diff options
Diffstat (limited to 'BKUOnline/src/main/java')
4 files changed, 165 insertions, 125 deletions
| diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/Configurator.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/Configurator.java index de577139..c09abcc1 100644 --- a/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/Configurator.java +++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/Configurator.java @@ -17,8 +17,10 @@  package at.gv.egiz.bku.online.conf;  import iaik.security.ecc.provider.ECCProvider; +import iaik.security.provider.IAIK;  import iaik.xml.crypto.XSecProvider; +import java.io.IOException;  import java.net.HttpURLConnection;  import java.security.Provider;  import java.security.Security; @@ -29,22 +31,30 @@ import javax.net.ssl.HttpsURLConnection;  import org.apache.commons.logging.Log;  import org.apache.commons.logging.LogFactory; +import at.gv.egiz.bku.binding.DataUrl; +import at.gv.egiz.bku.binding.DataUrlConnection; +import at.gv.egiz.bku.slcommands.impl.xsect.DataObject;  import at.gv.egiz.bku.slcommands.impl.xsect.STALProvider; -import iaik.security.provider.IAIK;  /**   *    * TODO currently only the code to get started.   */ -public class Configurator { +public abstract class Configurator {  	private Log log = LogFactory.getLog(Configurator.class); +	 +	private static Configurator instance = new SpringConfigurator();  	protected Properties properties; -	public Configurator() { +	protected Configurator() {  	} +	public static Configurator getInstance() { +	  return instance; +	} +	  	protected void configUrlConnections() {  		HttpsURLConnection.setFollowRedirects(false);  		HttpURLConnection.setFollowRedirects(false); @@ -65,9 +75,14 @@ public class Configurator {  		log.debug(sb.toString());  	} +	protected void configViewer() { +	  DataObject.enableHashDataInputValidation(Boolean.parseBoolean(properties.getProperty("ValidateHashDataInputs"))); +	} +	  	public void configure() {  		configureProviders();  		configUrlConnections(); +		configViewer();  	}  	public void setConfiguration(Properties props) { diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java index 545a69c9..9fe91708 100644 --- a/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java +++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java @@ -49,6 +49,8 @@ import org.springframework.context.ResourceLoaderAware;  import org.springframework.core.io.Resource;
  import org.springframework.core.io.ResourceLoader;
 +import at.gv.egiz.bku.binding.DataUrl;
 +import at.gv.egiz.bku.binding.DataUrlConnection;
  import at.gv.egiz.bku.slexceptions.SLRuntimeException;
  public class SpringConfigurator extends Configurator implements
 @@ -71,9 +73,24 @@ public class SpringConfigurator extends Configurator implements  		}
  	}
 +	public void configureVersion() {
 +    Properties p = new Properties();
 +    try {
 +      p.load(resourceLoader.getResource("META-INF/MANIFEST.MF").getInputStream());
 +      String version = p.getProperty("Implementation-Build");
 +      properties.setProperty(DataUrlConnection.USER_AGENT_PROPERTY_KEY, "citizen-card-environment/1.2 MOCCA "+version);
 +      DataUrl.setConfiguration(properties);
 +      log.debug("Setting user agent to: "+properties.getProperty(DataUrlConnection.USER_AGENT_PROPERTY_KEY));
 +    } catch (IOException e) {
 +     log.error(e);
 +    }
 +  }
 +	
 +	
  	public void configure() {
  		super.configure();
  		configureSSL();
 +		configureVersion();
  	}
  	private Set<TrustAnchor> getCACerts() throws IOException,
 diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/ResultServlet.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/ResultServlet.java index bc3edf18..28c714c1 100644 --- a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/ResultServlet.java +++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/ResultServlet.java @@ -1,121 +1,129 @@  /* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -*     http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.bku.online.webapp;
 -
 -import java.io.IOException;
 -import java.util.Iterator;
 -
 -import javax.servlet.ServletConfig;
 -import javax.servlet.ServletException;
 -import javax.servlet.http.HttpServletRequest;
 -import javax.servlet.http.HttpServletResponse;
 -import javax.servlet.http.HttpSession;
 -
 -import org.apache.commons.logging.Log;
 -import org.apache.commons.logging.LogFactory;
 -
 -import at.gv.egiz.bku.binding.HTTPBindingProcessor;
 -import at.gv.egiz.bku.binding.IdFactory;
 -
 -/**
 - * Delivers the result to the browser 
 - *
 - */
 -public class ResultServlet extends SpringBKUServlet {
 -  
 -  private final static Log log = LogFactory.getLog(ResultServlet.class);
 -  
 -  private String encoding = "UTF-8";
 -  private String expiredPage = "./expiredError.jsp";
 -  
 -  public ResultServlet() {
 -  }
 -  
 -  private void myInit() {
 -    String enc = getServletContext().getInitParameter("responseEncoding");
 -    if (enc != null) {
 -      log.debug("Init default encoding to: "+enc);
 -      encoding = enc;
 -    }
 -    String expP = getServletConfig().getInitParameter("expiredPage");
 -    if (expP != null) {
 -      log.debug("Init expired page to: "+expP);
 -      expiredPage = expP;
 -    }
 -  }
 -
 -  @Override
 -  public void init() throws ServletException {
 -    super.init();
 -    myInit();
 -  }
 -
 -  @Override
 -  public void init(ServletConfig config) throws ServletException {
 -    super.init(config);
 -    myInit();
 -  }
 -
 -
 -
 -  protected void doPost(HttpServletRequest req, HttpServletResponse resp)
 -      throws ServletException, IOException {
 -    doGet(req, resp);
 -  }
 -
 -  protected void doGet(HttpServletRequest req, HttpServletResponse resp)
 -      throws ServletException, java.io.IOException {
 -
 -    HttpSession session = req.getSession(false);
 -    if (session == null) {
 -      resp.sendRedirect(expiredPage);
 -      return;
 -    }
 -    String sessionId = session.getId();
 -    if (sessionId == null) {
 -      resp.sendRedirect(expiredPage);
 -      return;
 -    }
 -    log.debug("Got a result request for session: " + sessionId);
 -    HTTPBindingProcessor bp = (HTTPBindingProcessor) getBindingProcessorManager().getBindingProcessor(
 -        IdFactory.getInstance().createId(sessionId));
 -    if (bp == null) {
 -      session.invalidate();
 -      resp.sendRedirect(expiredPage);
 -      return;
 -    }
 -    
 -    if (bp.getRedirectURL() != null) {
 -      resp.sendRedirect(bp.getRedirectURL());
 -      return;
 -    }
 -    resp.setStatus(bp.getResponseCode());
 -    resp.setHeader("Cache-Control","no-store"); //HTTP 1.1
 -    resp.setHeader("Pragma","no-cache"); //HTTP 1.0
 -    resp.setDateHeader ("Expires", 0);
 -    for (Iterator<String> it = bp.getResponseHeaders().keySet()
 -        .iterator(); it.hasNext();) {
 -      String header = it.next();
 -      resp.setHeader(header, bp.getResponseHeaders().get(header));
 -    }
 -    resp.setContentType(bp.getResultContentType());
 -    resp.setCharacterEncoding(encoding);
 -    bp.writeResultTo(resp.getOutputStream(), encoding);
 + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + *     http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.online.webapp; + +import java.io.IOException; +import java.util.Iterator; + +import javax.servlet.ServletConfig; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.bku.binding.HTTPBindingProcessor; +import at.gv.egiz.bku.binding.HttpUtil; +import at.gv.egiz.bku.binding.IdFactory; +import at.gv.egiz.bku.online.conf.Configurator; + +/** + * Delivers the result to the browser + *  + */ +public class ResultServlet extends SpringBKUServlet { + +  private final static Log log = LogFactory.getLog(ResultServlet.class); +  public final static String USER_AGENT_PROPERTY_KEY = "UserAgent"; + +  private String encoding = "UTF-8"; +  private String expiredPage = "./expiredError.jsp"; + +  public ResultServlet() { +  } + +  private void myInit() { +    String enc = getServletContext().getInitParameter("responseEncoding"); +    if (enc != null) { +      log.debug("Init default encoding to: " + enc); +      encoding = enc; +    } +    String expP = getServletConfig().getInitParameter("expiredPage"); +    if (expP != null) { +      log.debug("Init expired page to: " + expP); +      expiredPage = expP; +    } +  } + +  @Override +  public void init() throws ServletException { +    super.init(); +    myInit(); +  } + +  @Override +  public void init(ServletConfig config) throws ServletException { +    super.init(config); +    myInit(); +  } + +  protected void doPost(HttpServletRequest req, HttpServletResponse resp) +      throws ServletException, IOException { +    doGet(req, resp); +  } + +  protected void doGet(HttpServletRequest req, HttpServletResponse resp) +      throws ServletException, java.io.IOException { + +    HttpSession session = req.getSession(false); +    if (session == null) { +      resp.sendRedirect(expiredPage); +      return; +    } +    String sessionId = session.getId(); +    if (sessionId == null) { +      resp.sendRedirect(expiredPage); +      return; +    } +    log.debug("Got a result request for session: " + sessionId); +    HTTPBindingProcessor bp = (HTTPBindingProcessor) getBindingProcessorManager() +        .getBindingProcessor(IdFactory.getInstance().createId(sessionId)); +    if (bp == null) { +      session.invalidate(); +      resp.sendRedirect(expiredPage); +      return; +    } + +    if (bp.getRedirectURL() != null) { +      resp.sendRedirect(bp.getRedirectURL()); +      return; +    } +    resp.setStatus(bp.getResponseCode()); +    resp.setHeader("Cache-Control", "no-store"); // HTTP 1.1
 +    resp.setHeader("Pragma", "no-cache"); // HTTP 1.0
 +    resp.setDateHeader("Expires", 0); +    if (Configurator.getInstance().getProperty(USER_AGENT_PROPERTY_KEY) != null) { +      resp.setHeader(HttpUtil.HTTP_HEADER_USER_AGENT, Configurator.getInstance().getProperty( +          USER_AGENT_PROPERTY_KEY)); +    } else { +      resp.setHeader(HttpUtil.HTTP_HEADER_USER_AGENT, +          "citizen-card-environment/1.2 MOCCA Unknown"); +    } +    for (Iterator<String> it = bp.getResponseHeaders().keySet().iterator(); it +        .hasNext();) { +      String header = it.next(); +      resp.setHeader(header, bp.getResponseHeaders().get(header)); +    } +    resp.setContentType(bp.getResultContentType()); +    resp.setCharacterEncoding(encoding); +    bp.writeResultTo(resp.getOutputStream(), encoding);      session.invalidate(); -    getBindingProcessorManager().removeBindingProcessor(bp.getId());
 -  }
 -}
 +    getBindingProcessorManager().removeBindingProcessor(bp.getId()); +  } +} diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/SpringBKUServlet.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/SpringBKUServlet.java index 6ee537b1..ec062e42 100644 --- a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/SpringBKUServlet.java +++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/SpringBKUServlet.java @@ -19,13 +19,13 @@ package at.gv.egiz.bku.online.webapp;  import javax.servlet.http.HttpServlet;
  import at.gv.egiz.bku.binding.BindingProcessorManager;
 +import at.gv.egiz.bku.online.conf.Configurator;  public abstract class SpringBKUServlet extends HttpServlet {
 -  public final static String BEAN_NAME="bindingProcessorManager";
 -  
 +  public final static String BEAN_NAME="bindingProcessorManager"; +      protected BindingProcessorManager getBindingProcessorManager() {
      return (BindingProcessorManager) getServletContext().getAttribute(BEAN_NAME);
    }
 -
  }
 | 
