From 7700a426db02fe0e44d8ff1e19595f45dc337806 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Tue, 1 Apr 2014 18:56:00 +0200 Subject: solve problems with Struts 2.3.16.1 --- id/ConfigWebTool/src/main/resources/struts.xml | 25 +++++++++++++++++++++++-- id/server/pom.xml | 2 +- 2 files changed, 24 insertions(+), 3 deletions(-) (limited to 'id') diff --git a/id/ConfigWebTool/src/main/resources/struts.xml b/id/ConfigWebTool/src/main/resources/struts.xml index 9a098da5a..1c5dc83d3 100644 --- a/id/ConfigWebTool/src/main/resources/struts.xml +++ b/id/ConfigWebTool/src/main/resources/struts.xml @@ -6,10 +6,22 @@ + - + + + + + + + ^class\..*,^dojo\..*,^struts\..*,^session\..*,^request\..*,^application\..*,^servlet(Request|Response)\..*,^parameters\..*,^method:.* + + + + /index.jsp @@ -69,7 +81,16 @@ - + + + + + ^class\..*,^dojo\..*,^struts\..*,^session\..*,^request\..*,^application\..*,^servlet(Request|Response)\..*,^parameters\..*,^method:.* + + + + diff --git a/id/server/pom.xml b/id/server/pom.xml index d748c01eb..f4b92fbd5 100644 --- a/id/server/pom.xml +++ b/id/server/pom.xml @@ -19,7 +19,7 @@ auth moa-id-commons stork2-saml-engine - stork2-commons + -- cgit v1.2.3 From f94e5ae88e1481008f6a2b5d15384e8d8be2e9e5 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Wed, 2 Apr 2014 07:37:28 +0200 Subject: Disallow CrossNamespace actions --- id/ConfigWebTool/src/main/resources/struts.xml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'id') diff --git a/id/ConfigWebTool/src/main/resources/struts.xml b/id/ConfigWebTool/src/main/resources/struts.xml index 1c5dc83d3..55490788d 100644 --- a/id/ConfigWebTool/src/main/resources/struts.xml +++ b/id/ConfigWebTool/src/main/resources/struts.xml @@ -6,7 +6,8 @@ - + + -- cgit v1.2.3 From 3395f06b54249ad4f8281e45ef93d97540bb7a7a Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Wed, 2 Apr 2014 07:37:59 +0200 Subject: merge two log messages into one message --- .../main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'id') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java index 0cb11cf5f..5eb55317a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java @@ -232,8 +232,8 @@ public class ParamValidatorUtils implements MOAIDAuthConstants{ return true; } else { - Logger.error("Fehler Ueberpruefung Parameter bkuURI. bkuURI ist nicht auf Liste der vertrauenswuerdigen BKUs (Konfigurationselement: MOA-IDConfiguration/TrustedBKUs)"); - Logger.error("Ueberpruefte bkuURI: " + bkuURI); + Logger.error("Fehler Ueberpruefung Parameter bkuURI. " + + bkuURI + " ist nicht auf Liste der vertrauenswuerdigen BKUs (Konfigurationselement: MOA-IDConfiguration/TrustedBKUs)"); return false; } } -- cgit v1.2.3 From b82a8cc5f8178a0cf222db7682df6db1c56051c0 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Wed, 2 Apr 2014 07:43:15 +0200 Subject: change stork2-commons to allow Java 1.6 builds --- id/server/pom.xml | 2 +- id/server/stork2-commons/pom.xml | 4 ++-- .../eu/stork/peps/tests/ComplexAttributesMarshalling.java | 15 +++++++++++++-- 3 files changed, 16 insertions(+), 5 deletions(-) (limited to 'id') diff --git a/id/server/pom.xml b/id/server/pom.xml index f4b92fbd5..d748c01eb 100644 --- a/id/server/pom.xml +++ b/id/server/pom.xml @@ -19,7 +19,7 @@ auth moa-id-commons stork2-saml-engine - + stork2-commons diff --git a/id/server/stork2-commons/pom.xml b/id/server/stork2-commons/pom.xml index b13035307..c1dd27924 100644 --- a/id/server/stork2-commons/pom.xml +++ b/id/server/stork2-commons/pom.xml @@ -122,8 +122,8 @@ maven-compiler-plugin 3.1 - 1.7 - 1.7 + 1.6 + 1.6 diff --git a/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/ComplexAttributesMarshalling.java b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/ComplexAttributesMarshalling.java index c7e195fa6..d411a2f42 100644 --- a/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/ComplexAttributesMarshalling.java +++ b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/ComplexAttributesMarshalling.java @@ -88,10 +88,15 @@ public class ComplexAttributesMarshalling { m.marshal(objf.createCanonicalResidenceAddress(object), new FileOutputStream("CanonicalAddressType.xml")); m.marshal(objf.createCanonicalResidenceAddress(object), System.out); } - catch (JAXBException | FileNotFoundException e) + catch (JAXBException e ) { e.printStackTrace(); + + } catch (FileNotFoundException e) { + e.printStackTrace(); + } + } /** @@ -156,8 +161,14 @@ public class ComplexAttributesMarshalling { m.marshal(o.createHasAccountInBank(object), new FileOutputStream ("hasbankaccount.xml")); m.marshal(o.createHasAccountInBank(object), System.out); - } catch (JAXBException | FileNotFoundException e) { + } + catch (JAXBException e ) + { + e.printStackTrace(); + + } catch (FileNotFoundException e) { e.printStackTrace(); + } } /** -- cgit v1.2.3 From 8b6831043febd92ce2333bc01c373aa0ad9bc8b2 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Wed, 2 Apr 2014 09:29:41 +0200 Subject: add a infolog if no Metadata is found --- .../egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'id') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java index 6517325b9..11e280d8f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java @@ -122,7 +122,13 @@ public class PostBinding implements IDecoder, IEncoder { MOARequest request = new MOARequest(inboundMessage); request.setVerified(false); - request.setEntityID(messageContext.getPeerEntityMetadata().getEntityID()); + + if (messageContext.getPeerEntityMetadata() != null) + request.setEntityID(messageContext.getPeerEntityMetadata().getEntityID()); + + else + Logger.info("No Metadata found for OA with EntityID " + inboundMessage.getIssuer().getValue()); + request.setRelayState(messageContext.getRelayState()); return request; -- cgit v1.2.3 From 49dec667de27b30c353e2312b16719453d0cf1b9 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Wed, 2 Apr 2014 09:30:31 +0200 Subject: add moa-id-commons to moa-idspss project --- id/server/idserverlib/pom.xml | 1 - 1 file changed, 1 deletion(-) (limited to 'id') diff --git a/id/server/idserverlib/pom.xml b/id/server/idserverlib/pom.xml index ae4c57fc8..285a5da9c 100644 --- a/id/server/idserverlib/pom.xml +++ b/id/server/idserverlib/pom.xml @@ -34,7 +34,6 @@ MOA.id.server moa-id-commons - ${pom.version} diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/EncodingFilter.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/EncodingFilter.java new file mode 100644 index 000000000..71f9536ae --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/EncodingFilter.java @@ -0,0 +1,123 @@ +package at.gv.egovernment.moa.id.configuration.filter; + +import java.io.IOException; +import java.nio.charset.Charset; + +import javax.servlet.FilterChain; +import javax.servlet.FilterConfig; +import javax.servlet.ServletException; +import javax.servlet.ServletRequest; +import javax.servlet.ServletResponse; + +import org.apache.commons.lang.StringUtils; +import org.apache.commons.lang.builder.ToStringBuilder; +import org.apache.log4j.Logger; + +/** + * @author Thomas Knall + */ +public class EncodingFilter implements javax.servlet.Filter { + + private static final String SERVLET_INIT_PARAM_ENCODING = "encoding"; + + private static final String SERVLET_INIT_PARAM_SET_REQUEST_ENCODING = "setRequestEncoding"; + private static final String SERVLET_INIT_PARAM_FORCE_REQUEST_ENCODING = "forceRequestEncoding"; + + private static final String SERVLET_INIT_PARAM_SET_RESPONSE_ENCODING = "setResponseEncoding"; + private static final String SERVLET_INIT_PARAM_FORCE_RESPONSE_ENCODING = "forceResponseEncoding"; + + private static final boolean DEFAULT_SET_REQUEST_ENCODING_VALUE = true; + private static final boolean DEFAULT_FORCE_REQUEST_ENCODING_VALUE = true; + private static final boolean DEFAULT_SET_RESPONSE_ENCODING_VALUE = false; + private static final boolean DEFAULT_FORCE_RESPONSE_ENCODING_VALUE = false; + + private Logger log = Logger.getLogger(getClass().getName()); + + private String encoding = null; + + private boolean setRequestEncoding; + private boolean forceRequestEncoding; + + private boolean setResponseEncoding; + private boolean forceResponseEncoding; + + private boolean enabled = false; + + private boolean parseBooleanInitParameter(final FilterConfig filterConfig, String parameterName, boolean defaultValue) { + String paramValue = filterConfig.getInitParameter(parameterName); + if (paramValue == null) { + return defaultValue; + } + paramValue = paramValue.trim(); + if (paramValue.equalsIgnoreCase("true")) { + return true; + } else if (paramValue.equalsIgnoreCase("false")){ + return false; + } else { + log.warn("Unknown value \"" + paramValue + "\" for init parameter \"" + parameterName + "\" detected. Should be \"true\" or \"false\". Using default value \"" + defaultValue + "\"."); + return defaultValue; + } + } + + public void init(final FilterConfig filterConfig) throws ServletException { + log.debug("Initializing encoding filter (" + getClass().getName() + ")."); + + // mandatory parameter encoding + String desiredEncoding = filterConfig.getInitParameter(SERVLET_INIT_PARAM_ENCODING); + if (StringUtils.isEmpty(desiredEncoding)) { + log.warn("Unable to initialize encoding filter (" + getClass().getName() + "). Init parameter \"" + SERVLET_INIT_PARAM_ENCODING + "\" empty or not supplied."); + } else if (!Charset.isSupported(desiredEncoding)) { + log.warn("Unable to initialize encoding filter (" + getClass().getName() + "). Encoding \"" + desiredEncoding + "\" is not supported."); + } else { + this.encoding = desiredEncoding; + this.enabled = true; + this.setRequestEncoding = this.parseBooleanInitParameter(filterConfig, SERVLET_INIT_PARAM_SET_REQUEST_ENCODING, DEFAULT_SET_REQUEST_ENCODING_VALUE); + this.forceRequestEncoding = this.parseBooleanInitParameter(filterConfig, SERVLET_INIT_PARAM_FORCE_REQUEST_ENCODING, DEFAULT_FORCE_REQUEST_ENCODING_VALUE); + this.setResponseEncoding = this.parseBooleanInitParameter(filterConfig, SERVLET_INIT_PARAM_SET_RESPONSE_ENCODING, DEFAULT_SET_RESPONSE_ENCODING_VALUE); + this.forceResponseEncoding = this.parseBooleanInitParameter(filterConfig, SERVLET_INIT_PARAM_FORCE_RESPONSE_ENCODING, DEFAULT_FORCE_RESPONSE_ENCODING_VALUE); + log.debug("Encoding filter \"" + getClass().getName() + "\" configured: " + this.toString(true)); + + } + } + + public String toString(boolean verbose) { + if (verbose) { + return new ToStringBuilder(this) + .append(SERVLET_INIT_PARAM_ENCODING, this.encoding) + .append(SERVLET_INIT_PARAM_SET_REQUEST_ENCODING, this.setRequestEncoding) + .append(SERVLET_INIT_PARAM_FORCE_REQUEST_ENCODING, this.forceRequestEncoding) + .append(SERVLET_INIT_PARAM_SET_RESPONSE_ENCODING, this.setResponseEncoding) + .append(SERVLET_INIT_PARAM_FORCE_RESPONSE_ENCODING, this.forceResponseEncoding) + .toString(); + } else { + return super.toString(); + } + } + + public void doFilter(ServletRequest request, ServletResponse response, final FilterChain filterChain) throws IOException, ServletException { + if (this.enabled) { + if (this.setRequestEncoding) { + if (this.forceRequestEncoding) { + log.trace("Forcing request encoding \"" + this.encoding + "\"."); + request.setCharacterEncoding(this.encoding); + } else if (request.getCharacterEncoding() == null) { + log.trace("Request character encoding not set. Setting to \"" + this.encoding + "\"."); + request.setCharacterEncoding(this.encoding); + } + } + if (this.setResponseEncoding) { + if (this.forceResponseEncoding) { + log.trace("Forcing response encoding \"" + this.encoding + "\"."); + response.setCharacterEncoding(this.encoding); + } else if (response.getCharacterEncoding() == null) { + log.trace("Response character encoding not set. Setting to \"" + this.encoding + "\"."); + response.setCharacterEncoding(this.encoding); + } + } + } + filterChain.doFilter(request, response); + } + + public void destroy() { + } +} diff --git a/id/ConfigWebTool/src/main/webapp/WEB-INF/web.xml b/id/ConfigWebTool/src/main/webapp/WEB-INF/web.xml index a44cf8ce5..b55e97f23 100644 --- a/id/ConfigWebTool/src/main/webapp/WEB-INF/web.xml +++ b/id/ConfigWebTool/src/main/webapp/WEB-INF/web.xml @@ -46,7 +46,7 @@ EncodingFilter - at.iaik.commons.webapp.filter.encoding.EncodingFilter + at.gv.egovernment.moa.id.configuration.filter.EncodingFilter encoding UTF-8 -- cgit v1.2.3 From 07e74546f01f69545b77518e0e651b43a4e04e91 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Wed, 2 Apr 2014 12:00:26 +0200 Subject: Add language parameter to Configtool defaultconfig and handbook --- .../deploy/conf/moa-id-configuration/moa-id-configtool.properties | 2 ++ id/server/doc/handbook/config/config.html | 6 ++++++ 2 files changed, 8 insertions(+) (limited to 'id') diff --git a/id/server/data/deploy/conf/moa-id-configuration/moa-id-configtool.properties b/id/server/data/deploy/conf/moa-id-configuration/moa-id-configtool.properties index 2bb9cb005..05b5fbdef 100644 --- a/id/server/data/deploy/conf/moa-id-configuration/moa-id-configtool.properties +++ b/id/server/data/deploy/conf/moa-id-configuration/moa-id-configtool.properties @@ -2,6 +2,8 @@ general.login.deaktivate=false general.publicURLContext=https://localhost:8443/moa-id-configuration +general.defaultlanguage=de + ##Mail general.mail.host=smtp.localhost... #general.mail.host.port= diff --git a/id/server/doc/handbook/config/config.html b/id/server/doc/handbook/config/config.html index c704e85d1..ddbe1ac37 100644 --- a/id/server/doc/handbook/config/config.html +++ b/id/server/doc/handbook/config/config.html @@ -199,6 +199,12 @@ https:/demo.egiz.gv.at/moa-id-auth/ Public URL Prefix unter dem die zu konfigurierende MOA-ID-Auth Instanz erreichbar ist + + general.defaultlanguage + de, en +

Hiermit kann die Sprache, welche für die Darstellung der Texte verwendet wird, festgelegt werden.

+

Hinweis: Aktuell wird nur Deutsch (de) oder Englisch (en) unterstützt.

+ general.userrequests.cleanup.delay 18 -- cgit v1.2.3