From b00fd777ba1c564b1f4b3fdf14ec4d23ff80c1ea Mon Sep 17 00:00:00 2001
From: spuchmann <spuchmann@d688527b-c9ab-4aba-bd8d-4036d912da1d>
Date: Thu, 8 May 2008 14:04:44 +0000
Subject: added PermitFileURIs; removing unnecessary dependencies to Sun's JSSE

git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@1071 d688527b-c9ab-4aba-bd8d-4036d912da1d
---
 .../server/config/ConfigurationPartsBuilder.java   | 16 +++++++++++--
 .../spss/server/config/ConfigurationProvider.java  | 17 ++++++++++++--
 .../xmlsign/XMLSignatureCreationProfileImpl.java   |  7 ++++++
 .../XMLSignatureVerificationProfileImpl.java       | 21 +++++++++++++++--
 .../moa/spss/server/init/SystemInitializer.java    | 27 ++--------------------
 .../XMLSignatureVerificationProfileFactory.java    |  4 +++-
 6 files changed, 60 insertions(+), 32 deletions(-)

(limited to 'spss/server/serverlib/src')

diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java
index 14ceb71cd..327b66f54 100644
--- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java
+++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java
@@ -190,7 +190,9 @@ public class ConfigurationPartsBuilder {
   private static final String SUPPLEMENT_PROFILE_XPATH =
     ROOT + CONF + "SignatureVerification/" 
     + CONF + "SupplementProfile";
-  
+  private static final String PERMIT_FILE_URIS_XPATH =
+	    ROOT + CONF + "SignatureVerification/" 
+	    + CONF + "PermitFileURIs";
   //
   // default values for configuration parameters 
   //
@@ -1235,5 +1237,15 @@ public class ConfigurationPartsBuilder {
     String autoAdd = getElementValue(getConfigElem(), AUTO_ADD_CERTIFICATES_XPATH_, null);
     return Boolean.valueOf(autoAdd).booleanValue();
   }
-
+  
+  /**
+   * Returns whether file URIs are permitted  
+   * @return whether file URIs are permitted
+   */
+  public boolean getPermitFileURIs()
+  {
+    String permitFileURIs = getElementValue(getConfigElem(), PERMIT_FILE_URIS_XPATH, "false");
+    return Boolean.valueOf(permitFileURIs).booleanValue();
+  }
+  
 }
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java
index 57f06326a..16bf153c9 100644
--- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java
+++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java
@@ -206,7 +206,11 @@ public class ConfigurationProvider
    * be used during certificate path construction.
    */
   private boolean useAuthorityInfoAccess_;
-
+  /**
+   * Indicates whether file URIs are allowed or not 
+   */
+  private boolean permitFileURIs;
+  
   /**
    * Return the single instance of configuration data.
    * 
@@ -319,6 +323,7 @@ public class ConfigurationProvider
       verifyTransformsInfoProfiles = builder.buildVerifyTransformsInfoProfiles();
       supplementProfiles = builder.buildSupplementProfiles();
       warnings = new ArrayList(builder.getWarnings());
+      permitFileURIs = builder.getPermitFileURIs();
     } catch (Throwable t) {
       throw new ConfigurationException("config.11", null, t);
     } finally {
@@ -685,5 +690,13 @@ public class ConfigurationProvider
   {
     return useAuthorityInfoAccess_;
   }
-
+  
+  /**
+   * Returns whether the file URIs are permitted or not
+   * @return whether the file URIs are permitted or not
+   */
+  public boolean getPermitFileURIs()
+  {
+    return permitFileURIs; 
+  }
 }
\ No newline at end of file
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/XMLSignatureCreationProfileImpl.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/XMLSignatureCreationProfileImpl.java
index fb3ff4931..2a35e5892 100644
--- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/XMLSignatureCreationProfileImpl.java
+++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/XMLSignatureCreationProfileImpl.java
@@ -275,5 +275,12 @@ public class XMLSignatureCreationProfileImpl
   public String getSignedPropertiesID() {
     return propertyIDGenerator.uniqueId();
   }
+  
+  /**
+   * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getPermitFileURIs()
+   */
+  public boolean getPermitFileURIs() {
+    return false;
+  }
 
 }
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlverify/XMLSignatureVerificationProfileImpl.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlverify/XMLSignatureVerificationProfileImpl.java
index 216596dc3..ab302388d 100644
--- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlverify/XMLSignatureVerificationProfileImpl.java
+++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlverify/XMLSignatureVerificationProfileImpl.java
@@ -26,7 +26,8 @@ public class XMLSignatureVerificationProfileImpl
   private boolean includeHashInputData;
   /** Whether to include reference input data in the response. */
   private boolean includeReferenceInputData;
-
+  /** Whether the file URIs are permitted */
+  private boolean permitFileURIs;
   /**
    * @see iaik.server.modules.xmlverify.XMLSignatureVerificationProfile#checkSecurityLayerManifest()
    */
@@ -127,5 +128,21 @@ public class XMLSignatureVerificationProfileImpl
   public void setIncludeReferenceInputData(boolean includeReferenceInputData) {
     this.includeReferenceInputData = includeReferenceInputData;
   }
-
+  
+  /**
+   * @see iaik.server.modules.xmlverify.XMLSignatureVerificationProfile#getPermitFileURIs() 
+   */
+  public boolean getPermitFileURIs() {
+    return permitFileURIs;
+  }
+  
+  /**
+   * Set whether the file URIs are permitted or not
+   * 
+   * @param permitFileURIs whether the file URIs are permitted or not
+   */
+  public void setPermitFileURIs(boolean permitFileURIs)
+  {
+    this.permitFileURIs = permitFileURIs;
+  }
 }
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/init/SystemInitializer.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/init/SystemInitializer.java
index 4871ac4fe..42b1c7c3c 100644
--- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/init/SystemInitializer.java
+++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/init/SystemInitializer.java
@@ -1,11 +1,6 @@
 package at.gv.egovernment.moa.spss.server.init;
 
 import java.io.IOException;
-import java.security.Security;
-
-import javax.net.ssl.SSLSocketFactory;
-
-import org.apache.axis.AxisProperties;
 
 import iaik.ixsil.init.IXSILInit;
 
@@ -42,7 +37,7 @@ public class SystemInitializer {
    */
   public static void init() {
     MessageProvider msg = MessageProvider.getInstance();
-    ClassLoader cl = SystemInitializer.class.getClassLoader();
+
     Thread archiveCleaner;
 
     // set up the MOA SPSS logging hierarchy
@@ -51,25 +46,7 @@ public class SystemInitializer {
     // set up a logging context for logging the startup
     LoggingContextManager.getInstance().setLoggingContext(
       new LoggingContext("startup"));
-
-    // load some jsse classes so that the integrity of the jars can be verified
-    // before the iaik jce is installed as the security provider
-    // this workaround is only needed when sun jsse is used in conjunction with
-    // iaik-jce (on jdk1.3)
-    try {
-      cl.loadClass("javax.security.cert.Certificate"); // from jcert.jar
-    } catch (ClassNotFoundException e) {
-      Logger.warn(msg.getMessage("init.03", null), e);
-    }
-
-    // set up SUN JSSE SSL
-    Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
-    System.setProperty(
-      "java.protocol.handler.pkgs",
-      "com.sun.net.ssl.internal.www.protocol");
-    SSLSocketFactory.getDefault();
-
-    
+ 
 //    AxisProperties.setProperty("enableNamespacePrefixOptimization","false");
 //    AxisProperties.setProperty("disablePrettyXML", "true");
 //    AxisProperties.setProperty("axis.doAutoTypes", "true");
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationProfileFactory.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationProfileFactory.java
index 5df13a337..1a8c72779 100644
--- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationProfileFactory.java
+++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationProfileFactory.java
@@ -86,7 +86,9 @@ public class XMLSignatureVerificationProfileFactory {
     } else {
         profile.setTransformationSupplements(Collections.EMPTY_LIST);
     }
-
+    
+    profile.setPermitFileURIs(config.getPermitFileURIs());
+    
     return profile;
   }
 
-- 
cgit v1.2.3