diff options
Diffstat (limited to 'BKULocal')
21 files changed, 747 insertions, 490 deletions
diff --git a/BKULocal/pom.xml b/BKULocal/pom.xml index fa1655ef..19e2633a 100644 --- a/BKULocal/pom.xml +++ b/BKULocal/pom.xml @@ -1,21 +1,16 @@ <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> <parent> - <artifactId>bku</artifactId> + <artifactId>mocca</artifactId> <groupId>at.gv.egiz</groupId> - <version>1.2.14-SNAPSHOT</version> + <version>1.3.0-SNAPSHOT</version> </parent> <modelVersion>4.0.0</modelVersion> <groupId>at.gv.egiz</groupId> <artifactId>BKULocal</artifactId> <packaging>war</packaging> <name>BKU Local</name> - <version>1.2.14-SNAPSHOT</version> + <version>${project.parent.version}</version> - <scm> - <developerConnection>scm:svn:svn://svn.egovlabs.gv.at/svnroot/mocca/trunk/BKULocal</developerConnection> - <connection>scm:svn:svn://svn.egovlabs.gv.at/svnroot/mocca/trunk/BKULocal</connection> - <url>scm:svn:svn://svn.egovlabs.gv.at/svnroot/mocca/trunk/BKULocal</url> - </scm> <build> <plugins> <plugin> @@ -72,42 +67,54 @@ <dependency> <groupId>at.gv.egiz</groupId> <artifactId>STAL</artifactId> - <version>1.2.14-SNAPSHOT</version> + <version>${project.parent.version}</version> </dependency> <dependency> <groupId>at.gv.egiz</groupId> <artifactId>bkucommon</artifactId> - <version>1.2.14-SNAPSHOT</version> + <version>${project.parent.version}</version> </dependency> <dependency> <groupId>at.gv.egiz</groupId> <artifactId>smcc</artifactId> - <version>1.2.14-SNAPSHOT</version> + <version>${project.parent.version}</version> </dependency> <dependency> <groupId>at.gv.egiz</groupId> <artifactId>smccSTAL</artifactId> - <version>1.2.14-SNAPSHOT</version> + <version>${project.parent.version}</version> </dependency> <dependency> <groupId>at.gv.egiz</groupId> <artifactId>BKUGuiExt</artifactId> - <version>1.2.14-SNAPSHOT</version> + <version>${project.parent.version}</version> </dependency> <dependency> <groupId>at.gv.egiz</groupId> <artifactId>smccSTALExt</artifactId> - <version>1.2.14-SNAPSHOT</version> + <version>${project.parent.version}</version> </dependency> <dependency> <groupId>at.gv.egiz</groupId> <artifactId>BKUViewer</artifactId> - <version>1.2.14-SNAPSHOT</version> + <version>${project.parent.version}</version> </dependency> <dependency> <artifactId>BKUHelp</artifactId> <groupId>at.gv.egiz</groupId> - <version>1.2.14-SNAPSHOT</version> + <version>${project.parent.version}</version> + </dependency> + <dependency> + <groupId>iaik</groupId> + <artifactId>iaik_xsect</artifactId> + </dependency> + <dependency> + <groupId>iaik</groupId> + <artifactId>iaik_jce_full_signed</artifactId> + </dependency> + <dependency> + <groupId>iaik</groupId> + <artifactId>iaik_ecc_signed</artifactId> </dependency> <dependency> <groupId>org.springframework</groupId> @@ -116,21 +123,42 @@ <dependency> <groupId>javax.servlet</groupId> <artifactId>servlet-api</artifactId> - <version>2.5</version> <scope>provided</scope> </dependency> <dependency> - <groupId>org.springframework</groupId> - <artifactId>spring-web</artifactId> - <version>2.5.5</version> + <groupId>org.slf4j</groupId> + <artifactId>slf4j-api</artifactId> + </dependency> + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>slf4j-log4j12</artifactId> + <scope>runtime</scope> </dependency> <dependency> - <groupId>commons-logging</groupId> - <artifactId>commons-logging</artifactId> + <groupId>log4j</groupId> + <artifactId>log4j</artifactId> + <scope>compile</scope> + </dependency> + <dependency> + <groupId>org.springframework</groupId> + <artifactId>spring-web</artifactId> + <scope>compile</scope> </dependency> </dependencies> - <properties> - <netbeans.hint.deploy.server>Tomcat60</netbeans.hint.deploy.server> - </properties> + <profiles> + <profile> + <id>tomcat-deploy</id> + <dependencies> + <dependency> + <groupId>log4j</groupId> + <artifactId>log4j</artifactId> + <scope>compile</scope> + </dependency> + </dependencies> + <properties> + <netbeans.hint.deploy.server>Tomcat60</netbeans.hint.deploy.server> + </properties> + </profile> + </profiles> </project> diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/accesscontroller/SpringSecurityManager.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/accesscontroller/SpringSecurityManager.java deleted file mode 100644 index 3f50fc78..00000000 --- a/BKULocal/src/main/java/at/gv/egiz/bku/local/accesscontroller/SpringSecurityManager.java +++ /dev/null @@ -1,65 +0,0 @@ -/*
- * Copyright 2008 Federal Chancellery Austria and
- * Graz University of Technology
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package at.gv.egiz.bku.local.accesscontroller;
-
-import java.io.IOException;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import org.springframework.context.ResourceLoaderAware;
-import org.springframework.core.io.Resource;
-import org.springframework.core.io.ResourceLoader;
-
-import at.gv.egiz.bku.accesscontroller.SecurityManagerFacade;
-import at.gv.egiz.bku.conf.Configurator;
-
-public class SpringSecurityManager extends SecurityManagerFacade implements
- ResourceLoaderAware {
-
- private ResourceLoader resourceLoader;
-
- private static Log log = LogFactory.getLog(SpringSecurityManager.class);
-
- protected Configurator config;
-
- public void setConfig(Configurator config) {
- this.config = config;
- }
-
- public void init() {
- String noMatch = config.getProperty("AccessController.acceptNoMatch");
- if (noMatch != null) {
- log.debug("Setting allow now match to: " + noMatch);
- setAllowUnmatched(Boolean.getBoolean(noMatch));
- }
- String policy = config.getProperty("AccessController.policyResource");
- policy = policy.replace("${user.home}", System.getProperty("user.home"));
- log.info("Loading resource: " + policy);
- try {
- Resource res = resourceLoader.getResource(policy);
- init(res.getInputStream());
- } catch (IOException e) {
- log.error(e);
- }
- }
-
- @Override
- public void setResourceLoader(ResourceLoader loader) {
- this.resourceLoader = loader;
- }
-
-}
diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/conf/SpringConfigurator.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/conf/SpringConfigurator.java deleted file mode 100644 index 7b2641ff..00000000 --- a/BKULocal/src/main/java/at/gv/egiz/bku/local/conf/SpringConfigurator.java +++ /dev/null @@ -1,142 +0,0 @@ -/*
- * Copyright 2008 Federal Chancellery Austria and
- * Graz University of Technology
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package at.gv.egiz.bku.local.conf;
-
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.util.Properties;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import org.springframework.context.ResourceLoaderAware;
-import org.springframework.core.io.Resource;
-import org.springframework.core.io.ResourceLoader;
-
-import at.gv.egiz.bku.conf.Configurator;
-import at.gv.egiz.bku.local.webapp.SpringBKUServlet;
-import at.gv.egiz.bku.slexceptions.SLRuntimeException;
-
-public class SpringConfigurator extends Configurator implements
- ResourceLoaderAware {
-
- private final static Log log = LogFactory.getLog(SpringConfigurator.class);
-
- private ResourceLoader resourceLoader;
-
- public SpringConfigurator() {
- // File configDir = new File(System.getProperty("user.home") +
- // "/.bku/conf");
- // if (configDir.exists()) {
- // log.debug("Found existing config directory: " + configDir);
- // } else {
- // log.info("Config dir not existing, creating new");
- // if (!configDir.mkdirs()) {
- // log.error("Cannot create directory: " + configDir);
- // }
- // }
- }
-
- public void setResource(Resource resource) {
- log.debug("Loading config from: " + resource);
- if (resource != null) {
- Properties props = new Properties();
- try {
- props.load(resource.getInputStream());
- super.setConfiguration(props);
- } catch (IOException e) {
- log.error("Cannot load config", e);
- }
- } else {
- log.warn("Cannot load properties, resource: " + resource);
- }
- }
-
- @Override
- public void configure() {
- if (properties == null) {
- defaultInit();
- }
- super.configure();
- SpringBKUServlet.setConfigurator(this);
- }
-
- public void defaultInit() {
- Properties props = new Properties();
- try {
- props.load(new FileInputStream(System.getProperty("user.home")
- + "/.mocca/war/mocca.war"));
- super.setConfiguration(props);
- } catch (IOException e) {
- log.error("Cannot load config", e);
- }
- }
-
- @Override
- public void setResourceLoader(ResourceLoader loader) {
- this.resourceLoader = loader;
- }
-
- private File getDirectory(String property) {
- property = property
- .replace("${user.home}", System.getProperty("user.home"));
- if (property != null) {
- Resource certDirRes = resourceLoader.getResource(property);
- File certDir;
- try {
- certDir = certDirRes.getFile();
- } catch (IOException e) {
- log.error("Cannot get cert directory", e);
- throw new SLRuntimeException(e);
- }
- if (!certDir.isDirectory()) {
- log.error("Expecting directory as SSL.certDirectory parameter");
- throw new SLRuntimeException(
- "Expecting directory as SSL.certDirectory parameter");
- }
- return certDir;
- }
- return null;
-
- }
-
- @Override
- protected File getCADir() {
- String caDirectory = getProperty("SSL.caDirectory");
- return getDirectory(caDirectory);
- }
-
- @Override
- protected File getCertDir() {
- String certDirectory = getProperty("SSL.certDirectory");
- return getDirectory(certDirectory);
- }
-
- @Override
- protected InputStream getManifest() {
- Resource r = resourceLoader.getResource("META-INF/MANIFEST.MF");
- if ((r != null) && r.isReadable()) {
- try {
- return r.getInputStream();
- } catch (IOException e) {
- log.error("Cannot read manifest data: " + e);
- }
- }
- return null;
- }
-}
\ No newline at end of file diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/gui/GUIProxy.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/gui/GUIProxy.java index 38dd04d9..a9f21087 100644 --- a/BKULocal/src/main/java/at/gv/egiz/bku/local/gui/GUIProxy.java +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/gui/GUIProxy.java @@ -30,7 +30,7 @@ public class GUIProxy implements InvocationHandler { JFrame frame; BKUGUIFacade delegate; - static public Object newInstance(BKUGUIFacade gui, JFrame frame, Class[] interfaces) { + static public Object newInstance(BKUGUIFacade gui, JFrame frame, Class<?>[] interfaces) { return java.lang.reflect.Proxy.newProxyInstance(gui.getClass().getClassLoader(), interfaces, new GUIProxy(gui, frame)); diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/gui/LocalHelpListener.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/gui/LocalHelpListener.java index c957e132..ced47d6c 100644 --- a/BKULocal/src/main/java/at/gv/egiz/bku/local/gui/LocalHelpListener.java +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/gui/LocalHelpListener.java @@ -16,46 +16,62 @@ */ package at.gv.egiz.bku.local.gui; -import at.gv.egiz.bku.gui.AbstractHelpListener; -import at.gv.egiz.bku.gui.DefaultHelpListener; +import at.gv.egiz.bku.gui.ViewerHelpListener; import java.awt.Desktop; -import java.io.IOException; -import java.net.URISyntaxException; -import java.net.URL; +import java.awt.event.KeyEvent; +import java.awt.event.MouseEvent; +import java.net.URI; import java.util.Locale; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + /** - * Open help document in browser, fallback to default (swing dialog) if Java Desktop API not supported. + * Open help document in browser, fallback to help viewer (swing dialog) if Java Desktop API not supported. * * @author Clemens Orthacker <clemens.orthacker@iaik.tugraz.at> */ -public class LocalHelpListener extends AbstractHelpListener { +public class LocalHelpListener extends ViewerHelpListener { + private final Logger log = LoggerFactory.getLogger(LocalHelpListener.class); + protected Desktop desktop; - protected DefaultHelpListener fallback; - public LocalHelpListener(URL baseURL, Locale locale) { - super(baseURL, locale); - if (Desktop.isDesktopSupported()) { + public LocalHelpListener(String helpURL, Locale locale) { + super(helpURL, locale); + if (Desktop.isDesktopSupported() && Desktop.getDesktop().isSupported(Desktop.Action.BROWSE)) { desktop = Desktop.getDesktop(); } else { - log.info("Java Desktop API not available on current platform (libgnome installed?), falling back to DefaultHelpListener"); - fallback = new DefaultHelpListener(baseURL, locale); + log.warn("Java Desktop API not available on current platform (libgnome installed?), " + + "falling back to help viewer"); + } + } + + @Override + public void mouseClicked(MouseEvent e) { + if (desktop != null) { + try { + desktop.browse(new URI(getHelpURL())); + } catch (Exception ex) { + log.error("Failed display help document {}.", getHelpURL(), ex); + super.mouseClicked(e); + } + } else { + super.mouseClicked(e); } } @Override - public void showDocument(URL helpDocument, String helpTopic) throws IOException, URISyntaxException { + public void keyPressed(KeyEvent e) { if (desktop != null) { - if (!desktop.isSupported(Desktop.Action.BROWSE)) { - log.error("Failed to open default browser: The system provides the Desktop API, but does not support the BROWSE action"); - } else { - Desktop.getDesktop().browse(helpDocument.toURI()); + try { + desktop.browse(new URI(getHelpURL())); + } catch (Exception ex) { + log.error("Failed display help document {}.", getHelpURL(), ex); + super.keyPressed(e); } - } else if (fallback != null) { - fallback.showDocument(helpDocument, helpTopic); } else { - log.error("failed to display help document"); + super.keyPressed(e); } } } diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/ExclusiveAccessSTAL.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/ExclusiveAccessSTAL.java new file mode 100644 index 00000000..0b8511e3 --- /dev/null +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/ExclusiveAccessSTAL.java @@ -0,0 +1,76 @@ +/* +* Copyright 2009 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ + +package at.gv.egiz.bku.local.stal; + +import java.util.Collections; +import java.util.List; +import java.util.concurrent.TimeUnit; +import java.util.concurrent.locks.Lock; +import java.util.concurrent.locks.ReentrantLock; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import at.gv.egiz.stal.ErrorResponse; +import at.gv.egiz.stal.STAL; +import at.gv.egiz.stal.STALRequest; +import at.gv.egiz.stal.STALResponse; + +public class ExclusiveAccessSTAL implements STAL { + + private final Logger log = LoggerFactory.getLogger(ExclusiveAccessSTAL.class); + + private Lock lock = new ReentrantLock(true); + + private long timeout = 30; + + private STAL stal; + + public ExclusiveAccessSTAL(STAL stal) { + if (stal == null) { + throw new NullPointerException("Argument 'stal' must not be null."); + } + this.stal = stal; + } + + @Override + public List<STALResponse> handleRequest( + List<? extends STALRequest> aRequestList) { + + try { + if (lock.tryLock(timeout, TimeUnit.SECONDS)) { + try { + return stal.handleRequest(aRequestList); + } finally { + lock.unlock(); + } + } else { + // time out + log.info("Timeout while waiting for exclusive access to STAL."); + ErrorResponse response = new ErrorResponse(6000); + return Collections.singletonList((STALResponse) response); + } + } catch (InterruptedException e) { + // interrupted + ErrorResponse response = new ErrorResponse(6000); + return Collections.singletonList((STALResponse) response); + } + + } + +} diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/ExclusiveAccessSTALFactory.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/ExclusiveAccessSTALFactory.java new file mode 100644 index 00000000..1dee8e2b --- /dev/null +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/ExclusiveAccessSTALFactory.java @@ -0,0 +1,65 @@ +/* +* Copyright 2009 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ + +package at.gv.egiz.bku.local.stal; + +import java.util.Locale; + +import at.gv.egiz.stal.STAL; +import at.gv.egiz.stal.STALFactory; + +public class ExclusiveAccessSTALFactory implements STALFactory { + + private STALFactory stalFactory; + + private ExclusiveAccessSTAL stal; + + private Locale locale; + + /** + * @return the stalFactory + */ + public STALFactory getStalFactory() { + return stalFactory; + } + + /** + * @param stalFactory the stalFactory to set + */ + public synchronized void setStalFactory(STALFactory stalFactory) { + this.stalFactory = stalFactory; + stalFactory.setLocale(locale); + } + + @Override + public synchronized STAL createSTAL() { + if (stal == null && stalFactory != null) { + STAL delegate = stalFactory.createSTAL(); + stal = new ExclusiveAccessSTAL(delegate); + } + return stal; + } + + @Override + public synchronized void setLocale(Locale locale) { + this.locale = locale; + if (stalFactory != null) { + stalFactory.setLocale(locale); + } + } + +} diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalBKUWorker.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalBKUWorker.java index 1e3f9a1d..d2e49039 100644 --- a/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalBKUWorker.java +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalBKUWorker.java @@ -49,7 +49,7 @@ public class LocalBKUWorker extends AbstractBKUWorker { public List<STALResponse> handleRequest(List<? extends STALRequest> requestList) { signatureCard = null; List<STALResponse> responses = super.handleRequest(requestList); - container.setVisible(false); + container.setVisible(false); return responses; } diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSTALFactory.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSTALFactory.java index 44322a07..a703ad5c 100644 --- a/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSTALFactory.java +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSTALFactory.java @@ -19,7 +19,6 @@ package at.gv.egiz.bku.local.stal; import at.gv.egiz.bku.viewer.ResourceFontLoader; import java.awt.Dimension; import java.awt.Toolkit; -import java.net.MalformedURLException; import java.util.Locale; @@ -31,10 +30,11 @@ import at.gv.egiz.bku.local.gui.GUIProxy; import at.gv.egiz.bku.local.gui.LocalHelpListener; import at.gv.egiz.stal.STAL; import at.gv.egiz.stal.STALFactory; -import java.net.URL; import javax.swing.JFrame; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; + +import org.apache.commons.configuration.Configuration; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; /** * Creates a PINManagementGUI and a LocalBKUWorker, which in turn registers @@ -44,55 +44,45 @@ import org.apache.commons.logging.LogFactory; */ public class LocalSTALFactory implements STALFactory { - protected static final Log log = LogFactory.getLog(LocalSTALFactory.class); + private final Logger log = LoggerFactory.getLogger(LocalSTALFactory.class); protected static final Dimension PREFERRED_SIZE = new Dimension(318, 200); protected String helpURL; protected Locale locale; + + protected Configuration configuration; + + @Override public STAL createSTAL() { - LocalBKUWorker stal; + final LocalBKUWorker stal; //http://java.sun.com/docs/books/tutorial/uiswing/misc/focus.html // use undecorated JFrame instead of JWindow, // which creates an invisible owning frame and therefore cannot getFocusInWindow() JFrame dialog = new JFrame("Bürgerkarte"); - if (log.isTraceEnabled()) { - log.debug("alwaysOnTop supported: " + dialog.isAlwaysOnTopSupported()); - } + log.debug("AlwaysOnTop supported: {}.", dialog.isAlwaysOnTopSupported()); // [#439] make mocca dialog alwaysOnTop dialog.setAlwaysOnTop(true); dialog.setIconImages(BKUIcons.icons); - dialog.setUndecorated(true); +// dialog.setUndecorated(true); // dialog.getRootPane().setWindowDecorationStyle(JRootPane.NONE); -// dialog.addWindowListener(new WindowAdapter() { -// -// @Override -// public void windowClosing(WindowEvent e) { -// super.windowClosing(e); -// log.debug("closing window ********************"); -// } -// -// }); + if (locale != null) { dialog.setLocale(locale); } LocalHelpListener helpListener = null; - try { - if (helpURL != null) { - helpListener = new LocalHelpListener(new URL(helpURL), locale); - } else { - log.warn("no HELP URL configured, help system disabled"); - } - } catch (MalformedURLException ex) { - log.error("failed to configure help listener: " + ex.getMessage(), ex); + if (helpURL != null) { + helpListener = new LocalHelpListener(helpURL, locale); + } else { + log.warn("No HELP URL configured, help system disabled."); } PINManagementGUIFacade gui = new PINManagementGUI(dialog.getContentPane(), dialog.getLocale(), BKUGUIFacade.Style.advanced, null, new ResourceFontLoader(), - helpListener, + helpListener, null); BKUGUIFacade proxy = (BKUGUIFacade) GUIProxy.newInstance(gui, dialog, new Class[] { PINManagementGUIFacade.class} ); stal = new LocalBKUWorker(proxy, dialog); @@ -116,11 +106,26 @@ public class LocalSTALFactory implements STALFactory { this.locale = locale; } - public String getHelpURL() { - return helpURL; - } - + /** + * spring injects helpURL + * @param helpURL + */ public void setHelpURL(String helpURL) { this.helpURL = helpURL; } + + /** + * @return the configuration + */ + public Configuration getConfiguration() { + return configuration; + } + + /** + * @param configuration the configuration to set + */ + public void setConfiguration(Configuration configuration) { + this.configuration = configuration; + } + } diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSecureViewer.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSecureViewer.java index ae58526c..749a455a 100644 --- a/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSecureViewer.java +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSecureViewer.java @@ -31,8 +31,8 @@ import java.io.ByteArrayOutputStream; import java.io.InputStream; import java.util.Collections; import java.util.List; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; /** * @@ -40,8 +40,8 @@ import org.apache.commons.logging.LogFactory; */ public class LocalSecureViewer implements SecureViewer { - private static final Log log = LogFactory.getLog(LocalSignRequestHandler.class); - private List<HashDataInput> hashDataInputs = Collections.EMPTY_LIST; + private final Logger log = LoggerFactory.getLogger(LocalSignRequestHandler.class); + private List<HashDataInput> hashDataInputs = Collections.emptyList(); protected BKUGUIFacade gui; @@ -63,8 +63,8 @@ public class LocalSecureViewer implements SecureViewer { ActionListener okListener, String okCommand) throws Exception { if (signedInfo.getReference().size() == 0) { - log.error("No hashdata input selected to be displayed: null"); - throw new Exception("No HashData Input selected to be displayed"); + log.error("No hashdata input selected to be displayed: null."); + throw new Exception("No HashData Input selected to be displayed."); } ArrayList<HashDataInput> selectedHashDataInputs = new ArrayList<HashDataInput>(); @@ -76,8 +76,8 @@ public class LocalSecureViewer implements SecureViewer { boolean hdiAvailable = false; for (HashDataInput hashDataInput : hashDataInputs) { if (dsigRefId.equals(hashDataInput.getReferenceId())) { - log.debug("display hashdata input for dsig:SignedReference " + - dsigRefId); + log.debug("Display hashdata input for dsig:SignedReference {}.", + dsigRefId); selectedHashDataInputs.add( ensureCachedHashDataInput(hashDataInput)); hdiAvailable = true; @@ -85,7 +85,7 @@ public class LocalSecureViewer implements SecureViewer { } } if (!hdiAvailable) { - log.error("no hashdata input for dsig:SignedReference " + dsigRefId); + log.error("No hashdata input for dsig:SignedReference {}.", dsigRefId); throw new Exception( "No HashDataInput available for dsig:SignedReference " + dsigRefId); } @@ -97,8 +97,8 @@ public class LocalSecureViewer implements SecureViewer { } if (selectedHashDataInputs.size() < 1) { - log.error("dsig:SignedInfo does not contain a data reference"); - throw new Exception("dsig:SignedInfo does not contain a data reference"); + log.error("dsig:SignedInfo does not contain a data reference."); + throw new Exception("dsig:SignedInfo does not contain a data reference."); } gui.showSecureViewer(selectedHashDataInputs, okListener, okCommand); } @@ -108,7 +108,7 @@ public class LocalSecureViewer implements SecureViewer { throws IOException { if (!(hashDataInput instanceof DataObjectHashDataInput)) { - log.warn("expected DataObjectHashDataInput for LocalSignRequestHandler, got " + + log.warn("Expected DataObjectHashDataInput for LocalSignRequestHandler, got {}.", hashDataInput.getClass().getName()); InputStream hdIs = hashDataInput.getHashDataInput(); diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSignRequestHandler.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSignRequestHandler.java index 9ae1d9b9..a1f77a85 100644 --- a/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSignRequestHandler.java +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSignRequestHandler.java @@ -16,8 +16,8 @@ */ package at.gv.egiz.bku.local.stal; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; import at.gv.egiz.bku.smccstal.SignRequestHandler; import at.gv.egiz.stal.ErrorResponse; @@ -31,7 +31,7 @@ import at.gv.egiz.stal.SignRequest; */ public class LocalSignRequestHandler extends SignRequestHandler { - private static final Log log = LogFactory.getLog(LocalSignRequestHandler.class); + private final Logger log = LoggerFactory.getLogger(LocalSignRequestHandler.class); public LocalSignRequestHandler(LocalSecureViewer secureViewer) { super(secureViewer); @@ -44,7 +44,6 @@ public class LocalSignRequestHandler extends SignRequestHandler { * @param request * @return */ - @SuppressWarnings("unchecked") @Override public STALResponse handleRequest(STALRequest request) throws InterruptedException { @@ -54,7 +53,7 @@ public class LocalSignRequestHandler extends SignRequestHandler { ((LocalSecureViewer) secureViewer).setDataToBeSigned(signReq.getHashDataInput()); return super.handleRequest(request); } else { - log.fatal("Got unexpected STAL request: " + request); + log.error("Got unexpected STAL request: {}.", request); return new ErrorResponse(1000); } diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/BKURequestHandler.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/BKURequestHandler.java index 98be4047..cd81b592 100644 --- a/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/BKURequestHandler.java +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/BKURequestHandler.java @@ -16,98 +16,139 @@ */ package at.gv.egiz.bku.local.webapp; +import java.io.ByteArrayInputStream; +import java.io.InputStream; import java.util.Enumeration; import java.util.HashMap; -import java.util.Iterator; import java.util.Locale; import java.util.Map; +import java.util.concurrent.ExecutionException; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; -import at.gv.egiz.bku.binding.HTTPBindingProcessor; +import at.gv.egiz.bku.binding.BindingProcessorFuture; +import at.gv.egiz.bku.binding.BindingProcessorManager; +import at.gv.egiz.bku.binding.HTTPBindingProcessorImpl; import at.gv.egiz.bku.binding.HttpUtil; -import at.gv.egiz.bku.conf.Configurator; +import at.gv.egiz.bku.binding.Id; +import at.gv.egiz.bku.binding.IdFactory; +import at.gv.egiz.bku.binding.InputDecoderFactory; import at.gv.egiz.org.apache.tomcat.util.http.AcceptLanguage; public class BKURequestHandler extends SpringBKUServlet { - public final static String ENCODING = "UTF-8"; + private static final long serialVersionUID = 1L; - protected Log log = LogFactory.getLog(BKURequestHandler.class); + public final static String ENCODING = "UTF-8"; + private final Logger log = LoggerFactory.getLogger(BKURequestHandler.class); + + @Override protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, java.io.IOException { - log.debug("Received SecurityLayer request"); - String acceptLanguage = req.getHeader("Accept-Language"); Locale locale = AcceptLanguage.getLocale(acceptLanguage); - log.debug("Accept-Language locale: " + locale); + log.info("Received request. Accept-Language locale: {}.", locale); - HTTPBindingProcessor bindingProcessor; - bindingProcessor = (HTTPBindingProcessor) getBindingProcessorManager() - .createBindingProcessor(req.getRequestURL().toString(), null, locale); + BindingProcessorManager bindingProcessorManager = getBindingProcessorManager(); + + HTTPBindingProcessorImpl bindingProcessor; + bindingProcessor = (HTTPBindingProcessorImpl) bindingProcessorManager + .createBindingProcessor("HTTP", locale); Map<String, String> headerMap = new HashMap<String, String>(); - for (Enumeration<String> headerName = req.getHeaderNames(); headerName + for (Enumeration<?> headerName = req.getHeaderNames(); headerName .hasMoreElements();) { - String header = headerName.nextElement(); + String header = (String) headerName.nextElement(); if (header != null) { headerMap.put(header, req.getHeader(header)); } } - String charset = req.getCharacterEncoding(); - String contentType = req.getContentType(); - if (charset != null) { - contentType += ";" + charset; + + InputStream inputStream; + String charset; + if (req.getMethod().equals("POST")) { + charset = req.getCharacterEncoding(); + String contentType = req.getContentType(); + if (charset != null) { + contentType += ";" + charset; + } + headerMap.put(HttpUtil.HTTP_HEADER_CONTENT_TYPE, contentType); + inputStream = req.getInputStream(); + } else { + charset = "UTF-8"; + headerMap.put(HttpUtil.HTTP_HEADER_CONTENT_TYPE, + InputDecoderFactory.URL_ENCODED); + String queryString = req.getQueryString(); + if (queryString != null) { + inputStream = new ByteArrayInputStream(queryString.getBytes(charset)); + } else { + inputStream = new ByteArrayInputStream(new byte[] {}); + } } - headerMap.put(HttpUtil.HTTP_HEADER_CONTENT_TYPE, contentType); bindingProcessor.setHTTPHeaders(headerMap); - bindingProcessor.consumeRequestStream(req.getInputStream()); + bindingProcessor.consumeRequestStream(req.getRequestURL().toString(), inputStream); + req.getInputStream().close(); - // fixxme just for testing - bindingProcessor.run(); - if (bindingProcessor.getRedirectURL() != null) { - resp.sendRedirect(bindingProcessor.getRedirectURL()); - return; - } + String redirectURL = bindingProcessor.getRedirectURL(); + + Id id = IdFactory.getInstance().createId(); + BindingProcessorFuture bindingProcessorFuture = bindingProcessorManager + .process(id, bindingProcessor); + + if (redirectURL != null) { + // send redirect and return + resp.sendRedirect(redirectURL); + return; + } + + // wait for the binding processor to finish processing + try { + bindingProcessorFuture.get(); + } catch (InterruptedException e) { + resp.sendError(HttpServletResponse.SC_SERVICE_UNAVAILABLE); + return; + } catch (ExecutionException e) { + log.error("Request processing failed.", e); + resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + return; + } + resp.setStatus(bindingProcessor.getResponseCode()); - for (Iterator<String> it = bindingProcessor.getResponseHeaders().keySet() - .iterator(); it.hasNext();) { - String header = it.next(); - resp.setHeader(header, bindingProcessor.getResponseHeaders().get(header)); + + // set response headers + Map<String, String> responseHeaders = bindingProcessor.getResponseHeaders(); + for (String header : responseHeaders.keySet()) { + resp.setHeader(header, responseHeaders.get(header)); } - String version = configurator.getProperty(Configurator.SIGNATURE_LAYOUT); - if ((version != null) && (!"".equals(version.trim()))) { - log.debug("setting SignatureLayout header to " + version); - resp.setHeader(Configurator.SIGNATURE_LAYOUT, version); - } else { - log.debug("do not set SignatureLayout header"); + String serverHeader = bindingProcessor.getServerHeaderValue(); + if (serverHeader != null && !serverHeader.isEmpty()) { + resp.setHeader(HttpUtil.HTTP_HEADER_SERVER, serverHeader); + } + String signatureLayout = bindingProcessor.getSignatureLayoutHeaderValue(); + if (signatureLayout != null && !signatureLayout.isEmpty()) { + resp.setHeader("SignatureLayout", signatureLayout); } - - if (configurator.getProperty(Configurator.USERAGENT_CONFIG_P) != null) { - resp.setHeader(HttpUtil.HTTP_HEADER_SERVER, configurator - .getProperty(Configurator.USERAGENT_CONFIG_P)); - } else { - resp.setHeader(HttpUtil.HTTP_HEADER_SERVER, - Configurator.USERAGENT_DEFAULT); - } resp.setContentType(bindingProcessor.getResultContentType()); resp.setCharacterEncoding(ENCODING); bindingProcessor.writeResultTo(resp.getOutputStream(), ENCODING); - req.getInputStream().close(); + resp.getOutputStream().flush(); resp.getOutputStream().close(); - log.debug("Finished Request"); + log.debug("Finished Request."); } + @Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, java.io.IOException { doPost(req, resp); } + + } diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/MoccaContextListener.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/MoccaContextListener.java new file mode 100644 index 00000000..428190eb --- /dev/null +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/MoccaContextListener.java @@ -0,0 +1,93 @@ +/* +* Copyright 2009 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ + +package at.gv.egiz.bku.local.webapp; + +import iaik.security.ecc.provider.ECCProvider; +import iaik.security.provider.IAIK; +import iaik.xml.crypto.XSecProvider; + +import java.security.Provider; +import java.security.Security; + +import javax.servlet.ServletContextEvent; +import javax.servlet.ServletContextListener; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +public class MoccaContextListener implements ServletContextListener { + + private Logger log = LoggerFactory.getLogger(MoccaContextListener.class); + + @Override + public void contextDestroyed(ServletContextEvent sce) { + } + + @Override + public void contextInitialized(ServletContextEvent sce) { + + log.info("Registering security providers ..."); + + registerProviders(); + + if (log.isDebugEnabled()) { + StringBuilder sb = new StringBuilder(); + sb.append("Registered providers: "); + int i = 1; + for (Provider prov : Security.getProviders()) { + sb.append("\n" + (i++) + ". : " + prov); + } + log.debug(sb.toString()); + } + } + + protected void registerProvider(Provider provider, int position) { + String name = provider.getName(); + if (Security.getProvider(name) == null) { + // register IAIK provider at first position + try { + Security.insertProviderAt(provider, position); + } catch (SecurityException e) { + log.info("Failed to register required security Provider.", e); + } + } else { + log.info("Required security Provider {} already registered.", name); + } + + } + + protected void registerProviders() { + + registerProvider(new IAIK(), 1); + registerProvider(new ECCProvider(false), 2); + + final String name = XSecProvider.NAME; + if (Security.getProvider(XSecProvider.NAME) == null) { + // register XML Security provider + try { + XSecProvider.addAsProvider(false); + } catch (SecurityException e) { + log.info("Failed to register required security Provider.", e); + } + } else { + log.info("Required security Provider {} already registered.", name); + } + + } + +} diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/PINManagementServlet.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/PINManagementServlet.java index 0c35f1c9..ab41634e 100644 --- a/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/PINManagementServlet.java +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/PINManagementServlet.java @@ -29,8 +29,8 @@ import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; /** * PINManagementBKUWorker for non-applet version @@ -38,7 +38,9 @@ import org.apache.commons.logging.LogFactory; */ public class PINManagementServlet extends HttpServlet { - private static final Log log = LogFactory.getLog(PINManagementServlet.class); + private static final long serialVersionUID = 1L; + + private final Logger log = LoggerFactory.getLogger(PINManagementServlet.class); LocalSTALFactory stalFactory; @@ -59,9 +61,7 @@ public class PINManagementServlet extends HttpServlet { STAL pinMgmtSTAL = stalFactory.createSTAL(); List<STALResponse> stalResps = pinMgmtSTAL.handleRequest(Collections.singletonList(new PINManagementRequest())); - if (log.isDebugEnabled()) { - log.debug("received STAL reponse " + stalResps.get(0).getClass()); - } + log.debug("Received STAL reponse {}.", stalResps.get(0).getClass()); pinMgmtSTAL.handleRequest(Collections.singletonList(new QuitRequest())); String redirect = request.getParameter("redirect"); diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/SpringBKUServlet.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/SpringBKUServlet.java index 3bd50ba7..62f393a8 100644 --- a/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/SpringBKUServlet.java +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/SpringBKUServlet.java @@ -19,21 +19,16 @@ package at.gv.egiz.bku.local.webapp; import javax.servlet.http.HttpServlet; import at.gv.egiz.bku.binding.BindingProcessorManager; -import at.gv.egiz.bku.conf.Configurator; public abstract class SpringBKUServlet extends HttpServlet { - public final static String BEAN_NAME = "bindingProcessorManager"; + private static final long serialVersionUID = 1L; - protected static Configurator configurator; + public final static String BEAN_NAME = "bindingProcessorManager"; protected BindingProcessorManager getBindingProcessorManager() { return (BindingProcessorManager) getServletContext() .getAttribute(BEAN_NAME); } - public static void setConfigurator(Configurator conf) { - configurator = conf; - } - } diff --git a/BKULocal/src/main/resources/commons-logging.properties b/BKULocal/src/main/resources/commons-logging.properties deleted file mode 100644 index 0d497b1b..00000000 --- a/BKULocal/src/main/resources/commons-logging.properties +++ /dev/null @@ -1,16 +0,0 @@ -# Copyright 2008 Federal Chancellery Austria and -# Graz University of Technology -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -org.apache.commons.logging.Log=org.apache.commons.logging.impl.Log4JLogger diff --git a/BKULocal/src/main/webapp/WEB-INF/applicationContext.xml b/BKULocal/src/main/webapp/WEB-INF/applicationContext.xml index e96bd088..f85479cb 100644 --- a/BKULocal/src/main/webapp/WEB-INF/applicationContext.xml +++ b/BKULocal/src/main/webapp/WEB-INF/applicationContext.xml @@ -1,109 +1,195 @@ <?xml version="1.0" encoding="UTF-8"?>
-<!--
- Copyright 2008 Federal Chancellery Austria and
- Graz University of Technology
-
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
--->
+ <!--
+ Copyright 2008 Federal Chancellery Austria and Graz University of
+ Technology Licensed under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance with the
+ License. You may obtain a copy of the License at
+ http://www.apache.org/licenses/LICENSE-2.0 Unless required by
+ applicable law or agreed to in writing, software distributed under the
+ License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
+ CONDITIONS OF ANY KIND, either express or implied. See the License for
+ the specific language governing permissions and limitations under the
+ License.
+ -->
<beans xmlns="http://www.springframework.org/schema/beans"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:tx="http://www.springframework.org/schema/tx"
- xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-2.0.xsd">
- <bean id="STALFactory" class="at.gv.egiz.bku.local.stal.LocalSTALFactory"
- scope="singleton">
- <property name="helpURL" value="http://localhost:3495/help/"/>
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:tx="http://www.springframework.org/schema/tx"
+ xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-2.0.xsd">
+
+ <!-- configuration -->
+ <bean id="configurationResource"
+ class="org.springframework.web.context.support.ServletContextParameterFactoryBean">
+ <property name="initParamName" value="configurationResource" />
+ </bean>
+
+ <bean id="configuration" class="at.gv.egiz.bku.spring.ConfigurationFactoryBean">
+ <property name="configurationResource" ref="configurationResource" />
+ </bean>
+
+ <bean id="sslPKIProfile" class="at.gv.egiz.bku.spring.PKIProfileFactoryBean">
+ <property name="configuration" ref="configuration"/>
+ <property name="trustProfileId" value="SSL"/>
</bean>
-
-
- <bean id="bindingProcessorManager" class="at.gv.egiz.bku.binding.BindingProcessorManagerImpl"
- scope="singleton">
- <constructor-arg ref="STALFactory"></constructor-arg>
- <constructor-arg ref="commandInvoker"></constructor-arg>
- <constructor-arg ref="configuration"></constructor-arg>
+
+ <bean id="sslSocketFactory" class="at.gv.egiz.bku.spring.SSLSocketFactoryBean">
+ <property name="configuration" ref="configuration"/>
+ <property name="pkiProfile" ref="sslPKIProfile"/>
</bean>
- <bean
- class="org.springframework.web.context.support.ServletContextAttributeExporter">
- <property name="attributes">
- <map>
- <entry key="bindingProcessorManager">
- <ref bean="bindingProcessorManager" />
- </entry>
- </map>
- </property>
+
+ <bean id="hostnameVerifier" class="at.gv.egiz.bku.spring.ConfigurableHostnameVerifier">
+ <property name="configuration" ref="configuration"/>
</bean>
- <bean id="accessController" class="at.gv.egiz.bku.local.accesscontroller.SpringSecurityManager"
- scope="singleton" init-method="init">
- <property name="config" ref="configurator"/>
- </bean>
-
- <bean id="commandInvoker" class="at.gv.egiz.bku.binding.SLCommandInvokerImpl">
- <property name="securityManager" ref="accessController" />
+ <bean id="urlDereferencer" class="at.gv.egiz.bku.utils.urldereferencer.URLDereferencerImpl"
+ factory-method="getInstance">
+ <property name="SSLSocketFactory" ref="sslSocketFactory"/>
+ <property name="hostnameVerifier" ref="hostnameVerifier"/>
</bean>
+
+ <!-- security manager for the command invoker -->
+ <bean id="securityManager" class="at.gv.egiz.bku.spring.SecurityManagerFactoryBean">
+ <property name="configuration" ref="configuration" />
+ </bean>
- <bean id="slCommandFactory" class="at.gv.egiz.bku.slcommands.SLCommandFactory"
- factory-method="getInstance">
- <property name="commandImpl">
- <map>
- <entry
- key="http://www.buergerkarte.at/namespaces/securitylayer/1.2#:NullOperationRequest"
- value="at.gv.egiz.bku.slcommands.impl.NullOperationCommandImpl" />
- <entry
- key="http://www.buergerkarte.at/namespaces/securitylayer/1.2#:InfoboxReadRequest"
- value="at.gv.egiz.bku.slcommands.impl.InfoboxReadCommandImpl" />
- <entry
- key="http://www.buergerkarte.at/namespaces/securitylayer/1.2#:InfoboxUpdateRequest"
- value="at.gv.egiz.bku.slcommands.impl.InfoboxUpdateCommandImpl" />
- <entry
- key="http://www.buergerkarte.at/namespaces/securitylayer/1.2#:CreateXMLSignatureRequest"
- value="at.gv.egiz.bku.slcommands.impl.CreateXMLSignatureCommandImpl" />
- </map>
- </property>
+ <!-- command invoker -->
+ <bean id="slCommandInvoker" class="at.gv.egiz.bku.binding.SLCommandInvokerImpl">
+ <property name="securityManager" ref="securityManager" />
+ </bean>
+
+ <!-- Security Layer command factory -->
+
+ <bean id="abstractCommandFactory" class="at.gv.egiz.bku.slcommands.AbstractSLCommandFactory"
+ abstract="true">
+ <property name="configuration" ref="configuration"/>
</bean>
- <bean id="infoboxFactory" class="at.gv.egiz.bku.slcommands.impl.InfoboxFactory"
- factory-method="getInstance">
- <property name="infoboxImpl">
- <map>
- <entry
- key="Certificates"
- value="at.gv.egiz.bku.slcommands.impl.CertificatesInfoboxImpl" />
- <entry
- key="IdentityLink"
- value="at.gv.egiz.bku.slcommands.impl.IdentityLinkInfoboxImpl" />
- <entry
- key="CardChannel"
- value="at.gv.egiz.bku.slcommands.impl.CardChannelInfoboxImpl" />
- <entry
- key="SV-Personendaten"
- value="at.gv.egiz.bku.slcommands.impl.SVPersonendatenInfoboxImpl" />
- </map>
- </property>
+ <bean id="certificatesInfoboxFactory"
+ class="at.gv.egiz.bku.slcommands.impl.CertificatesInfoboxFactory" />
+ <bean id="identityLinkInfoboxFactory"
+ class="at.gv.egiz.bku.slcommands.impl.IdentityLinkInfoboxFactory">
+ <property name="identityLinkTransformer">
+ <bean class="at.gv.egiz.idlink.IdentityLinkTransformer">
+ <property name="urlDereferencer" ref="urlDereferencer"/>
+ </bean>
+ </property>
</bean>
-
- <!-- Configure Configuration -->
- <bean id="certValidator" class="at.gv.egiz.bku.conf.CertValidatorImpl"></bean>
-
- <bean id="configurator" class="at.gv.egiz.bku.local.conf.SpringConfigurator"
- init-method="configure">
- <!-- <property name="resource" value="classpath:at/gv/egiz/bku/local/conf/defaultConf.properties"/> -->
- <property name="resource" value="file:${user.home}/.mocca/conf/defaultConf.properties"/>
- <property name="certValidator" ref="certValidator"></property>
+ <!-- not supported -->
+ <!--
+ <bean id="cardChannelInfoboxFactory"
+ class="at.gv.egiz.bku.slcommands.impl.CardChannelInfoboxFactory" />
+ -->
+ <bean id="svPersonendatenInfoboxFactory"
+ class="at.gv.egiz.bku.slcommands.impl.SVPersonendatenInfoboxFactory" />
+
+ <bean id="infoboxFactory" class="at.gv.egiz.bku.slcommands.impl.InfoboxFactory">
+ <property name="infoboxFactories">
+ <map>
+ <entry key="Certificates" value-ref="certificatesInfoboxFactory" />
+ <entry key="IdentityLink" value-ref="identityLinkInfoboxFactory" />
+ <!--
+ <entry key="CardChannel" value-ref="cardChannelInfoboxFactory" />
+ -->
+ <entry key="SV-Personendaten" value-ref="svPersonendatenInfoboxFactory" />
+ </map>
+ </property>
+ </bean>
+
+ <bean id="nullOperationCommandFactory"
+ class="at.gv.egiz.bku.slcommands.impl.NullOperationCommandFactory"
+ parent="abstractCommandFactory" />
+ <bean id="nullOperationRequest" class="javax.xml.namespace.QName">
+ <constructor-arg
+ value="http://www.buergerkarte.at/namespaces/securitylayer/1.2#" />
+ <constructor-arg value="NullOperationRequest" />
+ </bean>
+ <bean id="infoboxReadCommandFactory"
+ class="at.gv.egiz.bku.slcommands.impl.InfoboxReadCommandFactory"
+ parent="abstractCommandFactory">
+ <property name="infoboxFactory" ref="infoboxFactory" />
+ </bean>
+ <bean id="infoboxReadRequest" class="javax.xml.namespace.QName">
+ <constructor-arg
+ value="http://www.buergerkarte.at/namespaces/securitylayer/1.2#" />
+ <constructor-arg value="InfoboxReadRequest" />
+ </bean>
+ <bean id="infoboxUpdateCommandFactory"
+ class="at.gv.egiz.bku.slcommands.impl.InfoboxUpdateCommandFactory"
+ parent="abstractCommandFactory">
+ <property name="infoboxFactory" ref="infoboxFactory" />
+ </bean>
+ <bean id="infoboxUpdateRequest" class="javax.xml.namespace.QName">
+ <constructor-arg
+ value="http://www.buergerkarte.at/namespaces/securitylayer/1.2#" />
+ <constructor-arg value="InfoboxUpdateRequest" />
+ </bean>
+ <bean id="createXMLSignatureCommandFactory"
+ class="at.gv.egiz.bku.slcommands.impl.CreateXMLSignatureCommandFactory"
+ parent="abstractCommandFactory" />
+ <bean id="createXMLSignatureRequest" class="javax.xml.namespace.QName">
+ <constructor-arg
+ value="http://www.buergerkarte.at/namespaces/securitylayer/1.2#" />
+ <constructor-arg value="CreateXMLSignatureRequest" />
+ </bean>
+ <bean id="getStatusCommandFactory" class="at.gv.egiz.bku.slcommands.impl.GetStatusCommandFactory"
+ parent="abstractCommandFactory" />
+ <bean id="getStatusRequest" class="javax.xml.namespace.QName">
+ <constructor-arg
+ value="http://www.buergerkarte.at/namespaces/securitylayer/1.2#" />
+ <constructor-arg value="GetStatusRequest" />
+ </bean>
+
+ <bean id="slCommandFactory" class="at.gv.egiz.bku.slcommands.SLCommandFactory"
+ factory-method="getInstance">
+ <property name="concreteFactories">
+ <map>
+ <entry key-ref="nullOperationRequest" value-ref="nullOperationCommandFactory" />
+ <entry key-ref="infoboxReadRequest" value-ref="infoboxReadCommandFactory" />
+ <entry key-ref="infoboxUpdateRequest" value-ref="infoboxUpdateCommandFactory" />
+ <entry key-ref="createXMLSignatureRequest" value-ref="createXMLSignatureCommandFactory" />
+ <entry key-ref="getStatusRequest" value-ref="getStatusCommandFactory" />
+ </map>
+ </property>
+ </bean>
+
+ <!-- STAL factory -->
+ <bean id="stalFactory" class="at.gv.egiz.bku.local.stal.ExclusiveAccessSTALFactory">
+ <property name="stalFactory">
+ <bean class="at.gv.egiz.bku.local.stal.LocalSTALFactory" scope="singleton">
+ <property name="helpURL" value="http://localhost:3495/help/" />
+ <property name="configuration" ref="configuration" />
+ </bean>
+ </property>
+ </bean>
+
+ <!-- binding processor factories -->
+ <bean id="httpBindingProcessorFactory" class="at.gv.egiz.bku.binding.HTTPBindingProcessorFactory">
+ <property name="configuration" ref="configuration" />
+ <property name="urlDereferencer" ref="urlDereferencer" />
+ <property name="sslSocketFactory" ref="sslSocketFactory" />
+ <property name="hostnameVerifier" ref="hostnameVerifier" />
+ <property name="slCommandFactory" ref="slCommandFactory" />
</bean>
- <!-- Begin MOCCA Configuration [REFACTORED]
- | Configuration beans (no conf properties file) should be injected directly to module configurators.
- | Currently, only the ReaderFactory configuration is considered.
- |-->
- <import resource="file:${user.home}/.mocca/conf/mocca-conf.xml"/>
+ <!-- binding processor manager -->
+ <bean id="bindingProcessorManager" class="at.gv.egiz.bku.binding.BindingProcessorManagerImpl"
+ scope="singleton">
+ <property name="stalFactory" ref="stalFactory" />
+ <property name="slCommandInvoker" ref="slCommandInvoker" />
+ <property name="factories">
+ <list>
+ <ref bean="httpBindingProcessorFactory"/>
+ </list>
+ </property>
+ </bean>
+
+ <bean id="attributeExporter"
+ class="org.springframework.web.context.support.ServletContextAttributeExporter">
+ <property name="attributes">
+ <map>
+ <entry key="bindingProcessorManager">
+ <ref bean="bindingProcessorManager" />
+ </entry>
+ </map>
+ </property>
+ </bean>
</beans>
\ No newline at end of file diff --git a/BKULocal/src/main/webapp/WEB-INF/conf/configuration.xml b/BKULocal/src/main/webapp/WEB-INF/conf/configuration.xml new file mode 100644 index 00000000..20d27bb0 --- /dev/null +++ b/BKULocal/src/main/webapp/WEB-INF/conf/configuration.xml @@ -0,0 +1,10 @@ +<?xml version="1.0" encoding="UTF-8"?> +<MoccaConfiguration version="1.0"> + <DataURLConnection> + <!-- + The maximum number of consecutive Security Layer requests received + from DataURL server before execution is aborted. + --> + <MaxHops>50</MaxHops> + </DataURLConnection> +</MoccaConfiguration>
\ No newline at end of file diff --git a/BKULocal/src/main/webapp/WEB-INF/web.xml b/BKULocal/src/main/webapp/WEB-INF/web.xml index c4ea1e54..b8bc8818 100644 --- a/BKULocal/src/main/webapp/WEB-INF/web.xml +++ b/BKULocal/src/main/webapp/WEB-INF/web.xml @@ -18,16 +18,18 @@ <web-app id="bkulocal" version="2.5" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"> <display-name>http-security-layer-request</display-name> - <!-- Begin Spring Config --> - <context-param> - <param-name>contextConfigLocation</param-name> - <param-value>/WEB-INF/applicationContext.xml</param-value> - </context-param> <listener> - <listener-class> - org.springframework.web.context.ContextLoaderListener - </listener-class> + <listener-class>at.gv.egiz.bku.local.webapp.MoccaContextListener</listener-class> </listener> + + <!-- Begin Spring Config --> + <listener> + <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> + </listener> + <context-param> + <param-name>configurationResource</param-name> + <param-value>file:${user.home}/.mocca/conf/configuration.xml</param-value> + </context-param> <!-- End Spring Config --> <!-- Begin BKU Config --> diff --git a/BKULocal/src/main/webapp/en/index.html b/BKULocal/src/main/webapp/en/index.html new file mode 100644 index 00000000..cfb0f957 --- /dev/null +++ b/BKULocal/src/main/webapp/en/index.html @@ -0,0 +1,64 @@ +<!-- + Copyright 2008 Federal Chancellery Austria and + Graz University of Technology + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +--> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml"> + <head> + <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> + <title>CitizenCard - Welcome</title> + <link href="/help/css/help.css" rel="stylesheet" type="text/css" /> + <link rel="shortcut icon" href="/img/chip16.ico" type="image/x-icon"/> + </head> + + <body class="twoColElsLtHdr"> + + <div id="container"> + <div id="header"> + <h1>Welcome</h1> + <!-- end #header --></div> + <div id="mainContent" style="margin: 1.5em 1.5em 0 1.5em"> + <div style="float:left; margin-right:1em"> + <img src="/img/chip48.png" alt="Logo" width="48" height="48"/> + </div> + <p>Congratulations, you successfully installed the citizen-card environment MOCCA. + Please install the + <a href="/ca.crt">CA certificate</a>¹ as trusted certificate in your browser. + </p> + + <p style="clear:left; margin-top:1.5em">Please also have a look at</p> + <ul> + <li>the <a href="/help/en/">help topics</a>,</li> + <li>the <a href="/PINManagement?redirect=./index.html">PIN management</a> or </li> + <li>the <a href="/ca.crt">CA certificate installation</a> (you may open this link with another browser as well).</li> + </ul> + + <p><br class="clearfloat" /></p> + + <p style="font-size:80%"> + ¹The automated installation of the CA certificate is not available in Microsoft Windows Vista and Windows 7, + please see <a href="/help/en/help.install.cacert.html">Help</a>. + </p> + + </div> + <div id="footer"> + <p> + <a href="http://www.buergerkarte.at">Austrian CitizenCard</a> | <a href="http://mocca.egovlabs.gv.at">CitizenCard Environment MOCCA</a> + </p> + </div> + <!-- end #container --></div> + </body> +</html> + diff --git a/BKULocal/src/main/webapp/index.html b/BKULocal/src/main/webapp/index.html index c6d6c747..f8c6d2c0 100644 --- a/BKULocal/src/main/webapp/index.html +++ b/BKULocal/src/main/webapp/index.html @@ -19,8 +19,8 @@ <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <title>Bürgerkarte - Willkommen</title> - <link href="help/help.css" rel="stylesheet" type="text/css" /> - <link rel="shortcut icon" href="img/chip16.ico" type="image/x-icon"/> + <link href="/help/css/help.css" rel="stylesheet" type="text/css" /> + <link rel="shortcut icon" href="/img/chip16.ico" type="image/x-icon"/> </head> <body class="twoColElsLtHdr"> @@ -31,25 +31,25 @@ <!-- end #header --></div> <div id="mainContent" style="margin: 1.5em 1.5em 0 1.5em"> <div style="float:left; margin-right:1em"> - <img src="img/chip48.png" alt="Logo" width="48" height="48"/> + <img src="/img/chip48.png" alt="Logo" width="48" height="48"/> </div> <p>Sie haben die Bürgerkartenumgebung MOCCA erfolgreich installiert. Um diese zu verwenden installieren Sie bitte noch das - <a href="ca.crt">CA Zertifikat</a>¹ in ihrem Browser. + <a href="/ca.crt">CA Zertifikat</a>¹ in ihrem Browser. </p> <p style="clear:left; margin-top:1.5em">Weiters können Sie</p> <ul> - <li>die <a href="help">Hilfe durchsehen</a>,</li> - <li>die <a href="PINManagement?redirect=./index.html">PIN Verwaltung starten</a> oder </li> - <li>das <a href="ca.crt">CA Zertifikat installieren</a> (rufen Sie diesen Link aus anderen Web-Browsern auf um auch dort das CA Zertifikat zu installieren).</li> + <li>die <a href="/help">Hilfe durchsehen</a>,</li> + <li>die <a href="/PINManagement?redirect=./index.html">PIN Verwaltung starten</a> oder </li> + <li>das <a href="/ca.crt">CA Zertifikat installieren</a> (rufen Sie diesen Link aus anderen Web-Browsern auf um auch dort das CA Zertifikat zu installieren).</li> </ul> <p><br class="clearfloat" /></p> <p style="font-size:80%"> ¹Eine automatisierte Installation ist mit Microsoft Internet Explorer in Windows Vista oder 7 leider nicht möglich, - siehe dazu <a href="help/de/help.install.cacert.html">Hilfe</a>. + siehe dazu <a href="/help/help.install.cacert.html">Hilfe</a>. </p> </div> |