summaryrefslogtreecommitdiff
path: root/BKUOnline/src/main
diff options
context:
space:
mode:
Diffstat (limited to 'BKUOnline/src/main')
-rw-r--r--BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/Configurator.java21
-rw-r--r--BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java17
-rw-r--r--BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/ResultServlet.java246
-rw-r--r--BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/SpringBKUServlet.java6
-rw-r--r--BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/defaultConf.properties2
-rw-r--r--BKUOnline/src/main/resources/log4j.properties21
-rw-r--r--BKUOnline/src/main/webapp/WEB-INF/applicationContext.xml4
-rw-r--r--BKUOnline/src/main/webapp/appletPage.jsp8
8 files changed, 183 insertions, 142 deletions
diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/Configurator.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/Configurator.java
index de577139..c09abcc1 100644
--- a/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/Configurator.java
+++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/Configurator.java
@@ -17,8 +17,10 @@
package at.gv.egiz.bku.online.conf;
import iaik.security.ecc.provider.ECCProvider;
+import iaik.security.provider.IAIK;
import iaik.xml.crypto.XSecProvider;
+import java.io.IOException;
import java.net.HttpURLConnection;
import java.security.Provider;
import java.security.Security;
@@ -29,22 +31,30 @@ import javax.net.ssl.HttpsURLConnection;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import at.gv.egiz.bku.binding.DataUrl;
+import at.gv.egiz.bku.binding.DataUrlConnection;
+import at.gv.egiz.bku.slcommands.impl.xsect.DataObject;
import at.gv.egiz.bku.slcommands.impl.xsect.STALProvider;
-import iaik.security.provider.IAIK;
/**
*
* TODO currently only the code to get started.
*/
-public class Configurator {
+public abstract class Configurator {
private Log log = LogFactory.getLog(Configurator.class);
+
+ private static Configurator instance = new SpringConfigurator();
protected Properties properties;
- public Configurator() {
+ protected Configurator() {
}
+ public static Configurator getInstance() {
+ return instance;
+ }
+
protected void configUrlConnections() {
HttpsURLConnection.setFollowRedirects(false);
HttpURLConnection.setFollowRedirects(false);
@@ -65,9 +75,14 @@ public class Configurator {
log.debug(sb.toString());
}
+ protected void configViewer() {
+ DataObject.enableHashDataInputValidation(Boolean.parseBoolean(properties.getProperty("ValidateHashDataInputs")));
+ }
+
public void configure() {
configureProviders();
configUrlConnections();
+ configViewer();
}
public void setConfiguration(Properties props) {
diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java
index 545a69c9..9fe91708 100644
--- a/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java
+++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java
@@ -49,6 +49,8 @@ import org.springframework.context.ResourceLoaderAware;
import org.springframework.core.io.Resource;
import org.springframework.core.io.ResourceLoader;
+import at.gv.egiz.bku.binding.DataUrl;
+import at.gv.egiz.bku.binding.DataUrlConnection;
import at.gv.egiz.bku.slexceptions.SLRuntimeException;
public class SpringConfigurator extends Configurator implements
@@ -71,9 +73,24 @@ public class SpringConfigurator extends Configurator implements
}
}
+ public void configureVersion() {
+ Properties p = new Properties();
+ try {
+ p.load(resourceLoader.getResource("META-INF/MANIFEST.MF").getInputStream());
+ String version = p.getProperty("Implementation-Build");
+ properties.setProperty(DataUrlConnection.USER_AGENT_PROPERTY_KEY, "citizen-card-environment/1.2 MOCCA "+version);
+ DataUrl.setConfiguration(properties);
+ log.debug("Setting user agent to: "+properties.getProperty(DataUrlConnection.USER_AGENT_PROPERTY_KEY));
+ } catch (IOException e) {
+ log.error(e);
+ }
+ }
+
+
public void configure() {
super.configure();
configureSSL();
+ configureVersion();
}
private Set<TrustAnchor> getCACerts() throws IOException,
diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/ResultServlet.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/ResultServlet.java
index bc3edf18..28c714c1 100644
--- a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/ResultServlet.java
+++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/ResultServlet.java
@@ -1,121 +1,129 @@
/*
-* Copyright 2008 Federal Chancellery Austria and
-* Graz University of Technology
-*
-* Licensed under the Apache License, Version 2.0 (the "License");
-* you may not use this file except in compliance with the License.
-* You may obtain a copy of the License at
-*
-* http://www.apache.org/licenses/LICENSE-2.0
-*
-* Unless required by applicable law or agreed to in writing, software
-* distributed under the License is distributed on an "AS IS" BASIS,
-* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-* See the License for the specific language governing permissions and
-* limitations under the License.
-*/
-package at.gv.egiz.bku.online.webapp;
-
-import java.io.IOException;
-import java.util.Iterator;
-
-import javax.servlet.ServletConfig;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-
-import at.gv.egiz.bku.binding.HTTPBindingProcessor;
-import at.gv.egiz.bku.binding.IdFactory;
-
-/**
- * Delivers the result to the browser
- *
- */
-public class ResultServlet extends SpringBKUServlet {
-
- private final static Log log = LogFactory.getLog(ResultServlet.class);
-
- private String encoding = "UTF-8";
- private String expiredPage = "./expiredError.jsp";
-
- public ResultServlet() {
- }
-
- private void myInit() {
- String enc = getServletContext().getInitParameter("responseEncoding");
- if (enc != null) {
- log.debug("Init default encoding to: "+enc);
- encoding = enc;
- }
- String expP = getServletConfig().getInitParameter("expiredPage");
- if (expP != null) {
- log.debug("Init expired page to: "+expP);
- expiredPage = expP;
- }
- }
-
- @Override
- public void init() throws ServletException {
- super.init();
- myInit();
- }
-
- @Override
- public void init(ServletConfig config) throws ServletException {
- super.init(config);
- myInit();
- }
-
-
-
- protected void doPost(HttpServletRequest req, HttpServletResponse resp)
- throws ServletException, IOException {
- doGet(req, resp);
- }
-
- protected void doGet(HttpServletRequest req, HttpServletResponse resp)
- throws ServletException, java.io.IOException {
-
- HttpSession session = req.getSession(false);
- if (session == null) {
- resp.sendRedirect(expiredPage);
- return;
- }
- String sessionId = session.getId();
- if (sessionId == null) {
- resp.sendRedirect(expiredPage);
- return;
- }
- log.debug("Got a result request for session: " + sessionId);
- HTTPBindingProcessor bp = (HTTPBindingProcessor) getBindingProcessorManager().getBindingProcessor(
- IdFactory.getInstance().createId(sessionId));
- if (bp == null) {
- session.invalidate();
- resp.sendRedirect(expiredPage);
- return;
- }
-
- if (bp.getRedirectURL() != null) {
- resp.sendRedirect(bp.getRedirectURL());
- return;
- }
- resp.setStatus(bp.getResponseCode());
- resp.setHeader("Cache-Control","no-store"); //HTTP 1.1
- resp.setHeader("Pragma","no-cache"); //HTTP 1.0
- resp.setDateHeader ("Expires", 0);
- for (Iterator<String> it = bp.getResponseHeaders().keySet()
- .iterator(); it.hasNext();) {
- String header = it.next();
- resp.setHeader(header, bp.getResponseHeaders().get(header));
- }
- resp.setContentType(bp.getResultContentType());
- resp.setCharacterEncoding(encoding);
- bp.writeResultTo(resp.getOutputStream(), encoding);
+ * Copyright 2008 Federal Chancellery Austria and
+ * Graz University of Technology
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package at.gv.egiz.bku.online.webapp;
+
+import java.io.IOException;
+import java.util.Iterator;
+
+import javax.servlet.ServletConfig;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+import at.gv.egiz.bku.binding.HTTPBindingProcessor;
+import at.gv.egiz.bku.binding.HttpUtil;
+import at.gv.egiz.bku.binding.IdFactory;
+import at.gv.egiz.bku.online.conf.Configurator;
+
+/**
+ * Delivers the result to the browser
+ *
+ */
+public class ResultServlet extends SpringBKUServlet {
+
+ private final static Log log = LogFactory.getLog(ResultServlet.class);
+ public final static String USER_AGENT_PROPERTY_KEY = "UserAgent";
+
+ private String encoding = "UTF-8";
+ private String expiredPage = "./expiredError.jsp";
+
+ public ResultServlet() {
+ }
+
+ private void myInit() {
+ String enc = getServletContext().getInitParameter("responseEncoding");
+ if (enc != null) {
+ log.debug("Init default encoding to: " + enc);
+ encoding = enc;
+ }
+ String expP = getServletConfig().getInitParameter("expiredPage");
+ if (expP != null) {
+ log.debug("Init expired page to: " + expP);
+ expiredPage = expP;
+ }
+ }
+
+ @Override
+ public void init() throws ServletException {
+ super.init();
+ myInit();
+ }
+
+ @Override
+ public void init(ServletConfig config) throws ServletException {
+ super.init(config);
+ myInit();
+ }
+
+ protected void doPost(HttpServletRequest req, HttpServletResponse resp)
+ throws ServletException, IOException {
+ doGet(req, resp);
+ }
+
+ protected void doGet(HttpServletRequest req, HttpServletResponse resp)
+ throws ServletException, java.io.IOException {
+
+ HttpSession session = req.getSession(false);
+ if (session == null) {
+ resp.sendRedirect(expiredPage);
+ return;
+ }
+ String sessionId = session.getId();
+ if (sessionId == null) {
+ resp.sendRedirect(expiredPage);
+ return;
+ }
+ log.debug("Got a result request for session: " + sessionId);
+ HTTPBindingProcessor bp = (HTTPBindingProcessor) getBindingProcessorManager()
+ .getBindingProcessor(IdFactory.getInstance().createId(sessionId));
+ if (bp == null) {
+ session.invalidate();
+ resp.sendRedirect(expiredPage);
+ return;
+ }
+
+ if (bp.getRedirectURL() != null) {
+ resp.sendRedirect(bp.getRedirectURL());
+ return;
+ }
+ resp.setStatus(bp.getResponseCode());
+ resp.setHeader("Cache-Control", "no-store"); // HTTP 1.1
+ resp.setHeader("Pragma", "no-cache"); // HTTP 1.0
+ resp.setDateHeader("Expires", 0);
+ if (Configurator.getInstance().getProperty(USER_AGENT_PROPERTY_KEY) != null) {
+ resp.setHeader(HttpUtil.HTTP_HEADER_USER_AGENT, Configurator.getInstance().getProperty(
+ USER_AGENT_PROPERTY_KEY));
+ } else {
+ resp.setHeader(HttpUtil.HTTP_HEADER_USER_AGENT,
+ "citizen-card-environment/1.2 MOCCA Unknown");
+ }
+ for (Iterator<String> it = bp.getResponseHeaders().keySet().iterator(); it
+ .hasNext();) {
+ String header = it.next();
+ resp.setHeader(header, bp.getResponseHeaders().get(header));
+ }
+ resp.setContentType(bp.getResultContentType());
+ resp.setCharacterEncoding(encoding);
+ bp.writeResultTo(resp.getOutputStream(), encoding);
session.invalidate();
- getBindingProcessorManager().removeBindingProcessor(bp.getId());
- }
-}
+ getBindingProcessorManager().removeBindingProcessor(bp.getId());
+ }
+}
diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/SpringBKUServlet.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/SpringBKUServlet.java
index 6ee537b1..ec062e42 100644
--- a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/SpringBKUServlet.java
+++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/SpringBKUServlet.java
@@ -19,13 +19,13 @@ package at.gv.egiz.bku.online.webapp;
import javax.servlet.http.HttpServlet;
import at.gv.egiz.bku.binding.BindingProcessorManager;
+import at.gv.egiz.bku.online.conf.Configurator;
public abstract class SpringBKUServlet extends HttpServlet {
- public final static String BEAN_NAME="bindingProcessorManager";
-
+ public final static String BEAN_NAME="bindingProcessorManager";
+
protected BindingProcessorManager getBindingProcessorManager() {
return (BindingProcessorManager) getServletContext().getAttribute(BEAN_NAME);
}
-
}
diff --git a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/defaultConf.properties b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/defaultConf.properties
index 108f8624..cdc2bfad 100644
--- a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/defaultConf.properties
+++ b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/defaultConf.properties
@@ -39,3 +39,5 @@ SSL.sslProtocol=TLS
# ------------ END SSL Config --------------------
+ValidateHashDataInputs=true
+
diff --git a/BKUOnline/src/main/resources/log4j.properties b/BKUOnline/src/main/resources/log4j.properties
index ed14b424..58f09511 100644
--- a/BKUOnline/src/main/resources/log4j.properties
+++ b/BKUOnline/src/main/resources/log4j.properties
@@ -13,9 +13,8 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-# loglever DEBUG, appender STDOUT
-log4j.rootLogger=TRACE, STDOUT
-#log4j.logger.at.gv.egiz.slbinding.RedirectEventFilter=DEBUG, STDOUT
+
+log4j.rootLogger=TRACE, STDOUT, file
# STDOUT appender
log4j.appender.STDOUT=org.apache.log4j.ConsoleAppender
@@ -24,11 +23,11 @@ log4j.appender.STDOUT.layout=org.apache.log4j.PatternLayout
#log4j.appender.STDOUT.layout.ConversionPattern=%-4r [%t] %-5p %c %x - %m%n
log4j.appender.STDOUT.layout.ConversionPattern=%-5p | %t | %c %x - %m%n
-### FILE appender
-#log4j.appender.file=org.apache.log4j.RollingFileAppender
-#log4j.appender.file.maxFileSize=100KB
-#log4j.appender.file.maxBackupIndex=9
-#log4j.appender.file.File=egovbus_ca.log
-#log4j.appender.file.threshold=info
-#log4j.appender.file.layout=org.apache.log4j.PatternLayout
-#log4j.appender.file.layout.ConversionPattern=%d{ABSOLUTE} %5p %c{1}:%L - %m%n \ No newline at end of file
+# FILE appender
+log4j.appender.file=org.apache.log4j.RollingFileAppender
+log4j.appender.file.maxFileSize=500KB
+log4j.appender.file.maxBackupIndex=9
+log4j.appender.file.File=${catalina.home}/logs/bkuonline.log
+log4j.appender.file.threshold=trace
+log4j.appender.file.layout=org.apache.log4j.PatternLayout
+log4j.appender.file.layout.ConversionPattern=%d{ABSOLUTE} %5p | %t | %c{1}:%L - %m%n \ No newline at end of file
diff --git a/BKUOnline/src/main/webapp/WEB-INF/applicationContext.xml b/BKUOnline/src/main/webapp/WEB-INF/applicationContext.xml
index f87d09f5..04b07ba4 100644
--- a/BKUOnline/src/main/webapp/WEB-INF/applicationContext.xml
+++ b/BKUOnline/src/main/webapp/WEB-INF/applicationContext.xml
@@ -45,8 +45,8 @@
</bean>
<!-- Configure Configuration -->
- <bean id="configurator" class="at.gv.egiz.bku.online.conf.SpringConfigurator"
- scope="singleton" init-method="configure">
+ <bean id="configurator" factory-method="getInstance" class="at.gv.egiz.bku.online.conf.SpringConfigurator"
+ init-method="configure">
<property name="resource" value="classpath:at/gv/egiz/bku/online/conf/defaultConf.properties"/>
</bean>
diff --git a/BKUOnline/src/main/webapp/appletPage.jsp b/BKUOnline/src/main/webapp/appletPage.jsp
index 684a8dca..fdd7072f 100644
--- a/BKUOnline/src/main/webapp/appletPage.jsp
+++ b/BKUOnline/src/main/webapp/appletPage.jsp
@@ -25,15 +25,15 @@
<body>
<script src="./js/deployJava.js"></script>
<script>
- if (!deployJava.versionCheck('1.6.0')) {
+ if (!deployJava.versionCheck('1.6.0_02')) {
document
- .write('<b>Diese Anwendung benötigt die Java Platform Version 1.6.0 oder höher.</b>' + '<input type="submit" value="Java Platform 1.6.0 installieren" onclick="deployJava.installLatestJRE();">');
+ .write('<b>Diese Anwendung benötigt die Java Platform Version 1.6.0_02 oder höher.</b>' + '<input type="submit" value="Java Platform 1.6.0_02 installieren" onclick="deployJava.installLatestJRE();">');
} else {
var attributes = {
codebase :'applet',
code :'at.gv.egiz.bku.online.applet.BKUApplet.class',
archive :'BKUApplet-1.0-SNAPSHOT.jar, commons-logging-1.1.1.jar, iaik_jce_me4se-3.04.jar',
- width :500,
+ width :400,
height :200
};
var parameters = {
@@ -41,7 +41,7 @@
SessionID : '<%= session.getId() %>',
redirectURL : '../bkuResult'
};
- var version = '1.6.0';
+ var version = '1.6.0_02';
deployJava.runApplet(attributes, parameters, version);
}
</script>