diff options
| author | Christof Rabensteiner <christof.rabensteiner@iaik.tugraz.at> | 2019-06-26 08:47:58 +0200 |
|---|---|---|
| committer | Christof Rabensteiner <christof.rabensteiner@iaik.tugraz.at> | 2019-06-26 08:47:58 +0200 |
| commit | e2e77ed55687cb92c6f5a273995daf64dedef848 (patch) | |
| tree | c5955745715a513d2875fcd348a5d50d964c9b72 /src/main/java/at/gv/egiz/moazs/config | |
| parent | 97aadc426ca2f61dccd58a05f37d065b2752ef6d (diff) | |
| download | moa-zs-e2e77ed55687cb92c6f5a273995daf64dedef848.tar.gz moa-zs-e2e77ed55687cb92c6f5a273995daf64dedef848.tar.bz2 moa-zs-e2e77ed55687cb92c6f5a273995daf64dedef848.zip | |
Protect MsgClient via SSL (ink Client Authentication)
- Add Component to create SSLContexts with own Key- and trust store.
- Inject SSLContext into HTTP Client.
- Add EAAF-Components Core Dependency, which is needed by
SSLContextCreator (KeyStoreUtils).
Schema Changes in mzs:DeliveryRequest/Config:
- Got Rid of mzs:DeliveryRequest/Config/Server. In mzs 1.4.1,
Server replaces the result of zkopf query person request. Since this
zkopf interface does not exist anymore, Server was removed.
- Add ClientType, which holds all parameters needed to connect to a
service (Url, SSL params, a.o.).
Configuration:
- Add default parameters for SSL Clients in application.yaml.
- Merge default parameters into incoming mzs:DeliveryRequests.
MoaZSException Fixes:
- Remove "Extends throwable" from Builder.
- Add convenient shorthand init method (message, throwable).
Refactor:
- Put "determinePath" to FileUtils.
- Put string related utility functions into StringUtils.
Diffstat (limited to 'src/main/java/at/gv/egiz/moazs/config')
| -rw-r--r-- | src/main/java/at/gv/egiz/moazs/config/MoaSigConfig.java | 19 |
1 files changed, 8 insertions, 11 deletions
diff --git a/src/main/java/at/gv/egiz/moazs/config/MoaSigConfig.java b/src/main/java/at/gv/egiz/moazs/config/MoaSigConfig.java index 05ecac1..0b7bdc7 100644 --- a/src/main/java/at/gv/egiz/moazs/config/MoaSigConfig.java +++ b/src/main/java/at/gv/egiz/moazs/config/MoaSigConfig.java @@ -2,10 +2,12 @@ package at.gv.egiz.moazs.config; import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.ISignatureVerificationService; import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.SignatureVerificationService; +import at.gv.egiz.moazs.util.FileUtils; import at.gv.egiz.moazs.verify.MoaSPSSSignatureVerifier; import at.gv.egiz.moazs.verify.SignatureVerifier; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; @@ -28,15 +30,18 @@ public class MoaSigConfig { private final String keyStoreType; private final String defaultTrustProfile; private final String spssConfigFilePath; + private final FileUtils fileUtils; public MoaSigConfig(@Value("${javax.net.ssl.trustStoreType}") String trustStoreType, @Value("${javax.net.ssl.keyStoreType}") String keyStoreType, @Value("${moa.spss.server.default-trustprofile}") String defaultTrustProfile, - @Value("${moa.spss.server.configuration}") String spssConfigFilePath) throws FileNotFoundException { + @Value("${moa.spss.server.configuration}") String spssConfigFilePath, + @Autowired FileUtils fileUtils) throws FileNotFoundException { this.trustStoreType = trustStoreType; this.keyStoreType = keyStoreType; this.defaultTrustProfile = defaultTrustProfile; this.spssConfigFilePath = spssConfigFilePath; + this.fileUtils = fileUtils; fallBackToSpringEnvForMoaSPSSConfigProperty(); fallBackToSpringEnvForJavaxNetSSLStoreTypeProperty(); } @@ -45,7 +50,7 @@ public class MoaSigConfig { log.info("value of spssConfigFilePath is {}", spssConfigFilePath); if(System.getProperty(MOA_SPSS_CONFIG_FILE_PROPERTY) == null) { - var realPath = determinePath(spssConfigFilePath); + var realPath = fileUtils.determinePath(spssConfigFilePath); var realFile = new File(realPath); if(realFile.exists() && realFile.canRead()) { @@ -57,15 +62,7 @@ public class MoaSigConfig { } } - private String determinePath(String abstractPath) { - if (new File(abstractPath).isAbsolute()) { - return abstractPath; - } else { - //resolve relative path as classpath resource - //java.lang.Class needs relative resources to start with "/" - return this.getClass().getResource("/" + abstractPath).getFile(); - } - } + private void fallBackToSpringEnvForJavaxNetSSLStoreTypeProperty() { if (System.getProperty(JAVAX_SSL_TRUSTSTORE_TYPE_PROPERTY) == null) { |