package at.gv.egovernment.moa.id.configuration.struts.action; import java.math.BigInteger; import java.util.ArrayList; import java.util.Arrays; import java.util.Date; import java.util.List; import java.util.Map; import java.util.Set; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import org.apache.log4j.Logger; import org.apache.struts2.interceptor.ServletRequestAware; import org.apache.struts2.interceptor.ServletResponseAware; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral; import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModeType; import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModes; import at.gv.egovernment.moa.id.commons.db.dao.config.ConnectionParameterClientAuthType; import at.gv.egovernment.moa.id.commons.db.dao.config.Contact; import at.gv.egovernment.moa.id.commons.db.dao.config.DefaultBKUs; import at.gv.egovernment.moa.id.commons.db.dao.config.ForeignIdentities; import at.gv.egovernment.moa.id.commons.db.dao.config.GeneralConfiguration; import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber; import at.gv.egovernment.moa.id.commons.db.dao.config.IdentityLinkSigners; import at.gv.egovernment.moa.id.commons.db.dao.config.LegacyAllowed; import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; import at.gv.egovernment.moa.id.commons.db.dao.config.MOASP; import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineMandates; import at.gv.egovernment.moa.id.commons.db.dao.config.Organization; import at.gv.egovernment.moa.id.commons.db.dao.config.PVP2; import at.gv.egovernment.moa.id.commons.db.dao.config.Protocols; import at.gv.egovernment.moa.id.commons.db.dao.config.SLRequestTemplates; import at.gv.egovernment.moa.id.commons.db.dao.config.SSO; import at.gv.egovernment.moa.id.commons.db.dao.config.STORK; import at.gv.egovernment.moa.id.commons.db.dao.config.SecurityLayer; import at.gv.egovernment.moa.id.commons.db.dao.config.TimeOuts; import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType; import at.gv.egovernment.moa.id.commons.db.dao.config.TrustAnchor; import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyAuthBlock; import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyIdentityLink; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.configuration.Constants; import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; import at.gv.egovernment.moa.id.configuration.data.GeneralMOAIDConfig; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.id.configuration.validation.moaconfig.MOAConfigValidator; import at.gv.egovernment.moa.id.util.Random; import at.gv.egovernment.moa.util.MiscUtil; import com.opensymphony.xwork2.ActionSupport; public class EditGeneralConfigAction extends ActionSupport implements ServletRequestAware, ServletResponseAware { private static final Logger log = Logger.getLogger(EditGeneralConfigAction.class); private static final long serialVersionUID = 1L; private HttpServletRequest request; private AuthenticatedUser authUser; private GeneralMOAIDConfig moaconfig; private String formID; public String loadConfig() { HttpSession session = request.getSession(); if (session == null) { log.info("No http Session found."); return Constants.STRUTS_ERROR; } Object authUserObj = session.getAttribute(Constants.SESSION_AUTH); authUser = (AuthenticatedUser) authUserObj; if (authUser.isAdmin()) { MOAIDConfiguration dbconfig = ConfigurationDBRead.getMOAIDConfiguration(); moaconfig = new GeneralMOAIDConfig(); moaconfig.parse(dbconfig); ConfigurationDBUtils.closeSession(); formID = Random.nextRandom(); session.setAttribute(Constants.SESSION_FORMID, formID); return Constants.STRUTS_SUCCESS; } else { addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); return Constants.STRUTS_NOTALLOWED; } } public String saveConfig() { HttpSession session = request.getSession(); if (session == null) { log.info("No http Session found."); return Constants.STRUTS_ERROR; } Object authUserObj = session.getAttribute(Constants.SESSION_AUTH); authUser = (AuthenticatedUser) authUserObj; Object formidobj = session.getAttribute(Constants.SESSION_FORMID); if (formidobj != null && formidobj instanceof String) { String formid = (String) formidobj; if (!formid.equals(formID)) { log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); return Constants.STRUTS_ERROR; } } else { log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() + authUser.getGivenName() + authUser.getUserID()); return Constants.STRUTS_ERROR; } session.setAttribute(Constants.SESSION_FORMID, null); if (authUser.isAdmin()) { MOAConfigValidator validator = new MOAConfigValidator(); List errors = validator.validate(moaconfig); if (errors.size() > 0) { log.info("General MOA-ID configuration has some erros."); for (String el : errors) addActionError(el); formID = Random.nextRandom(); session.setAttribute(Constants.SESSION_FORMID, formID); return Constants.STRUTS_ERROR_VALIDATION; } String error = saveFormToDatabase(); if (error != null) { log.warn("General MOA-ID config can not be stored in Database"); addActionError(error); return Constants.STRUTS_SUCCESS; } } else { addActionError(LanguageHelper.getErrorString("errors.notallowed", request)); return Constants.STRUTS_NOTALLOWED; } addActionMessage(LanguageHelper.getGUIString("webpages.moaconfig.save.success")); return Constants.STRUTS_SUCCESS; } public String back() { Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH); authUser = (AuthenticatedUser) authUserObj; return Constants.STRUTS_SUCCESS; } private String saveFormToDatabase() { MOAIDConfiguration oldconfig = ConfigurationDBRead.getMOAIDConfiguration(); AuthComponentGeneral oldauth = null; if (oldconfig != null) { oldauth = oldconfig.getAuthComponentGeneral(); } // MOAIDConfiguration dbconfig = ConfigurationDBRead.getMOAIDConfiguration(); // if (dbconfig == null) { // dbconfig = new MOAIDConfiguration(); // isnewconfig = true; // } MOAIDConfiguration dbconfig = new MOAIDConfiguration(); AuthComponentGeneral dbauth = dbconfig.getAuthComponentGeneral(); if (dbauth == null) { dbauth = new AuthComponentGeneral(); dbconfig.setAuthComponentGeneral(dbauth); } GeneralConfiguration dbauthgeneral = dbauth.getGeneralConfiguration(); if (dbauthgeneral == null) { dbauthgeneral = new GeneralConfiguration(); dbauth.setGeneralConfiguration(dbauthgeneral); } GeneralConfiguration oldauthgeneral = null; if (oldauth != null) oldauthgeneral = oldauth.getGeneralConfiguration(); if (MiscUtil.isNotEmpty(moaconfig.getAlternativeSourceID())) dbauthgeneral.setAlternativeSourceID(moaconfig.getAlternativeSourceID()); else { if (oldauthgeneral != null) dbauthgeneral.setAlternativeSourceID(oldauthgeneral.getAlternativeSourceID()); } if (MiscUtil.isNotEmpty(moaconfig.getCertStoreDirectory())) dbauthgeneral.setCertStoreDirectory(moaconfig.getCertStoreDirectory()); TimeOuts dbtimeouts = dbauthgeneral.getTimeOuts(); if (dbtimeouts == null) { dbtimeouts = new TimeOuts(); dbauthgeneral.setTimeOuts(dbtimeouts); } if (MiscUtil.isEmpty(moaconfig.getTimeoutAssertion())) dbtimeouts.setAssertion(BigInteger.valueOf(GeneralMOAIDConfig.DEFAULTTIMEOUTASSERTION)); else dbtimeouts.setAssertion(new BigInteger(moaconfig.getTimeoutAssertion())); if (MiscUtil.isEmpty(moaconfig.getTimeoutMOASessionCreated())) dbtimeouts.setMOASessionCreated(BigInteger.valueOf(GeneralMOAIDConfig.DEFAULTTIMEOUTMOASESSIONCREATED)); else dbtimeouts.setMOASessionCreated(new BigInteger(moaconfig.getTimeoutMOASessionCreated())); if (MiscUtil.isEmpty(moaconfig.getTimeoutMOASessionUpdated())) dbtimeouts.setMOASessionUpdated(BigInteger.valueOf(GeneralMOAIDConfig.DEFAULTTIMEOUTMOASESSIONUPDATED)); else dbtimeouts.setMOASessionUpdated(new BigInteger(moaconfig.getTimeoutMOASessionUpdated())); dbauthgeneral.setTrustManagerRevocationChecking(moaconfig.isTrustmanagerrevocationcheck()); Protocols dbprotocols = dbauth.getProtocols(); if (dbprotocols == null) { dbprotocols = new Protocols(); dbauth.setProtocols(dbprotocols); } LegacyAllowed legprot = dbprotocols.getLegacyAllowed(); if (legprot == null) { legprot = new LegacyAllowed(); dbprotocols.setLegacyAllowed(legprot); } List el = new ArrayList(); if (moaconfig.isLegacy_pvp2()) el.add(Constants.MOA_CONFIG_PROTOCOL_PVP2); if (moaconfig.isLegacy_saml1()) el.add(Constants.MOA_CONFIG_PROTOCOL_SAML1); legprot.setProtocolName(el); PVP2 pvp2 = dbprotocols.getPVP2(); if (pvp2 == null) { pvp2 = new PVP2(); dbprotocols.setPVP2(pvp2); } if (MiscUtil.isNotEmpty(moaconfig.getPvp2IssuerName())) pvp2.setIssuerName(moaconfig.getPvp2IssuerName()); if (MiscUtil.isNotEmpty(moaconfig.getPvp2PublicUrlPrefix())) pvp2.setPublicURLPrefix(moaconfig.getPvp2PublicUrlPrefix()); Organization pvp2org = pvp2.getOrganization(); if (pvp2org == null) { pvp2org = new Organization(); pvp2.setOrganization(pvp2org); } if (MiscUtil.isNotEmpty(moaconfig.getPvp2OrgDisplayName())) pvp2org.setDisplayName(moaconfig.getPvp2OrgDisplayName()); if (MiscUtil.isNotEmpty(moaconfig.getPvp2OrgName())) pvp2org.setName(moaconfig.getPvp2OrgName()); if (MiscUtil.isNotEmpty(moaconfig.getPvp2OrgURL())) pvp2org.setURL(moaconfig.getPvp2OrgURL()); List pvp2cont = pvp2.getContact(); if (pvp2cont == null) { pvp2cont = new ArrayList(); pvp2.setContact(pvp2cont); } Contact cont = new Contact(); pvp2cont.add(cont); if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getCompany())) cont.setCompany(moaconfig.getPvp2Contact().getCompany()); if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getGivenname())) cont.setGivenName(moaconfig.getPvp2Contact().getGivenname()); //TODO: change to list if required if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getMail())) cont.setMail(Arrays.asList(moaconfig.getPvp2Contact().getMail())); if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getPhone())) cont.setPhone(Arrays.asList(moaconfig.getPvp2Contact().getPhone())); if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getSurname())) cont.setSurName(moaconfig.getPvp2Contact().getSurname()); if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getType())) cont.setType(moaconfig.getPvp2Contact().getType()); SSO dbsso = dbauth.getSSO(); if (dbsso == null) { dbsso = new SSO(); dbauth.setSSO(dbsso); } if (MiscUtil.isNotEmpty(moaconfig.getSsoFriendlyName())) dbsso.setFriendlyName(moaconfig.getSsoFriendlyName()); if (MiscUtil.isNotEmpty(moaconfig.getSsoSpecialText())) dbsso.setSpecialText(moaconfig.getSsoSpecialText()); if (MiscUtil.isNotEmpty(moaconfig.getSsoPublicUrl())) dbsso.setPublicURL(moaconfig.getSsoPublicUrl()); if (MiscUtil.isNotEmpty(moaconfig.getSsoTarget())) dbsso.setTarget(moaconfig.getSsoTarget()); if (MiscUtil.isNotEmpty(moaconfig.getSsoIdentificationNumber())) { IdentificationNumber ssoid = dbsso.getIdentificationNumber(); if (ssoid == null) { ssoid = new IdentificationNumber(); dbsso.setIdentificationNumber(ssoid); } ssoid.setValue(moaconfig.getSsoIdentificationNumber()); } DefaultBKUs dbbkus = dbconfig.getDefaultBKUs(); if (dbbkus == null) { dbbkus = new DefaultBKUs(); dbconfig.setDefaultBKUs(dbbkus); } if (MiscUtil.isNotEmpty(moaconfig.getDefaultBKUHandy())) dbbkus.setHandyBKU(moaconfig.getDefaultBKUHandy()); if (MiscUtil.isNotEmpty(moaconfig.getDefaultBKUOnline())) dbbkus.setOnlineBKU(moaconfig.getDefaultBKUOnline()); if (MiscUtil.isNotEmpty(moaconfig.getDefaultBKULocal())) dbbkus.setLocalBKU(moaconfig.getDefaultBKULocal()); ChainingModes dbchainingmodes = dbconfig.getChainingModes(); if (dbchainingmodes == null) { dbchainingmodes = new ChainingModes(); dbconfig.setChainingModes(dbchainingmodes); } dbchainingmodes.setSystemDefaultMode( ChainingModeType.fromValue(moaconfig.getDefaultchainigmode())); if (oldconfig != null) { ChainingModes oldchainigmodes = oldconfig.getChainingModes(); if (oldchainigmodes != null) { List oldtrustanchor = oldchainigmodes.getTrustAnchor(); if (oldtrustanchor != null) { List trustanchor = new ArrayList(); for (TrustAnchor oldel : oldtrustanchor) { TrustAnchor TAel = new TrustAnchor(); TAel.setX509IssuerName(oldel.getX509IssuerName()); TAel.setX509SerialNumber(oldel.getX509SerialNumber()); TAel.setMode(oldel.getMode()); trustanchor.add(TAel); } dbchainingmodes.setTrustAnchor(trustanchor); } } } IdentityLinkSigners idlsigners = dbauth.getIdentityLinkSigners(); if (idlsigners == null) { idlsigners = new IdentityLinkSigners(); dbauth.setIdentityLinkSigners(idlsigners); } ForeignIdentities dbforeign = dbauth.getForeignIdentities(); if (dbforeign == null) { dbforeign = new ForeignIdentities(); dbauth.setForeignIdentities(dbforeign); } if (MiscUtil.isNotEmpty(moaconfig.getSzrgwURL())) { ConnectionParameterClientAuthType forcon = dbforeign.getConnectionParameter(); if (forcon == null) { forcon = new ConnectionParameterClientAuthType(); dbforeign.setConnectionParameter(forcon); } forcon.setURL(moaconfig.getSzrgwURL()); } //TODO: Set STORK Config!!! if (oldauth != null) { ForeignIdentities oldforeign = oldauth.getForeignIdentities(); if (oldforeign != null) { STORK oldstork = oldforeign.getSTORK(); if (oldstork != null) dbforeign.setSTORK(oldstork); } } if (MiscUtil.isNotEmpty(moaconfig.getMandateURL())) { OnlineMandates dbmandate = dbauth.getOnlineMandates(); if (dbmandate == null) { dbmandate = new OnlineMandates(); dbauth.setOnlineMandates(dbmandate); } ConnectionParameterClientAuthType dbmandateconnection = dbmandate.getConnectionParameter(); if (dbmandateconnection == null) { dbmandateconnection = new ConnectionParameterClientAuthType(); dbmandate.setConnectionParameter(dbmandateconnection); } dbmandateconnection.setURL(moaconfig.getMandateURL()); } MOASP dbmoasp = dbauth.getMOASP(); if (dbmoasp == null) { dbmoasp = new MOASP(); dbauth.setMOASP(dbmoasp); } if (MiscUtil.isNotEmpty(moaconfig.getMoaspssURL())) { ConnectionParameterClientAuthType moaspcon = dbmoasp.getConnectionParameter(); if (moaspcon == null) { moaspcon = new ConnectionParameterClientAuthType(); dbmoasp.setConnectionParameter(moaspcon); } moaspcon.setURL(moaconfig.getMoaspssURL()); } VerifyIdentityLink moaidl = dbmoasp.getVerifyIdentityLink(); if (moaidl == null) { moaidl = new VerifyIdentityLink(); dbmoasp.setVerifyIdentityLink(moaidl); } moaidl.setTrustProfileID(moaconfig.getMoaspssIdlTrustProfile()); VerifyAuthBlock moaauth = dbmoasp.getVerifyAuthBlock(); if (moaauth == null) { moaauth = new VerifyAuthBlock(); dbmoasp.setVerifyAuthBlock(moaauth); } moaauth.setTrustProfileID(moaconfig.getMoaspssAuthTrustProfile()); moaauth.setVerifyTransformsInfoProfileID(moaconfig.getAuthTransformList()); SecurityLayer seclayertrans = dbauth.getSecurityLayer(); if (seclayertrans == null) { seclayertrans = new SecurityLayer(); dbauth.setSecurityLayer(seclayertrans); } List trans = new ArrayList(); Map moatrans = moaconfig.getSecLayerTransformation(); if (moatrans != null) { Set keys = moatrans.keySet(); for (String key : keys) { TransformsInfoType elem = new TransformsInfoType(); elem.setFilename(key); elem.setTransformation(moatrans.get(key)); trans.add(elem); } } else { if (oldauth != null) { SecurityLayer oldsectrans = oldauth.getSecurityLayer(); if (oldsectrans != null) { List oldtranslist = oldsectrans.getTransformsInfo(); for (TransformsInfoType oldel : oldtranslist) { TransformsInfoType elem = new TransformsInfoType(); elem.setFilename(oldel.getFilename()); elem.setTransformation(oldel.getTransformation()); trans.add(elem); } } } } if (trans.size() > 0) seclayertrans.setTransformsInfo(trans); SLRequestTemplates slrequesttempl = dbconfig.getSLRequestTemplates(); if (slrequesttempl == null) { slrequesttempl = new SLRequestTemplates(); dbconfig.setSLRequestTemplates(slrequesttempl); } if (MiscUtil.isNotEmpty(moaconfig.getSLRequestTemplateHandy())) slrequesttempl.setHandyBKU(moaconfig.getSLRequestTemplateHandy()); if (MiscUtil.isNotEmpty(moaconfig.getSLRequestTemplateLocal())) slrequesttempl.setLocalBKU(moaconfig.getSLRequestTemplateLocal()); if (MiscUtil.isNotEmpty(moaconfig.getSLRequestTemplateOnline())) slrequesttempl.setOnlineBKU(moaconfig.getSLRequestTemplateOnline()); if (MiscUtil.isNotEmpty(moaconfig.getTrustedCACerts())) dbconfig.setTrustedCACertificates(moaconfig.getTrustedCACerts()); //save config try { dbconfig.setTimestampItem(new Date()); ConfigurationDBUtils.save(dbconfig); if (oldconfig != null) ConfigurationDBUtils.delete(oldconfig); } catch (MOADatabaseException e) { log.warn("MOAID Configuration can not be stored in Database", e); return LanguageHelper.getErrorString("error.db.oa.store"); } ConfigurationDBUtils.closeSession(); return null; } public void setServletResponse(HttpServletResponse response) { // this.response = response; } public void setServletRequest(HttpServletRequest request) { this.request = request; } /** * @return the authUser */ public AuthenticatedUser getAuthUser() { return authUser; } /** * @return the moaconfig */ public GeneralMOAIDConfig getMoaconfig() { return moaconfig; } /** * @param moaconfig the moaconfig to set */ public void setMoaconfig(GeneralMOAIDConfig moaconfig) { this.moaconfig = moaconfig; } /** * @return the formID */ public String getFormID() { return formID; } /** * @param formID the formID to set */ public void setFormID(String formID) { this.formID = formID; } }