diff options
Diffstat (limited to 'BKULocal/src/main/webapp')
| -rw-r--r-- | BKULocal/src/main/webapp/WEB-INF/applicationContext.xml | 274 | ||||
| -rw-r--r-- | BKULocal/src/main/webapp/WEB-INF/conf/configuration.xml | 10 | ||||
| -rw-r--r-- | BKULocal/src/main/webapp/WEB-INF/web.xml | 18 | ||||
| -rw-r--r-- | BKULocal/src/main/webapp/en/index.html | 64 | ||||
| -rw-r--r-- | BKULocal/src/main/webapp/index.html | 16 |
5 files changed, 272 insertions, 110 deletions
diff --git a/BKULocal/src/main/webapp/WEB-INF/applicationContext.xml b/BKULocal/src/main/webapp/WEB-INF/applicationContext.xml index e96bd088..f85479cb 100644 --- a/BKULocal/src/main/webapp/WEB-INF/applicationContext.xml +++ b/BKULocal/src/main/webapp/WEB-INF/applicationContext.xml @@ -1,109 +1,195 @@ <?xml version="1.0" encoding="UTF-8"?>
-<!--
- Copyright 2008 Federal Chancellery Austria and
- Graz University of Technology
-
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
--->
+ <!--
+ Copyright 2008 Federal Chancellery Austria and Graz University of
+ Technology Licensed under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance with the
+ License. You may obtain a copy of the License at
+ http://www.apache.org/licenses/LICENSE-2.0 Unless required by
+ applicable law or agreed to in writing, software distributed under the
+ License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
+ CONDITIONS OF ANY KIND, either express or implied. See the License for
+ the specific language governing permissions and limitations under the
+ License.
+ -->
<beans xmlns="http://www.springframework.org/schema/beans"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:tx="http://www.springframework.org/schema/tx"
- xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-2.0.xsd">
- <bean id="STALFactory" class="at.gv.egiz.bku.local.stal.LocalSTALFactory"
- scope="singleton">
- <property name="helpURL" value="http://localhost:3495/help/"/>
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:tx="http://www.springframework.org/schema/tx"
+ xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-2.0.xsd">
+
+ <!-- configuration -->
+ <bean id="configurationResource"
+ class="org.springframework.web.context.support.ServletContextParameterFactoryBean">
+ <property name="initParamName" value="configurationResource" />
+ </bean>
+
+ <bean id="configuration" class="at.gv.egiz.bku.spring.ConfigurationFactoryBean">
+ <property name="configurationResource" ref="configurationResource" />
+ </bean>
+
+ <bean id="sslPKIProfile" class="at.gv.egiz.bku.spring.PKIProfileFactoryBean">
+ <property name="configuration" ref="configuration"/>
+ <property name="trustProfileId" value="SSL"/>
</bean>
-
-
- <bean id="bindingProcessorManager" class="at.gv.egiz.bku.binding.BindingProcessorManagerImpl"
- scope="singleton">
- <constructor-arg ref="STALFactory"></constructor-arg>
- <constructor-arg ref="commandInvoker"></constructor-arg>
- <constructor-arg ref="configuration"></constructor-arg>
+
+ <bean id="sslSocketFactory" class="at.gv.egiz.bku.spring.SSLSocketFactoryBean">
+ <property name="configuration" ref="configuration"/>
+ <property name="pkiProfile" ref="sslPKIProfile"/>
</bean>
- <bean
- class="org.springframework.web.context.support.ServletContextAttributeExporter">
- <property name="attributes">
- <map>
- <entry key="bindingProcessorManager">
- <ref bean="bindingProcessorManager" />
- </entry>
- </map>
- </property>
+
+ <bean id="hostnameVerifier" class="at.gv.egiz.bku.spring.ConfigurableHostnameVerifier">
+ <property name="configuration" ref="configuration"/>
</bean>
- <bean id="accessController" class="at.gv.egiz.bku.local.accesscontroller.SpringSecurityManager"
- scope="singleton" init-method="init">
- <property name="config" ref="configurator"/>
- </bean>
-
- <bean id="commandInvoker" class="at.gv.egiz.bku.binding.SLCommandInvokerImpl">
- <property name="securityManager" ref="accessController" />
+ <bean id="urlDereferencer" class="at.gv.egiz.bku.utils.urldereferencer.URLDereferencerImpl"
+ factory-method="getInstance">
+ <property name="SSLSocketFactory" ref="sslSocketFactory"/>
+ <property name="hostnameVerifier" ref="hostnameVerifier"/>
</bean>
+
+ <!-- security manager for the command invoker -->
+ <bean id="securityManager" class="at.gv.egiz.bku.spring.SecurityManagerFactoryBean">
+ <property name="configuration" ref="configuration" />
+ </bean>
- <bean id="slCommandFactory" class="at.gv.egiz.bku.slcommands.SLCommandFactory"
- factory-method="getInstance">
- <property name="commandImpl">
- <map>
- <entry
- key="http://www.buergerkarte.at/namespaces/securitylayer/1.2#:NullOperationRequest"
- value="at.gv.egiz.bku.slcommands.impl.NullOperationCommandImpl" />
- <entry
- key="http://www.buergerkarte.at/namespaces/securitylayer/1.2#:InfoboxReadRequest"
- value="at.gv.egiz.bku.slcommands.impl.InfoboxReadCommandImpl" />
- <entry
- key="http://www.buergerkarte.at/namespaces/securitylayer/1.2#:InfoboxUpdateRequest"
- value="at.gv.egiz.bku.slcommands.impl.InfoboxUpdateCommandImpl" />
- <entry
- key="http://www.buergerkarte.at/namespaces/securitylayer/1.2#:CreateXMLSignatureRequest"
- value="at.gv.egiz.bku.slcommands.impl.CreateXMLSignatureCommandImpl" />
- </map>
- </property>
+ <!-- command invoker -->
+ <bean id="slCommandInvoker" class="at.gv.egiz.bku.binding.SLCommandInvokerImpl">
+ <property name="securityManager" ref="securityManager" />
+ </bean>
+
+ <!-- Security Layer command factory -->
+
+ <bean id="abstractCommandFactory" class="at.gv.egiz.bku.slcommands.AbstractSLCommandFactory"
+ abstract="true">
+ <property name="configuration" ref="configuration"/>
</bean>
- <bean id="infoboxFactory" class="at.gv.egiz.bku.slcommands.impl.InfoboxFactory"
- factory-method="getInstance">
- <property name="infoboxImpl">
- <map>
- <entry
- key="Certificates"
- value="at.gv.egiz.bku.slcommands.impl.CertificatesInfoboxImpl" />
- <entry
- key="IdentityLink"
- value="at.gv.egiz.bku.slcommands.impl.IdentityLinkInfoboxImpl" />
- <entry
- key="CardChannel"
- value="at.gv.egiz.bku.slcommands.impl.CardChannelInfoboxImpl" />
- <entry
- key="SV-Personendaten"
- value="at.gv.egiz.bku.slcommands.impl.SVPersonendatenInfoboxImpl" />
- </map>
- </property>
+ <bean id="certificatesInfoboxFactory"
+ class="at.gv.egiz.bku.slcommands.impl.CertificatesInfoboxFactory" />
+ <bean id="identityLinkInfoboxFactory"
+ class="at.gv.egiz.bku.slcommands.impl.IdentityLinkInfoboxFactory">
+ <property name="identityLinkTransformer">
+ <bean class="at.gv.egiz.idlink.IdentityLinkTransformer">
+ <property name="urlDereferencer" ref="urlDereferencer"/>
+ </bean>
+ </property>
</bean>
-
- <!-- Configure Configuration -->
- <bean id="certValidator" class="at.gv.egiz.bku.conf.CertValidatorImpl"></bean>
-
- <bean id="configurator" class="at.gv.egiz.bku.local.conf.SpringConfigurator"
- init-method="configure">
- <!-- <property name="resource" value="classpath:at/gv/egiz/bku/local/conf/defaultConf.properties"/> -->
- <property name="resource" value="file:${user.home}/.mocca/conf/defaultConf.properties"/>
- <property name="certValidator" ref="certValidator"></property>
+ <!-- not supported -->
+ <!--
+ <bean id="cardChannelInfoboxFactory"
+ class="at.gv.egiz.bku.slcommands.impl.CardChannelInfoboxFactory" />
+ -->
+ <bean id="svPersonendatenInfoboxFactory"
+ class="at.gv.egiz.bku.slcommands.impl.SVPersonendatenInfoboxFactory" />
+
+ <bean id="infoboxFactory" class="at.gv.egiz.bku.slcommands.impl.InfoboxFactory">
+ <property name="infoboxFactories">
+ <map>
+ <entry key="Certificates" value-ref="certificatesInfoboxFactory" />
+ <entry key="IdentityLink" value-ref="identityLinkInfoboxFactory" />
+ <!--
+ <entry key="CardChannel" value-ref="cardChannelInfoboxFactory" />
+ -->
+ <entry key="SV-Personendaten" value-ref="svPersonendatenInfoboxFactory" />
+ </map>
+ </property>
+ </bean>
+
+ <bean id="nullOperationCommandFactory"
+ class="at.gv.egiz.bku.slcommands.impl.NullOperationCommandFactory"
+ parent="abstractCommandFactory" />
+ <bean id="nullOperationRequest" class="javax.xml.namespace.QName">
+ <constructor-arg
+ value="http://www.buergerkarte.at/namespaces/securitylayer/1.2#" />
+ <constructor-arg value="NullOperationRequest" />
+ </bean>
+ <bean id="infoboxReadCommandFactory"
+ class="at.gv.egiz.bku.slcommands.impl.InfoboxReadCommandFactory"
+ parent="abstractCommandFactory">
+ <property name="infoboxFactory" ref="infoboxFactory" />
+ </bean>
+ <bean id="infoboxReadRequest" class="javax.xml.namespace.QName">
+ <constructor-arg
+ value="http://www.buergerkarte.at/namespaces/securitylayer/1.2#" />
+ <constructor-arg value="InfoboxReadRequest" />
+ </bean>
+ <bean id="infoboxUpdateCommandFactory"
+ class="at.gv.egiz.bku.slcommands.impl.InfoboxUpdateCommandFactory"
+ parent="abstractCommandFactory">
+ <property name="infoboxFactory" ref="infoboxFactory" />
+ </bean>
+ <bean id="infoboxUpdateRequest" class="javax.xml.namespace.QName">
+ <constructor-arg
+ value="http://www.buergerkarte.at/namespaces/securitylayer/1.2#" />
+ <constructor-arg value="InfoboxUpdateRequest" />
+ </bean>
+ <bean id="createXMLSignatureCommandFactory"
+ class="at.gv.egiz.bku.slcommands.impl.CreateXMLSignatureCommandFactory"
+ parent="abstractCommandFactory" />
+ <bean id="createXMLSignatureRequest" class="javax.xml.namespace.QName">
+ <constructor-arg
+ value="http://www.buergerkarte.at/namespaces/securitylayer/1.2#" />
+ <constructor-arg value="CreateXMLSignatureRequest" />
+ </bean>
+ <bean id="getStatusCommandFactory" class="at.gv.egiz.bku.slcommands.impl.GetStatusCommandFactory"
+ parent="abstractCommandFactory" />
+ <bean id="getStatusRequest" class="javax.xml.namespace.QName">
+ <constructor-arg
+ value="http://www.buergerkarte.at/namespaces/securitylayer/1.2#" />
+ <constructor-arg value="GetStatusRequest" />
+ </bean>
+
+ <bean id="slCommandFactory" class="at.gv.egiz.bku.slcommands.SLCommandFactory"
+ factory-method="getInstance">
+ <property name="concreteFactories">
+ <map>
+ <entry key-ref="nullOperationRequest" value-ref="nullOperationCommandFactory" />
+ <entry key-ref="infoboxReadRequest" value-ref="infoboxReadCommandFactory" />
+ <entry key-ref="infoboxUpdateRequest" value-ref="infoboxUpdateCommandFactory" />
+ <entry key-ref="createXMLSignatureRequest" value-ref="createXMLSignatureCommandFactory" />
+ <entry key-ref="getStatusRequest" value-ref="getStatusCommandFactory" />
+ </map>
+ </property>
+ </bean>
+
+ <!-- STAL factory -->
+ <bean id="stalFactory" class="at.gv.egiz.bku.local.stal.ExclusiveAccessSTALFactory">
+ <property name="stalFactory">
+ <bean class="at.gv.egiz.bku.local.stal.LocalSTALFactory" scope="singleton">
+ <property name="helpURL" value="http://localhost:3495/help/" />
+ <property name="configuration" ref="configuration" />
+ </bean>
+ </property>
+ </bean>
+
+ <!-- binding processor factories -->
+ <bean id="httpBindingProcessorFactory" class="at.gv.egiz.bku.binding.HTTPBindingProcessorFactory">
+ <property name="configuration" ref="configuration" />
+ <property name="urlDereferencer" ref="urlDereferencer" />
+ <property name="sslSocketFactory" ref="sslSocketFactory" />
+ <property name="hostnameVerifier" ref="hostnameVerifier" />
+ <property name="slCommandFactory" ref="slCommandFactory" />
</bean>
- <!-- Begin MOCCA Configuration [REFACTORED]
- | Configuration beans (no conf properties file) should be injected directly to module configurators.
- | Currently, only the ReaderFactory configuration is considered.
- |-->
- <import resource="file:${user.home}/.mocca/conf/mocca-conf.xml"/>
+ <!-- binding processor manager -->
+ <bean id="bindingProcessorManager" class="at.gv.egiz.bku.binding.BindingProcessorManagerImpl"
+ scope="singleton">
+ <property name="stalFactory" ref="stalFactory" />
+ <property name="slCommandInvoker" ref="slCommandInvoker" />
+ <property name="factories">
+ <list>
+ <ref bean="httpBindingProcessorFactory"/>
+ </list>
+ </property>
+ </bean>
+
+ <bean id="attributeExporter"
+ class="org.springframework.web.context.support.ServletContextAttributeExporter">
+ <property name="attributes">
+ <map>
+ <entry key="bindingProcessorManager">
+ <ref bean="bindingProcessorManager" />
+ </entry>
+ </map>
+ </property>
+ </bean>
</beans>
\ No newline at end of file diff --git a/BKULocal/src/main/webapp/WEB-INF/conf/configuration.xml b/BKULocal/src/main/webapp/WEB-INF/conf/configuration.xml new file mode 100644 index 00000000..20d27bb0 --- /dev/null +++ b/BKULocal/src/main/webapp/WEB-INF/conf/configuration.xml @@ -0,0 +1,10 @@ +<?xml version="1.0" encoding="UTF-8"?> +<MoccaConfiguration version="1.0"> + <DataURLConnection> + <!-- + The maximum number of consecutive Security Layer requests received + from DataURL server before execution is aborted. + --> + <MaxHops>50</MaxHops> + </DataURLConnection> +</MoccaConfiguration>
\ No newline at end of file diff --git a/BKULocal/src/main/webapp/WEB-INF/web.xml b/BKULocal/src/main/webapp/WEB-INF/web.xml index c4ea1e54..b8bc8818 100644 --- a/BKULocal/src/main/webapp/WEB-INF/web.xml +++ b/BKULocal/src/main/webapp/WEB-INF/web.xml @@ -18,16 +18,18 @@ <web-app id="bkulocal" version="2.5" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"> <display-name>http-security-layer-request</display-name> - <!-- Begin Spring Config --> - <context-param> - <param-name>contextConfigLocation</param-name> - <param-value>/WEB-INF/applicationContext.xml</param-value> - </context-param> <listener> - <listener-class> - org.springframework.web.context.ContextLoaderListener - </listener-class> + <listener-class>at.gv.egiz.bku.local.webapp.MoccaContextListener</listener-class> </listener> + + <!-- Begin Spring Config --> + <listener> + <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> + </listener> + <context-param> + <param-name>configurationResource</param-name> + <param-value>file:${user.home}/.mocca/conf/configuration.xml</param-value> + </context-param> <!-- End Spring Config --> <!-- Begin BKU Config --> diff --git a/BKULocal/src/main/webapp/en/index.html b/BKULocal/src/main/webapp/en/index.html new file mode 100644 index 00000000..cfb0f957 --- /dev/null +++ b/BKULocal/src/main/webapp/en/index.html @@ -0,0 +1,64 @@ +<!-- + Copyright 2008 Federal Chancellery Austria and + Graz University of Technology + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +--> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml"> + <head> + <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> + <title>CitizenCard - Welcome</title> + <link href="/help/css/help.css" rel="stylesheet" type="text/css" /> + <link rel="shortcut icon" href="/img/chip16.ico" type="image/x-icon"/> + </head> + + <body class="twoColElsLtHdr"> + + <div id="container"> + <div id="header"> + <h1>Welcome</h1> + <!-- end #header --></div> + <div id="mainContent" style="margin: 1.5em 1.5em 0 1.5em"> + <div style="float:left; margin-right:1em"> + <img src="/img/chip48.png" alt="Logo" width="48" height="48"/> + </div> + <p>Congratulations, you successfully installed the citizen-card environment MOCCA. + Please install the + <a href="/ca.crt">CA certificate</a>¹ as trusted certificate in your browser. + </p> + + <p style="clear:left; margin-top:1.5em">Please also have a look at</p> + <ul> + <li>the <a href="/help/en/">help topics</a>,</li> + <li>the <a href="/PINManagement?redirect=./index.html">PIN management</a> or </li> + <li>the <a href="/ca.crt">CA certificate installation</a> (you may open this link with another browser as well).</li> + </ul> + + <p><br class="clearfloat" /></p> + + <p style="font-size:80%"> + ¹The automated installation of the CA certificate is not available in Microsoft Windows Vista and Windows 7, + please see <a href="/help/en/help.install.cacert.html">Help</a>. + </p> + + </div> + <div id="footer"> + <p> + <a href="http://www.buergerkarte.at">Austrian CitizenCard</a> | <a href="http://mocca.egovlabs.gv.at">CitizenCard Environment MOCCA</a> + </p> + </div> + <!-- end #container --></div> + </body> +</html> + diff --git a/BKULocal/src/main/webapp/index.html b/BKULocal/src/main/webapp/index.html index c6d6c747..f8c6d2c0 100644 --- a/BKULocal/src/main/webapp/index.html +++ b/BKULocal/src/main/webapp/index.html @@ -19,8 +19,8 @@ <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <title>Bürgerkarte - Willkommen</title> - <link href="help/help.css" rel="stylesheet" type="text/css" /> - <link rel="shortcut icon" href="img/chip16.ico" type="image/x-icon"/> + <link href="/help/css/help.css" rel="stylesheet" type="text/css" /> + <link rel="shortcut icon" href="/img/chip16.ico" type="image/x-icon"/> </head> <body class="twoColElsLtHdr"> @@ -31,25 +31,25 @@ <!-- end #header --></div> <div id="mainContent" style="margin: 1.5em 1.5em 0 1.5em"> <div style="float:left; margin-right:1em"> - <img src="img/chip48.png" alt="Logo" width="48" height="48"/> + <img src="/img/chip48.png" alt="Logo" width="48" height="48"/> </div> <p>Sie haben die Bürgerkartenumgebung MOCCA erfolgreich installiert. Um diese zu verwenden installieren Sie bitte noch das - <a href="ca.crt">CA Zertifikat</a>¹ in ihrem Browser. + <a href="/ca.crt">CA Zertifikat</a>¹ in ihrem Browser. </p> <p style="clear:left; margin-top:1.5em">Weiters können Sie</p> <ul> - <li>die <a href="help">Hilfe durchsehen</a>,</li> - <li>die <a href="PINManagement?redirect=./index.html">PIN Verwaltung starten</a> oder </li> - <li>das <a href="ca.crt">CA Zertifikat installieren</a> (rufen Sie diesen Link aus anderen Web-Browsern auf um auch dort das CA Zertifikat zu installieren).</li> + <li>die <a href="/help">Hilfe durchsehen</a>,</li> + <li>die <a href="/PINManagement?redirect=./index.html">PIN Verwaltung starten</a> oder </li> + <li>das <a href="/ca.crt">CA Zertifikat installieren</a> (rufen Sie diesen Link aus anderen Web-Browsern auf um auch dort das CA Zertifikat zu installieren).</li> </ul> <p><br class="clearfloat" /></p> <p style="font-size:80%"> ¹Eine automatisierte Installation ist mit Microsoft Internet Explorer in Windows Vista oder 7 leider nicht möglich, - siehe dazu <a href="help/de/help.install.cacert.html">Hilfe</a>. + siehe dazu <a href="/help/help.install.cacert.html">Hilfe</a>. </p> </div> |