diff options
Diffstat (limited to 'BKULocal/src/main/webapp/WEB-INF')
-rw-r--r-- | BKULocal/src/main/webapp/WEB-INF/applicationContext.xml | 274 | ||||
-rw-r--r-- | BKULocal/src/main/webapp/WEB-INF/conf/configuration.xml | 10 | ||||
-rw-r--r-- | BKULocal/src/main/webapp/WEB-INF/web.xml | 18 |
3 files changed, 200 insertions, 102 deletions
diff --git a/BKULocal/src/main/webapp/WEB-INF/applicationContext.xml b/BKULocal/src/main/webapp/WEB-INF/applicationContext.xml index e96bd088..f85479cb 100644 --- a/BKULocal/src/main/webapp/WEB-INF/applicationContext.xml +++ b/BKULocal/src/main/webapp/WEB-INF/applicationContext.xml @@ -1,109 +1,195 @@ <?xml version="1.0" encoding="UTF-8"?>
-<!--
- Copyright 2008 Federal Chancellery Austria and
- Graz University of Technology
-
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
--->
+ <!--
+ Copyright 2008 Federal Chancellery Austria and Graz University of
+ Technology Licensed under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance with the
+ License. You may obtain a copy of the License at
+ http://www.apache.org/licenses/LICENSE-2.0 Unless required by
+ applicable law or agreed to in writing, software distributed under the
+ License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
+ CONDITIONS OF ANY KIND, either express or implied. See the License for
+ the specific language governing permissions and limitations under the
+ License.
+ -->
<beans xmlns="http://www.springframework.org/schema/beans"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:tx="http://www.springframework.org/schema/tx"
- xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-2.0.xsd">
- <bean id="STALFactory" class="at.gv.egiz.bku.local.stal.LocalSTALFactory"
- scope="singleton">
- <property name="helpURL" value="http://localhost:3495/help/"/>
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:tx="http://www.springframework.org/schema/tx"
+ xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-2.0.xsd">
+
+ <!-- configuration -->
+ <bean id="configurationResource"
+ class="org.springframework.web.context.support.ServletContextParameterFactoryBean">
+ <property name="initParamName" value="configurationResource" />
+ </bean>
+
+ <bean id="configuration" class="at.gv.egiz.bku.spring.ConfigurationFactoryBean">
+ <property name="configurationResource" ref="configurationResource" />
+ </bean>
+
+ <bean id="sslPKIProfile" class="at.gv.egiz.bku.spring.PKIProfileFactoryBean">
+ <property name="configuration" ref="configuration"/>
+ <property name="trustProfileId" value="SSL"/>
</bean>
-
-
- <bean id="bindingProcessorManager" class="at.gv.egiz.bku.binding.BindingProcessorManagerImpl"
- scope="singleton">
- <constructor-arg ref="STALFactory"></constructor-arg>
- <constructor-arg ref="commandInvoker"></constructor-arg>
- <constructor-arg ref="configuration"></constructor-arg>
+
+ <bean id="sslSocketFactory" class="at.gv.egiz.bku.spring.SSLSocketFactoryBean">
+ <property name="configuration" ref="configuration"/>
+ <property name="pkiProfile" ref="sslPKIProfile"/>
</bean>
- <bean
- class="org.springframework.web.context.support.ServletContextAttributeExporter">
- <property name="attributes">
- <map>
- <entry key="bindingProcessorManager">
- <ref bean="bindingProcessorManager" />
- </entry>
- </map>
- </property>
+
+ <bean id="hostnameVerifier" class="at.gv.egiz.bku.spring.ConfigurableHostnameVerifier">
+ <property name="configuration" ref="configuration"/>
</bean>
- <bean id="accessController" class="at.gv.egiz.bku.local.accesscontroller.SpringSecurityManager"
- scope="singleton" init-method="init">
- <property name="config" ref="configurator"/>
- </bean>
-
- <bean id="commandInvoker" class="at.gv.egiz.bku.binding.SLCommandInvokerImpl">
- <property name="securityManager" ref="accessController" />
+ <bean id="urlDereferencer" class="at.gv.egiz.bku.utils.urldereferencer.URLDereferencerImpl"
+ factory-method="getInstance">
+ <property name="SSLSocketFactory" ref="sslSocketFactory"/>
+ <property name="hostnameVerifier" ref="hostnameVerifier"/>
</bean>
+
+ <!-- security manager for the command invoker -->
+ <bean id="securityManager" class="at.gv.egiz.bku.spring.SecurityManagerFactoryBean">
+ <property name="configuration" ref="configuration" />
+ </bean>
- <bean id="slCommandFactory" class="at.gv.egiz.bku.slcommands.SLCommandFactory"
- factory-method="getInstance">
- <property name="commandImpl">
- <map>
- <entry
- key="http://www.buergerkarte.at/namespaces/securitylayer/1.2#:NullOperationRequest"
- value="at.gv.egiz.bku.slcommands.impl.NullOperationCommandImpl" />
- <entry
- key="http://www.buergerkarte.at/namespaces/securitylayer/1.2#:InfoboxReadRequest"
- value="at.gv.egiz.bku.slcommands.impl.InfoboxReadCommandImpl" />
- <entry
- key="http://www.buergerkarte.at/namespaces/securitylayer/1.2#:InfoboxUpdateRequest"
- value="at.gv.egiz.bku.slcommands.impl.InfoboxUpdateCommandImpl" />
- <entry
- key="http://www.buergerkarte.at/namespaces/securitylayer/1.2#:CreateXMLSignatureRequest"
- value="at.gv.egiz.bku.slcommands.impl.CreateXMLSignatureCommandImpl" />
- </map>
- </property>
+ <!-- command invoker -->
+ <bean id="slCommandInvoker" class="at.gv.egiz.bku.binding.SLCommandInvokerImpl">
+ <property name="securityManager" ref="securityManager" />
+ </bean>
+
+ <!-- Security Layer command factory -->
+
+ <bean id="abstractCommandFactory" class="at.gv.egiz.bku.slcommands.AbstractSLCommandFactory"
+ abstract="true">
+ <property name="configuration" ref="configuration"/>
</bean>
- <bean id="infoboxFactory" class="at.gv.egiz.bku.slcommands.impl.InfoboxFactory"
- factory-method="getInstance">
- <property name="infoboxImpl">
- <map>
- <entry
- key="Certificates"
- value="at.gv.egiz.bku.slcommands.impl.CertificatesInfoboxImpl" />
- <entry
- key="IdentityLink"
- value="at.gv.egiz.bku.slcommands.impl.IdentityLinkInfoboxImpl" />
- <entry
- key="CardChannel"
- value="at.gv.egiz.bku.slcommands.impl.CardChannelInfoboxImpl" />
- <entry
- key="SV-Personendaten"
- value="at.gv.egiz.bku.slcommands.impl.SVPersonendatenInfoboxImpl" />
- </map>
- </property>
+ <bean id="certificatesInfoboxFactory"
+ class="at.gv.egiz.bku.slcommands.impl.CertificatesInfoboxFactory" />
+ <bean id="identityLinkInfoboxFactory"
+ class="at.gv.egiz.bku.slcommands.impl.IdentityLinkInfoboxFactory">
+ <property name="identityLinkTransformer">
+ <bean class="at.gv.egiz.idlink.IdentityLinkTransformer">
+ <property name="urlDereferencer" ref="urlDereferencer"/>
+ </bean>
+ </property>
</bean>
-
- <!-- Configure Configuration -->
- <bean id="certValidator" class="at.gv.egiz.bku.conf.CertValidatorImpl"></bean>
-
- <bean id="configurator" class="at.gv.egiz.bku.local.conf.SpringConfigurator"
- init-method="configure">
- <!-- <property name="resource" value="classpath:at/gv/egiz/bku/local/conf/defaultConf.properties"/> -->
- <property name="resource" value="file:${user.home}/.mocca/conf/defaultConf.properties"/>
- <property name="certValidator" ref="certValidator"></property>
+ <!-- not supported -->
+ <!--
+ <bean id="cardChannelInfoboxFactory"
+ class="at.gv.egiz.bku.slcommands.impl.CardChannelInfoboxFactory" />
+ -->
+ <bean id="svPersonendatenInfoboxFactory"
+ class="at.gv.egiz.bku.slcommands.impl.SVPersonendatenInfoboxFactory" />
+
+ <bean id="infoboxFactory" class="at.gv.egiz.bku.slcommands.impl.InfoboxFactory">
+ <property name="infoboxFactories">
+ <map>
+ <entry key="Certificates" value-ref="certificatesInfoboxFactory" />
+ <entry key="IdentityLink" value-ref="identityLinkInfoboxFactory" />
+ <!--
+ <entry key="CardChannel" value-ref="cardChannelInfoboxFactory" />
+ -->
+ <entry key="SV-Personendaten" value-ref="svPersonendatenInfoboxFactory" />
+ </map>
+ </property>
+ </bean>
+
+ <bean id="nullOperationCommandFactory"
+ class="at.gv.egiz.bku.slcommands.impl.NullOperationCommandFactory"
+ parent="abstractCommandFactory" />
+ <bean id="nullOperationRequest" class="javax.xml.namespace.QName">
+ <constructor-arg
+ value="http://www.buergerkarte.at/namespaces/securitylayer/1.2#" />
+ <constructor-arg value="NullOperationRequest" />
+ </bean>
+ <bean id="infoboxReadCommandFactory"
+ class="at.gv.egiz.bku.slcommands.impl.InfoboxReadCommandFactory"
+ parent="abstractCommandFactory">
+ <property name="infoboxFactory" ref="infoboxFactory" />
+ </bean>
+ <bean id="infoboxReadRequest" class="javax.xml.namespace.QName">
+ <constructor-arg
+ value="http://www.buergerkarte.at/namespaces/securitylayer/1.2#" />
+ <constructor-arg value="InfoboxReadRequest" />
+ </bean>
+ <bean id="infoboxUpdateCommandFactory"
+ class="at.gv.egiz.bku.slcommands.impl.InfoboxUpdateCommandFactory"
+ parent="abstractCommandFactory">
+ <property name="infoboxFactory" ref="infoboxFactory" />
+ </bean>
+ <bean id="infoboxUpdateRequest" class="javax.xml.namespace.QName">
+ <constructor-arg
+ value="http://www.buergerkarte.at/namespaces/securitylayer/1.2#" />
+ <constructor-arg value="InfoboxUpdateRequest" />
+ </bean>
+ <bean id="createXMLSignatureCommandFactory"
+ class="at.gv.egiz.bku.slcommands.impl.CreateXMLSignatureCommandFactory"
+ parent="abstractCommandFactory" />
+ <bean id="createXMLSignatureRequest" class="javax.xml.namespace.QName">
+ <constructor-arg
+ value="http://www.buergerkarte.at/namespaces/securitylayer/1.2#" />
+ <constructor-arg value="CreateXMLSignatureRequest" />
+ </bean>
+ <bean id="getStatusCommandFactory" class="at.gv.egiz.bku.slcommands.impl.GetStatusCommandFactory"
+ parent="abstractCommandFactory" />
+ <bean id="getStatusRequest" class="javax.xml.namespace.QName">
+ <constructor-arg
+ value="http://www.buergerkarte.at/namespaces/securitylayer/1.2#" />
+ <constructor-arg value="GetStatusRequest" />
+ </bean>
+
+ <bean id="slCommandFactory" class="at.gv.egiz.bku.slcommands.SLCommandFactory"
+ factory-method="getInstance">
+ <property name="concreteFactories">
+ <map>
+ <entry key-ref="nullOperationRequest" value-ref="nullOperationCommandFactory" />
+ <entry key-ref="infoboxReadRequest" value-ref="infoboxReadCommandFactory" />
+ <entry key-ref="infoboxUpdateRequest" value-ref="infoboxUpdateCommandFactory" />
+ <entry key-ref="createXMLSignatureRequest" value-ref="createXMLSignatureCommandFactory" />
+ <entry key-ref="getStatusRequest" value-ref="getStatusCommandFactory" />
+ </map>
+ </property>
+ </bean>
+
+ <!-- STAL factory -->
+ <bean id="stalFactory" class="at.gv.egiz.bku.local.stal.ExclusiveAccessSTALFactory">
+ <property name="stalFactory">
+ <bean class="at.gv.egiz.bku.local.stal.LocalSTALFactory" scope="singleton">
+ <property name="helpURL" value="http://localhost:3495/help/" />
+ <property name="configuration" ref="configuration" />
+ </bean>
+ </property>
+ </bean>
+
+ <!-- binding processor factories -->
+ <bean id="httpBindingProcessorFactory" class="at.gv.egiz.bku.binding.HTTPBindingProcessorFactory">
+ <property name="configuration" ref="configuration" />
+ <property name="urlDereferencer" ref="urlDereferencer" />
+ <property name="sslSocketFactory" ref="sslSocketFactory" />
+ <property name="hostnameVerifier" ref="hostnameVerifier" />
+ <property name="slCommandFactory" ref="slCommandFactory" />
</bean>
- <!-- Begin MOCCA Configuration [REFACTORED]
- | Configuration beans (no conf properties file) should be injected directly to module configurators.
- | Currently, only the ReaderFactory configuration is considered.
- |-->
- <import resource="file:${user.home}/.mocca/conf/mocca-conf.xml"/>
+ <!-- binding processor manager -->
+ <bean id="bindingProcessorManager" class="at.gv.egiz.bku.binding.BindingProcessorManagerImpl"
+ scope="singleton">
+ <property name="stalFactory" ref="stalFactory" />
+ <property name="slCommandInvoker" ref="slCommandInvoker" />
+ <property name="factories">
+ <list>
+ <ref bean="httpBindingProcessorFactory"/>
+ </list>
+ </property>
+ </bean>
+
+ <bean id="attributeExporter"
+ class="org.springframework.web.context.support.ServletContextAttributeExporter">
+ <property name="attributes">
+ <map>
+ <entry key="bindingProcessorManager">
+ <ref bean="bindingProcessorManager" />
+ </entry>
+ </map>
+ </property>
+ </bean>
</beans>
\ No newline at end of file diff --git a/BKULocal/src/main/webapp/WEB-INF/conf/configuration.xml b/BKULocal/src/main/webapp/WEB-INF/conf/configuration.xml new file mode 100644 index 00000000..20d27bb0 --- /dev/null +++ b/BKULocal/src/main/webapp/WEB-INF/conf/configuration.xml @@ -0,0 +1,10 @@ +<?xml version="1.0" encoding="UTF-8"?> +<MoccaConfiguration version="1.0"> + <DataURLConnection> + <!-- + The maximum number of consecutive Security Layer requests received + from DataURL server before execution is aborted. + --> + <MaxHops>50</MaxHops> + </DataURLConnection> +</MoccaConfiguration>
\ No newline at end of file diff --git a/BKULocal/src/main/webapp/WEB-INF/web.xml b/BKULocal/src/main/webapp/WEB-INF/web.xml index c4ea1e54..b8bc8818 100644 --- a/BKULocal/src/main/webapp/WEB-INF/web.xml +++ b/BKULocal/src/main/webapp/WEB-INF/web.xml @@ -18,16 +18,18 @@ <web-app id="bkulocal" version="2.5" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"> <display-name>http-security-layer-request</display-name> - <!-- Begin Spring Config --> - <context-param> - <param-name>contextConfigLocation</param-name> - <param-value>/WEB-INF/applicationContext.xml</param-value> - </context-param> <listener> - <listener-class> - org.springframework.web.context.ContextLoaderListener - </listener-class> + <listener-class>at.gv.egiz.bku.local.webapp.MoccaContextListener</listener-class> </listener> + + <!-- Begin Spring Config --> + <listener> + <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> + </listener> + <context-param> + <param-name>configurationResource</param-name> + <param-value>file:${user.home}/.mocca/conf/configuration.xml</param-value> + </context-param> <!-- End Spring Config --> <!-- Begin BKU Config --> |