diff options
Diffstat (limited to 'BKULocal/src/main/java/at/gv')
11 files changed, 971 insertions, 0 deletions
diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/accesscontroller/SpringSecurityManager.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/accesscontroller/SpringSecurityManager.java new file mode 100644 index 00000000..3f50fc78 --- /dev/null +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/accesscontroller/SpringSecurityManager.java @@ -0,0 +1,65 @@ +/*
+ * Copyright 2008 Federal Chancellery Austria and
+ * Graz University of Technology
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package at.gv.egiz.bku.local.accesscontroller;
+
+import java.io.IOException;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.springframework.context.ResourceLoaderAware;
+import org.springframework.core.io.Resource;
+import org.springframework.core.io.ResourceLoader;
+
+import at.gv.egiz.bku.accesscontroller.SecurityManagerFacade;
+import at.gv.egiz.bku.conf.Configurator;
+
+public class SpringSecurityManager extends SecurityManagerFacade implements
+ ResourceLoaderAware {
+
+ private ResourceLoader resourceLoader;
+
+ private static Log log = LogFactory.getLog(SpringSecurityManager.class);
+
+ protected Configurator config;
+
+ public void setConfig(Configurator config) {
+ this.config = config;
+ }
+
+ public void init() {
+ String noMatch = config.getProperty("AccessController.acceptNoMatch");
+ if (noMatch != null) {
+ log.debug("Setting allow now match to: " + noMatch);
+ setAllowUnmatched(Boolean.getBoolean(noMatch));
+ }
+ String policy = config.getProperty("AccessController.policyResource");
+ policy = policy.replace("${user.home}", System.getProperty("user.home"));
+ log.info("Loading resource: " + policy);
+ try {
+ Resource res = resourceLoader.getResource(policy);
+ init(res.getInputStream());
+ } catch (IOException e) {
+ log.error(e);
+ }
+ }
+
+ @Override
+ public void setResourceLoader(ResourceLoader loader) {
+ this.resourceLoader = loader;
+ }
+
+}
diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/conf/SpringConfigurator.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/conf/SpringConfigurator.java new file mode 100644 index 00000000..7b2641ff --- /dev/null +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/conf/SpringConfigurator.java @@ -0,0 +1,142 @@ +/*
+ * Copyright 2008 Federal Chancellery Austria and
+ * Graz University of Technology
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package at.gv.egiz.bku.local.conf;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.Properties;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.springframework.context.ResourceLoaderAware;
+import org.springframework.core.io.Resource;
+import org.springframework.core.io.ResourceLoader;
+
+import at.gv.egiz.bku.conf.Configurator;
+import at.gv.egiz.bku.local.webapp.SpringBKUServlet;
+import at.gv.egiz.bku.slexceptions.SLRuntimeException;
+
+public class SpringConfigurator extends Configurator implements
+ ResourceLoaderAware {
+
+ private final static Log log = LogFactory.getLog(SpringConfigurator.class);
+
+ private ResourceLoader resourceLoader;
+
+ public SpringConfigurator() {
+ // File configDir = new File(System.getProperty("user.home") +
+ // "/.bku/conf");
+ // if (configDir.exists()) {
+ // log.debug("Found existing config directory: " + configDir);
+ // } else {
+ // log.info("Config dir not existing, creating new");
+ // if (!configDir.mkdirs()) {
+ // log.error("Cannot create directory: " + configDir);
+ // }
+ // }
+ }
+
+ public void setResource(Resource resource) {
+ log.debug("Loading config from: " + resource);
+ if (resource != null) {
+ Properties props = new Properties();
+ try {
+ props.load(resource.getInputStream());
+ super.setConfiguration(props);
+ } catch (IOException e) {
+ log.error("Cannot load config", e);
+ }
+ } else {
+ log.warn("Cannot load properties, resource: " + resource);
+ }
+ }
+
+ @Override
+ public void configure() {
+ if (properties == null) {
+ defaultInit();
+ }
+ super.configure();
+ SpringBKUServlet.setConfigurator(this);
+ }
+
+ public void defaultInit() {
+ Properties props = new Properties();
+ try {
+ props.load(new FileInputStream(System.getProperty("user.home")
+ + "/.mocca/war/mocca.war"));
+ super.setConfiguration(props);
+ } catch (IOException e) {
+ log.error("Cannot load config", e);
+ }
+ }
+
+ @Override
+ public void setResourceLoader(ResourceLoader loader) {
+ this.resourceLoader = loader;
+ }
+
+ private File getDirectory(String property) {
+ property = property
+ .replace("${user.home}", System.getProperty("user.home"));
+ if (property != null) {
+ Resource certDirRes = resourceLoader.getResource(property);
+ File certDir;
+ try {
+ certDir = certDirRes.getFile();
+ } catch (IOException e) {
+ log.error("Cannot get cert directory", e);
+ throw new SLRuntimeException(e);
+ }
+ if (!certDir.isDirectory()) {
+ log.error("Expecting directory as SSL.certDirectory parameter");
+ throw new SLRuntimeException(
+ "Expecting directory as SSL.certDirectory parameter");
+ }
+ return certDir;
+ }
+ return null;
+
+ }
+
+ @Override
+ protected File getCADir() {
+ String caDirectory = getProperty("SSL.caDirectory");
+ return getDirectory(caDirectory);
+ }
+
+ @Override
+ protected File getCertDir() {
+ String certDirectory = getProperty("SSL.certDirectory");
+ return getDirectory(certDirectory);
+ }
+
+ @Override
+ protected InputStream getManifest() {
+ Resource r = resourceLoader.getResource("META-INF/MANIFEST.MF");
+ if ((r != null) && r.isReadable()) {
+ try {
+ return r.getInputStream();
+ } catch (IOException e) {
+ log.error("Cannot read manifest data: " + e);
+ }
+ }
+ return null;
+ }
+}
\ No newline at end of file diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/gui/GUIProxy.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/gui/GUIProxy.java new file mode 100644 index 00000000..38dd04d9 --- /dev/null +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/gui/GUIProxy.java @@ -0,0 +1,55 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.local.gui; + +import at.gv.egiz.bku.gui.BKUGUIFacade; +import java.lang.reflect.InvocationHandler; +import java.lang.reflect.Method; +import javax.swing.JFrame; + +/** + * + * @author Clemens Orthacker <clemens.orthacker@iaik.tugraz.at> + */ +public class GUIProxy implements InvocationHandler { + + JFrame frame; + BKUGUIFacade delegate; + + static public Object newInstance(BKUGUIFacade gui, JFrame frame, Class[] interfaces) { + return java.lang.reflect.Proxy.newProxyInstance(gui.getClass().getClassLoader(), + interfaces, + new GUIProxy(gui, frame)); + } + + private GUIProxy(BKUGUIFacade delegate, JFrame frame) { + this.frame = frame; + this.delegate = delegate; + } + + @Override + public Object invoke(Object proxy, Method method, Object[] args) throws Throwable { + + if (method.getName().startsWith("show")) { + frame.setVisible(true); + frame.toFront(); + return method.invoke(delegate, args); + } else { //if (method.getName().startsWith("get")) { + return method.invoke(delegate, args); + } + } +} diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/gui/LocalHelpListener.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/gui/LocalHelpListener.java new file mode 100644 index 00000000..c957e132 --- /dev/null +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/gui/LocalHelpListener.java @@ -0,0 +1,61 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.local.gui; + +import at.gv.egiz.bku.gui.AbstractHelpListener; +import at.gv.egiz.bku.gui.DefaultHelpListener; +import java.awt.Desktop; +import java.io.IOException; +import java.net.URISyntaxException; +import java.net.URL; +import java.util.Locale; + +/** + * Open help document in browser, fallback to default (swing dialog) if Java Desktop API not supported. + * + * @author Clemens Orthacker <clemens.orthacker@iaik.tugraz.at> + */ +public class LocalHelpListener extends AbstractHelpListener { + + protected Desktop desktop; + protected DefaultHelpListener fallback; + + public LocalHelpListener(URL baseURL, Locale locale) { + super(baseURL, locale); + if (Desktop.isDesktopSupported()) { + desktop = Desktop.getDesktop(); + } else { + log.info("Java Desktop API not available on current platform (libgnome installed?), falling back to DefaultHelpListener"); + fallback = new DefaultHelpListener(baseURL, locale); + } + } + + @Override + public void showDocument(URL helpDocument, String helpTopic) throws IOException, URISyntaxException { + if (desktop != null) { + if (!desktop.isSupported(Desktop.Action.BROWSE)) { + log.error("Failed to open default browser: The system provides the Desktop API, but does not support the BROWSE action"); + } else { + Desktop.getDesktop().browse(helpDocument.toURI()); + } + } else if (fallback != null) { + fallback.showDocument(helpDocument, helpTopic); + } else { + log.error("failed to display help document"); + } + } +} diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalBKUWorker.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalBKUWorker.java new file mode 100644 index 00000000..1e3f9a1d --- /dev/null +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalBKUWorker.java @@ -0,0 +1,64 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.local.stal; + +import at.gv.egiz.bku.gui.BKUGUIFacade; +import at.gv.egiz.bku.smccstal.AbstractBKUWorker; +import at.gv.egiz.bku.smccstal.PINManagementRequestHandler; +import at.gv.egiz.stal.QuitRequest; +import at.gv.egiz.stal.STALRequest; +import at.gv.egiz.stal.STALResponse; +import at.gv.egiz.stal.SignRequest; + +import at.gv.egiz.stal.ext.PINManagementRequest; +import java.util.List; +import javax.swing.JFrame; + +/** + * + * @author Clemens Orthacker <clemens.orthacker@iaik.tugraz.at> + */ +public class LocalBKUWorker extends AbstractBKUWorker { + + private JFrame container; + + public LocalBKUWorker(BKUGUIFacade gui, JFrame container) { + super(gui); + this.container = container; + addRequestHandler(SignRequest.class, + new LocalSignRequestHandler(new LocalSecureViewer(gui))); + addRequestHandler(PINManagementRequest.class, new PINManagementRequestHandler()); + } + + /** does not change container's visibility (use quit request to close) */ + @Override + public List<STALResponse> handleRequest(List<? extends STALRequest> requestList) { + signatureCard = null; + List<STALResponse> responses = super.handleRequest(requestList); + container.setVisible(false); + return responses; + } + + /** overrides handle quit from abstract bku worker, make container invisible */ + @Override + public STALResponse handleRequest(STALRequest request) { + if (request instanceof QuitRequest) { + container.setVisible(false); + } + return null; + } +} diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSTALFactory.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSTALFactory.java new file mode 100644 index 00000000..44322a07 --- /dev/null +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSTALFactory.java @@ -0,0 +1,126 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.local.stal; + +import at.gv.egiz.bku.viewer.ResourceFontLoader; +import java.awt.Dimension; +import java.awt.Toolkit; +import java.net.MalformedURLException; +import java.util.Locale; + + +import at.gv.egiz.bku.gui.BKUGUIFacade; +import at.gv.egiz.bku.gui.BKUIcons; +import at.gv.egiz.bku.gui.PINManagementGUI; +import at.gv.egiz.bku.gui.PINManagementGUIFacade; +import at.gv.egiz.bku.local.gui.GUIProxy; +import at.gv.egiz.bku.local.gui.LocalHelpListener; +import at.gv.egiz.stal.STAL; +import at.gv.egiz.stal.STALFactory; +import java.net.URL; +import javax.swing.JFrame; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +/** + * Creates a PINManagementGUI and a LocalBKUWorker, which in turn registers + * PINManagementRequestHandler from smccSTALExt. + * The RequestHandler expects PINManagementGUIFacade, therefore BKUGUIProxy has to implement the extended GUI. + * @author clemens + */ +public class LocalSTALFactory implements STALFactory { + + protected static final Log log = LogFactory.getLog(LocalSTALFactory.class); + protected static final Dimension PREFERRED_SIZE = new Dimension(318, 200); + protected String helpURL; + protected Locale locale; + + @Override + public STAL createSTAL() { + + LocalBKUWorker stal; + //http://java.sun.com/docs/books/tutorial/uiswing/misc/focus.html + // use undecorated JFrame instead of JWindow, + // which creates an invisible owning frame and therefore cannot getFocusInWindow() + JFrame dialog = new JFrame("Bürgerkarte"); + if (log.isTraceEnabled()) { + log.debug("alwaysOnTop supported: " + dialog.isAlwaysOnTopSupported()); + } + // [#439] make mocca dialog alwaysOnTop + dialog.setAlwaysOnTop(true); + dialog.setIconImages(BKUIcons.icons); + dialog.setUndecorated(true); +// dialog.getRootPane().setWindowDecorationStyle(JRootPane.NONE); +// dialog.addWindowListener(new WindowAdapter() { +// +// @Override +// public void windowClosing(WindowEvent e) { +// super.windowClosing(e); +// log.debug("closing window ********************"); +// } +// +// }); + if (locale != null) { + dialog.setLocale(locale); + } + LocalHelpListener helpListener = null; + try { + if (helpURL != null) { + helpListener = new LocalHelpListener(new URL(helpURL), locale); + } else { + log.warn("no HELP URL configured, help system disabled"); + } + } catch (MalformedURLException ex) { + log.error("failed to configure help listener: " + ex.getMessage(), ex); + } + PINManagementGUIFacade gui = new PINManagementGUI(dialog.getContentPane(), + dialog.getLocale(), + BKUGUIFacade.Style.advanced, + null, + new ResourceFontLoader(), + helpListener, + null); + BKUGUIFacade proxy = (BKUGUIFacade) GUIProxy.newInstance(gui, dialog, new Class[] { PINManagementGUIFacade.class} ); + stal = new LocalBKUWorker(proxy, dialog); + dialog.setPreferredSize(PREFERRED_SIZE); + dialog.pack(); + Dimension screenSize = Toolkit.getDefaultToolkit().getScreenSize(); + Dimension frameSize = dialog.getSize(); + if (frameSize.height > screenSize.height) { + frameSize.height = screenSize.height; + } + if (frameSize.width > screenSize.width) { + frameSize.width = screenSize.width; + } + dialog.setLocation((screenSize.width - frameSize.width) / 2, + (screenSize.height - frameSize.height) / 2); + return stal; + } + + @Override + public void setLocale(Locale locale) { + this.locale = locale; + } + + public String getHelpURL() { + return helpURL; + } + + public void setHelpURL(String helpURL) { + this.helpURL = helpURL; + } +} diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSecureViewer.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSecureViewer.java new file mode 100644 index 00000000..ae58526c --- /dev/null +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSecureViewer.java @@ -0,0 +1,129 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.local.stal; + +import at.gv.egiz.bku.slcommands.impl.DataObjectHashDataInput; +import at.gv.egiz.bku.smccstal.SecureViewer; +import java.io.IOException; +import java.util.ArrayList; + +import at.gv.egiz.bku.gui.BKUGUIFacade; +import at.gv.egiz.stal.HashDataInput; +import at.gv.egiz.stal.impl.ByteArrayHashDataInput; +import at.gv.egiz.stal.signedinfo.ReferenceType; +import at.gv.egiz.stal.signedinfo.SignedInfoType; +import java.awt.event.ActionListener; +import java.io.ByteArrayOutputStream; +import java.io.InputStream; +import java.util.Collections; +import java.util.List; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +/** + * + * @author Clemens Orthacker <clemens.orthacker@iaik.tugraz.at> + */ +public class LocalSecureViewer implements SecureViewer { + + private static final Log log = LogFactory.getLog(LocalSignRequestHandler.class); + private List<HashDataInput> hashDataInputs = Collections.EMPTY_LIST; + + protected BKUGUIFacade gui; + + public LocalSecureViewer(BKUGUIFacade gui) { + this.gui = gui; + } + + public void setDataToBeSigned(List<HashDataInput> dataToBeSigned) { + this.hashDataInputs = dataToBeSigned; + } + + /** + * + * @param dsigReferences + * @throws java.lang.Exception + */ + @Override + public void displayDataToBeSigned(SignedInfoType signedInfo, + ActionListener okListener, String okCommand) + throws Exception { + if (signedInfo.getReference().size() == 0) { + log.error("No hashdata input selected to be displayed: null"); + throw new Exception("No HashData Input selected to be displayed"); + } + + ArrayList<HashDataInput> selectedHashDataInputs = new ArrayList<HashDataInput>(); + for (ReferenceType dsigRef : signedInfo.getReference()) { + // don't get Manifest, QualifyingProperties, ... + if (dsigRef.getType() == null) { + String dsigRefId = dsigRef.getId(); + if (dsigRefId != null) { + boolean hdiAvailable = false; + for (HashDataInput hashDataInput : hashDataInputs) { + if (dsigRefId.equals(hashDataInput.getReferenceId())) { + log.debug("display hashdata input for dsig:SignedReference " + + dsigRefId); + selectedHashDataInputs.add( + ensureCachedHashDataInput(hashDataInput)); + hdiAvailable = true; + break; + } + } + if (!hdiAvailable) { + log.error("no hashdata input for dsig:SignedReference " + dsigRefId); + throw new Exception( + "No HashDataInput available for dsig:SignedReference " + dsigRefId); + } + } else { + throw new Exception( + "Cannot get HashDataInput for dsig:Reference without Id attribute"); + } + } + } + + if (selectedHashDataInputs.size() < 1) { + log.error("dsig:SignedInfo does not contain a data reference"); + throw new Exception("dsig:SignedInfo does not contain a data reference"); + } + gui.showSecureViewer(selectedHashDataInputs, okListener, okCommand); + } + + + private HashDataInput ensureCachedHashDataInput(HashDataInput hashDataInput) + throws IOException { + if (!(hashDataInput instanceof DataObjectHashDataInput)) { + + log.warn("expected DataObjectHashDataInput for LocalSignRequestHandler, got " + + hashDataInput.getClass().getName()); + + InputStream hdIs = hashDataInput.getHashDataInput(); + ByteArrayOutputStream baos = new ByteArrayOutputStream(hdIs.available()); + int b; + while ((b = hdIs.read()) != -1) { + baos.write(b); + } + hashDataInput = new ByteArrayHashDataInput(baos.toByteArray(), + hashDataInput.getReferenceId(), + hashDataInput.getMimeType(), + hashDataInput.getEncoding(), + hashDataInput.getFilename()); + } + return hashDataInput; + } + +} diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSignRequestHandler.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSignRequestHandler.java new file mode 100644 index 00000000..9ae1d9b9 --- /dev/null +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSignRequestHandler.java @@ -0,0 +1,63 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.local.stal; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.bku.smccstal.SignRequestHandler; +import at.gv.egiz.stal.ErrorResponse; +import at.gv.egiz.stal.STALRequest; +import at.gv.egiz.stal.STALResponse; +import at.gv.egiz.stal.SignRequest; + +/** + * + * @author Clemens Orthacker <clemens.orthacker@iaik.tugraz.at> + */ +public class LocalSignRequestHandler extends SignRequestHandler { + + private static final Log log = LogFactory.getLog(LocalSignRequestHandler.class); + + public LocalSignRequestHandler(LocalSecureViewer secureViewer) { + super(secureViewer); + } + + /** + * If the request is a SIGN request, it contains a list of DataObjectHashDataInput + * providing the pre-digested input stream (that can be obtained repeatedly) if + * reference caching is enabled (or null otherwise). + * @param request + * @return + */ + @SuppressWarnings("unchecked") + @Override + public STALResponse handleRequest(STALRequest request) + throws InterruptedException { + + if (request instanceof SignRequest) { + SignRequest signReq = (SignRequest) request; + ((LocalSecureViewer) secureViewer).setDataToBeSigned(signReq.getHashDataInput()); + return super.handleRequest(request); + } else { + log.fatal("Got unexpected STAL request: " + request); + return new ErrorResponse(1000); + } + + + } +} diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/BKURequestHandler.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/BKURequestHandler.java new file mode 100644 index 00000000..98be4047 --- /dev/null +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/BKURequestHandler.java @@ -0,0 +1,113 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.local.webapp; + +import java.util.Enumeration; +import java.util.HashMap; +import java.util.Iterator; +import java.util.Locale; +import java.util.Map; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.bku.binding.HTTPBindingProcessor; +import at.gv.egiz.bku.binding.HttpUtil; +import at.gv.egiz.bku.conf.Configurator; +import at.gv.egiz.org.apache.tomcat.util.http.AcceptLanguage; + +public class BKURequestHandler extends SpringBKUServlet { + + public final static String ENCODING = "UTF-8"; + + protected Log log = LogFactory.getLog(BKURequestHandler.class); + + protected void doPost(HttpServletRequest req, HttpServletResponse resp) + throws ServletException, java.io.IOException { + + log.debug("Received SecurityLayer request"); + + String acceptLanguage = req.getHeader("Accept-Language"); + Locale locale = AcceptLanguage.getLocale(acceptLanguage); + log.debug("Accept-Language locale: " + locale); + + HTTPBindingProcessor bindingProcessor; + bindingProcessor = (HTTPBindingProcessor) getBindingProcessorManager() + .createBindingProcessor(req.getRequestURL().toString(), null, locale); + Map<String, String> headerMap = new HashMap<String, String>(); + for (Enumeration<String> headerName = req.getHeaderNames(); headerName + .hasMoreElements();) { + String header = headerName.nextElement(); + if (header != null) { + headerMap.put(header, req.getHeader(header)); + } + } + String charset = req.getCharacterEncoding(); + String contentType = req.getContentType(); + if (charset != null) { + contentType += ";" + charset; + } + headerMap.put(HttpUtil.HTTP_HEADER_CONTENT_TYPE, contentType); + bindingProcessor.setHTTPHeaders(headerMap); + bindingProcessor.consumeRequestStream(req.getInputStream()); + + // fixxme just for testing + bindingProcessor.run(); + if (bindingProcessor.getRedirectURL() != null) { + resp.sendRedirect(bindingProcessor.getRedirectURL()); + return; + } + resp.setStatus(bindingProcessor.getResponseCode()); + for (Iterator<String> it = bindingProcessor.getResponseHeaders().keySet() + .iterator(); it.hasNext();) { + String header = it.next(); + resp.setHeader(header, bindingProcessor.getResponseHeaders().get(header)); + } + String version = configurator.getProperty(Configurator.SIGNATURE_LAYOUT); + if ((version != null) && (!"".equals(version.trim()))) { + log.debug("setting SignatureLayout header to " + version); + resp.setHeader(Configurator.SIGNATURE_LAYOUT, version); + } else { + log.debug("do not set SignatureLayout header"); + } + + if (configurator.getProperty(Configurator.USERAGENT_CONFIG_P) != null) { + resp.setHeader(HttpUtil.HTTP_HEADER_SERVER, configurator + .getProperty(Configurator.USERAGENT_CONFIG_P)); + } else { + resp.setHeader(HttpUtil.HTTP_HEADER_SERVER, + Configurator.USERAGENT_DEFAULT); + } + + resp.setContentType(bindingProcessor.getResultContentType()); + resp.setCharacterEncoding(ENCODING); + bindingProcessor.writeResultTo(resp.getOutputStream(), ENCODING); + req.getInputStream().close(); + resp.getOutputStream().flush(); + resp.getOutputStream().close(); + log.debug("Finished Request"); + } + + protected void doGet(HttpServletRequest req, HttpServletResponse resp) + throws ServletException, java.io.IOException { + doPost(req, resp); + } +} diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/PINManagementServlet.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/PINManagementServlet.java new file mode 100644 index 00000000..0c35f1c9 --- /dev/null +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/PINManagementServlet.java @@ -0,0 +1,114 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.local.webapp; + +import at.gv.egiz.bku.local.stal.LocalSTALFactory; +import at.gv.egiz.stal.QuitRequest; +import at.gv.egiz.stal.STAL; +import at.gv.egiz.stal.STALResponse; +import at.gv.egiz.stal.ext.PINManagementRequest; +import java.io.IOException; +import java.net.URL; +import java.util.Collections; +import java.util.List; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +/** + * PINManagementBKUWorker for non-applet version + * @author Clemens Orthacker <clemens.orthacker@iaik.tugraz.at> + */ +public class PINManagementServlet extends HttpServlet { + + private static final Log log = LogFactory.getLog(PINManagementServlet.class); + + LocalSTALFactory stalFactory; + + public PINManagementServlet() { + stalFactory = new LocalSTALFactory(); + stalFactory.setHelpURL("http://localhost:3495/help/"); + } + + /** + * Processes requests for both HTTP <code>GET</code> and <code>POST</code> methods. + * @param request servlet request + * @param response servlet response + * @throws ServletException if a servlet-specific error occurs + * @throws IOException if an I/O error occurs + */ + protected void processRequest(HttpServletRequest request, HttpServletResponse response) + throws ServletException, IOException { + + STAL pinMgmtSTAL = stalFactory.createSTAL(); + List<STALResponse> stalResps = pinMgmtSTAL.handleRequest(Collections.singletonList(new PINManagementRequest())); + if (log.isDebugEnabled()) { + log.debug("received STAL reponse " + stalResps.get(0).getClass()); + } + pinMgmtSTAL.handleRequest(Collections.singletonList(new QuitRequest())); + + String redirect = request.getParameter("redirect"); + if (redirect != null) { + String referer = request.getHeader("Referer"); + if (referer != null) { + redirect = new URL(new URL(referer), redirect).toExternalForm(); + } + response.sendRedirect(redirect); + } else { + response.setStatus(HttpServletResponse.SC_OK); + } + } + + // <editor-fold defaultstate="collapsed" desc="HttpServlet methods. Click on the + sign on the left to edit the code."> + /** + * Handles the HTTP <code>GET</code> method. + * @param request servlet request + * @param response servlet response + * @throws ServletException if a servlet-specific error occurs + * @throws IOException if an I/O error occurs + */ + @Override + protected void doGet(HttpServletRequest request, HttpServletResponse response) + throws ServletException, IOException { + processRequest(request, response); + } + + /** + * Handles the HTTP <code>POST</code> method. + * @param request servlet request + * @param response servlet response + * @throws ServletException if a servlet-specific error occurs + * @throws IOException if an I/O error occurs + */ + @Override + protected void doPost(HttpServletRequest request, HttpServletResponse response) + throws ServletException, IOException { + processRequest(request, response); + } + + /** + * Returns a short description of the servlet. + * @return a String containing servlet description + */ + @Override + public String getServletInfo() { + return "Short description"; + }// </editor-fold> +} diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/SpringBKUServlet.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/SpringBKUServlet.java new file mode 100644 index 00000000..3bd50ba7 --- /dev/null +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/SpringBKUServlet.java @@ -0,0 +1,39 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.local.webapp; + +import javax.servlet.http.HttpServlet; + +import at.gv.egiz.bku.binding.BindingProcessorManager; +import at.gv.egiz.bku.conf.Configurator; + +public abstract class SpringBKUServlet extends HttpServlet { + + public final static String BEAN_NAME = "bindingProcessorManager"; + + protected static Configurator configurator; + + protected BindingProcessorManager getBindingProcessorManager() { + return (BindingProcessorManager) getServletContext() + .getAttribute(BEAN_NAME); + } + + public static void setConfigurator(Configurator conf) { + configurator = conf; + } + +} |