From f1d374bb66f3b48f2a14a8d550c4125c04dde7a8 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Mon, 24 Feb 2014 11:40:49 +0100 Subject: * add default configuration values * add MOA-ID-Auth publicURLPreFix as mandatory configuration value * remove ReloadConfiguration serlet * change moa-id-lib to use publicURLPreFix * update repository --- .../config/ConfigurationProvider.java | 2 + .../id/configuration/data/GeneralMOAIDConfig.java | 61 +++++----- .../id/configuration/data/oa/OAGeneralConfig.java | 2 + .../struts/action/EditGeneralConfigAction.java | 23 ++-- .../configuration/validation/ValidationHelper.java | 20 +++- .../validation/moaconfig/MOAConfigValidator.java | 39 +++--- .../main/resources/applicationResources.properties | 3 + .../src/main/webapp/jsp/editMOAConfig.jsp | 16 ++- .../src/main/webapp/jsp/editOAGeneral.jsp | 5 +- id/server/auth/src/main/webapp/WEB-INF/web.xml | 12 +- .../moa/id/auth/AuthenticationServer.java | 4 +- .../StartAuthentificationParameterParser.java | 21 +--- .../moa/id/auth/servlet/ConfigurationServlet.java | 133 --------------------- .../servlet/GenerateIFrameTemplateServlet.java | 22 ++-- .../moa/id/auth/servlet/LogOutServlet.java | 18 +-- .../CreateXMLSignatureResponseValidator.java | 2 +- .../id/config/auth/AuthConfigurationProvider.java | 115 ++++++++---------- .../moa/id/entrypoints/DispatcherServlet.java | 2 +- .../moa/id/moduls/AuthenticationManager.java | 3 +- .../protocols/pvp2x/config/PVPConfiguration.java | 2 +- .../resources/properties/id_messages_de.properties | 2 +- .../src/main/resources/config/moaid_config_2.0.xsd | 1 + 22 files changed, 197 insertions(+), 311 deletions(-) delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ConfigurationServlet.java (limited to 'id') diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java index 692990fa9..0c4823f43 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java @@ -128,6 +128,8 @@ public class ConfigurationProvider { UserRequestCleaner.start(); + log.info("MOA-ID-Configuration initialization completed"); + } catch (FileNotFoundException e) { throw new ConfigurationException("config.01", e); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java index d81d03780..e16020782 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java @@ -70,7 +70,7 @@ public class GeneralMOAIDConfig { private String szrgwURL = null; private String alternativeSourceID = null; private String certStoreDirectory = null; - private boolean trustmanagerrevocationcheck = false; + private boolean trustmanagerrevocationcheck = true; private String timeoutAssertion = String.valueOf(DEFAULTTIMEOUTASSERTION); private String timeoutMOASessionCreated = String.valueOf(DEFAULTTIMEOUTMOASESSIONCREATED); @@ -93,7 +93,6 @@ public class GeneralMOAIDConfig { private String saml1SourceID = null; - private String pvp2PublicUrlPrefix = null; private String pvp2IssuerName = null; private String pvp2OrgName = null; private String pvp2OrgDisplayName = null; @@ -107,7 +106,6 @@ public class GeneralMOAIDConfig { private String ssoTarget = null; private String ssoFriendlyName = null; - private String ssoPublicUrl = null; private String ssoSpecialText = null; private String ssoIdentificationNumber = null; @@ -124,6 +122,8 @@ public class GeneralMOAIDConfig { private String SLRequestTemplateLocal = ""; private String SLRequestTemplateHandy = ""; + private String publicURLPrefix = null; + public GeneralMOAIDConfig() { chainigmodelist = new HashMap(); ChainingModeType[] values = ChainingModeType.values(); @@ -159,6 +159,8 @@ public class GeneralMOAIDConfig { certStoreDirectory = authgen.getCertStoreDirectory(); trustmanagerrevocationcheck = authgen.isTrustManagerRevocationChecking(); + publicURLPrefix = authgen.getPublicURLPreFix(); + TimeOuts timeouts = authgen.getTimeOuts(); if (timeouts != null) { @@ -236,7 +238,10 @@ public class GeneralMOAIDConfig { protocolActivePVP21 = pvp2.isIsActive(); - pvp2PublicUrlPrefix = pvp2.getPublicURLPrefix(); + //INFO: only for backup + if (MiscUtil.isEmpty(publicURLPrefix)) + publicURLPrefix = pvp2.getPublicURLPrefix(); + pvp2IssuerName = pvp2.getIssuerName(); List con = pvp2.getContact(); @@ -275,7 +280,10 @@ public class GeneralMOAIDConfig { // if (idl != null) // ssoIdentificationNumber = idl.getValue(); - ssoPublicUrl = sso.getPublicURL(); + //INFO: only for backup + if (MiscUtil.isEmpty(publicURLPrefix)) + publicURLPrefix = sso.getPublicURL(); + ssoSpecialText = sso.getSpecialText(); if (MiscUtil.isNotEmpty(sso.getTarget()) && @@ -489,20 +497,6 @@ public class GeneralMOAIDConfig { this.legacy_pvp2 = legacy_pvp2; } - /** - * @return the pvp2PublicUrlPrefix - */ - public String getPvp2PublicUrlPrefix() { - return pvp2PublicUrlPrefix; - } - - /** - * @param pvp2PublicUrlPrefix the pvp2PublicUrlPrefix to set - */ - public void setPvp2PublicUrlPrefix(String pvp2PublicUrlPrefix) { - this.pvp2PublicUrlPrefix = pvp2PublicUrlPrefix; - } - /** * @return the pvp2IssuerName */ @@ -643,20 +637,6 @@ public class GeneralMOAIDConfig { this.ssoFriendlyName = ssoFriendlyName; } - /** - * @return the ssoPublicUrl - */ - public String getSsoPublicUrl() { - return ssoPublicUrl; - } - - /** - * @param ssoPublicUrl the ssoPublicUrl to set - */ - public void setSsoPublicUrl(String ssoPublicUrl) { - this.ssoPublicUrl = ssoPublicUrl; - } - /** * @return the ssoSpecialText */ @@ -929,6 +909,21 @@ public class GeneralMOAIDConfig { public void setSaml1SourceID(String saml1SourceID) { this.saml1SourceID = saml1SourceID; } + + /** + * @return the publicURLPrefix + */ + public String getPublicURLPrefix() { + return publicURLPrefix; + } + + /** + * @param publicURLPrefix the publicURLPrefix to set + */ + public void setPublicURLPrefix(String publicURLPrefix) { + this.publicURLPrefix = publicURLPrefix; + } + diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java index 079e6807e..ba58701fc 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java @@ -107,6 +107,8 @@ public class OAGeneralConfig { keyBoxIdentifierList.put(values[i].value(), values[i].value()); } + keyBoxIdentifier = MOAKeyBoxSelector.SECURE_SIGNATURE_KEYPAIR.value(); + bkuLocalURL = Constants.DEFAULT_LOCALBKU_URL; bkuHandyURL = Constants.DEFAULT_HANDYBKU_URL; diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java index 67750e765..c9e834662 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java @@ -48,7 +48,6 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.Contact; import at.gv.egovernment.moa.id.commons.db.dao.config.DefaultBKUs; import at.gv.egovernment.moa.id.commons.db.dao.config.ForeignIdentities; import at.gv.egovernment.moa.id.commons.db.dao.config.GeneralConfiguration; -import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber; import at.gv.egovernment.moa.id.commons.db.dao.config.IdentityLinkSigners; import at.gv.egovernment.moa.id.commons.db.dao.config.LegacyAllowed; import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; @@ -226,9 +225,17 @@ public class EditGeneralConfigAction extends ActionSupport dbauth.setGeneralConfiguration(dbauthgeneral); } - GeneralConfiguration oldauthgeneral = null; - if (oldauth != null) - oldauthgeneral = oldauth.getGeneralConfiguration(); +// GeneralConfiguration oldauthgeneral = null; +// if (oldauth != null) +// oldauthgeneral = oldauth.getGeneralConfiguration(); + + //set Public URL Prefix + String pubURLPrefix = moaconfig.getPublicURLPrefix(); + if(pubURLPrefix.endsWith("/")) { + int length = pubURLPrefix.length(); + pubURLPrefix = pubURLPrefix.substring(0, length-1); + } + dbauthgeneral.setPublicURLPreFix(pubURLPrefix); // if (MiscUtil.isNotEmpty(moaconfig.getAlternativeSourceID())) // dbauthgeneral.setAlternativeSourceID(moaconfig.getAlternativeSourceID()); @@ -314,8 +321,8 @@ public class EditGeneralConfigAction extends ActionSupport if (MiscUtil.isNotEmpty(moaconfig.getPvp2IssuerName())) pvp2.setIssuerName(moaconfig.getPvp2IssuerName()); - if (MiscUtil.isNotEmpty(moaconfig.getPvp2PublicUrlPrefix())) - pvp2.setPublicURLPrefix(moaconfig.getPvp2PublicUrlPrefix()); +// if (MiscUtil.isNotEmpty(moaconfig.getPvp2PublicUrlPrefix())) +// pvp2.setPublicURLPrefix(moaconfig.getPvp2PublicUrlPrefix()); Organization pvp2org = pvp2.getOrganization(); if (pvp2org == null) { @@ -363,8 +370,8 @@ public class EditGeneralConfigAction extends ActionSupport dbsso.setFriendlyName(moaconfig.getSsoFriendlyName()); if (MiscUtil.isNotEmpty(moaconfig.getSsoSpecialText())) dbsso.setSpecialText(moaconfig.getSsoSpecialText()); - if (MiscUtil.isNotEmpty(moaconfig.getSsoPublicUrl())) - dbsso.setPublicURL(moaconfig.getSsoPublicUrl()); +// if (MiscUtil.isNotEmpty(moaconfig.getSsoPublicUrl())) +// dbsso.setPublicURL(moaconfig.getSsoPublicUrl()); if (MiscUtil.isNotEmpty(moaconfig.getSsoTarget())) { diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java index b0e4804a8..a95d967bb 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/ValidationHelper.java @@ -167,23 +167,37 @@ public class ValidationHelper { } - public static boolean validateURL(String urlString) { log.debug("Validate URL " + urlString); - //if (urlString.startsWith("http") || urlString.startsWith("https")) { + if (urlString.startsWith("http") || urlString.startsWith("https")) { try { new URL(urlString); return true; } catch (MalformedURLException e) { } - //} + } return false; } +// public static boolean validateGeneralURL(String urlString) { +// +// log.debug("Validate URL " + urlString); +// +// try { +// new URL(urlString); +// return true; +// +// } catch (MalformedURLException e) { +// +// } +// +// return false; +// } + public static boolean isValidAdminTarget(String target) { log.debug("Ueberpruefe Parameter Target"); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java index 1c7da7079..fcf74a534 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java @@ -62,6 +62,17 @@ public class MOAConfigValidator { } } + check = form.getPublicURLPrefix(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validateURL(check)) { + log.info("Public URL Prefix is not valid"); + errors.add(LanguageHelper.getErrorString("validation.general.publicURLprefix.valid")); + } + } else { + log.info("PublicURL Prefix is empty."); + errors.add(LanguageHelper.getErrorString("validation.general.publicURLprefix.empty")); + } + check = form.getTimeoutAssertion(); if (MiscUtil.isNotEmpty(check)) { if (!ValidationHelper.validateNumber(check)) { @@ -234,13 +245,13 @@ public class MOAConfigValidator { } } - check = form.getPvp2PublicUrlPrefix(); - if (MiscUtil.isNotEmpty(check)) { - if (!ValidationHelper.validateURL(check)) { - log.info("PVP2 Service URL is not valid"); - errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.serviceurl.valid")); - } - } +// check = form.getPvp2PublicUrlPrefix(); +// if (MiscUtil.isNotEmpty(check)) { +// if (!ValidationHelper.validateURL(check)) { +// log.info("PVP2 Service URL is not valid"); +// errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.serviceurl.valid")); +// } +// } check = form.getSLRequestTemplateHandy(); if (MiscUtil.isEmpty(check)) { @@ -293,13 +304,13 @@ public class MOAConfigValidator { // } // } - check = form.getSsoPublicUrl(); - if (MiscUtil.isNotEmpty(check)) { - if (!ValidationHelper.validateURL(check)) { - log.info("SSO Public URL is not valid"); - errors.add(LanguageHelper.getErrorString("validation.general.sso.publicurl.valid")); - } - } +// check = form.getSsoPublicUrl(); +// if (MiscUtil.isNotEmpty(check)) { +// if (!ValidationHelper.validateURL(check)) { +// log.info("SSO Public URL is not valid"); +// errors.add(LanguageHelper.getErrorString("validation.general.sso.publicurl.valid")); +// } +// } check = form.getSsoSpecialText(); if (MiscUtil.isNotEmpty(check)) { diff --git a/id/ConfigWebTool/src/main/resources/applicationResources.properties b/id/ConfigWebTool/src/main/resources/applicationResources.properties index d96b48cbd..914c4cd62 100644 --- a/id/ConfigWebTool/src/main/resources/applicationResources.properties +++ b/id/ConfigWebTool/src/main/resources/applicationResources.properties @@ -95,6 +95,7 @@ webpages.mainpage.menu.general.adminrequests=Offene Anfragen webpages.moaconfig.save.success=Die MOA-ID Konfiguration wurde erfolgreich gespeichert. webpages.moaconfig.header=Allgemeine Konfiguration +webpages.oaconfig.general.publicURLPreFix=Public URL Prefix webpages.moaconfig.defaultbkus.header=Default BKUs webpages.moaconfig.slrequesttemplates.header=SecurtiyLayer Request Templates webpages.moaconfig.slrequesttemplates.local=Locale BKU @@ -313,6 +314,8 @@ validation.edituser.password.equal=Die Passw\u00F6rter sind nicht identisch. validation.edituser.bpk.valid=Die BPK enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} validation.general.SAML1SourceID=Die SAML1SourceID enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} +validation.general.publicURLprefix.empty=Public URL Prefix Feld ist leer. +validation.general.publicURLprefix.valid=Public URL Prefix hat kein g\u00F6ltiges Format. validation.general.certStoreDirectory.empty=CertStoreDirectory Feld ist leer. validation.general.certStoreDirectory.valid=Das CertStoreDirectory Feld enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} validation.general.Defaultchainigmode.empty=Es wurde kein DefaultChainingMode gew\u00E4hlt. diff --git a/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp b/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp index 1bb429afa..de5e4841b 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp @@ -33,6 +33,14 @@ + + + +

<%=LanguageHelper.getGUIString("webpages.moaconfig.defaultbkus.header", request) %>

@@ -200,12 +208,12 @@

<%=LanguageHelper.getGUIString("webpages.moaconfig.sso.header", request) %>

- - + --%>

<%=LanguageHelper.getGUIString("webpages.moaconfig.protocols.pvp2.header", request) %>

- - + --%> - +<%-- - + --%>
diff --git a/id/server/auth/src/main/webapp/WEB-INF/web.xml b/id/server/auth/src/main/webapp/WEB-INF/web.xml index dadca355c..0ef8a568c 100644 --- a/id/server/auth/src/main/webapp/WEB-INF/web.xml +++ b/id/server/auth/src/main/webapp/WEB-INF/web.xml @@ -74,13 +74,13 @@ Verify AUTH block coming from security layer at.gv.egovernment.moa.id.auth.servlet.VerifyAuthenticationBlockServlet - + AxisServlet Apache-Axis Servlet @@ -196,10 +196,10 @@ VerifyAuthBlock /VerifyAuthBlock - + AxisServlet /services/* @@ -235,7 +235,7 @@ 500 /errorpage.jsp - + BASIC UserDatabase diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java index 7608f9f93..bebae89db 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java @@ -811,9 +811,9 @@ public class AuthenticationServer implements MOAIDAuthConstants { if (session.isSsoRequested()) { - String oaURL =new String(); + String oaURL = new String(); try { - oaURL = AuthConfigurationProvider.getInstance().getSSOPublicUrl(); + oaURL = AuthConfigurationProvider.getInstance().getPublicURLPrefix(); if (MiscUtil.isNotEmpty(oaURL)) oaURL = oaURL.replaceAll("&", "&"); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java index f0de8b2e3..71d2aae37 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java @@ -205,26 +205,13 @@ public class StartAuthentificationParameterParser implements MOAIDAuthConstants{ authURL = authURL.concat(":" + req.getServerPort()); } authURL = authURL.concat(req.getContextPath() + "/"); - - if (isEmpty(authURL)) - throw new WrongParametersException("StartAuthentication", - "AuthURL", "auth.05"); - - // check if HTTP Connection may be allowed (through - // FRONTEND_SERVLETS_ENABLE_HTTP_CONNECTION_PROPERTY) - //INFO: removed from MOA-ID 2.0 Config -// String boolStr = AuthConfigurationProvider -// .getInstance() -// .getGenericConfigurationParameter( -// AuthConfigurationProvider.FRONTEND_SERVLETS_ENABLE_HTTP_CONNECTION_PROPERTY); - - if ((!authURL.startsWith("https:")) -// && (false == BoolUtils.valueOf(boolStr)) - ) + + if (!authURL.startsWith("https:")) throw new AuthenticationException("auth.07", new Object[] { authURL + "*" }); - moasession.setAuthURL(authURL); + //set Auth URL from configuration + moasession.setAuthURL(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/"); //check and set SourceID if (oaParam.getSAML1Parameter() != null) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ConfigurationServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ConfigurationServlet.java deleted file mode 100644 index 0c2bb66c0..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ConfigurationServlet.java +++ /dev/null @@ -1,133 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.id.auth.servlet; - -import java.io.IOException; -import java.text.DateFormat; -import java.util.Date; -import java.util.Locale; - -import javax.servlet.ServletConfig; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServlet; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.auth.MOAIDAuthInitializer; -import at.gv.egovernment.moa.id.util.HTTPRequestJSPForwarder; -import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; -import at.gv.egovernment.moa.logging.Logger; - -/** - * Servlet requested for updating the MOA-ID Auth configuration from configuration file - * - * @author Paul Ivancsics - * @version $Id$ - */ -public class ConfigurationServlet extends HttpServlet { - - /** - * - */ - private static final long serialVersionUID = 7455620886605337681L; - -/** - * Handle a HTTP GET request, used to indicated that the MOA - * configuration needs to be updated (reloaded). - * - * @see javax.servlet.http.HttpServlet#doGet(HttpServletRequest, HttpServletResponse) - */ - public void doGet(HttpServletRequest request, HttpServletResponse response) - throws ServletException, IOException { - - - response.setHeader(MOAIDAuthConstants.HEADER_EXPIRES,MOAIDAuthConstants.HEADER_VALUE_EXPIRES); - response.setHeader(MOAIDAuthConstants.HEADER_PRAGMA,MOAIDAuthConstants.HEADER_VALUE_PRAGMA); - response.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL); - response.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE); - - MOAIDMessageProvider msg = MOAIDMessageProvider.getInstance(); - - try { - MOAIDAuthInitializer.initialized=false; - MOAIDAuthInitializer.initialize(); - String message = msg.getMessage("config.00", new Object[] - { DateFormat.getTimeInstance(DateFormat.MEDIUM, Locale.GERMAN).format(new Date())} ); - - Logger.info(message); - HTTPRequestJSPForwarder.forwardNamed(message, "/message-auth.jsp", getServletContext(), request, response); - - } catch (Throwable t) { - String errorMessage = msg.getMessage("config.04", null); - Logger.error(errorMessage, t); - HTTPRequestJSPForwarder.forwardNamed(errorMessage, "/message-auth.jsp", getServletContext(), request, response); - } - } - - /** - * Do the same as doGet. - * - * @see javax.servlet.http.HttpServlet#doPost(HttpServletRequest, HttpServletResponse) - */ - public void doPost(HttpServletRequest request, HttpServletResponse response) - throws ServletException, IOException { - doGet(request, response); - } - - /** - * Calls the web application initializer. - * - * @see javax.servlet.Servlet#init(ServletConfig) - */ - public void init(ServletConfig servletConfig) throws ServletException { - super.init(servletConfig); - } - -} - - diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java index deec69c7f..0a0355bd7 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java @@ -57,17 +57,17 @@ public class GenerateIFrameTemplateServlet extends AuthServlet { private static final long serialVersionUID = 1L; public void init(ServletConfig servletConfig) throws ServletException { - try { - super.init(servletConfig); - MOAIDAuthInitializer.initialize(); - Logger.debug("default platform file.encoding: " + System.getProperty("file.encoding")); - Logger.info(MOAIDMessageProvider.getInstance().getMessage("init.00", null)); - } - catch (Exception ex) { - Logger.fatal(MOAIDMessageProvider.getInstance().getMessage("init.02", null), ex); - throw new ServletException(ex); - } - } +// try { +// super.init(servletConfig); +// MOAIDAuthInitializer.initialize(); +// Logger.debug("default platform file.encoding: " + System.getProperty("file.encoding")); +// Logger.info(MOAIDMessageProvider.getInstance().getMessage("init.00", null)); +// } +// catch (Exception ex) { +// Logger.fatal(MOAIDMessageProvider.getInstance().getMessage("init.02", null), ex); +// throw new ServletException(ex); +// } + } protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java index c87a17c7f..f3495966a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java @@ -123,15 +123,15 @@ public class LogOutServlet extends AuthServlet { * @see javax.servlet.Servlet#init(ServletConfig) */ public void init(ServletConfig servletConfig) throws ServletException { - try { - super.init(servletConfig); - MOAIDAuthInitializer.initialize(); - Logger.info(MOAIDMessageProvider.getInstance().getMessage("init.00", null)); - } - catch (Exception ex) { - Logger.fatal(MOAIDMessageProvider.getInstance().getMessage("init.02", null), ex); - throw new ServletException(ex); - } +// try { +// super.init(servletConfig); +// MOAIDAuthInitializer.initialize(); +// Logger.info(MOAIDMessageProvider.getInstance().getMessage("init.00", null)); +// } +// catch (Exception ex) { +// Logger.fatal(MOAIDMessageProvider.getInstance().getMessage("init.02", null), ex); +// throw new ServletException(ex); +// } } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java index 5471c03f5..b2c47fac0 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java @@ -417,7 +417,7 @@ public class CreateXMLSignatureResponseValidator { String oaURL; try { - oaURL = AuthConfigurationProvider.getInstance().getSSOPublicUrl(); + oaURL = AuthConfigurationProvider.getInstance().getPublicURLPrefix(); } catch (ConfigurationException e1) { oaURL = new String(); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java index c0f47d781..1a3c1b0a1 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java @@ -212,6 +212,8 @@ public class AuthConfigurationProvider extends ConfigurationProvider { private static Date date = null; + private String publicURLPreFix = null; + /** * Return the single instance of configuration data. * @@ -487,32 +489,41 @@ public class AuthConfigurationProvider extends ConfigurationProvider { //set TrustManagerRevocationChecking setTrustManagerRevocationChecking(); - //set TimeOuts - if (auth.getGeneralConfiguration() != null) { - if (auth.getGeneralConfiguration().getTimeOuts() != null) { - - timeouts = new TimeOuts(); - if (auth.getGeneralConfiguration().getTimeOuts().getAssertion() == null) - timeouts.setAssertion(new BigInteger("120")); - else - timeouts.setAssertion(auth.getGeneralConfiguration().getTimeOuts().getAssertion()); - - if (auth.getGeneralConfiguration().getTimeOuts().getMOASessionCreated() == null) - timeouts.setMOASessionCreated(new BigInteger("2700")); - else - timeouts.setMOASessionCreated(auth.getGeneralConfiguration().getTimeOuts().getMOASessionCreated()); - - if (auth.getGeneralConfiguration().getTimeOuts().getMOASessionUpdated() == null) - timeouts.setMOASessionUpdated(new BigInteger("1200")); - else - timeouts.setMOASessionUpdated(auth.getGeneralConfiguration().getTimeOuts().getMOASessionUpdated()); - } - } - else { - Logger.warn("Error in MOA-ID Configuration. No TimeOuts defined."); - throw new ConfigurationException("config.02", null); - } + //set default timeouts + timeouts = new TimeOuts(); + timeouts.setAssertion(new BigInteger("300")); + timeouts.setMOASessionCreated(new BigInteger("2700")); + timeouts.setMOASessionUpdated(new BigInteger("1200")); + //search timeouts in config + if (auth.getGeneralConfiguration() != null) { + if (auth.getGeneralConfiguration().getTimeOuts() != null) { + if (auth.getGeneralConfiguration().getTimeOuts().getAssertion() != null) + timeouts.setAssertion(auth.getGeneralConfiguration().getTimeOuts().getAssertion()); + + if (auth.getGeneralConfiguration().getTimeOuts().getMOASessionCreated() != null) + timeouts.setMOASessionCreated(auth.getGeneralConfiguration().getTimeOuts().getMOASessionCreated()); + + if (auth.getGeneralConfiguration().getTimeOuts().getMOASessionUpdated() != null) + timeouts.setMOASessionUpdated(auth.getGeneralConfiguration().getTimeOuts().getMOASessionUpdated()); + + } else { + Logger.info("No TimeOuts defined. Use default values"); + } + } + + // sets the authentication session and authentication data time outs + AuthenticationServer.getInstance() + .setSecondsSessionTimeOutCreated(timeouts.getMOASessionCreated().longValue()); + + AuthenticationServer.getInstance() + .setSecondsSessionTimeOutUpdated(timeouts.getMOASessionUpdated().longValue()); + + AuthenticationServer.getInstance() + .setSecondsAuthDataTimeOut(timeouts.getAssertion().longValue()); + + + //set PVP2 general config Protocols protocols = auth.getProtocols(); if (protocols != null) { @@ -569,39 +580,21 @@ public class AuthConfigurationProvider extends ConfigurationProvider { } //set alternativeSourceID - if (auth.getGeneralConfiguration() != null) + if (auth.getGeneralConfiguration() != null) { //TODO: can be removed in a further version, because it is moved to SAML1 config if (MiscUtil.isEmpty(alternativesourceid)) alternativesourceid = auth.getGeneralConfiguration().getAlternativeSourceID(); - - // sets the authentication session and authentication data time outs - BigInteger param = auth.getGeneralConfiguration().getTimeOuts().getMOASessionCreated(); - - if (param != null) { - long sessionTimeOut = param.longValue(); - if (sessionTimeOut > 0) - AuthenticationServer.getInstance() - .setSecondsSessionTimeOutCreated(sessionTimeOut); - } - - param = auth.getGeneralConfiguration().getTimeOuts().getMOASessionUpdated(); - if (param != null) { - long sessionTimeOut = param.longValue(); - if (sessionTimeOut > 0) - AuthenticationServer.getInstance() - .setSecondsSessionTimeOutUpdated(sessionTimeOut); - } - - param = auth.getGeneralConfiguration().getTimeOuts().getAssertion(); - if (param != null) { - long authDataTimeOut = param.longValue(); - if (authDataTimeOut > 0) - AuthenticationServer.getInstance() - .setSecondsAuthDataTimeOut(authDataTimeOut); - } - - else { + + if (MiscUtil.isNotEmpty(auth.getGeneralConfiguration().getPublicURLPreFix())) + publicURLPreFix = auth.getGeneralConfiguration().getPublicURLPreFix(); + + else { + Logger.error("No Public URL Prefix configured."); + throw new ConfigurationException("config.05", new Object[]{"Public URL Prefix"}); + } + + } else { Logger.warn("Error in MOA-ID Configuration. No GeneralConfig defined."); throw new ConfigurationException("config.02", null); } @@ -947,16 +940,6 @@ public class AuthConfigurationProvider extends ConfigurationProvider { return new String(); } - public String getSSOPublicUrl() { - if (ssoconfig!= null) { - String url = ssoconfig.getPublicURL(); - if (MiscUtil.isEmpty(url)) - url = new String(); - return url; - } - return new String(); - } - public String getMOASessionEncryptionKey() { String prop = props.getProperty("configuration.moasession.key"); @@ -1005,6 +988,10 @@ public class AuthConfigurationProvider extends ConfigurationProvider { return Boolean.valueOf(prop); } + public String getPublicURLPrefix() { + return publicURLPreFix; + } + /** * Retruns the STORK Configuration * @return STORK Configuration diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java index b5f0a7557..c9fc07b70 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java @@ -86,7 +86,7 @@ public class DispatcherServlet extends AuthServlet{ null), ex); throw new ServletException(ex); } - Logger.info("Dispatcher Servlet initialization"); + Logger.info("Dispatcher Servlet initialization finished."); } protected void processRequest(HttpServletRequest req, diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java index 90863890f..666224b3a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java @@ -238,8 +238,9 @@ public class AuthenticationManager extends AuthServlet { //Build authentication form + String publicURLPreFix = AuthConfigurationProvider.getInstance().getPublicURLPrefix(); String loginForm = LoginFormBuilder.buildLoginForm(target.requestedModule(), - target.requestedAction(), oaParam, request.getContextPath(), moasession.getSessionID()); + target.requestedAction(), oaParam, publicURLPreFix, moasession.getSessionID()); //store MOASession try { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java index bf82efb79..ebfffb648 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java @@ -124,7 +124,7 @@ public class PVPConfiguration { } public String getIDPPublicPath() throws ConfigurationException { - String publicPath = AuthConfigurationProvider.getInstance().getGeneralPVP2DBConfig().getPublicURLPrefix(); + String publicPath = AuthConfigurationProvider.getInstance().getPublicURLPrefix(); if(publicPath != null) { if(publicPath.endsWith("/")) { int length = publicPath.length(); diff --git a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties index 93e8cdb99..2559d3d18 100644 --- a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties +++ b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties @@ -69,7 +69,7 @@ config.15=Das Personenbindungs-Trust-Profil (TrustProfileID \= {0}) darf nicht f config.16=MOA ID Proxy konnte nicht gestartet werden. Das Element ConnnectionParameter im allgemeinen Konfigurationsteil der MOA-ID-PROXY Konfigurationsdatei fehlt. config.17=Fehler beim initialisieren von Hibernate config.18=Keine MOA-ID 2.x Konfiguration gefunden. -config.19=Kein Schl?ssel f\u00FCr die Resignierung der Personenbindung gefunden. +config.19=Kein Schl\u00FCssel f\u00FCr die Resignierung der Personenbindung gefunden. config.20=Umgebungsvariable "moa.id.proxy.configuration" nicht gesetzt parser.00=Leichter Fehler beim Parsen: {0} diff --git a/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd b/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd index 2461e1274..e6705dbb8 100644 --- a/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd +++ b/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd @@ -857,6 +857,7 @@ + -- cgit v1.2.3