcommit, h5.inputcommit, h6.inputcommit { - margin: 10px 0px 0px -10px; -} - -a.info, span.info { - margin-right: 7px; - padding-bottom: 3px; -} - -div.signaturblock { - overflow: visible; - min-height: 160px; -} - -div.signaturtop { - float: left; - font-size: 9pt; - padding-left: 13px; - padding-top: 13px; - width: 240px; -} - -#amtssignaturtext .bold { - font-weight: bold; -} - -img.signaturlogo { - /*position: absolute;*/ - border: none; - padding-bottom: 3px; - display: block; -} - -br.clearAll { - clear: both; -} - -br.clearLeft { - clear: left; -} - -span.label { - float: left; - margin: 3px 0px 3px 0px; -} - -/* **** Inputs **** */ - -/* doesn't work with IE6 */ -/*input[type=submit].value, input[type=button].value { - width: auto !important; - margin-right: 5px; -} - -input[type=radio], input[type=radio].value { - width: auto !important; -} - -input[type=checkbox], input[type=checkbox].value { - width: auto !important; - float: left; -}*/ - -input.textright { - text-align: right; -} - -input.button, fieldset.box input.button, div input.button, div div input.button{ - width: auto !important; - margin-right: 5px; -} - -input.radio, fieldset.box input.radio { - width: auto !important; - margin: 4px 3px; - !margin: 4px; -} - -fieldset.box input[type=hidden] { - width: 0px; - display: none; -} - -input.checkbox, fieldset.box input.checkbox { - width: auto !important; - float: left; - padding: 2px; -} - -tr.repeat-item td label { - width: auto; -} - -/* **** Fieldsets **** */ - -/* needed to be html4 conform, only used for screen readers */ -fieldset.box legend { - display: none; -} - -fieldset.box { - padding-bottom: 0px; - margin-bottom: 0px; -} - -fieldset.box span.required,fieldset.box span.error,fieldset.box a.info, -span.required, span.error, a.info, span.info { - display: block; - float: left; - width: 10px; - overflow: hidden; - text-align: center; - font-weight: bold; - margin-right: 4px 0px 2px 0px; - height: 14px; - padding: 3px 0px 3px; -} - -fieldset.box a.info , fieldset.box span.error, span.error, a.info, span.info, span.required { - margin-top: 4px; - margin-left: 1px; - margin-right: 1px; -} - -fieldset.box .repeat-minimal-item a.info, -fieldset.box .repeat-minimal-item span.error, -fieldset.box .repeat-minimal-item span.info { - margin-top: 3px; - !margin-top: 3px; - _margin-top: 3px; -} - -/* -fieldset.box span.error, fieldset.box a.info, fieldset.box span.required -fieldset.box input, fieldset.box select, fieldset.box textarea, fieldset.box label { - margin-bottom: 5px; -}*/ - -fieldset.box span.error, span.error { - color: white; - background-color: red; -} - -fieldset.box a.info, a.info { - background-color: #005A00; - color: white; - font-family: serif; - text-decoration: none; - margin: 4px 4px; -} - -fieldset.box label { - display: block; - float: left; - width: 150px; - text-align: right; - padding: 4px 1px 0px 10px; - margin-top: 0px; -} - -fieldset.box label.bold { - font-weight: bold; -} - -fieldset.box br { - line-height: 1px; - !line-height: 2px; /* IE7 */ -} - -fieldset.box label.labelnone { - width: 0px; -} - -fieldset.box label.labelverysmall { - width: 50px; -} - -fieldset.box label.labelabitsmall { - width: 80px; -} - -fieldset.box label.labelsmaller { - width: 100px; -} - -fieldset.box label.labelsmall { - width: 120px; -} - -fieldset.box label.labelsm { - width: 130px; -} - -fieldset.box label.labelmedium { - width: 150px; -} - -fieldset.box label.labelml { - width: 170px; -} - -fieldset.box label.labelwide { - width: 190px; /* wegen tourismus-formular-seitenbreite */ -} - -fieldset.box label.labellarge { - width: 230px; -} - -fieldset.box label.labellarger { - width: 250px; -} - -fieldset.box label.labelverylarge, -div.box dl.labelverylarge dt { - width: 650px; -} - -fieldset.box input,fieldset.box output, fieldset.box select, fieldset.box textarea { - float: left; - display: block; - width: 150px; - margin: 3px 4px 3px 0px; -} - -fieldset.box br { - clear: left; - margin: 1px; -} - -/*fieldset.box label.s { - display: block; - float: left; - width: 100px !important; - text-align: right; - padding-right: 5px; - margin-top: 2px; -} - -fieldset.box label.xxxl { - width: 300px; -}*/ - -/* **** dl Liste **** */ - -dl.tabbed, dl.info, dl.signatur { - margin: 3px 0px; - min-height: 160px; -} - -dl.tabbed dt, dl.info dt, dl.signatur dt { - font-weight: bold; - width: 250px; - float: left; - text-align: right; - padding: 1px 5px; - clear: left; -} - -dl.signatur dt { - width: 170px; - clear: none; -} - -dl.tabbed dt.labelverylarge { - width: 650px; -} - -dl.info dt { - /* doesn't work with IE, caused by the float: left */ - /*display: list-item;*/ - width: 150px; - text-align: left; - margin-left: 25px; - padding: 0px 5px 5px 5px; -} - -dl.tabbed dd, dl.info dd, dl.signatur dd { - margin-left: 160px; - padding: 1px 3px 2px 0px; -} - -dl.signatur dd { - margin-left: 440px; -} - -dl.info dd { - padding: 0px 5px 5px 5px; -} - -/* ******** */ -/* Regionen */ -/* ******** */ - -/* **** Logo **** */ -#szrlogo { - float:right; - top: 10px; - right: 10px; - text-align: right; -} - -#logotext { - white-space: nowrap; - font-weight: bold; - font-size: 14pt; - color: #006464; -} - -/* **** Empfängerinfo **** */ - -#empfaengerinfo { - - float: left; -} - -#empfaengerinfo span#empfaenger { - font-weight: bold; - display: block; -} - -/* **** Hinweisbox **** */ -#hinweisbox { - background-color: #EEEEEE; - overflow: auto; - _padding-bottom: 40px; -} - -#hinweisbox #bittebeachten { - font-size: 16px; - font-weight: bold; - background-color: #d60028; - padding: 10px; - float: left; - color: white; - margin-right: 5px; -} - -#hinweisbox .spaced { - margin: 12px 50px 0px 0px; - float: left; -} - -#hinweisbox .spaced .error, #hinweisbox .spaced .info { - margin-right: 7px; - margin-top: -2px; - padding-top: 2px; -} - -#hinweisbox .spaced .info{ - background-color: #005A00; - color: white; - font-family: serif; -} - -/* **** Fehlermeldungen **** */ - -#fehlermeldungen h2 { - border-width: 0px; - background-color: #FFFFFF; -} - -#fehlermeldungen ul { - padding-left: 15px; -} - -#fehlermeldungen h2, #fehlermeldungen ul li, #fehlermeldungen ul li a{ - color:red; - font-weight: bold; - font-size: 10pt; -} - -#erfolgsmeldungen h2, #erfolgsmeldungen ul li, #erfolgsmeldungen ul li a{ - color:#009900; - font-weight: bold; - font-size: 10pt; -} - -/* **** Fehlermeldungen Transaction **** */ - -#fehlertransaction span { - color:red; - font-weight: bold; - font-size: 10pt; -} - -/* **** Navigationsleiste **** */ - -#submitbar { - clear: both; - background-color: #EEEEEE; - margin-top: 5px; - padding: 5px 10px; - overflow: auto; -} - -#submitbar #leftbuttons { - float: left; -} - -#submitbar #centerbuttons { - text-align: center; -} - -#submitbar #rightbuttons { - float: right; -} - -#submitbar #kontrollseite { - float: right; -} - -/* **** Fußzeile **** */ - -#footerbar { - margin-top: 5px; - background-color: #EEEEEE; - padding: 0px 5px; - overflow: auto; -} - -#footerbar #serverinfo { - float: left; - padding: 15px 0px; -} - -#footerbar #support { - text-align: center; - padding: 15px 0px; -} - -#footerbar #xgovguetesiegel { - float: right; - margin: 5px 0px; -} - -#savecommitdiv input, #formabortdiv input, -#errorabortdiv input, #loadcommitdiv input { - margin-right: 5px; - vertical-align: middle; - text-align: center; -} - -#formabortdiv h3, #savecommitdiv h3,#savecommitserverdiv h3, #loadcommitdiv h3 { - border: none; - font-size: 10pt; - background-color: transparent; - margin: 6px 0px 0px -2px; -} - -#formabortdiv ul, #savecommitdiv ul, #loadcommitdiv ul { - margin-top: 3px; -} - -#formabortdiv p, #savecommitdiv p, #loadcommitdiv p { - margin: 0 0 6px 6px; -} - -#statusimage { - width: 148px; - height: 57px; - /* special IE style propertie */ - behavior: url('bku-handling/css/pngbehavior.htc'); -} - -#validateallheader { - border-spacing: 2px; - border: thin solid #CCCCCC; -} - -#validateallsubheader { - background-color: transparent; - font-size: 10pt; - margin: 0px 0px 0px -10px; - padding: 0px; -} - - -/* bei repeats radio ausrücken */ -.repeat-item .radio { - float: left; - margin-top: 11px; -} - -.repeat-item .group { - margin-left: 20px; -} - -.repeat-without-radio .group { - margin-left: 0px; -} - -.area { - background-color: #EEEEEE; - padding-bottom: 5px; -} - -.area>p { - margin-left: 10px; - margin-bottom: 10px; -} - -#numberSearch { - margin-bottom: 15px; -} \ No newline at end of file diff --git a/id/server/auth/src/main/webapp/css/index.css b/id/server/auth/src/main/webapp/css/index.css index e57bcc99a..d8ad49bae 100644 --- a/id/server/auth/src/main/webapp/css/index.css +++ b/id/server/auth/src/main/webapp/css/index.css @@ -264,7 +264,8 @@ h2#tabheader, h2#contentheader { #bkulogin { overflow:hidden; - width:250px; + width:250px; + padding-top: 10px; } #bkukarte { diff --git a/id/server/auth/src/main/webapp/template_onlineBKU.html b/id/server/auth/src/main/webapp/template_onlineBKU.html index 7e3fbc99c..8f9fce8b4 100644 --- a/id/server/auth/src/main/webapp/template_onlineBKU.html +++ b/id/server/auth/src/main/webapp/template_onlineBKU.html @@ -23,7 +23,7 @@ - + diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java index dec5b81cf..bda1e3bfc 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java @@ -25,7 +25,6 @@ package at.gv.egovernment.moa.id.auth; import iaik.asn1.ObjectID; import iaik.pki.PKIException; -import iaik.x509.CertificateFactory; import iaik.x509.X509Certificate; import iaik.x509.X509ExtensionInitException; @@ -39,12 +38,9 @@ import java.security.cert.CertificateException; import java.util.ArrayList; import java.util.Calendar; import java.util.Date; -import java.util.HashMap; -import java.util.HashSet; import java.util.Iterator; import java.util.List; import java.util.Map; -import java.util.Set; import java.util.Vector; import javax.servlet.http.HttpServletRequest; @@ -75,9 +71,6 @@ import at.gv.egovernment.moa.id.auth.builder.CreateXMLSignatureRequestBuilder; import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder; import at.gv.egovernment.moa.id.auth.builder.GetIdentityLinkFormBuilder; import at.gv.egovernment.moa.id.auth.builder.InfoboxReadRequestBuilder; -import at.gv.egovernment.moa.id.auth.builder.InfoboxValidatorParamsBuilder; -import at.gv.egovernment.moa.id.auth.builder.PersonDataBuilder; -import at.gv.egovernment.moa.id.auth.builder.SelectBKUFormBuilder; import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse; @@ -85,16 +78,12 @@ import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute; import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttributeImpl; import at.gv.egovernment.moa.id.auth.data.IdentityLink; import at.gv.egovernment.moa.id.auth.data.InfoboxValidationResult; -import at.gv.egovernment.moa.id.auth.data.InfoboxValidatorParams; import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse; import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker; import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser; -import at.gv.egovernment.moa.id.auth.parser.ExtendedInfoboxReadResponseParser; import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser; import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser; -import at.gv.egovernment.moa.id.auth.parser.SAMLArtifactParser; import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser; -import at.gv.egovernment.moa.id.auth.servlet.AuthServlet; import at.gv.egovernment.moa.id.auth.servlet.PEPSConnectorServlet; import at.gv.egovernment.moa.id.auth.stork.STORKAuthnRequestProcessor; import at.gv.egovernment.moa.id.auth.validator.CreateXMLSignatureResponseValidator; @@ -111,16 +100,12 @@ import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWConstants import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.ConfigurationProvider; import at.gv.egovernment.moa.id.config.ConnectionParameter; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.config.auth.VerifyInfoboxParameter; -import at.gv.egovernment.moa.id.config.auth.VerifyInfoboxParameters; import at.gv.egovernment.moa.id.config.stork.CPEPS; import at.gv.egovernment.moa.id.config.stork.STORKConfig; import at.gv.egovernment.moa.id.data.AuthenticationData; -import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.storage.AssertionStorage; import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; import at.gv.egovernment.moa.id.util.HTTPUtils; @@ -130,8 +115,6 @@ import at.gv.egovernment.moa.id.util.SSLUtils; import at.gv.egovernment.moa.id.util.client.mis.simple.MISMandate; import at.gv.egovernment.moa.logging.LogMsg; import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.Base64Utils; -import at.gv.egovernment.moa.util.BoolUtils; import at.gv.egovernment.moa.util.Constants; import at.gv.egovernment.moa.util.DOMUtils; import at.gv.egovernment.moa.util.DateTimeUtils; @@ -332,32 +315,32 @@ public class AuthenticationServer implements MOAIDAuthConstants { // } // } - /** - * Method readBKUSelectTag. - * - * @param conf - * the ConfigurationProvider - * @param connParam - * the ConnectionParameter for that connection - * @return String - * @throws ConfigurationException - * on config-errors - * @throws PKIException - * on PKI errors - * @throws IOException - * on any data error - * @throws GeneralSecurityException - * on security errors - */ - private String readBKUSelectTag(ConfigurationProvider conf, - ConnectionParameter connParam) throws ConfigurationException, - PKIException, IOException, GeneralSecurityException { - - if (connParam.isHTTPSURL()) - return SSLUtils.readHttpsURL(conf, connParam); - else - return HTTPUtils.readHttpURL(connParam.getUrl()); - } +// /** +// * Method readBKUSelectTag. +// * +// * @param conf +// * the ConfigurationProvider +// * @param connParam +// * the ConnectionParameter for that connection +// * @return String +// * @throws ConfigurationException +// * on config-errors +// * @throws PKIException +// * on PKI errors +// * @throws IOException +// * on any data error +// * @throws GeneralSecurityException +// * on security errors +// */ +// private String readBKUSelectTag(ConfigurationProvider conf, +// ConnectionParameter connParam) throws ConfigurationException, +// PKIException, IOException, GeneralSecurityException { +// +// if (connParam.isHTTPSURL()) +// return SSLUtils.readHttpsURL(conf, connParam); +// else +// return HTTPUtils.readHttpURL(connParam.getUrl()); +// } /** * Processes the beginning of an authentication session. @@ -472,7 +455,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { String htmlForm = new GetIdentityLinkFormBuilder().build(template, session.getBkuURL(), infoboxReadRequest, dataURL, certInfoRequest, - certInfoDataURL, pushInfobox); + certInfoDataURL, pushInfobox, oaParam); return htmlForm; } @@ -608,13 +591,8 @@ public class AuthenticationServer implements MOAIDAuthConstants { session.setIdentityLink(identityLink); // now validate the extended infoboxes - //TODO: check correctness -// verifyInfoboxes(session, infoboxReadResponseParameters, !oaParam -// .getProvideStammzahl()); verifyInfoboxes(session, infoboxReadResponseParameters, false); - - //TODO: make it better!! return "found!"; } @@ -760,22 +738,6 @@ public class AuthenticationServer implements MOAIDAuthConstants { .getOnlineApplicationParameter( session.getPublicOAURLPrefix()); - //TODO: CHECK!! is moved to buildAuthenticationBlock to hold the baseID in identitylink - // if (!fromMandate) { - // BZ.., calculate bPK for signing to be already present in AuthBlock -// IdentityLink identityLink = session.getIdentityLink(); -// if (identityLink.getIdentificationType().equals( -// Constants.URN_PREFIX_BASEID)) { -// // only compute bPK if online application is a public service and we -// // have the Stammzahl -// String bpkBase64 = new BPKBuilder().buildBPK(identityLink -// .getIdentificationValue(), session.getTarget()); -// identityLink.setIdentificationValue(bpkBase64); -// identityLink.setIdentificationType(Constants.URN_PREFIX_CDID + "+" + session.getTarget()); -// } - // ..BZ - // } - // builds the AUTH-block String authBlock = buildAuthenticationBlock(session, oaParam); @@ -1924,7 +1886,6 @@ public class AuthenticationServer implements MOAIDAuthConstants { null, VerifyXMLSignatureResponseValidator.CHECK_AUTH_BLOCK, false); - // TODO See Bug #144 // Compare AuthBlock Data with information stored in session, especially // date and time CreateXMLSignatureResponseValidator.getInstance().validateSigningDateTime(csresp); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java index bd8d52031..56cb3a3db 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java @@ -29,6 +29,8 @@ import java.io.StringReader; import java.io.StringWriter; import at.gv.egovernment.moa.id.BuildException; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.util.MiscUtil; /** * Builder for HTML form requesting the security layer implementation @@ -54,6 +56,7 @@ public class GetIdentityLinkFormBuilder extends Builder { private static final String PUSHINFOBOX_TAG = ""; /** special tag in the HTML template to be substituted for the BKU URL */ private static final String MANDATE_TAG = ""; + private static final String COLOR_TAG = ""; /** private static int all contains the representation to replace all tags*/ private static final int ALL = -1; @@ -112,6 +115,7 @@ public class GetIdentityLinkFormBuilder extends Builder { * @param bkuURL URL of the "Bürgerkartenumgebung" the form will be submitted to; * may be null, in this case the default URL will be used * @param dataURL DataURL to be sent as a parameter in the form + * @param oaParam */ public String build( String htmlTemplate, @@ -120,7 +124,7 @@ public class GetIdentityLinkFormBuilder extends Builder { String dataURL, String certInfoXMLRequest, String certInfoDataURL, - String pushInfobox) + String pushInfobox, OAAuthParameter oaParam) throws BuildException { String htmlForm = htmlTemplate == null ? DEFAULT_HTML_TEMPLATE : htmlTemplate; @@ -131,6 +135,17 @@ public class GetIdentityLinkFormBuilder extends Builder { //new:wird oben mitreplaced htmlForm = replaceTag(htmlForm, BKU_TAG, bkuURL); htmlForm = replaceTag(htmlForm, CERTINFO_XMLREQUEST_TAG, encodeParameter(certInfoXMLRequest), true, ALL); htmlForm = replaceTag(htmlForm, CERTINFO_DATAURL_TAG, certInfoDataURL, true, ALL); + + if (oaParam != null) { + if (MiscUtil.isNotEmpty(oaParam.getBKUSelectionBackGroundColor())) + htmlForm = replaceTag(htmlForm, COLOR_TAG, oaParam.getBKUSelectionBackGroundColor(), false, ALL); + else + htmlForm = replaceTag(htmlForm, COLOR_TAG, "#DDDDDD", false, ALL); + + } else + htmlForm = replaceTag(htmlForm, COLOR_TAG, "#DDDDDD", false, ALL); + + return htmlForm; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java index f90634ab4..3282036b4 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java @@ -10,17 +10,24 @@ import java.net.URI; import org.apache.commons.io.IOUtils; import at.gv.egovernment.moa.id.auth.servlet.GenerateIFrameTemplateServlet; +import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; import at.gv.egovernment.moa.id.config.OAParameter; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.protocols.saml1.SAML1Protocol; import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; public class LoginFormBuilder { private static final String HTMLTEMPLATESDIR = "htmlTemplates/"; private static final String HTMLTEMPLATEFULL = "loginFormFull.html"; + private static final String TEMPLATEBGCOLOR = "style=\"background-color: #COLOR#\""; + private static final String TEMPLATEVISIBLE = " display: none"; + private static final String TEMPLATEDISABLED = "disabled=\"true\""; + private static final String TEMPLATECHECKED = "checked=\"true\""; + private static String AUTH_URL = "#AUTH_URL#"; private static String MODUL = "#MODUL#"; private static String ACTION = "#ACTION#"; @@ -30,6 +37,12 @@ public class LoginFormBuilder { private static String BKU_LOCAL = "#LOCAL#"; private static String CONTEXTPATH = "#CONTEXTPATH#"; private static String MOASESSIONID = "#SESSIONID#"; + private static String BACKGROUNDCOLOR = "#BACKGROUNDCOLOR#"; + private static String COLOR = "#COLOR#"; + private static String MANDATEVISIBLE = "#MANDATEVISIBLE#"; + private static String MANDATECHECKED = "#MANDATECHECKED#"; + + private static String SERVLET = CONTEXTPATH+"/GenerateIframeTemplate"; @@ -79,7 +92,7 @@ public class LoginFormBuilder { return template; } - public static String buildLoginForm(String modul, String action, String oaname, String contextpath, String moaSessionID) { + public static String buildLoginForm(String modul, String action, OAAuthParameter oaParam, String contextpath, String moaSessionID) { String value = getTemplate(); if(value != null) { @@ -91,9 +104,28 @@ public class LoginFormBuilder { } value = value.replace(MODUL, modul); value = value.replace(ACTION, action); - value = value.replace(OANAME, oaname); + value = value.replace(OANAME, oaParam.getFriendlyName()); value = value.replace(CONTEXTPATH, contextpath); value = value.replace(MOASESSIONID, moaSessionID); + + String bgcolor = oaParam.getBKUSelectionBackGroundColor(); + if (MiscUtil.isNotEmpty(bgcolor)) { + value = value.replace(BACKGROUNDCOLOR, TEMPLATEBGCOLOR); + value = value.replace(COLOR, bgcolor); + } else + value = value.replace(BACKGROUNDCOLOR, ""); + + if (oaParam.isShowMandateCheckBox()) + value = value.replace(MANDATEVISIBLE, ""); + else + value = value.replace(MANDATEVISIBLE, TEMPLATEVISIBLE); + + if (oaParam.isOnlyMandateAllowed()) { + value = value.replace(MANDATECHECKED, TEMPLATECHECKED + " " + TEMPLATEDISABLED); + + } else + value = value.replace(MANDATECHECKED, ""); + } return value; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SelectBKUFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SelectBKUFormBuilder.java deleted file mode 100644 index bfc86d608..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SelectBKUFormBuilder.java +++ /dev/null @@ -1,87 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.id.auth.builder; - -import at.gv.egovernment.moa.id.BuildException; - -/** - * Builder for the BKU selection form requesting the user to choose - * a BKU from a list. - * - * @author Paul Ivancsics - * @version $Id$ - */ -public class SelectBKUFormBuilder extends Builder { - /** private static String NL contains the NewLine representation in Java*/ - private static final String nl = "\n"; - /** special tag in the HTML template to be substituted for the form action which is - * a URL of MOA-ID Auth */ - private static final String ACTION_TAG = ""; - /** special tag in the HTML template to be substituted for the <select;gt; tag - * containing the BKU selection options */ - private static final String SELECT_TAG = ""; - /** - * Template for the default html-code to be returned as security-layer-selection to be built - */ - private static final String DEFAULT_HTML_TEMPLATE = - "" + nl + - "" + nl + - "" + nl + - "Auswahl der Bürgerkartenumgebung" + nl + - "" + nl + - "" + nl + - "
" + nl + - SELECT_TAG + nl + - " " + nl + - "
" + nl + - "" + nl + - ""; - - /** - * Constructor - */ - public SelectBKUFormBuilder() { - super(); - } - /** - * Method build. Builds the form - * @param htmlTemplate to be used - * @param startAuthenticationURL the url where the startAuthenticationServlet can be found - * @param bkuSelectTag if a special bku should be used - * @return String - * @throws BuildException on any error - */ - public String build(String htmlTemplate, String startAuthenticationURL, String bkuSelectTag) - throws BuildException { - - String htmlForm = htmlTemplate == null ? DEFAULT_HTML_TEMPLATE : htmlTemplate; - htmlForm = replaceTag(htmlForm, ACTION_TAG, startAuthenticationURL, true, 1); - htmlForm = replaceTag(htmlForm, SELECT_TAG, bkuSelectTag, true, 1); - return htmlForm; - } - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java index 3f6a7d9d6..1796af94b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java @@ -15,18 +15,23 @@ import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.protocols.saml1.SAML1Protocol; import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; public class SendAssertionFormBuilder { private static final String HTMLTEMPLATESDIR = "htmlTemplates/"; private static final String HTMLTEMPLATEFULL = "sendAssertionFormFull.html"; + private static final String TEMPLATEBGCOLOR = "style=\"background-color: #COLOR#\""; + private static String URL = "#URL#"; private static String MODUL = "#MODUL#"; private static String ACTION = "#ACTION#"; private static String ID = "#ID#"; private static String OANAME = "#OAName#"; private static String CONTEXTPATH = "#CONTEXTPATH#"; + private static String BACKGROUNDCOLOR = "#BACKGROUNDCOLOR#"; + private static String COLOR = "#COLOR#"; private static String SERVLET = CONTEXTPATH+"/SSOSendAssertionServlet"; @@ -69,7 +74,7 @@ public class SendAssertionFormBuilder { return template; } - public static String buildForm(String modul, String action, String id, String oaname, String contextpath) { + public static String buildForm(String modul, String action, String id, OAAuthParameter oaParam, String contextpath) { String value = getTemplate(); if(value != null) { @@ -82,8 +87,16 @@ public class SendAssertionFormBuilder { value = value.replace(MODUL, modul); value = value.replace(ACTION, action); value = value.replace(ID, id); - value = value.replace(OANAME, oaname); + value = value.replace(OANAME, oaParam.getFriendlyName()); value = value.replace(CONTEXTPATH, contextpath); + + String bgcolor = oaParam.getBKUSelectionBackGroundColor(); + if (MiscUtil.isNotEmpty(bgcolor)) { + value = value.replace(BACKGROUNDCOLOR, TEMPLATEBGCOLOR); + value = value.replace(COLOR, bgcolor); + } else + value = value.replace(BACKGROUNDCOLOR, ""); + } return value; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java index 4560e69cf..540311231 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java @@ -196,8 +196,6 @@ public class AuthenticationSession implements Serializable { */ private List extendedSAMLAttributesAUTH; - - //TODO: check if it is in use! /** * If infobox validators are needed after signing, they can be stored in * this list. diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java index d4484a97c..dfabfccf6 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java @@ -98,6 +98,12 @@ public class GenerateIFrameTemplateServlet extends AuthServlet { String bkuURL = oaParam.getBKUURL(bkuid); String templateURL = AuthConfigurationProvider.getInstance().getSLRequestTemplates(bkuid); + if (oaParam.isOnlyMandateAllowed()) + useMandate = "true"; + + if (!oaParam.isShowMandateCheckBox()) + useMandate = "false"; + //parse all OA parameters i StartAuthentificationParameterParser.parse(moasession, target, diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java index f2b068568..cc1a1304d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java @@ -24,16 +24,12 @@ package at.gv.egovernment.moa.id.config.auth; -import iaik.security.cipher.AESKeyGenerator; - import java.io.File; import java.io.FileInputStream; import java.io.FileNotFoundException; import java.io.IOException; import java.math.BigInteger; import java.net.MalformedURLException; -import java.security.NoSuchAlgorithmException; -import java.security.NoSuchProviderException; import java.util.ArrayList; import java.util.Date; import java.util.HashMap; @@ -41,17 +37,11 @@ import java.util.List; import java.util.Map; import java.util.Properties; -import javax.crypto.Cipher; -import javax.crypto.KeyGenerator; -import javax.crypto.NoSuchPaddingException; import javax.xml.bind.JAXBContext; -import javax.xml.bind.Marshaller; import javax.xml.bind.Unmarshaller; -import org.apache.commons.io.CopyUtils; import org.hibernate.cfg.Configuration; - import at.gv.egovernment.moa.id.auth.AuthenticationServer; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java index 99d15a612..d2a70c527 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java @@ -28,6 +28,7 @@ import java.util.ArrayList; import java.util.List; import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA; +import at.gv.egovernment.moa.id.commons.db.dao.config.BKUSelectionCustomizationType; import at.gv.egovernment.moa.id.commons.db.dao.config.BKUURLS; import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber; import at.gv.egovernment.moa.id.commons.db.dao.config.Mandates; @@ -41,6 +42,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType; import at.gv.egovernment.moa.id.config.ConfigurationUtils; import at.gv.egovernment.moa.id.config.OAParameter; import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; import eu.stork.vidp.messages.builder.STORKMessagesBuilder; import eu.stork.vidp.messages.common.STORKConstants; import eu.stork.vidp.messages.stork.QualityAuthenticationAssuranceLevel; @@ -283,6 +285,43 @@ public String getIdentityLinkDomainIdentifierType() { return null; } +public String getBKUSelectionBackGroundColor() { + TemplatesType templates = oa_auth.getTemplates(); + if (templates != null) { + BKUSelectionCustomizationType bkuselection = templates.getBKUSelectionCustomization(); + if (bkuselection != null) { + if (MiscUtil.isNotEmpty(bkuselection.getBackGroundColor())) + return bkuselection.getBackGroundColor(); + } + } + return null; +} + + +public boolean isShowMandateCheckBox() { + TemplatesType templates = oa_auth.getTemplates(); + if (templates != null) { + BKUSelectionCustomizationType bkuselection = templates.getBKUSelectionCustomization(); + if (bkuselection != null) { + if (bkuselection.isMandateLoginButton() != null) + return bkuselection.isMandateLoginButton(); + } + } + return true; +} + +public boolean isOnlyMandateAllowed() { + TemplatesType templates = oa_auth.getTemplates(); + if (templates != null) { + BKUSelectionCustomizationType bkuselection = templates.getBKUSelectionCustomization(); + if (bkuselection != null) { + if (bkuselection.isOnlyMandateLoginAllowed() != null) + return bkuselection.isOnlyMandateLoginAllowed(); + } + } + return false; +} + /** * @return the qaaLevel */ diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java index 10729e981..651690166 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java @@ -168,21 +168,18 @@ public class BuildFromLegacyConfig { authGeneral.setTimeOuts(timeOuts); generalAuth.setGeneralConfiguration(authGeneral); - - //TODO: set Protocols!!!! Protocols auth_protocols = new Protocols(); generalAuth.setProtocols(auth_protocols); LegacyAllowed prot_legacy = new LegacyAllowed(); auth_protocols.setLegacyAllowed(prot_legacy); - final List PROTOCOLS_LEGACY_ALLOWED = Arrays.asList("id_saml1","id_pvp2x"); //TODO: set default values + final List PROTOCOLS_LEGACY_ALLOWED = Arrays.asList("id_saml1","id_pvp2x"); prot_legacy.setProtocolName(PROTOCOLS_LEGACY_ALLOWED); - //TODO: remove beta test values PVP2 prot_pvp2 = new PVP2(); auth_protocols.setPVP2(prot_pvp2); - prot_pvp2.setPublicURLPrefix("https://labda.iaik.tugraz.at:8443/moa-id-auth/"); - prot_pvp2.setIssuerName("MOA-ID 2.0 Demo IDP"); + prot_pvp2.setPublicURLPrefix("https://...."); + prot_pvp2.setIssuerName("MOA-ID 2.x IDP"); Organization pvp2_org = new Organization(); prot_pvp2.setOrganization(pvp2_org); @@ -213,8 +210,8 @@ public class BuildFromLegacyConfig { //SSO SSO auth_sso = new SSO(); generalAuth.setSSO(auth_sso); - auth_sso.setTarget("BF"); - auth_sso.setFriendlyName("EGIZ MOAID 2.0 Beta"); + auth_sso.setTarget(""); + auth_sso.setFriendlyName(""); //set SecurityLayer Transformations @@ -268,7 +265,6 @@ public class BuildFromLegacyConfig { auth_moaSP.setVerifyAuthBlock(auth_moaSP_verifyAuthBlock); - //TODO: check correctness!!! //set IdentityLinkSigners IdentityLinkSigners auth_idsigners = new IdentityLinkSigners(); generalAuth.setIdentityLinkSigners(auth_idsigners); @@ -399,7 +395,7 @@ public class BuildFromLegacyConfig { //set general OA configuration moa_oa.setCalculateHPI(false); //TODO: Bernd fragen warum das nicht direkt über den Bereichsidentifyer definert wird moa_oa.setFriendlyName(oa.getFriendlyName()); - moa_oa.setKeyBoxIdentifier(MOAKeyBoxSelector.fromValue(oa.getKeyBoxIdentifier())); //TODO: check correctness + moa_oa.setKeyBoxIdentifier(MOAKeyBoxSelector.fromValue(oa.getKeyBoxIdentifier())); moa_oa.setPublicURLPrefix(oa.getPublicURLPrefix()); moa_oa.setTarget(oa.getTarget()); moa_oa.setTargetFriendlyName(oa.getTargetFriendlyName()); @@ -481,22 +477,7 @@ public class BuildFromLegacyConfig { //OA_PVP2 OAPVP2 oa_pvp2 = new OAPVP2(); oa_auth.setOAPVP2(oa_pvp2); - -// oa_pvp2.setMetadataURL("empty"); -// -// //TODO: is only a workaround!!!! -// Properties props = getGeneralPVP2ProperiesConfig(properies); -// File dir = new File(props.getProperty("idp.truststore")); -// File[] files = dir.listFiles(); -// if (files.length > 0) { -// FileInputStream filestream = new FileInputStream(files[0]); -// X509Certificate signerCertificate = new X509Certificate(filestream); -// oa_pvp2.setCertificate(signerCertificate.getEncoded()); -// -// } else { -// oa_pvp2.setCertificate(null); -// } - + moa_oas.add(moa_oa); //ConfigurationDBUtils.save(moa_oa); } @@ -531,11 +512,7 @@ public class BuildFromLegacyConfig { //set trustedCACertificate path moaIDConfig.setTrustedCACertificates(builder.getTrustedCACertificates()); - - //TODO: move to read config functionality - //trustedCACertificates = FileUtils.makeAbsoluteURL(trustedCACertificates, rootConfigFileDir); - - + //Not required in MOAID 2.0 config (DefaultBKUs & SLRequestTemplates) //trustedBKUs = builder.getTrustedBKUs(); //trustedTemplateURLs = builder.getTrustedTemplateURLs(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java index f2352e11e..76bf64f3a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java @@ -284,7 +284,7 @@ public class AuthenticationManager extends AuthServlet { String loginForm = LoginFormBuilder.buildLoginForm(target.requestedModule(), - target.requestedAction(), oaParam.getFriendlyName(), request.getContextPath(), moasession.getSessionID()); + target.requestedAction(), oaParam, request.getContextPath(), moasession.getSessionID()); //store MOASession try { @@ -310,7 +310,7 @@ public class AuthenticationManager extends AuthServlet { throws ServletException, IOException, MOAIDException { String form = SendAssertionFormBuilder.buildForm(target.requestedModule(), - target.requestedAction(), target.getRequestID(), oaParam.getFriendlyName(), request.getContextPath()); + target.requestedAction(), target.getRequestID(), oaParam, request.getContextPath()); response.setContentType("text/html;charset=UTF-8"); PrintWriter out = new PrintWriter(response.getOutputStream()); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java index 18eeae58e..e8639a162 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java @@ -37,7 +37,6 @@ public class SSOManager { if (instance == null) { instance = new SSOManager(); - //TODO: move to config based timeout! try { sso_timeout = (int) AuthConfigurationProvider.getInstance().getTimeOuts().getMOASessionUpdated().longValue(); @@ -101,7 +100,6 @@ public class SSOManager { if (correspondingMoaSession == null) { Logger.info("Get request with old SSO SessionID but no corresponding SSO Session is found."); - //TODO: ist der OldSSOSessionStore zum Aufräumen? return null; } @@ -159,7 +157,7 @@ public class SSOManager { if (cookies != null) { for (Cookie cookie : cookies) { - //TODO: funktioniert nicht, da Cookie seltsamerweise immer unsecure übertragen wird (firefox) + //funktioniert nicht, da Cookie seltsamerweise immer unsecure übertragen wird (firefox) //if (cookie.getName().equals(SSOCOOKIE) && cookie.getSecure()) { if (cookie.getName().equals(SSOCOOKIE)) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java index 24261780a..84aea44a3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java @@ -10,8 +10,10 @@ import org.hibernate.Session; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils; +import at.gv.egovernment.moa.id.commons.db.StatisticLogDBUtils; import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore; +import at.gv.egovernment.moa.id.commons.db.dao.statistic.StatisticLog; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; @@ -48,19 +50,25 @@ public class DatabaseTestModule implements TestModuleInterface{ Date expioredate = new Date(new Date().getTime() - 120); - List results; - Session session = MOASessionDBUtils.getCurrentSession(); - - synchronized (session) { - session.beginTransaction(); - Query query = session.getNamedQuery("getAssertionWithTimeOut"); - query.setTimestamp("timeout", expioredate); - results = query.list(); - session.getTransaction().commit(); + try { + List results; + Session session = MOASessionDBUtils.getCurrentSession(); + + synchronized (session) { + session.beginTransaction(); + Query query = session.getNamedQuery("getAssertionWithTimeOut"); + query.setTimestamp("timeout", expioredate); + results = query.list(); + session.getTransaction().commit(); + } + + Logger.trace("Finish Test: MOASessionDatabase"); + return null; + + } catch (Throwable e) { + Logger.warn("Failed Test: MOASessionDatabase", e); + return "MOASessionDatabase: " + e.getMessage(); } - - Logger.trace("Finish Test: MOASessionDatabase"); - return null; } private String testMOAConfigurationDatabase() throws Exception{ @@ -76,8 +84,26 @@ public class DatabaseTestModule implements TestModuleInterface{ private String testMOAAdvancedLoggingDatabase() { - //TODO: insert advanced Logging Database Tests + Date expioredate = new Date(new Date().getTime() - 120); + try { + Session session = StatisticLogDBUtils.getCurrentSession(); + + List results; - return null; + synchronized (session) { + session.beginTransaction(); + Query query = session.getNamedQuery("getAllEntriesNotBeforeTimeStamp"); + query.setTimestamp("timeout", expioredate); + results = query.list(); + session.getTransaction().commit(); + } + + Logger.trace("Finish Test: AdvancedLoggingDataBase"); + return null; + + } catch (Throwable e) { + Logger.warn("Failed Test: AdvancedLoggingDataBase", e); + return "AdvancedLoggingDataBase: " + e.getMessage(); + } } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java index 6055484f7..d507385cd 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java @@ -49,6 +49,7 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.verification.SAMLVerificationEng import at.gv.egovernment.moa.id.protocols.pvp2x.verification.TrustEngineFactory; import at.gv.egovernment.moa.id.util.ParamValidatorUtils; import at.gv.egovernment.moa.id.util.VelocityLogAdapter; +import at.gv.egovernment.moa.logging.Logger; public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants { @@ -184,6 +185,8 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants { String binding = consumerService.getBinding(); String entityID = moaRequest.getEntityMetadata().getEntityID(); + Logger.info("Dispatch PVP2 Request: OAURL=" + oaURL + " Binding=" + binding); + //String oaURL = (String) request.getParameter(PARAM_OA); oaURL = StringEscapeUtils.escapeHtml(oaURL); // if (!ParamValidatorUtils.isValidOA(oaURL)) @@ -194,10 +197,7 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants { config.setBinding(binding); config.setRequest(moaRequest); config.setConsumerURL(consumerService.getLocation()); - - //TODO: set correct target; - config.setTarget(PVPConfiguration.getInstance().getTargetForSP(entityID)); - + String useMandate = request.getParameter(PARAM_USEMANDATE); if(useMandate != null) { if(useMandate.equals("true")) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/ArtifactBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/ArtifactBinding.java index baea32f28..c486d3ff2 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/ArtifactBinding.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/ArtifactBinding.java @@ -29,7 +29,6 @@ public class ArtifactBinding implements IDecoder, IEncoder { public void encodeRequest(HttpServletRequest req, HttpServletResponse resp, RequestAbstractType request, String targetLocation) throws MessageEncodingException, SecurityException { - // TODO Auto-generated method stub } @@ -82,19 +81,19 @@ public class ArtifactBinding implements IDecoder, IEncoder { public MOARequest decodeRequest(HttpServletRequest req, HttpServletResponse resp) throws MessageDecodingException, SecurityException { - // TODO Auto-generated method stub + return null; } public MOAResponse decodeRespone(HttpServletRequest req, HttpServletResponse resp) throws MessageDecodingException, SecurityException { - // TODO Auto-generated method stub + return null; } public boolean handleDecode(String action, HttpServletRequest req) { - // TODO Auto-generated method stub + return false; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java index f8270cf33..1444cdecf 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java @@ -93,13 +93,16 @@ public class AuthnRequestHandler implements IRequestHandler, PVPConstants { if (consumerService.getBinding().equals( SAMLConstants.SAML2_REDIRECT_BINDING_URI)) { binding = new RedirectBinding(); + } else if (consumerService.getBinding().equals( SAMLConstants.SAML2_ARTIFACT_BINDING_URI)) { // TODO: not supported YET!! binding = new ArtifactBinding(); + } else if (consumerService.getBinding().equals( SAMLConstants.SAML2_POST_BINDING_URI)) { binding = new PostBinding(); + } if (binding == null) { @@ -109,6 +112,7 @@ public class AuthnRequestHandler implements IRequestHandler, PVPConstants { try { binding.encodeRespone(req, resp, authResponse, oaURL); // TODO add remoteSessionID to AuthSession ExternalPVPSessionStore + } catch (MessageEncodingException e) { Logger.error("Message Encoding exception", e); throw new MOAIDException("pvp2.01", null, e); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java index a310b16ff..66124df4a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java @@ -88,6 +88,8 @@ public class SAML1Protocol implements IModulInfo, MOAIDAuthConstants { "auth.12"); config.setOAURL(oaURL); + Logger.info("Dispatch SAML1 Request: OAURL=" + oaURL); + //load Target only from OA config OAAuthParameter oaParam = AuthConfigurationProvider.getInstance() .getOnlineApplicationParameter(oaURL); @@ -97,10 +99,7 @@ public class SAML1Protocol implements IModulInfo, MOAIDAuthConstants { new Object[] { oaURL }); config.setTarget(oaParam.getTarget()); - - - //TODO: set reauthenticate if OA.useSSO=false - + request.getSession().setAttribute(PARAM_OA, oaURL); request.getSession().setAttribute(PARAM_TARGET, oaParam.getTarget()); return config; @@ -139,26 +138,6 @@ public class SAML1Protocol implements IModulInfo, MOAIDAuthConstants { public boolean validate(HttpServletRequest request, HttpServletResponse response, IRequest pending) { - - //TODO: funktioniert so nicht!!! - -// String oaURL = (String) request.getParameter(PARAM_OA); -// oaURL = StringEscapeUtils.escapeHtml(oaURL); -// String target = (String) request.getParameter(PARAM_TARGET); -// target = StringEscapeUtils.escapeHtml(target); -// -// //the target parameter is used to define the OA in SAML1 standard -// if (target.startsWith("http")) { -// oaURL = target; -// target = null; -// } -// -// if (oaURL != null) { -// if (oaURL.equals(pending.getOAURL())) -// return true; -// else -// return false; -// } return true; } diff --git a/id/server/idserverlib/src/main/resources/resources/templates/loginFormFull.html b/id/server/idserverlib/src/main/resources/resources/templates/loginFormFull.html index c6b98dc85..55290d05e 100644 --- a/id/server/idserverlib/src/main/resources/resources/templates/loginFormFull.html +++ b/id/server/idserverlib/src/main/resources/resources/templates/loginFormFull.html @@ -176,43 +176,30 @@

Login mit Bürgerkarte

-
+
-
+
+ style="vertical-align: middle; margin-right: 5px;" + id="mandateCheckBox" #MANDATECHECKED#> -
i
-
+
-
+
- - - -
+ +

@@ -229,7 +216,7 @@

-
+ -