From 8de3af116a8f306a6a7690e6c6f0c9b0e88b9c67 Mon Sep 17 00:00:00 2001
From: Andreas Fitzek
Date: Thu, 25 Apr 2013 16:24:18 +0200
Subject: Redesigned Dispatcher system to actions
---
.../moa/id/auth/MOAIDAuthInitializer.java | 2 +-
.../builder/CreateXMLSignatureRequestBuilder.java | 20 +-
.../CreateXMLSignatureRequestBuilderForeign.java | 14 +-
.../auth/builder/GetIdentityLinkFormBuilder.java | 14 +-
.../auth/servlet/StartAuthenticationServlet.java | 14 +-
.../CreateXMLSignatureResponseValidator.java | 2 +-
.../validator/parep/ParepInputProcessorImpl.java | 10 +-
.../moa/id/auth/validator/parep/ParepUtils.java | 2 +-
.../id/auth/validator/parep/ParepValidator.java | 42 +--
.../moa/id/config/TargetsAndSectorNames.java | 84 +++---
.../id/config/proxy/ProxyConfigurationBuilder.java | 4 +-
.../moa/id/entrypoints/AuthDispatcherServlet.java | 53 +++-
.../moa/id/entrypoints/DispatcherServlet.java | 322 +++++++++++++--------
.../moa/id/moduls/AuthenticationManager.java | 49 +++-
.../at/gv/egovernment/moa/id/moduls/IAction.java | 11 +
.../gv/egovernment/moa/id/moduls/IModulInfo.java | 4 +-
.../at/gv/egovernment/moa/id/moduls/IRequest.java | 2 +
.../gv/egovernment/moa/id/moduls/ModulUtils.java | 12 +-
.../id/moduls/NoPassivAuthenticationException.java | 16 +
.../egovernment/moa/id/moduls/RequestStorage.java | 28 ++
.../id/protocols/pvp2x/AuthenticationAction.java | 21 ++
.../moa/id/protocols/pvp2x/PVP2XProtocol.java | 36 ++-
.../moa/id/protocols/pvp2x/utils/SAML2Utils.java | 25 ++
.../moa/id/protocols/saml1/GetArtifactAction.java | 127 ++++++++
.../moa/id/protocols/saml1/SAML1Protocol.java | 10 +
.../moa/id/proxy/DefaultConnectionBuilder.java | 4 +-
.../moa/id/proxy/ElakConnectionBuilder.java | 4 +-
.../moa/id/proxy/EnhancedConnectionBuilder.java | 4 +-
.../parser/AuthenticationDataAssertionParser.java | 2 +-
.../moa/id/proxy/servlet/ProxyServlet.java | 4 +-
.../egovernment/moa/id/util/HTTPSessionUtils.java | 29 ++
.../at/gv/egovernment/moa/id/util/SSLUtils.java | 2 +-
.../moa/id/util/client/mis/simple/MISMandate.java | 8 +-
33 files changed, 709 insertions(+), 272 deletions(-)
create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IAction.java
create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/NoPassivAuthenticationException.java
create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestStorage.java
create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AuthenticationAction.java
create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/SAML2Utils.java
create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java
(limited to 'id')
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
index cf5615a13..8279b28d8 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
@@ -93,7 +93,7 @@ public class MOAIDAuthInitializer {
// Mapping OpenSSL - Java
// OpenSSL Java
// http://www.openssl.org/docs/apps/ciphers.html http://docs.oracle.com/javase/6/docs/technotes/guides/security/SunProviders.html
-// via “openssl ciphers -tls1 HIGH –v”
+// via !openssl ciphers -tls1 HIGH !v!
//
// ADH-AES256-SHA TLS_DH_anon_WITH_AES_256_CBC_SHA
// DHE-RSA-AES256-SHA TLS_DHE_RSA_WITH_AES_256_CBC_SHA
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java
index 2da7db2b2..245ab206d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java
@@ -180,8 +180,8 @@ public class CreateXMLSignatureRequestBuilder implements Constants {
// request += "";
request += "";
request += "";
- request += "Anmeldedaten für (Requesting Application Access for):
";
- request += "Persönliche Daten (Personal Data)
";
+ request += "Anmeldedaten für (Requesting Application Access for):
";
+ request += "Persönliche Daten (Personal Data)
";
request += "";
request += "";
request += "Name: | ";
@@ -201,7 +201,7 @@ public class CreateXMLSignatureRequestBuilder implements Constants {
request += "
";
request += "";
request += "Land (Country): | ";
- request += "Österreich (Austria) | ";
+ request += "Österreich (Austria) | ";
request += "
";
request += "
";
request += "Technische Parameter (Technical Parameters)
";
@@ -253,14 +253,14 @@ public class CreateXMLSignatureRequestBuilder implements Constants {
request += "";
request += "";
- request += "Mit der Anmeldung erfolgt eine Abfrage des Ergänzungsregister für " +
- "natürliche Personen (ERnP), damit ich meinen elektronischen " +
- "Identitätsnachweis (meine elektronische Identitätskarte) unmittelbar " +
- "als Österreichische Bürgerkarte verwenden kann. Ich bin nicht im " +
+ request += "
Mit der Anmeldung erfolgt eine Abfrage des Ergänzungsregister für " +
+ "natürliche Personen (ERnP), damit ich meinen elektronischen " +
+ "Identitätsnachweis (meine elektronische Identitätskarte) unmittelbar " +
+ "als Österreichische Bürgerkarte verwenden kann. Ich bin nicht im " +
"Zentralen Melderegister eingetragen und stimme, sofern ich nicht im " +
"ERnP eingetragen bin, einer Eintragung ins ERnP zu. Ich nehme zur " +
- "Kenntnis, dass die Eintragung ins ERnP ausschließlich der Aufzeichnung " +
- "jener Daten, die für die eindeutige Identität notwendig sind, dient.
";
+ "Kenntnis, dass die Eintragung ins ERnP ausschließlich der Aufzeichnung " +
+ "jener Daten, die für die eindeutige Identität notwendig sind, dient.
";
request += "I affirm that I am not registered with the Austrian Central " +
"Register of Residents or the Supplementary Register for Natural Persons. I therefore " +
@@ -277,7 +277,7 @@ public class CreateXMLSignatureRequestBuilder implements Constants {
// "Residents Registry and that I am not obliged to register with the Austrian " +
// "Central Residents Registry according to Austrian law.
" +
// "In the event I am not yet registered with the Supplementary Register, I " +
-// "explicitly grant to do so according to §6 (5) E-Government Act (EGovG, idF: " +
+// "explicitly grant to do so according to §6 (5) E-Government Act (EGovG, idF: " +
// "BGBl. I Nr. 7/2008 und BGBl. I Nr. 59/2008).
";
request += "";
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilderForeign.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilderForeign.java
index 6368713db..650f1578d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilderForeign.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilderForeign.java
@@ -123,19 +123,19 @@ public class CreateXMLSignatureRequestBuilderForeign extends Builder {
out.write("<");
else if (ch == '>')
out.write(">");
- else if (ch == 'ä')
+ else if (ch == 'ä')
out.write("ä");
- else if (ch == 'ö')
+ else if (ch == 'ö')
out.write("ö");
- else if (ch == 'ü')
+ else if (ch == 'ü')
out.write("ü");
- else if (ch == 'Ä')
+ else if (ch == 'Ä')
out.write("Ä");
- else if (ch == 'Ö')
+ else if (ch == 'Ö')
out.write("Ö");
- else if (ch == 'Ü')
+ else if (ch == 'Ü')
out.write("Ü");
- else if (ch == 'ß')
+ else if (ch == 'ß')
out.write("ß");
else
out.write(ch);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java
index d40cd1909..bd8d52031 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java
@@ -154,19 +154,19 @@ public class GetIdentityLinkFormBuilder extends Builder {
out.write("<");
else if (ch == '>')
out.write(">");
- else if (ch == 'ä')
+ else if (ch == 'ä')
out.write("ä");
- else if (ch == 'ö')
+ else if (ch == 'ö')
out.write("ö");
- else if (ch == 'ü')
+ else if (ch == 'ü')
out.write("ü");
- else if (ch == 'Ä')
+ else if (ch == 'Ä')
out.write("Ä");
- else if (ch == 'Ö')
+ else if (ch == 'Ö')
out.write("Ö");
- else if (ch == 'Ü')
+ else if (ch == 'Ü')
out.write("Ü");
- else if (ch == 'ß')
+ else if (ch == 'ß')
out.write("ß");
else
out.write(ch);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/StartAuthenticationServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/StartAuthenticationServlet.java
index 029aeadc2..2133d0455 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/StartAuthenticationServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/StartAuthenticationServlet.java
@@ -32,6 +32,7 @@ import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
import javax.swing.text.StyleContext.SmallAttributeSet;
import org.apache.commons.lang.StringEscapeUtils;
@@ -47,6 +48,8 @@ import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
import at.gv.egovernment.moa.id.config.stork.CPEPS;
import at.gv.egovernment.moa.id.config.stork.STORKConfig;
+import at.gv.egovernment.moa.id.moduls.IRequest;
+import at.gv.egovernment.moa.id.moduls.RequestStorage;
import at.gv.egovernment.moa.id.protocols.saml1.SAML1Protocol;
import at.gv.egovernment.moa.id.util.HTTPUtils;
import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
@@ -98,6 +101,8 @@ public class StartAuthenticationServlet extends AuthServlet {
}
authURL = authURL.concat(req.getContextPath() + "/");
+ HttpSession httpSession = req.getSession();
+
String target = req.getParameter(PARAM_TARGET);
String sourceID = req.getParameter(PARAM_SOURCEID);
String oaURL = req.getParameter(PARAM_OA);
@@ -106,8 +111,11 @@ public class StartAuthenticationServlet extends AuthServlet {
String sessionID = req.getParameter(PARAM_SESSIONID);
String useMandate = req.getParameter(PARAM_USEMANDATE);
String ccc = req.getParameter(PARAM_CCC);
- String modul = req.getParameter(PARAM_MODUL);
- String action = req.getParameter(PARAM_ACTION);
+
+ IRequest request = RequestStorage.getPendingRequest(httpSession);
+
+ String modul = request.requestedModule();//req.getParameter(PARAM_MODUL);
+ String action = request.requestedAction();//req.getParameter(PARAM_ACTION);
// escape parameter strings
//TODO: use URLEncoder.encode!!
@@ -150,6 +158,8 @@ public class StartAuthenticationServlet extends AuthServlet {
action = SAML1Protocol.GETARTIFACT;
}
+ Logger.info("Start Authentication Module: " + modul + " Action: " + action);
+
OAAuthParameter oaParam =
AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(oaURL);
if (oaParam == null)
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java
index dfad29e50..8d2f95cce 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java
@@ -208,7 +208,7 @@ public class CreateXMLSignatureResponseValidator {
}
if (samlAttribute.getNamespace().equals("http://reference.e-government.gv.at/namespace/moa/20020822#")) {
foundOA = true;
- if (!oaURL.equals((String)samlAttribute.getValue())) { // CHECKS für die AttributeVALUES fehlen noch
+ if (!oaURL.equals((String)samlAttribute.getValue())) { // CHECKS für die AttributeVALUES fehlen noch
throw new ValidateException("validator.16", new Object[] {":gefunden wurde '" + oaURL + "', erwartet wurde '" + samlAttribute.getValue()});
}
} else {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepInputProcessorImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepInputProcessorImpl.java
index 576d9c358..88c4a8feb 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepInputProcessorImpl.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepInputProcessorImpl.java
@@ -168,9 +168,9 @@ public class ParepInputProcessorImpl implements ParepInputProcessor{
if (!locErrortext.endsWith(": ")) locErrortext = locErrortext + ", ";
locErrortext = locErrortext + "Vorname";
}
- // Auf existierendes Datum prüfen
+ // Auf existierendes Datum prüfen
SimpleDateFormat format = new SimpleDateFormat("yyyy-MM-dd");
- format.setLenient(false); // Wir wollen keine künstliche Pareserintelligenz, nur Datum prüfen
+ format.setLenient(false); // Wir wollen keine künstliche Pareserintelligenz, nur Datum prüfen
try {
format.parse(dateOfBirth);
}
@@ -192,7 +192,7 @@ public class ParepInputProcessorImpl implements ParepInputProcessor{
}
if (ParepUtils.isEmpty(cbIdentificationValue)) {
if (!locErrortext.endsWith("fehlen: ")) locErrortext = locErrortext + ", ";
- locErrortext = locErrortext + "Ordnungsnummer im ausgewählten Register";
+ locErrortext = locErrortext + "Ordnungsnummer im ausgewählten Register";
}
}
}
@@ -200,7 +200,7 @@ public class ParepInputProcessorImpl implements ParepInputProcessor{
request.setMandator(familyName, givenName, dateOfBirth, postalCode, municipality, streetName, buildingNumber, unit, physical, cbFullName,
cbIdentificationType, cbIdentificationValue);
if (formNecessary) {
- // Daten noch nicht vollständig oder anderer Fehler
+ // Daten noch nicht vollständig oder anderer Fehler
if (locErrortext.endsWith("fehlen: ")) locErrortext ="";
String error = "";
if (!ParepUtils.isEmpty(extErrortext)) {
@@ -293,7 +293,7 @@ public class ParepInputProcessorImpl implements ParepInputProcessor{
form = ParepUtils.replaceAll(form, "", rpDateOfBirth.substring(0,4));
form = ParepUtils.replaceAll(form, "", rpDateOfBirth.substring(5,7));
form = ParepUtils.replaceAll(form, "", rpDateOfBirth.substring(8,10));
- //darf zw. phys. und jur. Person gewählt werden:
+ //darf zw. phys. und jur. Person gewählt werden:
//form = replaceAll(form, "seldisabled=\"\"", reducedSelection ? "disabled=\"true\"" : "");
form = ParepUtils.replaceAll(form, "physdisabled=\"\"", physEnabled ? "" : "disabled=\"true\"");
form = ParepUtils.replaceAll(form, "physselected=\"\"", physical ? "checked=\"checked\"" : "");
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepUtils.java
index 5eeaa5d3d..ab7a134c8 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepUtils.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepUtils.java
@@ -650,7 +650,7 @@ public class ParepUtils {
if (ParepUtils.isEmpty(register)) return null;
if (register.equals("FN") || register.equals("XFN")) return "Firmenbuchnummer";
if (register.equals("VR") || register.equals("XZVR") || register.equals("XVR") || register.equals("ZVR")) return "Nummer im Vereinsregister";
- if (register.equals("ERSB") || register.equals("XERSB")) return "Nummer im Ergänzungsregister für sonstige Betroffene";
+ if (register.equals("ERSB") || register.equals("XERSB")) return "Nummer im Ergänzungsregister für sonstige Betroffene";
return null;
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepValidator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepValidator.java
index 7bd6f5e28..735117094 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepValidator.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepValidator.java
@@ -88,7 +88,7 @@ public class ParepValidator implements InfoboxValidator {
private String form = null;
/** unspecified error of parep-validator (must not know more about)*/
- private final static String COMMON_ERROR = "Es ist ein Fehler bei der Überprüfung für berufsmäßige Parteienvetretung aufgetreten";
+ private final static String COMMON_ERROR = "Es ist ein Fehler bei der �berpr�fung f�r berufsm��ige Parteienvetretung aufgetreten";
/** Default class to gather remaining mandator data. */
public final static String PAREP_INPUT_PROCESSOR = "at.gv.egovernment.moa.id.auth.validator.parep.ParepInputProcessorImpl";
@@ -97,7 +97,7 @@ public class ParepValidator implements InfoboxValidator {
public final static String PAREP_INPUT_TEMPLATE = "/resources/templates/ParepMinTemplate.html";
/** kind of representation text in AUTH block*/
- public final static String STANDARD_REPRESENTATION_TEXT = "berufsmäßige(r) Parteienvertreter(in)";
+ public final static String STANDARD_REPRESENTATION_TEXT = "berufsm��ige(r) Parteienvertreter(in)";
/** Names of the produced SAML-attributes. */
public final static String EXT_SAML_MANDATE_RAW = "Mandate";
@@ -141,7 +141,7 @@ public class ParepValidator implements InfoboxValidator {
InfoboxValidationResultImpl validationResult = new InfoboxValidationResultImpl(false, null, null);
try {
- Logger.debug("Starte Organwalter-/berufsmäßige Parteienvertreterprüfung.");
+ Logger.debug("Starte Organwalter-/berufsmäßige Parteienvertreterprüfung.");
this.params = params;
Element mandate = extractPrimaryToken(this.params.getInfoboxTokenList());
@@ -152,7 +152,7 @@ public class ParepValidator implements InfoboxValidator {
return validationResult;
}
- // Überprüfen der Identifikation (Type/Value).
+ // überprüfen der Identifikation (Type/Value).
String identificationType = this.params.getIdentificationType();
String identificationValue = this.params.getIdentificationValue();
if (this.params.getBusinessApplication()) {
@@ -165,9 +165,9 @@ public class ParepValidator implements InfoboxValidator {
}
} else {
if (representationID.startsWith(MOAIDAuthConstants.PARTY_ORGAN_REPRESENTATION_OID_NUMBER)) {
- //Für Organwalter wird die Stammzahl zur Berechnung der Organwalter-bPK benötigt
+ //Für Organwalter wird die Stammzahl zur Berechnung der Organwalter-bPK benötigt
if (!Constants.URN_PREFIX_BASEID.equals(this.params.getIdentificationType())) {
- Logger.error("Für eine Vertretung durch Organwalter ist es notwendig dessen Stammzahl an das Stammzahlenregister-Gateway zu übermitteln. In der MOA-ID Konfiguration muss die Übermittlung Stammzahl aktiviert sein.");
+ Logger.error("Für eine Vertretung durch Organwalter ist es notwendig dessen Stammzahl an das Stammzahlenregister-Gateway zu �bermitteln. In der MOA-ID Konfiguration muss die �bermittlung Stammzahl aktiviert sein.");
validationResult.setErrorMessage("Die standardisierte Vollmacht wird von diesem Server nicht akzeptiert.");
return validationResult;
} else {
@@ -179,7 +179,7 @@ public class ParepValidator implements InfoboxValidator {
identificationType = Constants.URN_PREFIX_CDID;
String bpkBase64 = new BPKBuilder().buildBPK(this.params.getIdentificationValue(), this.params.getTarget());
identificationValue = bpkBase64;
- Logger.debug("bPK für Parteienvertreter wurde berechnet. Parteienvertreter wird mit bPK identifiziert");
+ Logger.debug("bPK für Parteienvertreter wurde berechnet. Parteienvertreter wird mit bPK identifiziert");
} else {
Logger.debug("Parteienvertreter wird mit bPK identifiziert");
}
@@ -189,7 +189,7 @@ public class ParepValidator implements InfoboxValidator {
Configure(this.params.getApplicationSpecificParams());
// check if we have a configured party representative for that
if (!parepConfiguration.isPartyRepresentative(representationID)) {
- Logger.info("Kein berufsmäßiger Parteienvertreter für MandateID \"" + representationID + "\" konfiguriert.");
+ Logger.info("Kein berufsmäßiger Parteienvertreter für MandateID \"" + representationID + "\" konfiguriert.");
validationResult.setErrorMessage("Die standardisierte Vollmacht wird von diesem Server nicht akzeptiert.");
return validationResult;
}
@@ -200,7 +200,7 @@ public class ParepValidator implements InfoboxValidator {
// ParepUtils.serializeElement(request.getRepresentative(), System.out);
//ParepUtils.saveElementToFile(request.getRepresentative(), new File("c:/representative.xml"));
- Logger.debug("Prüfe vorausgefüllte Daten...");
+ Logger.debug("Prüfe vorausgefüllte Daten...");
boolean physical = true;
String familyName = "";
String givenName = "";
@@ -239,7 +239,7 @@ public class ParepValidator implements InfoboxValidator {
}
if (physical) {
if (!parepConfiguration.isRepresentingPhysicalParty(representationID)) {
- validationResult.setErrorMessage("Vertretung von natürlichen Personen für diese standardisierte Vollmacht nicht erlaubt.");
+ validationResult.setErrorMessage("Vertretung von natürlichen Personen für diese standardisierte Vollmacht nicht erlaubt.");
return validationResult;
}
if (ParepUtils.isEmpty(familyName) || ParepUtils.isEmpty(givenName) || ParepUtils.isEmpty(dateOfBirth)) {
@@ -247,7 +247,7 @@ public class ParepValidator implements InfoboxValidator {
}
} else {
if (!parepConfiguration.isRepresentingCorporateParty(representationID)) {
- validationResult.setErrorMessage("Vertretung von juristischen Personen für diese standardisierte Vollmacht nicht erlaubt.");
+ validationResult.setErrorMessage("Vertretung von juristischen Personen für diese standardisierte Vollmacht nicht erlaubt.");
return validationResult;
}
if (ParepUtils.isEmpty(cbFullName) || ParepUtils.isEmpty(cbIdentificationType) || ParepUtils.isEmpty(cbIdentificationValue)) {
@@ -255,7 +255,7 @@ public class ParepValidator implements InfoboxValidator {
}
}
- //Zeigen wir, dass die Daten übernommen wurden:
+ //Zeigen wir, dass die Daten �bernommen wurden:
if (parepConfiguration.isAlwaysShowForm()) formNecessary=true;
// Input processor
@@ -281,7 +281,7 @@ public class ParepValidator implements InfoboxValidator {
addAuthBlockExtendedSamlAttributes();
validationResult.setExtendedSamlAttributes(getExtendedSamlAttributes());
- Logger.debug("Überprüfung der vertretenen Partei erfolgreich beendet");
+ Logger.debug("�berpr�fung der vertretenen Partei erfolgreich beendet");
validationResult.setValid(true);
return validationResult;
} catch (Exception e) {
@@ -300,8 +300,8 @@ public class ParepValidator implements InfoboxValidator {
public InfoboxValidationResult validate(Map parameters) throws ValidateException {
InfoboxValidationResultImpl validationResult = new InfoboxValidationResultImpl(false, null, null);
- Logger.debug("Intermediate processing von Organwalter-/berufsmäßige Parteienvertreterprüfung");
- Logger.debug("Prüfe im Formular ausgefüllte Daten...");
+ Logger.debug("Intermediate processing von Organwalter-/berufsmäßige Parteienvertreterprüfung");
+ Logger.debug("Prüfe im Formular ausgefüllte Daten...");
if (PAREP_DEBUG) Logger.debug("Got parameters from user input form: " + parameters.toString());
// Input processor
@@ -315,7 +315,7 @@ public class ParepValidator implements InfoboxValidator {
addAuthBlockExtendedSamlAttributes();
validationResult.setExtendedSamlAttributes(getExtendedSamlAttributes());
validationResult.setValid(true);
- Logger.debug("Intermediate processing von Organwalter-/berufsmäßige Parteienvertreterprüfung erfolgreich beendet");
+ Logger.debug("Intermediate processing von Organwalter-/berufsmäßige Parteienvertreterprüfung erfolgreich beendet");
return validationResult;
}
@@ -327,7 +327,7 @@ public class ParepValidator implements InfoboxValidator {
public InfoboxValidationResult validate(Element samlAssertion) throws ValidateException {
InfoboxValidationResultImpl validationResult = new InfoboxValidationResultImpl(false, null, null);
- Logger.debug("Post processing von Organwalter-/berufsmäßige Parteienvertreterprüfung");
+ Logger.debug("Post processing von Organwalter-/berufsm��ige Parteienvertreterpr�fung");
this.form = "";
try {
@@ -341,9 +341,9 @@ public class ParepValidator implements InfoboxValidator {
// if (true) {
// if (this.params.getHideStammzahl()) {
// if (PAREP_DEBUG) ParepUtils.saveElementToFile(mandate, new File("c:/vertetervollmacht_"+ id +"_origin.xml"));
-// // Achtung: Es wird hier nicht spezifikationskonform vorgegangen, damit im Kompatibilitätsmodus Personendaten ersetzt werden können.
-// // Würden die Stammzahlen gelöscht (geblindet) werden, würde der Identifikationswert des Vertretenen gänzlich fehlen.
-// // Im Falle einen business Anwendung berechnet MOA-ID nach Rückkehr das wbPK
+// // Achtung: Es wird hier nicht spezifikationskonform vorgegangen, damit im Kompatibilit�tsmodus Personendaten ersetzt werden k�nnen.
+// // W�rden die Stammzahlen gel�scht (geblindet) werden, w�rde der Identifikationswert des Vertretenen g�nzlich fehlen.
+// // Im Falle einen business Anwendung berechnet MOA-ID nach R�ckkehr das wbPK
// ParepUtils.HideStammZahlen(mandate, this.params.getBusinessApplication(), this.params.getTarget(), this.params.getDomainIdentifier(), false);
// }
// if (PAREP_DEBUG) ParepUtils.saveElementToFile(mandate, new File("c:/vertetervollmacht_"+ id +".xml"));
@@ -403,7 +403,7 @@ public class ParepValidator implements InfoboxValidator {
validationResult.setExtendedSamlAttributes(getExtendedSamlAttributes());
validationResult.setValid(true);
- Logger.debug("Post processing von Organwalter-/berufsmäßige Parteienvertreterprüfung erfolgreich beendet");
+ Logger.debug("Post processing von Organwalter-/berufsm��ige Parteienvertreterpr�fung erfolgreich beendet");
} else {
String errorMsg = "Fehler " + response.getResultCode() + " bei Stammzahlenregister-Gateway Anfrage";
String responseInfo = response.getInfo();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/TargetsAndSectorNames.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/TargetsAndSectorNames.java
index 1fe8f13b6..a2962e4b2 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/TargetsAndSectorNames.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/TargetsAndSectorNames.java
@@ -30,7 +30,7 @@ package at.gv.egovernment.moa.id.config;
/**
* This interface contains all actual possible targets in Austria (shortcuts and friendly names)
- * Bereichskennung and Tätigkeitsbereich
+ * Bereichskennung and T�tigkeitsbereich
* @author bzwattendorfer
*
*/
@@ -38,178 +38,178 @@ public interface TargetsAndSectorNames {
/** Bereichskennung AR */
public static String TARGET_AR = "AR";
- /** Tätigkeitsbereich AR */
+ /** Tätigkeitsbereich AR */
public static String TARGET_AR_SECTOR = "Arbeit";
/** Bereichskennung AS */
public static String TARGET_AS = "AS";
- /** Tätigkeitsbereich AS */
+ /** Tätigkeitsbereich AS */
public static String TARGET_AS_SECTOR = "Amtliche Statistik";
/** Bereichskennung BF */
public static String TARGET_BF = "BF";
- /** Tätigkeitsbereich BF */
+ /** Tätigkeitsbereich BF */
public static String TARGET_BF_SECTOR = "Bildung und Forschung";
/** Bereichskennung BW */
public static String TARGET_BW = "BW";
- /** Tätigkeitsbereich BW */
+ /** Tätigkeitsbereich BW */
public static String TARGET_BW_SECTOR = "Bauen und Wohnen";
/** Bereichskennung EA */
public static String TARGET_EA = "EA";
- /** Tätigkeitsbereich EA */
- public static String TARGET_EA_SECTOR = "EU und Auswärtige Angelegenheiten";
+ /** Tätigkeitsbereich EA */
+ public static String TARGET_EA_SECTOR = "EU und Auswärtige Angelegenheiten";
/** Bereichskennung EF */
public static String TARGET_EF = "EF";
- /** Tätigkeitsbereich EF */
+ /** Tätigkeitsbereich EF */
public static String TARGET_EF_SECTOR = "Ein- und Ausfuhr";
/** Bereichskennung GH */
public static String TARGET_GH = "GH";
- /** Tätigkeitsbereich GH */
+ /** Tätigkeitsbereich GH */
public static String TARGET_GH_SECTOR = "Gesundheit";
/** Bereichskennung GS */
public static String TARGET_GS = "GS";
- /** Tätigkeitsbereich GS */
+ /** Tätigkeitsbereich GS */
public static String TARGET_GS_SECTOR = "Gesellschaft und Soziales";
/** Bereichskennung GS-RE */
public static String TARGET_GS_RE = "GS-RE";
- /** Tätigkeitsbereich GS-RE */
+ /** Tätigkeitsbereich GS-RE */
public static String TARGET_GS_RE_SECTOR = "Restitution";
/** Bereichskennung JR */
public static String TARGET_JR = "JR";
- /** Tätigkeitsbereich JR */
+ /** Tätigkeitsbereich JR */
public static String TARGET_JR_SECTOR = "Justiz/Zivilrechtswesen";
/** Bereichskennung KL */
public static String TARGET_KL = "KL";
- /** Tätigkeitsbereich KL */
+ /** Tätigkeitsbereich KL */
public static String TARGET_KL_SECTOR = "Kultus";
/** Bereichskennung KU */
public static String TARGET_KU = "KU";
- /** Tätigkeitsbereich KU */
+ /** Tätigkeitsbereich KU */
public static String TARGET_KU_SECTOR = "Kunst und Kultur";
/** Bereichskennung LF */
public static String TARGET_LF = "LF";
- /** Tätigkeitsbereich LF */
+ /** Tätigkeitsbereich LF */
public static String TARGET_LF_SECTOR = "Land- und Forstwirtschaft";
/** Bereichskennung LV */
public static String TARGET_LV = "LV";
- /** Tätigkeitsbereich LV */
+ /** Tätigkeitsbereich LV */
public static String TARGET_LV_SECTOR = "Landesverteidigung";
/** Bereichskennung RT */
public static String TARGET_RT = "RT";
- /** Tätigkeitsbereich RT */
+ /** Tätigkeitsbereich RT */
public static String TARGET_RT_SECTOR = "Rundfunk und sonstige " +
"Medien sowie Telekommunikation";
/** Bereichskennung SA */
public static String TARGET_SA = "SA";
- /** Tätigkeitsbereich SA */
+ /** Tätigkeitsbereich SA */
public static String TARGET_SA_SECTOR = "Steuern und Abgaben";
/** Bereichskennung SF */
public static String TARGET_SF = "SF";
- /** Tätigkeitsbereich SF */
+ /** Tätigkeitsbereich SF */
public static String TARGET_SF_SECTOR = "Sport und Freizeit";
/** Bereichskennung SO */
public static String TARGET_SO = "SO";
- /** Tätigkeitsbereich SO */
+ /** Tätigkeitsbereich SO */
public static String TARGET_SO_SECTOR = "Sicherheit und Ordnung";
/** Bereichskennung SO-VR */
public static String TARGET_SO_VR = "SO-VR";
- /** Tätigkeitsbereich SO-VR */
+ /** Tätigkeitsbereich SO-VR */
public static String TARGET_SO_VR_SECTOR = "Vereinsregister";
/** Bereichskennung SR-RG */
public static String TARGET_SR_RG = "SR-RG";
- /** Tätigkeitsbereich SR-RG */
+ /** Tätigkeitsbereich SR-RG */
public static String TARGET_SR_RG_SECTOR = "Strafregister";
/** Bereichskennung SV */
public static String TARGET_SV = "SV";
- /** Tätigkeitsbereich SV */
+ /** Tätigkeitsbereich SV */
public static String TARGET_SV_SECTOR = "Sozialversicherung";
/** Bereichskennung UW */
public static String TARGET_UW = "UW";
- /** Tätigkeitsbereich UW */
+ /** Tätigkeitsbereich UW */
public static String TARGET_UW_SECTOR = "Umwelt";
/** Bereichskennung VT */
public static String TARGET_VT = "VT";
- /** Tätigkeitsbereich VT */
+ /** Tätigkeitsbereich VT */
public static String TARGET_VT_SECTOR = "Verkehr und Technik";
/** Bereichskennung VV */
public static String TARGET_VV = "VV";
- /** Tätigkeitsbereich VV */
- public static String TARGET_VV_SECTOR = "Vermögensverwaltung";
+ /** Tätigkeitsbereich VV */
+ public static String TARGET_VV_SECTOR = "Vermögensverwaltung";
/** Bereichskennung WT */
public static String TARGET_WT = "WT";
- /** Tätigkeitsbereich WT */
+ /** Tätigkeitsbereich WT */
public static String TARGET_WT_SECTOR = "Wirtschaft";
/** Bereichskennung ZP */
public static String TARGET_ZP = "ZP";
- /** Tätigkeitsbereich ZP */
- public static String TARGET_ZP_SECTOR = "Personenidentität und Bürgerrechte (zur Person)";
+ /** Tätigkeitsbereich ZP */
+ public static String TARGET_ZP_SECTOR = "Personenidentität und Bürgerrechte (zur Person)";
/** Bereichskennung BR */
public static String TARGET_BR = "BR";
- /** Tätigkeitsbereich BR */
- public static String TARGET_BR_SECTOR = "Bereichsübergreifender Rechtsschutz";
+ /** Tätigkeitsbereich BR */
+ public static String TARGET_BR_SECTOR = "Bereichsübergreifender Rechtsschutz";
/** Bereichskennung HR */
public static String TARGET_HR = "HR";
- /** Tätigkeitsbereich HR */
+ /** Tätigkeitsbereich HR */
public static String TARGET_HR_SECTOR = "Zentrales Rechnungswesen";
/** Bereichskennung KI */
public static String TARGET_KI = "KI";
- /** Tätigkeitsbereich KI */
+ /** Tätigkeitsbereich KI */
public static String TARGET_KI_SECTOR = "Auftraggeberinterne allgemeine Kanzleiindizes";
/** Bereichskennung OI */
public static String TARGET_OI = "OI";
- /** Tätigkeitsbereich OI */
- public static String TARGET_OI_SECTOR = "Öffentlichkeitsarbeit";
+ /** Tätigkeitsbereich OI */
+ public static String TARGET_OI_SECTOR = "öffentlichkeitsarbeit";
/** Bereichskennung PV */
public static String TARGET_PV = "PV";
- /** Tätigkeitsbereich PV */
+ /** Tätigkeitsbereich PV */
public static String TARGET_PV_SECTOR = "Personalverwaltung";
/** Bereichskennung RD */
public static String TARGET_RD = "RD";
- /** Tätigkeitsbereich RD */
+ /** Tätigkeitsbereich RD */
public static String TARGET_RD_SECTOR = "Zentraler Rechtsdienst";
/** Bereichskennung VS */
public static String TARGET_VS = "VS";
- /** Tätigkeitsbereich VS */
- public static String TARGET_VS_SECTOR = "Zentrale Durchführung von Verwaltungsstrafverfahren";
+ /** Tätigkeitsbereich VS */
+ public static String TARGET_VS_SECTOR = "Zentrale Durchführung von Verwaltungsstrafverfahren";
/** Bereichskennung VS-RG */
public static String TARGET_VS_RG = "VS-RG";
- /** Tätigkeitsbereich VS-RG */
+ /** Tätigkeitsbereich VS-RG */
public static String TARGET_VS_RG_SECTOR = "Zentrales Verwaltungsstrafregister";
/** Bereichskennung ZU */
public static String TARGET_ZU = "ZU";
- /** Tätigkeitsbereich ZU */
+ /** Tätigkeitsbereich ZU */
public static String TARGET_ZU_SECTOR = "Zustellungen";
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/proxy/ProxyConfigurationBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/proxy/ProxyConfigurationBuilder.java
index bf8cbcdce..219b0f8ba 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/proxy/ProxyConfigurationBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/proxy/ProxyConfigurationBuilder.java
@@ -131,7 +131,7 @@ public class ProxyConfigurationBuilder extends ConfigurationBuilder {
String name = XPathUtils.getAttributeValue(paramAuthElem, "@Name", null);
String value = XPathUtils.getAttributeValue(paramAuthElem, "@Value", null);
if (paramAuthMap.containsKey(name))
- throw new ConfigurationException("config.06", new Object[]{"Doppelter Wert für Parameter per HeaderAuthentication"});
+ throw new ConfigurationException("config.06", new Object[]{"Doppelter Wert für Parameter per HeaderAuthentication"});
paramAuthMap.put(name, value);
}
oaConfiguration.setParamAuthMapping(paramAuthMap);
@@ -153,7 +153,7 @@ public class ProxyConfigurationBuilder extends ConfigurationBuilder {
XPathUtils.getAttributeValue(headerAuthElem, "@Value", null);
// Contains Key (Neue Config-Exception: doppelte werte)
if (headerAuthMap.containsKey(name))
- throw new ConfigurationException("config.06", new Object[]{"Doppelter Wert für Parameter per HeaderAuthentication"});
+ throw new ConfigurationException("config.06", new Object[]{"Doppelter Wert für Parameter per HeaderAuthentication"});
headerAuthMap.put(name, value);
}
oaConfiguration.setHeaderAuthMapping(headerAuthMap);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/AuthDispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/AuthDispatcherServlet.java
index 262854b50..e04600b42 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/AuthDispatcherServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/AuthDispatcherServlet.java
@@ -17,9 +17,11 @@ import at.gv.egovernment.moa.id.auth.MOAIDAuthInitializer;
import at.gv.egovernment.moa.id.auth.WrongParametersException;
import at.gv.egovernment.moa.id.auth.servlet.AuthServlet;
import at.gv.egovernment.moa.id.moduls.AuthenticationManager;
+import at.gv.egovernment.moa.id.moduls.IAction;
import at.gv.egovernment.moa.id.moduls.IModulInfo;
import at.gv.egovernment.moa.id.moduls.IRequest;
import at.gv.egovernment.moa.id.moduls.ModulStorage;
+import at.gv.egovernment.moa.id.moduls.NoPassivAuthenticationException;
import at.gv.egovernment.moa.id.moduls.ServletInfo;
import at.gv.egovernment.moa.id.moduls.ServletType;
import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
@@ -34,7 +36,7 @@ public class AuthDispatcherServlet extends AuthServlet {
public static final String PARAM_TARGET_PATH = "mod";
public static final String PARAM_TARGET_PROTOCOL = "action";
- public static final String PARAM_DISPATCHER_TARGETS = "DispatcherTargets";
+/* public static final String PARAM_DISPATCHER_TARGETS = "DispatcherTargets";
public static final String PARAM_DISPATCHER_TYPE = "DispatcherType";
public static final String PARAM_DISPATCHER_TYPE_UNAUTH = "UNAUTH";
public static final String PARAM_DISPATCHER_TYPE_AUTH = "AUTH";
@@ -103,7 +105,7 @@ public class AuthDispatcherServlet extends AuthServlet {
+ modulInfo.getClass().getName() + " FAILED!!", e);
}
}
-
+*/
@Override
public void init(ServletConfig config) throws ServletException {
try {
@@ -118,7 +120,7 @@ public class AuthDispatcherServlet extends AuthServlet {
throw new ServletException(ex);
}
Logger.info("Auth dispatcher Servlet initialization");
-
+/*
List modules = ModulStorage.getAllModules();
Iterator it = modules.iterator();
while (it.hasNext()) {
@@ -130,7 +132,7 @@ public class AuthDispatcherServlet extends AuthServlet {
Logger.error("Registering Class " + targetClass + " FAILED!!",
e);
}
- }
+ }*/
}
protected void processRequest(HttpServletRequest req,
@@ -160,23 +162,49 @@ public class AuthDispatcherServlet extends AuthServlet {
}
Logger.debug("dispatching to " + path + " protocol " + protocol);
-
+/*
if (path != null && protocol != null
&& endpointMap.containsKey(path)) {
+
IModulInfo info = ModulStorage.getModuleByPath(path);
+
if (info == null) {
resp.sendError(HttpServletResponse.SC_NOT_FOUND);
Logger.error("Path " + path + " has no module registered");
return;
}
-
+
+ IAction action = info.getAction(protocol);
+
+ if (action == null) {
+ resp.sendError(HttpServletResponse.SC_NOT_FOUND);
+ Logger.error("Action " + protocol + " is not available!");
+ return;
+ }
+
+
+
+ try {
IRequest configuration = info.preProcess(req, resp, protocol);
+ if(configuration.forceAuth()) {
+ session.setAttribute(PARAM_TARGET_PATH, path);
+ session.setAttribute(PARAM_TARGET_PROTOCOL, protocol);
+
+ AuthenticationManager.doAuthentication(req, resp,
+ configuration);
+ return;
+ }
+
if (!AuthenticationManager.isAuthenticated(req, resp)) {
session.setAttribute(PARAM_TARGET_PATH, path);
session.setAttribute(PARAM_TARGET_PROTOCOL, protocol);
+ if(configuration.isPassiv()) {
+ throw new NoPassivAuthenticationException();
+ }
+
AuthenticationManager.doAuthentication(req, resp,
configuration);
return;
@@ -201,13 +229,20 @@ public class AuthDispatcherServlet extends AuthServlet {
resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
}
}
- }
+ }
+ catch (Throwable e) {
+ // Try handle module specific, if not possible rethrow
+ if(!info.generateErrorMessage(e, req, resp)) {
+ throw e;
+ }
+ }
+ }*/
resp.sendError(HttpServletResponse.SC_NOT_FOUND);
- } catch (WrongParametersException ex) {
+ }/* catch (WrongParametersException ex) {
handleWrongParameters(ex, req, resp);
} catch (MOAIDException ex) {
handleError(null, ex, req, resp);
- } catch (Throwable e) {
+ } */catch (Throwable e) {
e.printStackTrace();
resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
index 48f44f97b..72ade4f25 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
@@ -1,103 +1,95 @@
package at.gv.egovernment.moa.id.entrypoints;
import java.io.IOException;
-import java.util.HashMap;
-import java.util.Iterator;
-import java.util.List;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
-import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import at.gv.egovernment.moa.id.MOAIDException;
import at.gv.egovernment.moa.id.auth.MOAIDAuthInitializer;
+import at.gv.egovernment.moa.id.auth.WrongParametersException;
+import at.gv.egovernment.moa.id.auth.servlet.AuthServlet;
+import at.gv.egovernment.moa.id.moduls.AuthenticationManager;
+import at.gv.egovernment.moa.id.moduls.IAction;
import at.gv.egovernment.moa.id.moduls.IModulInfo;
+import at.gv.egovernment.moa.id.moduls.IRequest;
import at.gv.egovernment.moa.id.moduls.ModulStorage;
-import at.gv.egovernment.moa.id.moduls.ServletInfo;
-import at.gv.egovernment.moa.id.moduls.ServletType;
+import at.gv.egovernment.moa.id.moduls.NoPassivAuthenticationException;
+import at.gv.egovernment.moa.id.moduls.RequestStorage;
import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
import at.gv.egovernment.moa.logging.Logger;
-public class DispatcherServlet extends HttpServlet {
+public class DispatcherServlet extends AuthServlet {
/**
*
*/
private static final long serialVersionUID = 1L;
- public static final String PARAM_TARGET_PATH = "mod";
- public static final String PARAM_TARGET_PROTOCOL = "action";
- public static final String PARAM_DISPATCHER_TARGETS = "DispatcherTargets";
- public static final String PARAM_DISPATCHER_TYPE = "DispatcherType";
- public static final String PARAM_DISPATCHER_TYPE_UNAUTH = "UNAUTH";
- public static final String PARAM_DISPATCHER_TYPE_AUTH = "AUTH";
- public static String SYSTEM_NEWLINE = System.getProperty("line.separator");
-
- private HashMap> endpointMap = new HashMap>();
-
- private void registerModule(IModulInfo modulInfo) {
-
- HashMap tempMap = new HashMap();
-
- try {
-
- String path = modulInfo.getPath();
-
- if (path == null) {
- throw new Exception(String.format(
- "%s does not return a valid target path!",
- new Object[] { modulInfo.getClass().getName() }));
- }
-
- Logger.debug("Registering: " + modulInfo.getName() + " under "
- + path);
-
- List servletInfos = modulInfo.getServlets();
-
- Iterator servletInfoIterator = servletInfos.iterator();
-
- while (servletInfoIterator.hasNext()) {
-
- ServletInfo servletInfo = servletInfoIterator.next();
-
- if (servletInfo.getType() == ServletType.UNAUTH) {
- HttpServlet servlet = servletInfo.getServletInstance();
- String target = servletInfo.getTarget();
-
- if (target == null) {
- throw new Exception(
- String.format(
- "%s does not return a valid target identifier!",
- new Object[] { servlet.getClass()
- .getName() }));
- }
-
- if (tempMap.containsKey(target)) {
- throw new Exception(String.format(
- "%s tried to overwrite %s/%s", new Object[] {
- servlet.getClass().getName(), path,
- target }));
- }
-
- tempMap.put(target, servlet);
- Logger.info("Registered Servlet class: "
- + servlet.getClass().getName() + " OK");
- }
-
- }
-
- // when there was no error we register all servlets into the real
- // endpoint map ...
- if (!tempMap.isEmpty()) {
- endpointMap.put(path, tempMap);
- }
- } catch (Throwable e) {
- Logger.error("Registering Modul class: "
- + modulInfo.getClass().getName() + " FAILED!!", e);
- }
- }
+ public static final String PARAM_TARGET_MODULE = "mod";
+ public static final String PARAM_TARGET_ACTION = "action";
+ /*
+ * public static final String PARAM_DISPATCHER_TARGETS =
+ * "DispatcherTargets"; public static final String PARAM_DISPATCHER_TYPE =
+ * "DispatcherType"; public static final String PARAM_DISPATCHER_TYPE_UNAUTH
+ * = "UNAUTH"; public static final String PARAM_DISPATCHER_TYPE_AUTH =
+ * "AUTH"; public static String SYSTEM_NEWLINE =
+ * System.getProperty("line.separator");
+ */
+ /*
+ * private HashMap> endpointMap = new
+ * HashMap>();
+ *
+ * private void registerModule(IModulInfo modulInfo) {
+ *
+ * HashMap tempMap = new HashMap();
+ *
+ * try {
+ *
+ * String path = modulInfo.getPath();
+ *
+ * if (path == null) { throw new Exception(String.format(
+ * "%s does not return a valid target path!", new Object[] {
+ * modulInfo.getClass().getName() })); }
+ *
+ * Logger.debug("Registering: " + modulInfo.getName() + " under " + path);
+ *
+ * List servletInfos = modulInfo.getServlets();
+ *
+ * Iterator servletInfoIterator = servletInfos.iterator();
+ *
+ * while (servletInfoIterator.hasNext()) {
+ *
+ * ServletInfo servletInfo = servletInfoIterator.next();
+ *
+ * if (servletInfo.getType() == ServletType.UNAUTH) { HttpServlet servlet =
+ * servletInfo.getServletInstance(); String target =
+ * servletInfo.getTarget();
+ *
+ * if (target == null) { throw new Exception( String.format(
+ * "%s does not return a valid target identifier!", new Object[] {
+ * servlet.getClass() .getName() })); }
+ *
+ * if (tempMap.containsKey(target)) { throw new Exception(String.format(
+ * "%s tried to overwrite %s/%s", new Object[] {
+ * servlet.getClass().getName(), path, target })); }
+ *
+ * tempMap.put(target, servlet); Logger.info("Registered Servlet class: " +
+ * servlet.getClass().getName() + " OK"); }
+ *
+ * }
+ *
+ * // when there was no error we register all servlets into the real //
+ * endpoint map ... if (!tempMap.isEmpty()) { endpointMap.put(path,
+ * tempMap); } } catch (Throwable e) {
+ * Logger.error("Registering Modul class: " + modulInfo.getClass().getName()
+ * + " FAILED!!", e); } }
+ */
@Override
public void init(ServletConfig config) throws ServletException {
try {
@@ -113,69 +105,147 @@ public class DispatcherServlet extends HttpServlet {
}
Logger.info("Dispatcher Servlet initialization");
- List modules = ModulStorage.getAllModules();
- Iterator it = modules.iterator();
- while (it.hasNext()) {
- IModulInfo info = it.next();
- String targetClass = info.getClass().getName();
- try {
- registerModule(info);
- } catch (Throwable e) {
- Logger.error("Registering Class " + targetClass + " FAILED!!",
- e);
- }
- }
+ /*
+ * List modules = ModulStorage.getAllModules();
+ * Iterator it = modules.iterator(); while (it.hasNext()) {
+ * IModulInfo info = it.next(); String targetClass =
+ * info.getClass().getName(); try { registerModule(info); } catch
+ * (Throwable e) { Logger.error("Registering Class " + targetClass +
+ * " FAILED!!", e); } }
+ */
}
protected void processRequest(HttpServletRequest req,
HttpServletResponse resp) throws ServletException, IOException {
- Object pathObject = req.getParameter(PARAM_TARGET_PATH);
- String path = null;
- if (pathObject != null && (pathObject instanceof String)) {
- path = (String) pathObject;
- }
+ try {
+ Object moduleObject = req.getParameter(PARAM_TARGET_MODULE);
+ String module = null;
+ if (moduleObject != null && (moduleObject instanceof String)) {
+ module = (String) moduleObject;
+ }
- if (path == null) {
- path = (String) req.getAttribute(PARAM_TARGET_PATH);
- }
+ if (module == null) {
+ module = (String) req.getAttribute(PARAM_TARGET_MODULE);
+ }
- Object protocolObject = req.getParameter(PARAM_TARGET_PROTOCOL);
- String protocol = null;
- if (protocolObject != null && (protocolObject instanceof String)) {
- protocol = (String) protocolObject;
- }
+ Object actionObject = req.getParameter(PARAM_TARGET_ACTION);
+ String action = null;
+ if (actionObject != null && (actionObject instanceof String)) {
+ action = (String) actionObject;
+ }
- if (protocol == null) {
- protocol = req.getParameter(PARAM_TARGET_PROTOCOL);
- }
+ if (action == null) {
+ action = req.getParameter(PARAM_TARGET_ACTION);
+ }
+
+ Logger.debug("dispatching to " + module + " protocol " + action);
+
+ IModulInfo info = ModulStorage.getModuleByPath(module);
+
+ if (info == null) {
+ resp.sendError(HttpServletResponse.SC_NOT_FOUND);
+ Logger.error("Protocol " + module + " has no module registered");
+ return;
+ }
+
+ IAction moduleAction = info.getAction(action);
+
+ if (moduleAction == null) {
+ resp.sendError(HttpServletResponse.SC_NOT_FOUND);
+ Logger.error("Action " + action + " is not available!");
+ return;
+ }
- Logger.debug("dispatching to " + path + " protocol " + protocol);
-
- if (path != null && protocol != null && endpointMap.containsKey(path)) {
- HashMap pathMap = endpointMap.get(path);
- Logger.debug("found path");
- if (pathMap.containsKey(protocol)) {
- Logger.debug("found protocol");
- try {
- HttpServlet servlet = (HttpServlet) pathMap.get(protocol);
- String forward = servlet.getClass().getName();
- Logger.info("Forwarding to Servlet: " + forward);
- getServletContext().getNamedDispatcher(forward).forward(
- req, resp);
+ HttpSession httpSession = req.getSession();
+
+ try {
+ IRequest protocolRequest = RequestStorage
+ .getPendingRequest(httpSession);
+
+ if (protocolRequest != null) {
+ // check if pending request is same protocol and action
+ if (!protocolRequest.requestedModule().equals(module)
+ || !protocolRequest.requestedAction()
+ .equals(action)) {
+ resp.sendError(HttpServletResponse.SC_CONFLICT);
+ Logger.error("Different Request is pending in this session!");
+ return;
+ }
+ }
+
+ if (protocolRequest == null) {
+ protocolRequest = info.preProcess(req, resp, action);
+ if(protocolRequest != null) {
+ protocolRequest.setAction(action);
+ protocolRequest.setModule(module);
+ }
+ }
+
+ if (protocolRequest == null) {
+ resp.sendError(HttpServletResponse.SC_BAD_REQUEST);
+ Logger.error("Failed to generate a valid protocol request!");
return;
- } catch (Throwable e) {
- Logger.error("Failed to process request!", e);
- IModulInfo info = ModulStorage.getModuleByPath(path);
- if(info != null) {
- if(info.generateErrorMessage(e, req, resp)) {
+ }
+
+ RequestStorage.setPendingRequest(httpSession, protocolRequest);
+
+ if (moduleAction.needAuthentication(protocolRequest, req, resp)) {
+ if (protocolRequest.isPassiv()
+ && protocolRequest.forceAuth()) {
+ // conflict!
+ throw new NoPassivAuthenticationException();
+ }
+
+ if (protocolRequest.forceAuth()) {
+ if (!AuthenticationManager.tryPerformAuthentication(
+ req, resp)) {
+ AuthenticationManager.doAuthentication(req, resp,
+ protocolRequest);
+ return;
+ }
+ } else if (protocolRequest.isPassiv()) {
+ if (AuthenticationManager.tryPerformAuthentication(req,
+ resp)
+ || AuthenticationManager.isAuthenticated(req,
+ resp)) {
+ // Passive authentication ok!
+ } else {
+ throw new NoPassivAuthenticationException();
+ }
+ } else {
+ if (AuthenticationManager.tryPerformAuthentication(req,
+ resp)
+ || AuthenticationManager.isAuthenticated(req,
+ resp)) {
+ // Is authenticated .. proceed
+ } else {
+ // Start authentication!
+ AuthenticationManager.doAuthentication(req, resp,
+ protocolRequest);
return;
}
}
- resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
+ }
+
+ moduleAction.processRequest(protocolRequest, req, resp);
+
+ RequestStorage.removePendingRequest(httpSession);
+
+ } catch (Throwable e) {
+ // Try handle module specific, if not possible rethrow
+ if (!info.generateErrorMessage(e, req, resp)) {
+ throw e;
}
}
+ } catch (WrongParametersException ex) {
+ handleWrongParameters(ex, req, resp);
+ } catch (MOAIDException ex) {
+ handleError(null, ex, req, resp);
+ } catch (Throwable e) {
+ e.printStackTrace();
+ resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
}
- resp.sendError(HttpServletResponse.SC_NOT_FOUND);
+
}
@Override
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
index 0bba644bb..a45540726 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
@@ -1,7 +1,6 @@
package at.gv.egovernment.moa.id.moduls;
import java.io.IOException;
-import java.io.PrintWriter;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
@@ -11,9 +10,7 @@ import javax.servlet.http.HttpSession;
import at.gv.egovernment.moa.id.MOAIDException;
import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.auth.WrongParametersException;
-import at.gv.egovernment.moa.id.auth.builder.LoginFormBuilder;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
-import at.gv.egovernment.moa.id.entrypoints.AuthDispatcherServlet;
import at.gv.egovernment.moa.id.util.HTTPSessionUtils;
import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
import at.gv.egovernment.moa.logging.Logger;
@@ -45,34 +42,58 @@ public class AuthenticationManager implements MOAIDAuthConstants {
Logger.info("Checking authentication");
HttpSession session = request.getSession();
+
+ String moaSessionID = HTTPSessionUtils.getHTTPSessionString(session, MOA_SESSION, null);
+
+ if(moaSessionID == null) {
+ Logger.info("NO MOA Session to logout");
+ return false;
+ }
+
+ AuthenticationSession authSession = AuthenticationSessionStore
+ .getSession(moaSessionID);
+
+ if(authSession == null) {
+ Logger.info("NO MOA Authentication data for ID " + moaSessionID);
+ return false;
+ }
+
+ return authSession.isAuthenticated();
+ }
+ /**
+ * Checks if this request can authenticate a MOA Session
+ *
+ * @param request
+ * @param response
+ * @return
+ */
+ public static boolean tryPerformAuthentication(HttpServletRequest request,
+ HttpServletResponse response) {
+
+ HttpSession session = request.getSession();
+
String sessionID = (String) request.getParameter(PARAM_SESSIONID);
if (sessionID != null) {
Logger.info("got MOASession: " + sessionID);
AuthenticationSession authSession = AuthenticationSessionStore
.getSession(sessionID);
- //AuthenticationSessionStore.dumpSessionStore();
if (authSession != null) {
Logger.info("MOASession found! A: "
+ authSession.isAuthenticated() + ", AU "
+ authSession.isAuthenticatedUsed());
if (authSession.isAuthenticated()
&& !authSession.isAuthenticatedUsed()) {
- session.invalidate();
- session = request.getSession();
- // HTTPSessionUtils.setHTTPSessionBoolean(session,
- // MOA_AUTHENTICATED, true);
authSession.setAuthenticatedUsed(true);
HTTPSessionUtils.setHTTPSessionString(session, MOA_SESSION,
sessionID);
+ return true; // got authenticated
}
- return authSession.isAuthenticated();
}
}
-
return false;
}
-
+
public static void logout(HttpServletRequest request,
HttpServletResponse response) {
Logger.info("Logout");
@@ -109,10 +130,8 @@ public class AuthenticationManager implements MOAIDAuthConstants {
throws ServletException, IOException, MOAIDException {
HttpSession session = request.getSession();
Logger.info("Starting authentication ...");
- String modul = (String) session
- .getAttribute(AuthDispatcherServlet.PARAM_TARGET_PATH);
- String protocol = (String) session
- .getAttribute(AuthDispatcherServlet.PARAM_TARGET_PROTOCOL);
+ String modul = target.requestedModule();
+ String protocol = target.requestedAction();
if (!ParamValidatorUtils.isValidOA(target.getOAURL()))
throw new WrongParametersException("StartAuthentication", PARAM_OA,
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IAction.java
new file mode 100644
index 000000000..10f3ff696
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IAction.java
@@ -0,0 +1,11 @@
+package at.gv.egovernment.moa.id.moduls;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
+
+public interface IAction extends MOAIDAuthConstants {
+ public void processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp);
+ public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp);
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IModulInfo.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IModulInfo.java
index 64afc8880..0098ec5af 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IModulInfo.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IModulInfo.java
@@ -8,10 +8,12 @@ import javax.servlet.http.HttpServletResponse;
import at.gv.egovernment.moa.id.MOAIDException;
public interface IModulInfo {
- public List getServlets();
+ //public List getServlets();
public String getName();
public String getPath();
+ public IAction getAction(String action);
+
public IRequest preProcess(HttpServletRequest request,
HttpServletResponse response, String action)
throws MOAIDException;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IRequest.java
index f05a0f088..51e375b82 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IRequest.java
@@ -7,4 +7,6 @@ public interface IRequest {
public boolean isSSOSupported();
public String requestedModule();
public String requestedAction();
+ public void setModule(String module);
+ public void setAction(String action);
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/ModulUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/ModulUtils.java
index 918201dd4..9ce835c7e 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/ModulUtils.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/ModulUtils.java
@@ -5,18 +5,18 @@ import at.gv.egovernment.moa.id.entrypoints.DispatcherServlet;
public class ModulUtils {
- public static final String UNAUTHDISPATCHER = "UnauthDispatcher";
- public static final String AUTHDISPATCHER = "AuthDispatcher";
+ public static final String UNAUTHDISPATCHER = "dispatcher";
+ public static final String AUTHDISPATCHER = "dispatcher";
public static String buildUnauthURL(String modul, String action) {
return UNAUTHDISPATCHER + "?" +
- DispatcherServlet.PARAM_TARGET_PATH + "=" + modul + "&" +
- DispatcherServlet.PARAM_TARGET_PROTOCOL + "=" + action;
+ DispatcherServlet.PARAM_TARGET_MODULE + "=" + modul + "&" +
+ DispatcherServlet.PARAM_TARGET_ACTION + "=" + action;
}
public static String buildAuthURL(String modul, String action) {
return AUTHDISPATCHER +
- "?" + DispatcherServlet.PARAM_TARGET_PATH + "=" + modul + "&" +
- DispatcherServlet.PARAM_TARGET_PROTOCOL + "=" + action;
+ "?" + DispatcherServlet.PARAM_TARGET_MODULE + "=" + modul + "&" +
+ DispatcherServlet.PARAM_TARGET_ACTION + "=" + action;
}
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/NoPassivAuthenticationException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/NoPassivAuthenticationException.java
new file mode 100644
index 000000000..286da5a91
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/NoPassivAuthenticationException.java
@@ -0,0 +1,16 @@
+package at.gv.egovernment.moa.id.moduls;
+
+import at.gv.egovernment.moa.id.MOAIDException;
+
+public class NoPassivAuthenticationException extends MOAIDException {
+
+ public NoPassivAuthenticationException() {
+ super("auth.18", null);
+ }
+
+ /**
+ *
+ */
+ private static final long serialVersionUID = 596920452166197688L;
+
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestStorage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestStorage.java
new file mode 100644
index 000000000..4e7d8d2ed
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestStorage.java
@@ -0,0 +1,28 @@
+package at.gv.egovernment.moa.id.moduls;
+
+import javax.servlet.http.HttpSession;
+
+public class RequestStorage {
+
+ private static final String PENDING_REQUEST = "PENDING_REQUEST";
+
+ public static IRequest getPendingRequest(HttpSession session) {
+ Object obj = session.getAttribute(PENDING_REQUEST);
+ if (obj != null) {
+ if (obj instanceof IRequest) {
+ return (IRequest) obj;
+ } else {
+ session.setAttribute(PENDING_REQUEST, null);
+ }
+ }
+ return null;
+ }
+
+ public static void setPendingRequest(HttpSession session, IRequest request) {
+ session.setAttribute(PENDING_REQUEST, request);
+ }
+
+ public static void removePendingRequest(HttpSession session) {
+ session.setAttribute(PENDING_REQUEST, null);
+ }
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AuthenticationAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AuthenticationAction.java
new file mode 100644
index 000000000..efdfd9c47
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AuthenticationAction.java
@@ -0,0 +1,21 @@
+package at.gv.egovernment.moa.id.protocols.pvp2x;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import at.gv.egovernment.moa.id.moduls.IAction;
+import at.gv.egovernment.moa.id.moduls.IRequest;
+
+public class AuthenticationAction implements IAction {
+
+ public void processRequest(IRequest req, HttpServletRequest httpReq,
+ HttpServletResponse httpResp) {
+ System.out.println("Process PVP2 auth request!");
+ }
+
+ public boolean needAuthentication(IRequest req, HttpServletRequest httpReq,
+ HttpServletResponse httpResp) {
+ return true;
+ }
+
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
index f58b411d1..fa5ff9ecf 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
@@ -3,6 +3,7 @@ package at.gv.egovernment.moa.id.protocols.pvp2x;
import iaik.pkcs.pkcs11.objects.Object;
import java.util.ArrayList;
+import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
@@ -11,17 +12,24 @@ import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringEscapeUtils;
import org.opensaml.saml2.core.RequestAbstractType;
+import org.opensaml.saml2.core.Response;
+import org.opensaml.saml2.core.Status;
+import org.opensaml.saml2.core.StatusCode;
+import org.opensaml.saml2.core.StatusMessage;
import at.gv.egovernment.moa.id.MOAIDException;
import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.auth.WrongParametersException;
+import at.gv.egovernment.moa.id.moduls.IAction;
import at.gv.egovernment.moa.id.moduls.IModulInfo;
import at.gv.egovernment.moa.id.moduls.IRequest;
+import at.gv.egovernment.moa.id.moduls.NoPassivAuthenticationException;
import at.gv.egovernment.moa.id.moduls.ServletInfo;
import at.gv.egovernment.moa.id.moduls.ServletType;
import at.gv.egovernment.moa.id.protocols.pvp2x.binding.IDecoder;
import at.gv.egovernment.moa.id.protocols.pvp2x.binding.PostBinding;
import at.gv.egovernment.moa.id.protocols.pvp2x.binding.RedirectBinding;
+import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils;
import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants {
@@ -36,6 +44,8 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants {
private static List decoder = new ArrayList();
+ private static HashMap actions = new HashMap();
+
static {
servletList.add(new ServletInfo(PVPProcessor.class, REDIRECT,
ServletType.AUTH));
@@ -44,7 +54,10 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants {
decoder.add(new PostBinding());
decoder.add(new RedirectBinding());
-
+
+ actions.put(REDIRECT, new AuthenticationAction());
+ actions.put(POST, new AuthenticationAction());
+
instance = new PVP2XProtocol();
}
@@ -99,6 +112,7 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants {
throw new WrongParametersException("StartAuthentication",
PARAM_OA, "auth.12");
config.setOAURL(oaURL);
+ config.setRequest(samlReq);
request.getSession().setAttribute(PARAM_OA, oaURL);
return config;
@@ -110,8 +124,26 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants {
public boolean generateErrorMessage(Throwable e,
HttpServletRequest request, HttpServletResponse response) {
- // TODO Auto-generated method stub
+ Response samlResponse = SAML2Utils.createSAMLObject(Response.class);
+ Status status = SAML2Utils.createSAMLObject(Status.class);
+ StatusCode statusCode = SAML2Utils.createSAMLObject(StatusCode.class);
+ StatusMessage statusMessage = SAML2Utils.createSAMLObject(StatusMessage.class);
+ if(e instanceof NoPassivAuthenticationException) {
+ statusCode.setValue(StatusCode.NO_PASSIVE_URI);
+ statusMessage.setMessage(e.getLocalizedMessage());
+ } else {
+ statusCode.setValue(StatusCode.RESPONDER_URI);
+ statusMessage.setMessage(e.getLocalizedMessage());
+ }
+
+ status.setStatusCode(statusCode);
+ status.setStatusMessage(statusMessage);
+ samlResponse.setStatus(status);
return false;
}
+ public IAction getAction(String action) {
+ return actions.get(action);
+ }
+
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/SAML2Utils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/SAML2Utils.java
new file mode 100644
index 000000000..203d743be
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/SAML2Utils.java
@@ -0,0 +1,25 @@
+package at.gv.egovernment.moa.id.protocols.pvp2x.utils;
+
+import javax.xml.namespace.QName;
+
+import org.opensaml.Configuration;
+import org.opensaml.xml.XMLObjectBuilderFactory;
+
+public class SAML2Utils {
+
+ public static T createSAMLObject(final Class clazz) {
+ try {
+ XMLObjectBuilderFactory builderFactory = Configuration
+ .getBuilderFactory();
+
+ QName defaultElementName = (QName) clazz.getDeclaredField(
+ "DEFAULT_ELEMENT_NAME").get(null);
+ T object = (T) builderFactory.getBuilder(defaultElementName)
+ .buildObject(defaultElementName);
+ return object;
+ } catch (Throwable e) {
+ e.printStackTrace();
+ return null;
+ }
+ }
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java
new file mode 100644
index 000000000..d4ee5f46c
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java
@@ -0,0 +1,127 @@
+package at.gv.egovernment.moa.id.protocols.saml1;
+
+import java.io.UnsupportedEncodingException;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+
+import org.apache.commons.lang.StringEscapeUtils;
+
+import at.gv.egovernment.moa.id.AuthenticationException;
+import at.gv.egovernment.moa.id.BuildException;
+import at.gv.egovernment.moa.id.auth.WrongParametersException;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.config.ConfigurationException;
+import at.gv.egovernment.moa.id.moduls.AuthenticationManager;
+import at.gv.egovernment.moa.id.moduls.IAction;
+import at.gv.egovernment.moa.id.moduls.IRequest;
+import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
+import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.URLEncoder;
+
+public class GetArtifactAction implements IAction {
+
+ public void processRequest(IRequest req, HttpServletRequest httpReq,
+ HttpServletResponse httpResp) {
+ HttpSession httpSession = httpReq.getSession();
+
+ AuthenticationSession session = AuthenticationManager
+ .getAuthenticationSession(httpSession);
+
+ String oaURL = (String) httpReq.getAttribute(PARAM_OA);
+ oaURL = StringEscapeUtils.escapeHtml(oaURL);
+
+ try {
+
+ // check parameter
+ if (!ParamValidatorUtils.isValidOA(oaURL))
+ throw new WrongParametersException("StartAuthentication",
+ PARAM_OA, "auth.12");
+
+ if (oaURL == null) {
+ oaURL = session.getOAURLRequested();
+ }
+
+ if (oaURL == null) {
+ throw new WrongParametersException("StartAuthentication",
+ PARAM_OA, "auth.12");
+ }
+
+ String samlArtifactBase64 = SAML1AuthenticationServer
+ .BuildSAMLArtifact(session);
+
+ String redirectURL = oaURL;
+ session.getOAURLRequested();
+ if (!session.getBusinessService()) {
+ redirectURL = addURLParameter(redirectURL, PARAM_TARGET,
+ URLEncoder.encode(session.getTarget(), "UTF-8"));
+
+ }
+ redirectURL = addURLParameter(redirectURL, PARAM_SAMLARTIFACT,
+ URLEncoder.encode(samlArtifactBase64, "UTF-8"));
+ redirectURL = httpResp.encodeRedirectURL(redirectURL);
+
+ httpResp.setContentType("text/html");
+ httpResp.setStatus(302);
+
+ httpResp.addHeader("Location", redirectURL);
+ Logger.debug("REDIRECT TO: " + redirectURL);
+
+ // CONFIRMATION FOR SSO!
+ /*
+ * OAAuthParameter oaParam =
+ * AuthConfigurationProvider.getInstance().
+ * getOnlineApplicationParameter(oaURL);
+ *
+ * String friendlyName = oaParam.getFriendlyName(); if(friendlyName
+ * == null) { friendlyName = oaURL; }
+ *
+ *
+ * LoginConfirmationBuilder builder = new
+ * LoginConfirmationBuilder();
+ * builder.addParameter(PARAM_SAMLARTIFACT, samlArtifactBase64);
+ * String form = builder.finish(oaURL, session.getIdentityLink()
+ * .getName(), friendlyName);
+ */
+
+ /*
+ * resp.setContentType("text/html");
+ *
+ * OutputStream out = resp.getOutputStream();
+ * out.write(form.getBytes("UTF-8")); out.flush(); out.close();
+ */
+
+ } catch (WrongParametersException ex) {
+ // handleWrongParameters(ex, req, httpResp);
+ ex.printStackTrace();
+ } catch (ConfigurationException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ } catch (BuildException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ } catch (AuthenticationException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ } catch (UnsupportedEncodingException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ }
+
+ protected static String addURLParameter(String url, String paramname,
+ String paramvalue) {
+ String param = paramname + "=" + paramvalue;
+ if (url.indexOf("?") < 0)
+ return url + "?" + param;
+ else
+ return url + "&" + param;
+ }
+
+ public boolean needAuthentication(IRequest req, HttpServletRequest httpReq,
+ HttpServletResponse httpResp) {
+ return true;
+ }
+
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
index ca1f9c380..fbb296a9e 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
@@ -1,6 +1,7 @@
package at.gv.egovernment.moa.id.protocols.saml1;
import java.util.ArrayList;
+import java.util.HashMap;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
@@ -11,6 +12,7 @@ import org.apache.commons.lang.StringEscapeUtils;
import at.gv.egovernment.moa.id.MOAIDException;
import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.auth.WrongParametersException;
+import at.gv.egovernment.moa.id.moduls.IAction;
import at.gv.egovernment.moa.id.moduls.IModulInfo;
import at.gv.egovernment.moa.id.moduls.IRequest;
import at.gv.egovernment.moa.id.moduls.ServletInfo;
@@ -27,10 +29,14 @@ public class SAML1Protocol implements IModulInfo, MOAIDAuthConstants {
private static List servletList = new ArrayList();
+ private static HashMap actions = new HashMap();
+
static {
servletList.add(new ServletInfo(GetArtifactServlet.class, GETARTIFACT,
ServletType.AUTH));
+ actions.put(GETARTIFACT, new GetArtifactAction());
+
instance = new SAML1Protocol();
}
@@ -75,4 +81,8 @@ public class SAML1Protocol implements IModulInfo, MOAIDAuthConstants {
return false;
}
+ public IAction getAction(String action) {
+ return actions.get(action);
+ }
+
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/DefaultConnectionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/DefaultConnectionBuilder.java
index c1e64dd53..850f2438a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/DefaultConnectionBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/DefaultConnectionBuilder.java
@@ -113,7 +113,7 @@ public class DefaultConnectionBuilder implements ConnectionBuilder {
//conn.setAllowUserInteraction(true);
conn.setInstanceFollowRedirects(false);
- // JSSE Abhängigkeit
+ // JSSE Abhängigkeit
if (conn instanceof HttpsURLConnection && sslSocketFactory != null) {
HttpsURLConnection httpsConn = (HttpsURLConnection) conn;
httpsConn.setSSLSocketFactory(sslSocketFactory);
@@ -187,7 +187,7 @@ public class DefaultConnectionBuilder implements ConnectionBuilder {
* Hostname Verification Check
*/
- // JSSE Abhängigkeit
+ // JSSE Abhängigkeit
private class HostnameNonVerifier implements HostnameVerifier {
public boolean verify(String hostname, SSLSession session) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/ElakConnectionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/ElakConnectionBuilder.java
index 29c8b3bca..49e3c09b8 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/ElakConnectionBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/ElakConnectionBuilder.java
@@ -204,7 +204,7 @@ public class ElakConnectionBuilder implements ConnectionBuilder {
//conn.setUseCaches(false);
webDavConn.setAllowUserInteraction(true);
webDavConn.setInstanceFollowRedirects(false);
- // JSSE Abhängigkeit
+ // JSSE Abhängigkeit
if (conn instanceof HttpsURLConnection && sslSocketFactory != null) {
HttpsURLConnection httpsConn = (HttpsURLConnection) conn;
httpsConn.setSSLSocketFactory(sslSocketFactory);
@@ -258,7 +258,7 @@ public class ElakConnectionBuilder implements ConnectionBuilder {
* A private class to change the standard HostName verifier to disable the
* Hostname Verification Check
*/
-//JSSE Abhängigkeit
+//JSSE Abhängigkeit
private class HostnameNonVerifier implements HostnameVerifier {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/EnhancedConnectionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/EnhancedConnectionBuilder.java
index 023b2c272..d4a3e4634 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/EnhancedConnectionBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/EnhancedConnectionBuilder.java
@@ -46,7 +46,7 @@ import at.gv.egovernment.moa.util.BoolUtils;
/**
* Outlook Web Access (OWA) Implementierung von ConnectionBuilder
.
- * uses the HTTP(s)Client from Ronald Tschalär.
+ * uses the HTTP(s)Client from Ronald Tschalär.
* origin version (without https support) is available at http://www.innovation.ch/java/HTTPClient/
*
* @author pdanner
@@ -168,7 +168,7 @@ public class EnhancedConnectionBuilder implements ConnectionBuilder {
* A private class to change the standard HostName verifier to disable the
* Hostname Verification Check
*/
- // JSSE Abhängigkeit
+ // JSSE Abhängigkeit
private class HostnameNonVerifier implements HostnameVerifier {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/parser/AuthenticationDataAssertionParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/parser/AuthenticationDataAssertionParser.java
index f2aca057a..134bd21a8 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/parser/AuthenticationDataAssertionParser.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/parser/AuthenticationDataAssertionParser.java
@@ -130,7 +130,7 @@ public class AuthenticationDataAssertionParser implements Constants {
try {
AuthenticationData authData = new AuthenticationData();
- //ÄNDERN: NUR der Identification-Teil
+ //ÄNDERN: NUR der Identification-Teil
authData.setSamlAssertion(DOMUtils.serializeNode(samlAssertion));
authData.setMajorVersion(new Integer(
XPathUtils.getAttributeValue(samlAssertion, MAJOR_VERSION_XPATH, "-1")).intValue());
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java
index a55e02cdd..6a497f174 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java
@@ -440,7 +440,7 @@ private int tunnelRequest(HttpServletRequest req, HttpServletResponse resp, Map
}
}
- /* Soll auch bei anderen bindings zuerst ein passwort probiert werden können:
+ /* Soll auch bei anderen bindings zuerst ein passwort probiert werden k�nnen:
//if we have the first Login-Try and we have Binding to Username and a predefined Password we try this one first
// full binding will be covered by next block
if (loginTry==1 && !OAConfiguration.BINDUNG_FULL.equals(binding)) {
@@ -662,7 +662,7 @@ private int tunnelRequest(HttpServletRequest req, HttpServletResponse resp, Map
}
}
-// // Überschrift im Browser-Passworteingabedialog setzen (sonst ist der reale host eingetragen)
+// // Ãœberschrift im Browser-Passworteingabedialog setzen (sonst ist der reale host eingetragen)
// if (headerKey.equalsIgnoreCase("WWW-Authenticate") && headerValue.startsWith("Basic realm=\"")) {
// headerValue = "Basic realm=\"" + publicURLPrefix + "\"";
// if (OAConfiguration.BINDUNG_USERNAME.equals(originBinding) || OAConfiguration.BINDUNG_NOMATCH.equals(originBinding)) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/HTTPSessionUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/HTTPSessionUtils.java
index a8eef06a7..896fc6d5d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/HTTPSessionUtils.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/HTTPSessionUtils.java
@@ -1,9 +1,38 @@
package at.gv.egovernment.moa.id.util;
+import java.util.Enumeration;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.Set;
+
import javax.servlet.http.HttpSession;
public class HTTPSessionUtils {
+ public static HashMap extractAllProperties(HttpSession session) {
+ @SuppressWarnings("unchecked")
+ Enumeration keys = (Enumeration)session.getAttributeNames();
+ HashMap properties = new HashMap();
+
+ while(keys.hasMoreElements()) {
+ Object keyObject = keys.nextElement();
+ String key = keyObject.toString();
+ Object value = session.getAttribute(key);
+ properties.put(key, value);
+ }
+
+ return properties;
+ }
+
+ public static void pushAllProperties(HttpSession session, HashMap properties) {
+ Set keys = properties.keySet();
+ Iterator keysIterator = keys.iterator();
+ while(keysIterator.hasNext()) {
+ String key = keysIterator.next();
+ session.setAttribute(key, properties.get(key));
+ }
+ }
+
public static boolean getHTTPSessionBoolean(HttpSession session, String name, boolean fallback) {
Object obj = session.getAttribute(name);
if(obj == null) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java
index a0add1054..705b4e881 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java
@@ -79,7 +79,7 @@ public class SSLUtils {
*/
public static void initialize() {
sslSocketFactories = new HashMap();
- // JSSE Abhängigkeit
+ // JSSE Abhängigkeit
//Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
Security.addProvider(new IAIK());
//System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISMandate.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISMandate.java
index d97953270..1f5f1ea20 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISMandate.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISMandate.java
@@ -27,13 +27,13 @@ package at.gv.egovernment.moa.id.util.client.mis.simple;
public class MISMandate {
final static private String OID_NOTAR = "1.2.40.0.10.3.1";
- final static private String TEXT_NOTAR = "berufsmäßige(r) Parteienvertreter(in) mit Notariatseigenschaft";
+ final static private String TEXT_NOTAR = "berufsmäßige(r) Parteienvertreter(in) mit Notariatseigenschaft";
final static private String OID_RECHTSANWALT = "1.2.40.0.10.3.2";
- final static private String TEXT_RECHTSANWALT = "berufsmäßige(r) Parteienvertreter(in) mit Rechtsanwaltseigenschaft";
+ final static private String TEXT_RECHTSANWALT = "berufsmäßige(r) Parteienvertreter(in) mit Rechtsanwaltseigenschaft";
final static private String OID_ZIVILTECHNIKER = "1.2.40.0.10.3.3";
- final static private String TEXT_ZIVILTECHNIKER = "berufsmäßige(r) Parteienvertreter(in) mit Ziviltechnikerinneneigenschaft";
+ final static private String TEXT_ZIVILTECHNIKER = "berufsmäßige(r) Parteienvertreter(in) mit Ziviltechnikerinneneigenschaft";
final static public String OID_ORGANWALTER = "1.2.40.0.10.3.4";
final static private String TEXT_ORGANWALTER = "Organwalter";
@@ -73,7 +73,7 @@ public class MISMandate {
if (this.oid.equalsIgnoreCase(OID_ORGANWALTER))
return TEXT_ORGANWALTER;
- return "Keine textuelle Beschreibung für OID " + oid;
+ return "Keine textuelle Beschreibung für OID " + oid;
}
--
cgit v1.2.3