Moved main parts of the configuration to bkucommon

git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@78 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4

5 files changed, 108 insertions, 414 deletions

diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/accesscontroller/SpringSecurityManager.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/accesscontroller/SpringSecurityManager.java
index b547bf6a..3f50fc78 100644
--- a/BKULocal/src/main/java/at/gv/egiz/bku/local/accesscontroller/SpringSecurityManager.java
+++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/accesscontroller/SpringSecurityManager.java
@@ -1,65 +1,65 @@
 /*

-* Copyright 2008 Federal Chancellery Austria and

-* Graz University of Technology

-*

-* Licensed under the Apache License, Version 2.0 (the "License");

-* you may not use this file except in compliance with the License.

-* You may obtain a copy of the License at

-*

-*     http://www.apache.org/licenses/LICENSE-2.0

-*

-* Unless required by applicable law or agreed to in writing, software

-* distributed under the License is distributed on an "AS IS" BASIS,

-* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

-* See the License for the specific language governing permissions and

-* limitations under the License.

-*/

+ * Copyright 2008 Federal Chancellery Austria and

+ * Graz University of Technology

+ *

+ * Licensed under the Apache License, Version 2.0 (the "License");

+ * you may not use this file except in compliance with the License.

+ * You may obtain a copy of the License at

+ *

+ *     http://www.apache.org/licenses/LICENSE-2.0

+ *

+ * Unless required by applicable law or agreed to in writing, software

+ * distributed under the License is distributed on an "AS IS" BASIS,

+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

+ * See the License for the specific language governing permissions and

+ * limitations under the License.

+ */

 package at.gv.egiz.bku.local.accesscontroller;

 

 import java.io.IOException;

 

 import org.apache.commons.logging.Log;

 import org.apache.commons.logging.LogFactory;

-import org.springframework.beans.factory.config.PropertyPlaceholderConfigurer;

 import org.springframework.context.ResourceLoaderAware;

 import org.springframework.core.io.Resource;

 import org.springframework.core.io.ResourceLoader;

 

 import at.gv.egiz.bku.accesscontroller.SecurityManagerFacade;

-import at.gv.egiz.bku.local.conf.Configurator;

+import at.gv.egiz.bku.conf.Configurator;

 

 public class SpringSecurityManager extends SecurityManagerFacade implements

-		ResourceLoaderAware {

+    ResourceLoaderAware {

 

-	private ResourceLoader resourceLoader;

+  private ResourceLoader resourceLoader;

 

-	private static Log log = LogFactory.getLog(SpringSecurityManager.class);

+  private static Log log = LogFactory.getLog(SpringSecurityManager.class);

 

-	protected Configurator config;

+  protected Configurator config;

 

-	public void setConfig(Configurator config) {

-		this.config = config;

-	}

+  public void setConfig(Configurator config) {

+    this.config = config;

+  }

 

-	public void init() {

-		String noMatch = config.getProperty("AccessController.acceptNoMatch");

-		if (noMatch != null) {

-			log.debug("Setting allow now match to: " + noMatch);

-			setAllowUnmatched(Boolean.getBoolean(noMatch));

-		}

-		String policy = config.getProperty("AccessController.policyResource");

-		log.info("Loading resource: " + policy);

-		try {

-			Resource res = resourceLoader.getResource(policy);

-			init(res.getInputStream());

-		} catch (IOException e) {

-			log.error(e);

-		}

-	}

+  public void init() {

+    String noMatch = config.getProperty("AccessController.acceptNoMatch");

+    if (noMatch != null) {

+      log.debug("Setting allow now match to: " + noMatch);

+      setAllowUnmatched(Boolean.getBoolean(noMatch));

+    }

+    String policy = config.getProperty("AccessController.policyResource");

+    policy = policy.replace("${user.home}", System.getProperty("user.home"));

+    log.info("Loading resource: " + policy);

+    try {

+      Resource res = resourceLoader.getResource(policy);

+      init(res.getInputStream());

+    } catch (IOException e) {

+      log.error(e);

+    }

+  }

 

-	@Override

-	public void setResourceLoader(ResourceLoader loader) {

-		this.resourceLoader = loader;

-	}

+  @Override

+  public void setResourceLoader(ResourceLoader loader) {

+    this.resourceLoader = loader;

+  }

 

 }

diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/conf/Configurator.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/conf/Configurator.java
deleted file mode 100644
index 57a0f84f..00000000
--- a/BKULocal/src/main/java/at/gv/egiz/bku/local/conf/Configurator.java
+++ /dev/null
@@ -1,103 +0,0 @@
-/*
- * Copyright 2008 Federal Chancellery Austria and
- * Graz University of Technology
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package at.gv.egiz.bku.local.conf;
-
-import iaik.security.ecc.provider.ECCProvider;
-import iaik.security.provider.IAIK;
-import iaik.xml.crypto.XSecProvider;
-
-import java.io.IOException;
-import java.net.HttpURLConnection;
-import java.security.Provider;
-import java.security.Security;
-import java.util.Properties;
-
-import javax.net.ssl.HttpsURLConnection;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-
-import at.gv.egiz.bku.binding.DataUrl;
-import at.gv.egiz.bku.binding.DataUrlConnection;
-import at.gv.egiz.bku.slcommands.impl.xsect.DataObject;
-import at.gv.egiz.bku.slcommands.impl.xsect.STALProvider;
-
-/**
- * 
- * TODO currently only the code to get started.
- */
-public abstract class Configurator {
-
-  private Log log = LogFactory.getLog(Configurator.class);
-
-  private static Configurator instance = new SpringConfigurator();
-
-  protected Properties properties;
-
-  protected Configurator() {
-  }
-
-  public static Configurator getInstance() {
-    return instance;
-  }
-
-  protected void configUrlConnections() {
-    HttpsURLConnection.setFollowRedirects(false);
-    HttpURLConnection.setFollowRedirects(false);
-  }
-
-  protected void configureProviders() {
-    log.debug("Registering security providers");
-    Security.insertProviderAt(new IAIK(), 1);
-    Security.insertProviderAt(new ECCProvider(false), 2);
-    Security.addProvider(new STALProvider());
-    XSecProvider.addAsProvider(false);
-    StringBuilder sb = new StringBuilder();
-    sb.append("Registered providers: ");
-    int i = 1;
-    for (Provider prov : Security.getProviders()) {
-      sb.append((i++) + ". : " + prov);
-    }
-    log.debug(sb.toString());
-  }
-
-  protected void configViewer() {
-    String bv = properties.getProperty("ValidateHashDataInputs");
-    if (bv != null) {
-      DataObject.enableHashDataInputValidation(Boolean.parseBoolean(bv));
-    } else {
-      log.warn("ValidateHashDataInputs not set, falling back to default");
-    }
-  }
-
-  public void configure() {
-    configureProviders();
-    configUrlConnections();
-    configViewer();
-  }
-
-  public void setConfiguration(Properties props) {
-    this.properties = props;
-  }
-
-  public String getProperty(String key) {
-    if (properties != null) {
-      return properties.getProperty(key);
-    }
-    return null;
-  }
-}
diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/conf/SpringConfigurator.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/conf/SpringConfigurator.java
index 46668667..bcb96c2f 100644
--- a/BKULocal/src/main/java/at/gv/egiz/bku/local/conf/SpringConfigurator.java
+++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/conf/SpringConfigurator.java
@@ -19,41 +19,8 @@ package at.gv.egiz.bku.local.conf;
 import java.io.File;

 import java.io.FileInputStream;

 import java.io.IOException;

-import java.security.InvalidAlgorithmParameterException;

-import java.security.NoSuchAlgorithmException;

-import java.security.Security;

-import java.security.cert.CertPathBuilder;

-import java.security.cert.CertStore;

-import java.security.cert.Certificate;

-import java.security.cert.CertificateException;

-import java.security.cert.CertificateFactory;

-import java.security.cert.CollectionCertStoreParameters;

-import java.security.cert.LDAPCertStoreParameters;

-import java.security.cert.PKIXBuilderParameters;

-import java.security.cert.PKIXCertPathBuilderResult;

-import java.security.cert.TrustAnchor;

-import java.security.cert.X509CertSelector;

-import java.security.cert.X509Certificate;

-import java.util.ArrayList;

-import java.util.HashSet;

-import java.util.Iterator;

-import java.util.LinkedList;

-import java.util.List;

+import java.io.InputStream;

 import java.util.Properties;

-import java.util.Set;

-

-import javax.naming.ldap.LdapContext;

-import javax.naming.ldap.LdapReferralException;

-import javax.net.ssl.CertPathTrustManagerParameters;

-import javax.net.ssl.HostnameVerifier;

-import javax.net.ssl.HttpsURLConnection;

-import javax.net.ssl.KeyManager;

-import javax.net.ssl.ManagerFactoryParameters;

-import javax.net.ssl.SSLContext;

-import javax.net.ssl.SSLSession;

-import javax.net.ssl.TrustManager;

-import javax.net.ssl.TrustManagerFactory;

-import javax.net.ssl.X509TrustManager;

 

 import org.apache.commons.logging.Log;

 import org.apache.commons.logging.LogFactory;

@@ -61,8 +28,7 @@ import org.springframework.context.ResourceLoaderAware;
 import org.springframework.core.io.Resource;

 import org.springframework.core.io.ResourceLoader;

 

-import at.gv.egiz.bku.binding.DataUrl;

-import at.gv.egiz.bku.binding.DataUrlConnection;

+import at.gv.egiz.bku.conf.Configurator;

 import at.gv.egiz.bku.slexceptions.SLRuntimeException;

 

 public class SpringConfigurator extends Configurator implements

@@ -73,15 +39,16 @@ public class SpringConfigurator extends Configurator implements
   private ResourceLoader resourceLoader;

 

   public SpringConfigurator() {

-    File configDir = new File(System.getProperty("user.home") + "/.bku/conf");

-    if (configDir.exists()) {

-      log.debug("Found existing config directory: " + configDir);

-    } else {

-      log.info("Config dir not existing, creating new");

-      if (!configDir.mkdirs()) {

-        log.error("Cannot create directory: " + configDir);

-      }

-    }

+    // File configDir = new File(System.getProperty("user.home") +

+    // "/.bku/conf");

+    // if (configDir.exists()) {

+    // log.debug("Found existing config directory: " + configDir);

+    // } else {

+    // log.info("Config dir not existing, creating new");

+    // if (!configDir.mkdirs()) {

+    // log.error("Cannot create directory: " + configDir);

+    // }

+    // }

   }

 

   public void setResource(Resource resource) {

@@ -99,248 +66,75 @@ public class SpringConfigurator extends Configurator implements
     }

   }

 

-  public void configureVersion() {

-    Properties p = new Properties();

-    try {

-      p.load(resourceLoader.getResource("META-INF/MANIFEST.MF")

-          .getInputStream());

-      String version = p.getProperty("Implementation-Build");

-      properties.setProperty(DataUrlConnection.USER_AGENT_PROPERTY_KEY,

-          "citizen-card-environment/1.2 MOCCA " + version);

-      DataUrl.setConfiguration(properties);

-      log.debug("Setting user agent to: "

-          + properties.getProperty(DataUrlConnection.USER_AGENT_PROPERTY_KEY));

-    } catch (IOException e) {

-      log.error(e);

-    }

-  }

-

+  @Override

   public void configure() {

+    if (properties == null) {

+      defaultInit();

+    }

     super.configure();

-    configureSSL();

-    configureVersion();

-    configureNetwork();

   }

 

-  public void configureNetwork() {

-    String proxy = getProperty("HTTPProxyHost");

-    String portString = getProperty("HTTPProxyPort");

-    if ((proxy == null) || (proxy.equals(""))) {

-      log.info("No proxy configured");

-    } else {

-      log.info("Setting proxy to: " + proxy + ":" + portString);

-      System.setProperty("proxyHost", proxy);

-      System.setProperty("proxyPort", portString);

-    }

-    String timeout = getProperty("DefaultSocketTimeout");

-    if ((timeout != null) && (!timeout.equals(""))) {

-      System.setProperty("sun.net.client.defaultConnectTimeout", timeout);

+  public void defaultInit() {

+    Properties props = new Properties();

+    try {

+      props.load(new FileInputStream(System.getProperty("user.home")

+          + "/.mocca/war/mocca.war"));

+      super.setConfiguration(props);

+    } catch (IOException e) {

+      log.error("Cannot load config", e);

     }

   }

 

-  private Set<TrustAnchor> getCACerts() throws IOException,

-      CertificateException {

-    Set<TrustAnchor> caCerts = new HashSet<TrustAnchor>();

-    String caDirectory = getProperty("SSL.caDirectory");

-    if (caDirectory != null) {

-      Resource caDirRes = resourceLoader.getResource(caDirectory);

-      File caDir = caDirRes.getFile();

-      if (!caDir.isDirectory()) {

-        log.error("Expecting directory as SSL.caDirectory parameter");

-        throw new SLRuntimeException(

-            "Expecting directory as SSL.caDirectory parameter");

-      }

-      CertificateFactory cf = CertificateFactory.getInstance("X.509");

-      for (File f : caDir.listFiles()) {

-        try {

-          FileInputStream fis = new FileInputStream(f);

-          X509Certificate cert = (X509Certificate) cf.generateCertificate(fis);

-          fis.close();

-          log.debug("Adding trusted cert " + cert.getSubjectDN());

-          caCerts.add(new TrustAnchor(cert, null));

-        } catch (Exception e) {

-          log.error("Cannot add trusted ca", e);

-        }

-      }

-      return caCerts;

-

-    } else {

-      log.warn("No CA certificates configured");

-    }

-    return null;

+  @Override

+  public void setResourceLoader(ResourceLoader loader) {

+    this.resourceLoader = loader;

   }

 

-  private List<CertStore> getCertstore() throws IOException,

-      CertificateException, InvalidAlgorithmParameterException,

-      NoSuchAlgorithmException {

-    List<CertStore> resultList = new ArrayList<CertStore>();

-    String certDirectory = getProperty("SSL.certDirectory");

-    if (certDirectory != null) {

-      Resource certDirRes = resourceLoader.getResource(certDirectory);

-

-      File certDir = certDirRes.getFile();

+  private File getDirectory(String property) {

+    property = property

+        .replace("${user.home}", System.getProperty("user.home"));

+    if (property != null) {

+      Resource certDirRes = resourceLoader.getResource(property);

+      File certDir;

+      try {

+        certDir = certDirRes.getFile();

+      } catch (IOException e) {

+        log.error("Cannot get cert directory", e);

+        throw new SLRuntimeException(e);

+      }

       if (!certDir.isDirectory()) {

         log.error("Expecting directory as SSL.certDirectory parameter");

         throw new SLRuntimeException(

             "Expecting directory as SSL.certDirectory parameter");

       }

-      List<X509Certificate> certCollection = new LinkedList<X509Certificate>();

-      CertificateFactory cf = CertificateFactory.getInstance("X.509");

-      for (File f : certDir.listFiles()) {

-        try {

-          FileInputStream fis = new FileInputStream(f);

-          X509Certificate cert = (X509Certificate) cf.generateCertificate(fis);

-          certCollection.add(cert);

-          fis.close();

-          log

-              .trace("Added following cert to certstore: "

-                  + cert.getSubjectDN());

-        } catch (Exception ex) {

-          log.error("Cannot add certificate", ex);

-        }

-      }

-      CollectionCertStoreParameters csp = new CollectionCertStoreParameters(

-          certCollection);

-      resultList.add(CertStore.getInstance("Collection", csp));

-      log.info("Added collection certstore");

-    } else {

-      log.warn("No certstore directory configured");

-    }

-    String ldapHost = getProperty("SSL.ldapServer");

-    if ((ldapHost != null) && (!"".equals(ldapHost))) {

-      String ldapPortString = getProperty("SSL.ldapPort");

-      int ldapPort = 389;

-      if (ldapPortString != null) {

-        try {

-          ldapPort = Integer.parseInt(ldapPortString);

-        } catch (NumberFormatException nfe) {

-          log.error("Invalid ldap port, using default 389");

-        }

-      } else {

-        log.warn("ldap port not specified, using default 389");

-      }

-      LDAPCertStoreParameters ldapParams = new LDAPCertStoreParameters(

-          ldapHost, ldapPort);

-      resultList.add(CertStore.getInstance("LDAP", ldapParams));

-      log.info("Added LDAP certstore");

+      return certDir;

     }

-    return resultList;

-  }

-

-  public void configureSSL() {

-    Set<TrustAnchor> caCerts = null;

-    try {

-      caCerts = getCACerts();

-    } catch (Exception e1) {

-      log.error("Cannot load CA certificates", e1);

-    }

-    List<CertStore> certStoreList = null;

-    try {

-      certStoreList = getCertstore();

-    } catch (Exception e1) {

-      log.error("Cannot load certstore certificates", e1);

-    }

-    String aia = getProperty("SSL.useAIA");

-    if ((aia == null) || (aia.equals(""))) {

-      System.setProperty("com.sun.security.enableAIAcaIssuers", "true");

-    } else {

-      System.setProperty("com.sun.security.enableAIAcaIssuers", aia);

-    }

-    String lifetime = getProperty("SSL.cache.lifetime");

-    if ((lifetime == null) || (lifetime.equals(""))) {

-      System.setProperty("sun.security.certpath.ldap.cache.lifetime", "0");

-    } else {

-      System.setProperty("sun.security.certpath.ldap.cache.lifetime", lifetime);

-    }

-    X509CertSelector selector = new X509CertSelector();

-    PKIXBuilderParameters pkixParams;

-    try {

-      pkixParams = new PKIXBuilderParameters(caCerts, selector);

-      if ((getProperty("SSL.doRevocationChecking") != null)

-          && (Boolean.valueOf(getProperty("SSL.doRevocationChecking")))) {

-        log.info("Enable revocation checking");

-        System.setProperty("com.sun.security.enableCRLDP", "true");

-        Security.setProperty("ocsp.enable", "true");

-      } else {

-        log.warn("Revocation checking disabled");

-      }

-      for (CertStore cs : certStoreList) {

-        pkixParams.addCertStore(cs);

-      }

-      ManagerFactoryParameters trustParams = new CertPathTrustManagerParameters(

-          pkixParams);

-      TrustManagerFactory trustFab;

-      trustFab = TrustManagerFactory.getInstance("PKIX");

-      trustFab.init(trustParams);

-      KeyManager[] km = null;

-      SSLContext sslCtx = SSLContext

-          .getInstance(getProperty("SSL.sslProtocol"));

-      String disableAll = getProperty("SSL.disableAllChecks");

-      if ((disableAll != null) && (Boolean.parseBoolean(disableAll))) {

-        log.warn("--------------------------------------");

-        log.warn(" Disabling SSL Certificate Validation ");

-        log.warn("--------------------------------------");

-

-        sslCtx.init(km, new TrustManager[] { new MyTrustManager(caCerts,

-            certStoreList) }, null);

-      } else {

-        sslCtx.init(km, trustFab.getTrustManagers(), null);

-      }

-      HttpsURLConnection.setDefaultSSLSocketFactory(sslCtx.getSocketFactory());

-    } catch (Exception e) {

-      log.error("Cannot configure SSL", e);

-    }

-    String disableAll = getProperty("SSL.disableAllChecks");

-    if ((disableAll != null) && (Boolean.parseBoolean(disableAll))) {

-      log.warn("---------------------------------");

-      log.warn(" Disabling Hostname Verification ");

-      log.warn("---------------------------------");

-      HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {

-        @Override

-        public boolean verify(String hostname, SSLSession session) {

-          return true;

-        }

-      });

-    }

-  }

-

-  @Override

-  public void setResourceLoader(ResourceLoader loader) {

-    this.resourceLoader = loader;

-  }

-}

-

-class MyTrustManager implements X509TrustManager {

-  private static Log log = LogFactory.getLog(MyTrustManager.class);

-  private X509Certificate[] trustedCerts;

+    return null;

 

-  public MyTrustManager(Set<TrustAnchor> caCerts, List<CertStore> cs) {

-    trustedCerts = new X509Certificate[caCerts.size()];

-    int i = 0;

-    for (Iterator<TrustAnchor> it = caCerts.iterator(); it.hasNext();) {

-      TrustAnchor ta = it.next();

-      trustedCerts[i++] = ta.getTrustedCert();

-    }

   }

 

   @Override

-  public void checkClientTrusted(X509Certificate[] arg0, String arg1)

-      throws CertificateException {

-    log.error("Did not expect this method to get called");

-    throw new CertificateException("Method not implemented");

+  protected File getCADir() {

+    String caDirectory = getProperty("SSL.caDirectory");

+    return getDirectory(caDirectory);

   }

 

   @Override

-  public void checkServerTrusted(X509Certificate[] certs, String arg1)

-      throws CertificateException {

-    log.warn("-------------------------------------");

-    log.warn("SSL Certificate Validation Disabled !");

-    log.warn("-------------------------------------");

+  protected File getCertDir() {

+    String certDirectory = getProperty("SSL.certDirectory");

+    return getDirectory(certDirectory);

   }

 

   @Override

-  public X509Certificate[] getAcceptedIssuers() {

-    return trustedCerts;

+  protected InputStream getManifest() {

+    Resource r = resourceLoader.getResource("META-INF/MANIFEST.MF");

+    if ((r != null) && r.isReadable()) {

+      try {

+        return r.getInputStream();

+      } catch (IOException e) {

+        log.error("Cannot read manifest data:" + e);

+      }

+    }

+    return null;

   }

-

 }
\ No newline at end of file
diff --git a/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/defaultConf.properties b/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/defaultConf.properties
index 29bdd1ed..8ae5bf6d 100644
--- a/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/defaultConf.properties
+++ b/BKULocal/src/main/resources/at/gv/egiz/bku/local/conf/defaultConf.properties
@@ -51,10 +51,11 @@ SSL.disableAllChecks=false
 # ------------ END SSL Config  --------------------

 

 ValidateHashDataInputs=true

+AppletTimeout=300000

 

-HTTPProxyHost= 

-HTTPProxyPort= 

-DefaultSocketTimeout=200

+#HTTPProxyHost= 

+#HTTPProxyPort= 

+#DefaultSocketTimeout=200

 

 

 

diff --git a/BKULocal/src/main/webapp/WEB-INF/applicationContext.xml b/BKULocal/src/main/webapp/WEB-INF/applicationContext.xml
index c6a5088a..a4003a2a 100644
--- a/BKULocal/src/main/webapp/WEB-INF/applicationContext.xml
+++ b/BKULocal/src/main/webapp/WEB-INF/applicationContext.xml
@@ -21,6 +21,7 @@
   <bean id="STALFactory" class="at.gv.egiz.bku.local.stal.SMCCSTALFactory"

     scope="singleton" />

   

+   

   <bean id="bindingProcessorManager" class="at.gv.egiz.bku.binding.BindingProcessorManagerImpl"

     scope="singleton">

     <constructor-arg ref="STALFactory"></constructor-arg>

@@ -47,10 +48,11 @@
   </bean>

   

   <!-- Configure Configuration -->

-  <bean id="configurator" factory-method="getInstance" class="at.gv.egiz.bku.local.conf.SpringConfigurator"

+  

+  <bean id="configurator" class="at.gv.egiz.bku.local.conf.SpringConfigurator"

      init-method="configure">

     <!-- <property name="resource" value="classpath:at/gv/egiz/bku/local/conf/defaultConf.properties"/>  -->

-    <property name="resource" value="classpath:at/gv/egiz/bku/local/conf/defaultConf.properties"/>

+    <property name="resource" value="file:${user.home}/.mocca/conf/defaultConf.properties"/>

   </bean>