4 files changed, 189 insertions, 60 deletions

diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/BKURequestHandler.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/BKURequestHandler.java
index 98be4047..cd81b592 100644
--- a/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/BKURequestHandler.java
+++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/BKURequestHandler.java
@@ -16,98 +16,139 @@
  */
 package at.gv.egiz.bku.local.webapp;
 
+import java.io.ByteArrayInputStream;
+import java.io.InputStream;
 import java.util.Enumeration;
 import java.util.HashMap;
-import java.util.Iterator;
 import java.util.Locale;
 import java.util.Map;
+import java.util.concurrent.ExecutionException;
 
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
-import at.gv.egiz.bku.binding.HTTPBindingProcessor;
+import at.gv.egiz.bku.binding.BindingProcessorFuture;
+import at.gv.egiz.bku.binding.BindingProcessorManager;
+import at.gv.egiz.bku.binding.HTTPBindingProcessorImpl;
 import at.gv.egiz.bku.binding.HttpUtil;
-import at.gv.egiz.bku.conf.Configurator;
+import at.gv.egiz.bku.binding.Id;
+import at.gv.egiz.bku.binding.IdFactory;
+import at.gv.egiz.bku.binding.InputDecoderFactory;
 import at.gv.egiz.org.apache.tomcat.util.http.AcceptLanguage;
 
 public class BKURequestHandler extends SpringBKUServlet {
 
-	public final static String ENCODING = "UTF-8";
+  private static final long serialVersionUID = 1L;
 
-	protected Log log = LogFactory.getLog(BKURequestHandler.class);
+  public final static String ENCODING = "UTF-8";
 
+	private final Logger log = LoggerFactory.getLogger(BKURequestHandler.class);
+
+	@Override
 	protected void doPost(HttpServletRequest req, HttpServletResponse resp)
 			throws ServletException, java.io.IOException {
 
-        log.debug("Received SecurityLayer request");
-
         String acceptLanguage = req.getHeader("Accept-Language");
         Locale locale = AcceptLanguage.getLocale(acceptLanguage);
-        log.debug("Accept-Language locale: " + locale);
+        log.info("Received request. Accept-Language locale: {}.", locale);
 
-        HTTPBindingProcessor bindingProcessor;
-        bindingProcessor = (HTTPBindingProcessor) getBindingProcessorManager()
-            .createBindingProcessor(req.getRequestURL().toString(), null, locale);
+        BindingProcessorManager bindingProcessorManager = getBindingProcessorManager();
+        
+        HTTPBindingProcessorImpl bindingProcessor;
+        bindingProcessor = (HTTPBindingProcessorImpl) bindingProcessorManager
+            .createBindingProcessor("HTTP", locale);
         Map<String, String> headerMap = new HashMap<String, String>();
-        for (Enumeration<String> headerName = req.getHeaderNames(); headerName
+        for (Enumeration<?> headerName = req.getHeaderNames(); headerName
             .hasMoreElements();) {
-          String header = headerName.nextElement();
+          String header = (String) headerName.nextElement();
           if (header != null) {
             headerMap.put(header, req.getHeader(header));
           }
         }
-        String charset = req.getCharacterEncoding();
-        String contentType = req.getContentType();
-        if (charset != null) {
-          contentType += ";" + charset;
+        
+        InputStream inputStream;
+        String charset;
+        if (req.getMethod().equals("POST")) {
+          charset = req.getCharacterEncoding();
+          String contentType = req.getContentType();
+          if (charset != null) {
+            contentType += ";" + charset;
+          }
+          headerMap.put(HttpUtil.HTTP_HEADER_CONTENT_TYPE, contentType);
+          inputStream = req.getInputStream();
+        } else {
+          charset = "UTF-8";
+          headerMap.put(HttpUtil.HTTP_HEADER_CONTENT_TYPE,
+              InputDecoderFactory.URL_ENCODED);
+          String queryString = req.getQueryString();
+          if (queryString != null) {
+            inputStream = new ByteArrayInputStream(queryString.getBytes(charset));
+          } else {
+            inputStream = new ByteArrayInputStream(new byte[] {});
+          }
         }
-        headerMap.put(HttpUtil.HTTP_HEADER_CONTENT_TYPE, contentType);
         bindingProcessor.setHTTPHeaders(headerMap);
-        bindingProcessor.consumeRequestStream(req.getInputStream());
+        bindingProcessor.consumeRequestStream(req.getRequestURL().toString(), inputStream);
+        req.getInputStream().close();
 
-		// fixxme just for testing
-		bindingProcessor.run();
-		if (bindingProcessor.getRedirectURL() != null) {
-			resp.sendRedirect(bindingProcessor.getRedirectURL());
-			return;
-		}
+        String redirectURL = bindingProcessor.getRedirectURL();
+
+        Id id = IdFactory.getInstance().createId();
+        BindingProcessorFuture bindingProcessorFuture = bindingProcessorManager
+            .process(id, bindingProcessor);
+
+        if (redirectURL != null) {
+          // send redirect and return
+          resp.sendRedirect(redirectURL);
+          return;
+        }
+        
+        // wait for the binding processor to finish processing
+        try {
+          bindingProcessorFuture.get();
+        } catch (InterruptedException e) {
+          resp.sendError(HttpServletResponse.SC_SERVICE_UNAVAILABLE);
+          return;
+        } catch (ExecutionException e) {
+          log.error("Request processing failed.", e);
+          resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
+          return;
+        }
+        
 		resp.setStatus(bindingProcessor.getResponseCode());
-		for (Iterator<String> it = bindingProcessor.getResponseHeaders().keySet()
-				.iterator(); it.hasNext();) {
-			String header = it.next();
-			resp.setHeader(header, bindingProcessor.getResponseHeaders().get(header));
+
+		// set response headers
+		Map<String, String> responseHeaders = bindingProcessor.getResponseHeaders();
+		for (String header : responseHeaders.keySet()) {
+		  resp.setHeader(header, responseHeaders.get(header));
 		}
-		String version = configurator.getProperty(Configurator.SIGNATURE_LAYOUT);
-		if ((version != null) && (!"".equals(version.trim()))) {
-		  log.debug("setting SignatureLayout header to " + version);
-		  resp.setHeader(Configurator.SIGNATURE_LAYOUT, version);
-		} else {
-		  log.debug("do not set SignatureLayout header");
+		String serverHeader = bindingProcessor.getServerHeaderValue();
+		if (serverHeader != null && !serverHeader.isEmpty()) {
+		  resp.setHeader(HttpUtil.HTTP_HEADER_SERVER, serverHeader);
+		}
+		String signatureLayout = bindingProcessor.getSignatureLayoutHeaderValue();
+		if (signatureLayout != null && !signatureLayout.isEmpty()) {
+		  resp.setHeader("SignatureLayout", signatureLayout);
 		}
-			
-        if (configurator.getProperty(Configurator.USERAGENT_CONFIG_P) != null) {
-          resp.setHeader(HttpUtil.HTTP_HEADER_SERVER, configurator
-              .getProperty(Configurator.USERAGENT_CONFIG_P));
-        } else {
-          resp.setHeader(HttpUtil.HTTP_HEADER_SERVER,
-                  Configurator.USERAGENT_DEFAULT);
-        }
 		
 		resp.setContentType(bindingProcessor.getResultContentType());
 		resp.setCharacterEncoding(ENCODING);
 		bindingProcessor.writeResultTo(resp.getOutputStream(), ENCODING);
-		req.getInputStream().close();
+		
 		resp.getOutputStream().flush();
 		resp.getOutputStream().close();
-		log.debug("Finished Request");
+		log.debug("Finished Request.");
 	}
 
+	@Override
 	protected void doGet(HttpServletRequest req, HttpServletResponse resp)
 			throws ServletException, java.io.IOException {
 		doPost(req, resp);
 	}
+	
+	
 }
diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/MoccaContextListener.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/MoccaContextListener.java
new file mode 100644
index 00000000..428190eb
--- /dev/null
+++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/MoccaContextListener.java
@@ -0,0 +1,93 @@
+/*
+* Copyright 2009 Federal Chancellery Austria and
+* Graz University of Technology
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+*     http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+
+package at.gv.egiz.bku.local.webapp;
+
+import iaik.security.ecc.provider.ECCProvider;
+import iaik.security.provider.IAIK;
+import iaik.xml.crypto.XSecProvider;
+
+import java.security.Provider;
+import java.security.Security;
+
+import javax.servlet.ServletContextEvent;
+import javax.servlet.ServletContextListener;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class MoccaContextListener implements ServletContextListener {
+  
+  private Logger log = LoggerFactory.getLogger(MoccaContextListener.class);
+
+  @Override
+  public void contextDestroyed(ServletContextEvent sce) {
+  }
+
+  @Override
+  public void contextInitialized(ServletContextEvent sce) {
+    
+    log.info("Registering security providers ...");
+    
+    registerProviders();
+    
+    if (log.isDebugEnabled()) {
+      StringBuilder sb = new StringBuilder();
+      sb.append("Registered providers: ");
+      int i = 1;
+      for (Provider prov : Security.getProviders()) {
+        sb.append("\n" + (i++) + ". : " + prov);
+      }
+      log.debug(sb.toString());
+    }
+  }
+  
+  protected void registerProvider(Provider provider, int position) {
+    String name = provider.getName();
+    if (Security.getProvider(name) == null) {
+      // register IAIK provider at first position
+      try {
+        Security.insertProviderAt(provider, position);
+      } catch (SecurityException e) {
+        log.info("Failed to register required security Provider.", e);
+      }
+    } else {
+      log.info("Required security Provider {} already registered.", name);
+    }
+    
+  }
+  
+  protected void registerProviders() {
+
+    registerProvider(new IAIK(), 1);
+    registerProvider(new ECCProvider(false), 2);
+    
+    final String name = XSecProvider.NAME;
+    if (Security.getProvider(XSecProvider.NAME) == null) {
+      // register XML Security provider
+      try {
+        XSecProvider.addAsProvider(false);
+      } catch (SecurityException e) {
+        log.info("Failed to register required security Provider.", e);
+      }
+    } else {
+      log.info("Required security Provider {} already registered.", name);
+    }
+    
+  }
+
+}
diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/PINManagementServlet.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/PINManagementServlet.java
index 0c35f1c9..ab41634e 100644
--- a/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/PINManagementServlet.java
+++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/PINManagementServlet.java
@@ -29,8 +29,8 @@ import javax.servlet.ServletException;
 import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 /**
  * PINManagementBKUWorker for non-applet version
@@ -38,7 +38,9 @@ import org.apache.commons.logging.LogFactory;
  */
 public class PINManagementServlet extends HttpServlet {
 
-  private static final Log log = LogFactory.getLog(PINManagementServlet.class);
+  private static final long serialVersionUID = 1L;
+
+  private final Logger log = LoggerFactory.getLogger(PINManagementServlet.class);
 
   LocalSTALFactory stalFactory;
 
@@ -59,9 +61,7 @@ public class PINManagementServlet extends HttpServlet {
 
     STAL pinMgmtSTAL = stalFactory.createSTAL();
     List<STALResponse> stalResps = pinMgmtSTAL.handleRequest(Collections.singletonList(new PINManagementRequest()));
-    if (log.isDebugEnabled()) {
-      log.debug("received STAL reponse " + stalResps.get(0).getClass());
-    }
+    log.debug("Received STAL reponse {}.", stalResps.get(0).getClass());
     pinMgmtSTAL.handleRequest(Collections.singletonList(new QuitRequest()));
 
     String redirect = request.getParameter("redirect");
diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/SpringBKUServlet.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/SpringBKUServlet.java
index 3bd50ba7..62f393a8 100644
--- a/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/SpringBKUServlet.java
+++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/SpringBKUServlet.java
@@ -19,21 +19,16 @@ package at.gv.egiz.bku.local.webapp;
 import javax.servlet.http.HttpServlet;
 
 import at.gv.egiz.bku.binding.BindingProcessorManager;
-import at.gv.egiz.bku.conf.Configurator;
 
 public abstract class SpringBKUServlet extends HttpServlet {
 
-  public final static String BEAN_NAME = "bindingProcessorManager";
+  private static final long serialVersionUID = 1L;
 
-  protected static Configurator configurator;
+  public final static String BEAN_NAME = "bindingProcessorManager";
 
   protected BindingProcessorManager getBindingProcessorManager() {
     return (BindingProcessorManager) getServletContext()
         .getAttribute(BEAN_NAME);
   }
 
-  public static void setConfigurator(Configurator conf) {
-    configurator = conf;
-  }
-
 }