From 5d5eaaa2580163023dbc8f2336c5e996e0bcbad0 Mon Sep 17 00:00:00 2001 From: kstranacher Date: Tue, 14 Feb 2012 13:44:52 +0000 Subject: * Update DOMUtils * Update MOA-SPSS Konfiguration Dokumentation * Update Resolver git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@1240 d688527b-c9ab-4aba-bd8d-4036d912da1d --- .../server/config/ConfigurationPartsBuilder.java | 2 +- .../moa/spss/server/invoke/DataObjectFactory.java | 1 - .../spss/server/invoke/ExternalURIResolver.java | 4 +++- .../moa/spss/server/service/ServiceUtils.java | 27 ++++++++++++++-------- .../server/service/SignatureCreationService.java | 1 + .../moa/spss/util/ExternalURIVerifier.java | 13 ++++++----- .../moa/spss/util/MOASPSSEntityResolver.java | 16 ++++++------- .../properties/spss_messages_de.properties | 2 +- 8 files changed, 39 insertions(+), 27 deletions(-) (limited to 'spss/server/serverlib/src/main') diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java index 1211b5e94..40416f121 100644 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java @@ -408,7 +408,7 @@ public class ConfigurationPartsBuilder { Element permitExtElem = null; while ((permitExtElem = (Element) permitExtIter.nextNode()) != null) { - String host = getElementValue(permitExtElem, CONF + "Host", null); + String host = getElementValue(permitExtElem, CONF + "IP", null); String port = getElementValue(permitExtElem, CONF + "Port", null); diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/DataObjectFactory.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/DataObjectFactory.java index 0d100676b..148be664b 100644 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/DataObjectFactory.java +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/DataObjectFactory.java @@ -72,7 +72,6 @@ import at.gv.egovernment.moa.spss.util.MessageProvider; import at.gv.egovernment.moa.util.Constants; import at.gv.egovernment.moa.util.DOMUtils; import at.gv.egovernment.moa.util.EntityResolverChain; -import at.gv.egovernment.moa.util.MOAEntityResolver; import at.gv.egovernment.moa.util.MOAErrorHandler; import at.gv.egovernment.moa.util.StreamEntityResolver; import at.gv.egovernment.moa.util.StreamUtils; diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/ExternalURIResolver.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/ExternalURIResolver.java index e09ade231..84172a4d5 100644 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/ExternalURIResolver.java +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/ExternalURIResolver.java @@ -101,7 +101,7 @@ public class ExternalURIResolver { try { // create the URL url = new URL(uriStr); - System.out.println("ExternalURIResolver: " + url); + //System.out.println("ExternalURIResolver: " + url); ExternalURIVerifier.verify(url.getHost(), url.getPort()); } catch (MalformedURLException e) { @@ -113,6 +113,8 @@ public class ExternalURIResolver { connection = url.openConnection(); if ("http".equals(url.getProtocol())) { HttpURLConnection httpConnection = (HttpURLConnection) connection; + // disallow redirects + httpConnection.setInstanceFollowRedirects(false); httpConnection.connect(); if (httpConnection.getResponseCode() != HttpURLConnection.HTTP_OK) { diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/service/ServiceUtils.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/service/ServiceUtils.java index a088916a9..1bb125c74 100644 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/service/ServiceUtils.java +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/service/ServiceUtils.java @@ -29,10 +29,12 @@ import java.io.ByteArrayInputStream; import org.w3c.dom.Document; import org.w3c.dom.Element; +import at.gv.egovernment.moa.spss.MOAApplicationException; +import at.gv.egovernment.moa.spss.util.MOASPSSEntityResolver; import at.gv.egovernment.moa.util.Constants; import at.gv.egovernment.moa.util.DOMUtils; - -import at.gv.egovernment.moa.spss.MOAApplicationException; +import at.gv.egovernment.moa.util.MOAEntityResolver; +import at.gv.egovernment.moa.util.MOAErrorHandler; /** * Helper methods for the Service classes. @@ -56,7 +58,8 @@ public class ServiceUtils { DOMUtils.validateElement( request[0], Constants.ALL_SCHEMA_LOCATIONS, - null); + null, + new MOASPSSEntityResolver()); } catch (Exception e) { throw new MOAApplicationException( "1100", @@ -78,12 +81,18 @@ public class ServiceUtils { try { byte[] requestBytes = DOMUtils.serializeNode(request, "UTF-8"); - Document validatedRequest = - DOMUtils.parseDocument( - new ByteArrayInputStream(requestBytes), - true, - Constants.ALL_SCHEMA_LOCATIONS, - null); + Document validatedRequest = DOMUtils.parseDocument(new ByteArrayInputStream(requestBytes), + true, + Constants.ALL_SCHEMA_LOCATIONS, + null, + new MOASPSSEntityResolver(), + new MOAErrorHandler()); + +// DOMUtils.parseDocument( +// new ByteArrayInputStream(requestBytes), +// true, +// Constants.ALL_SCHEMA_LOCATIONS, +// null); return validatedRequest.getDocumentElement(); } catch (Exception e) { throw new MOAApplicationException( diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/service/SignatureCreationService.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/service/SignatureCreationService.java index 3304e262f..7a7bb88bb 100644 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/service/SignatureCreationService.java +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/service/SignatureCreationService.java @@ -94,6 +94,7 @@ public class SignatureCreationService { //since Axis (1.1 ff) has problem with namespaces we take the raw request stored by the Axishandler. TransactionContext context = TransactionContextManager.getInstance().getTransactionContext(); + // validate the request reparsedReq = ServiceUtils.reparseRequest(request[0]);//context.getRequest()); diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/util/ExternalURIVerifier.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/util/ExternalURIVerifier.java index 1f1282e66..dafb89f16 100644 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/util/ExternalURIVerifier.java +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/util/ExternalURIVerifier.java @@ -5,6 +5,8 @@ import java.net.UnknownHostException; import java.util.Iterator; import java.util.List; +import at.gv.egovernment.moa.logging.LogMsg; +import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.spss.MOAApplicationException; import at.gv.egovernment.moa.spss.server.config.ConfigurationException; import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; @@ -13,7 +15,6 @@ public class ExternalURIVerifier { public static void verify(String host, int port) throws MOAApplicationException { - System.out.println("ExternalURIVerifier: " + host + ":" + port); if (host == null) return; @@ -39,15 +40,15 @@ public class ExternalURIVerifier { if (bport == null || port == -1) { // check only host if (ip.startsWith(bhost)) { - System.out.println("Blacklist check: " + host + " (" + ip + ") blacklisted"); + Logger.debug(new LogMsg("Blacklist check: " + host + " (" + ip + ") blacklisted")); throw new MOAApplicationException("4002", new Object[]{host + "(" + ip + ")"}); } } else { // check host and port int iport = new Integer(bport).intValue(); - if (ip.startsWith(bhost) && (iport == port)) { - System.out.println("Blacklist check: " + host + ":" + port + " (" + ip + ":" + port + " blacklisted"); + if (ip.startsWith(bhost) && (iport == port)) { + Logger.debug(new LogMsg("Blacklist check: " + host + ":" + port + " (" + ip + ":" + port + " blacklisted")); throw new MOAApplicationException("4002", new Object[]{host + ":" + port + " (" + ip + ":" + port + ")"}); } @@ -55,11 +56,11 @@ public class ExternalURIVerifier { } } else { - System.out.println("No external URIs allowed (" + host + ")"); + Logger.debug(new LogMsg("No external URIs allowed (" + host + ")")); throw new MOAApplicationException("4001", new Object[]{host}); } - System.out.println("URI allowed: " + ip + ":" + port); + Logger.debug(new LogMsg("URI allowed: " + ip + ":" + port)); } catch (ConfigurationException e) { throw new MOAApplicationException("config.10", null); diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/util/MOASPSSEntityResolver.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/util/MOASPSSEntityResolver.java index 1f12fb869..b5f72c4ab 100644 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/util/MOASPSSEntityResolver.java +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/util/MOASPSSEntityResolver.java @@ -29,6 +29,7 @@ import org.apache.xerces.util.URI; import org.apache.xerces.util.URI.MalformedURIException; import org.xml.sax.EntityResolver; import org.xml.sax.InputSource; +import org.xml.sax.SAXException; import at.gv.egovernment.moa.logging.LogMsg; import at.gv.egovernment.moa.logging.Logger; @@ -68,12 +69,10 @@ public class MOASPSSEntityResolver implements EntityResolver { * null, if the entity could not be found. * @see org.xml.sax.EntityResolver#resolveEntity(java.lang.String, java.lang.String) */ - public InputSource resolveEntity(String publicId, String systemId) { + public InputSource resolveEntity(String publicId, String systemId) throws SAXException { InputStream stream; int slashPos; - System.out.println("MOASPSSEntityResover: " + publicId + " - " + systemId); - if (Logger.isDebugEnabled()) { Logger.debug( new LogMsg("resolveEntity: p=" + publicId + " s=" + systemId)); @@ -95,21 +94,22 @@ public class MOASPSSEntityResolver implements EntityResolver { try { URI uri = new URI(systemId); systemId = uri.getPath(); - System.out.println("MOASPSSEntityResover: " + uri); - if (!"file".equals(uri.getScheme()) || "".equals(systemId.trim())) { + if ("".equals(systemId.trim())) { return null; } - +// if (!"file".equals(uri.getScheme()) || "".equals(systemId.trim())) { +// return null; +// } + ExternalURIVerifier.verify(uri.getHost(), uri.getPort()); } catch (MalformedURIException e) { return null; } catch (MOAApplicationException e) { - e.printStackTrace(); - return null; + throw new SAXException(e); } // try to get the resource from the full path diff --git a/spss/server/serverlib/src/main/resources/resources/properties/spss_messages_de.properties b/spss/server/serverlib/src/main/resources/resources/properties/spss_messages_de.properties index debb70b31..fbd0cd7c2 100644 --- a/spss/server/serverlib/src/main/resources/resources/properties/spss_messages_de.properties +++ b/spss/server/serverlib/src/main/resources/resources/properties/spss_messages_de.properties @@ -89,7 +89,7 @@ 3203=Signaturumgebung kann nicht geladen werden (Reference="{0}", LocRef-URI="{1}") 4001=Externe URI {0} darf nicht geladen werden (externe URIs generell verboten) -4002=Externe URI {0} befindet sich auf der Blackliste und darf nicht geladen werden +4002=Externe URI {0} befindet sich auf der Blacklist und darf nicht geladen werden 4003=IP-Adresse für {0} konnte nicht ermitteln werden -- cgit v1.2.3