18 files changed, 518 insertions, 70 deletions

diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/Configurator.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/Configurator.java
index f51335e1..d158b46e 100644
--- a/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/Configurator.java
+++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/Configurator.java
@@ -1,21 +1,21 @@
 /*
-* Copyright 2008 Federal Chancellery Austria and
-* Graz University of Technology
-*
-* Licensed under the Apache License, Version 2.0 (the "License");
-* you may not use this file except in compliance with the License.
-* You may obtain a copy of the License at
-*
-*     http://www.apache.org/licenses/LICENSE-2.0
-*
-* Unless required by applicable law or agreed to in writing, software
-* distributed under the License is distributed on an "AS IS" BASIS,
-* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-* See the License for the specific language governing permissions and
-* limitations under the License.
-*/
-package at.gv.egiz.bku.online.conf;

-

+ * Copyright 2008 Federal Chancellery Austria and
+ * Graz University of Technology
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package at.gv.egiz.bku.online.conf;
+
 import iaik.security.ecc.provider.ECCProvider;
 import iaik.xml.crypto.XSecProvider;
 
@@ -30,53 +30,52 @@ import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 
 import at.gv.egiz.bku.slcommands.impl.xsect.STALProvider;
-

-/**

- * 

- * TODO currently only the code to get started.  

- */

-public class Configurator {

-  private Log log = LogFactory.getLog(Configurator.class);
-  
-  protected Properties properties;

-

-  public Configurator() {

-  }

-

-  protected void configUrlConnections() {

-    HttpsURLConnection.setFollowRedirects(false);

-    HttpURLConnection.setFollowRedirects(false);

-  }

-

-  protected void configureProviders() {

-    log.debug("Registering security providers");  

-    Security.addProvider(new STALProvider());

-    XSecProvider.addAsProvider(false);

-    Security.insertProviderAt(new ECCProvider(false), 1);

-    StringBuffer sb = new StringBuffer();

-    sb.append("Following providers are now registered: ");

-    int i = 1;

-    for (Provider prov : Security.getProviders()) {

-      sb.append((i++) + ". : " + prov);

-    }

-    log.debug("Configured provider" + sb.toString());

-  }

-

-  public void configure() {

-    configureProviders();

-    configUrlConnections();

-  }

 
-  public void setConfiguration(Properties props) {
-  	this.properties = props;
-  	configure();
-  }
-  
-  public String getProperty(String key) {
-  	if (properties != null) {
-  		return properties.getProperty(key);
-  	}
-  	return null;
-  }
-  

-}

+/**
+ * 
+ * TODO currently only the code to get started.
+ */
+public class Configurator {
+
+	private Log log = LogFactory.getLog(Configurator.class);
+
+	protected Properties properties;
+
+	public Configurator() {
+	}
+
+	protected void configUrlConnections() {
+		HttpsURLConnection.setFollowRedirects(false);
+		HttpURLConnection.setFollowRedirects(false);
+	}
+
+	protected void configureProviders() {
+		log.debug("Registering security providers");
+		Security.addProvider(new STALProvider());
+		XSecProvider.addAsProvider(false);
+		Security.insertProviderAt(new ECCProvider(false), 1);
+		StringBuffer sb = new StringBuffer();
+		sb.append("Following providers are now registered: ");
+		int i = 1;
+		for (Provider prov : Security.getProviders()) {
+			sb.append((i++) + ". : " + prov);
+		}
+		log.debug("Configured provider" + sb.toString());
+	}
+
+	public void configure() {
+		configureProviders();
+		configUrlConnections();
+	}
+
+	public void setConfiguration(Properties props) {
+		this.properties = props;
+	}
+
+	public String getProperty(String key) {
+		if (properties != null) {
+			return properties.getProperty(key);
+		}
+		return null;
+	}
+}
diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java
index 96588d7d..100285ed 100644
--- a/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java
+++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java
@@ -1,16 +1,52 @@
 package at.gv.egiz.bku.online.conf;

 

+import java.io.File;

+import java.io.FileInputStream;

 import java.io.IOException;

+import java.security.InvalidAlgorithmParameterException;

+import java.security.NoSuchAlgorithmException;

+import java.security.Security;

+import java.security.cert.CertPath;

+import java.security.cert.CertPathBuilder;

+import java.security.cert.CertStore;

+import java.security.cert.CertificateException;

+import java.security.cert.CertificateFactory;

+import java.security.cert.CollectionCertStoreParameters;

+import java.security.cert.PKIXBuilderParameters;

+import java.security.cert.PKIXCertPathBuilderResult;

+import java.security.cert.TrustAnchor;

+import java.security.cert.X509CertSelector;

+import java.security.cert.X509Certificate;

+import java.util.HashSet;

+import java.util.LinkedList;

+import java.util.List;

 import java.util.Properties;

+import java.util.Set;

+

+import javax.net.ssl.CertPathTrustManagerParameters;

+import javax.net.ssl.HttpsURLConnection;

+import javax.net.ssl.KeyManager;

+import javax.net.ssl.ManagerFactoryParameters;

+import javax.net.ssl.SSLContext;

+import javax.net.ssl.TrustManager;

+import javax.net.ssl.TrustManagerFactory;

+import javax.net.ssl.X509TrustManager;

 

 import org.apache.commons.logging.Log;

 import org.apache.commons.logging.LogFactory;

+import org.springframework.context.ResourceLoaderAware;

 import org.springframework.core.io.Resource;

+import org.springframework.core.io.ResourceLoader;

+

+import at.gv.egiz.bku.slexceptions.SLRuntimeException;

 

-public class SpringConfigurator extends Configurator {

+public class SpringConfigurator extends Configurator implements

+		ResourceLoaderAware {

 

 	private final static Log log = LogFactory.getLog(SpringConfigurator.class);

 

+	private ResourceLoader resourceLoader;

+

 	public void setResource(Resource resource) {

 		log.debug("Loading config from: " + resource);

 		if (resource != null) {

@@ -24,4 +60,131 @@ public class SpringConfigurator extends Configurator {
 		}

 	}

 

-}

+	public void configure() {

+		super.configure();

+		configureSSL();

+	}

+

+	private Set<TrustAnchor> getCACerts() throws IOException,

+			CertificateException {

+		Set<TrustAnchor> caCerts = new HashSet<TrustAnchor>();

+		String caDirectory = getProperty("SSL.caDirectory");

+		if (caDirectory != null) {

+			Resource caDirRes = resourceLoader.getResource(caDirectory);

+

+			File caDir = caDirRes.getFile();

+			if (!caDir.isDirectory()) {

+				log.error("Expecting directory as SSL.caDirectory parameter");

+				throw new SLRuntimeException(

+						"Expecting directory as SSL.caDirectory parameter");

+			}

+			CertificateFactory cf = CertificateFactory.getInstance("X.509");

+			for (File f : caDir.listFiles()) {

+				try {

+					FileInputStream fis = new FileInputStream(f);

+					X509Certificate cert = (X509Certificate) cf.generateCertificate(fis);

+					fis.close();

+					log.debug("Adding trusted cert " + cert.getSubjectDN());

+					caCerts.add(new TrustAnchor(cert, null));

+				} catch (Exception e) {

+					log.error("Cannot add trusted ca", e);

+				}

+			}

+			return caCerts;

+

+		} else {

+			log.warn("No CA certificates configured");

+		}

+		return null;

+	}

+

+	private CertStore getCertstore() throws IOException, CertificateException,

+			InvalidAlgorithmParameterException, NoSuchAlgorithmException {

+		String certDirectory = getProperty("SSL.certDirectory");

+		if (certDirectory != null) {

+			Resource certDirRes = resourceLoader.getResource(certDirectory);

+

+			File certDir = certDirRes.getFile();

+			if (!certDir.isDirectory()) {

+				log.error("Expecting directory as SSL.certDirectory parameter");

+				throw new SLRuntimeException(

+						"Expecting directory as SSL.certDirectory parameter");

+			}

+			List<X509Certificate> certCollection = new LinkedList<X509Certificate>();

+			CertificateFactory cf = CertificateFactory.getInstance("X.509");

+			for (File f : certDir.listFiles()) {

+				try {

+					FileInputStream fis = new FileInputStream(f);

+					X509Certificate cert =(X509Certificate) cf.generateCertificate(fis);

+					certCollection.add(cert);

+					fis.close();

+					log.trace("Added following cert to certstore: "+cert.getSubjectDN());

+				} catch (Exception ex) {

+					log.error("Cannot add certificate", ex);

+				}

+			}

+			CollectionCertStoreParameters csp = new CollectionCertStoreParameters(

+					certCollection);

+			return CertStore.getInstance("Collection", csp);

+

+		} else {

+			log.warn("No certstore configured");

+		}

+		return null;

+	}

+

+	public void configureSSL() {

+		Set<TrustAnchor> caCerts = null;

+		try {

+			caCerts = getCACerts();

+		} catch (Exception e1) {

+			log.error("Cannot load CA certificates", e1);

+		}

+		CertStore certStore = null;

+		try {

+			certStore = getCertstore();

+		} catch (Exception e1) {

+			log.error("Cannot load certstore certificates", e1);

+		}

+		System.setProperty("com.sun.security.enableAIAcaIssuers", "true");

+		try {

+			X509CertSelector selector = new X509CertSelector();

+			PKIXBuilderParameters pkixParams;

+			pkixParams = new PKIXBuilderParameters(caCerts, selector);

+			if ((getProperty("SSL.doRevocationChecking") != null)

+					&& (Boolean.valueOf(getProperty("SSL.doRevocationChecking")))) {

+				log.info("Enable revocation checking");

+				pkixParams.setRevocationEnabled(true);

+				System.setProperty("com.sun.security.enableCRLDP", "true");

+				Security.setProperty("ocsp.enable", "true");

+			} else {

+				log.warn("Revocation checking disabled");

+				pkixParams.setRevocationEnabled(false);

+			}

+			pkixParams.addCertStore(certStore);

+			ManagerFactoryParameters trustParams = new CertPathTrustManagerParameters(

+					pkixParams);

+			TrustManagerFactory trustFab;

+			try {

+				trustFab = TrustManagerFactory.getInstance("PKIX");

+				trustFab.init(trustParams);

+				KeyManager[] km = null;

+				SSLContext sslCtx = SSLContext

+						.getInstance(getProperty("SSL.sslProtocol"));

+				sslCtx.init(km, trustFab.getTrustManagers(), null);

+				HttpsURLConnection

+						.setDefaultSSLSocketFactory(sslCtx.getSocketFactory());

+			} catch (Exception e) {

+				log.error("Cannot configure SSL", e);

+			}

+

+		} catch (InvalidAlgorithmParameterException e) {

+			log.error("Cannot configure SSL", e);

+		}

+	}

+

+	@Override

+	public void setResourceLoader(ResourceLoader loader) {

+		this.resourceLoader = loader;

+	}

+}
\ No newline at end of file
diff --git a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/CACerts/A-Trust-Qual-01a.cer b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/CACerts/A-Trust-Qual-01a.cer
new file mode 100644
index 00000000..f9fef65f
--- /dev/null
+++ b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/CACerts/A-Trust-Qual-01a.cer
diff --git a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/CACerts/A-Trust-Qual-02a.cer b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/CACerts/A-Trust-Qual-02a.cer
new file mode 100644
index 00000000..36a442b8
--- /dev/null
+++ b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/CACerts/A-Trust-Qual-02a.cer
diff --git a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/CACerts/A-Trust-Qual-03a.cer b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/CACerts/A-Trust-Qual-03a.cer
new file mode 100644
index 00000000..ab9e0cd7
--- /dev/null
+++ b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/CACerts/A-Trust-Qual-03a.cer
diff --git a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/CACerts/A-Trust-nQual-01a.cer b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/CACerts/A-Trust-nQual-01a.cer
new file mode 100644
index 00000000..efa28178
--- /dev/null
+++ b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/CACerts/A-Trust-nQual-01a.cer
diff --git a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/CACerts/A-Trust-nQual-03.cer b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/CACerts/A-Trust-nQual-03.cer
new file mode 100644
index 00000000..33e77636
--- /dev/null
+++ b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/CACerts/A-Trust-nQual-03.cer
diff --git a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/a-sign-SSL-03.cer b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/a-sign-SSL-03.cer
new file mode 100644
index 00000000..ee859434
--- /dev/null
+++ b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/a-sign-SSL-03.cer
@@ -0,0 +1,26 @@
+-----BEGIN CERTIFICATE-----

+MIIEdzCCA1+gAwIBAgIDAmU4MA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJB

+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp

+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRkwFwYDVQQLDBBBLVRydXN0LW5R

+dWFsLTAzMRkwFwYDVQQDDBBBLVRydXN0LW5RdWFsLTAzMB4XDTA2MDgxNjIyMDAw

+MFoXDTE2MDgxNjIyMDAwMFowgYcxCzAJBgNVBAYTAkFUMUgwRgYDVQQKDD9BLVRy

+dXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0ZW52

+ZXJrZWhyIEdtYkgxFjAUBgNVBAsMDWEtc2lnbi1TU0wtMDMxFjAUBgNVBAMMDWEt

+c2lnbi1TU0wtMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMjPM6

+PqgdPBPV4Efudpytt2Y4GZJfjeRdZo5SCuULDvvL+23xxBWnR3scFvfE1ekHN/YK

+k+2/qhU2B2ntoSNJSyDchNM8YPc9Lx67zZyhQTZgbBzh3IZAVb/hwuRRRV68JCBj

+r3r6v7IbwjH5XcVISdB4szx0z93aAQyKW9QkV+tD5a1vWFETvdHsZeVmDzfqcdsG

+AznPJw+9HrImCsswCWYUgPcFRkPNjj2r2NoyckVN781aWmNTAqJPf/Ckj9l9pUIt

+Vjhy8XNJW4iVDBkkykBXcGSkIau0ypJrRjsD1jKqUTIRZ/y2HlyltmwWi8OuyBLd

+LaHDbjc0b6JmqoivAgMBAAGjgeMwgeAwDwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4E

+CgQIQD6h02K0A90wEwYDVR0jBAwwCoAIRGqVZ1V5EU8wDgYDVR0PAQH/BAQDAgEG

+MIGUBgNVHR8EgYwwgYkwgYaggYOggYCGfmxkYXA6Ly9sZGFwLmEtdHJ1c3QuYXQv

+b3U9QS1UcnVzdC1uUXVhbC0wMyxvPUEtVHJ1c3QsYz1BVD9jZXJ0aWZpY2F0ZXJl

+dm9jYXRpb25saXN0P2Jhc2U/b2JqZWN0Y2xhc3M9ZWlkQ2VydGlmaWNhdGlvbkF1

+dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAQEAHKlnV3R9sbXojtONugyazkZCEzmC

+nZF1Dz4cOL0vPzzvS8MVWtG43zAgVI1NT/0ETSWsXD3YfzRi+f+/CxrGn0gwZX2t

+VGx+Z9w5ufiy1vuhxDUPmpos1TbJ4Wv3Une0E7iuHmNLg5qVlKeHWpcU8t1Y0nCt

+eRz34Qm87AVAykta33XST1fYvGoPKsDtn3qx9ye/pcbDvWjPwmqF2UUoql+d5hmJ

+Umgzwezqk4I+FS98BrnaPgC5UVFHg+yUjiUDLjYy7UvDZ5Led6kkLXuzVhQolLvr

+KTrGp5k42PG2MMkw8f6GMF/6yePXgzFMCRN8ReR7J5Htv33SytLRmFRd8g==

+-----END CERTIFICATE-----

diff --git a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/a-sign-corporate-03.cer b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/a-sign-corporate-03.cer
new file mode 100644
index 00000000..7e67be95
--- /dev/null
+++ b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/a-sign-corporate-03.cer
@@ -0,0 +1,27 @@
+-----BEGIN CERTIFICATE-----

+MIIEgzCCA2ugAwIBAgIDAarsMA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJB

+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp

+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRkwFwYDVQQLDBBBLVRydXN0LW5R

+dWFsLTAzMRkwFwYDVQQDDBBBLVRydXN0LW5RdWFsLTAzMB4XDTA1MTExMzIzMDAw

+MFoXDTE1MTExMzIzMDAwMFowgZMxCzAJBgNVBAYTAkFUMUgwRgYDVQQKDD9BLVRy

+dXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0ZW52

+ZXJrZWhyIEdtYkgxHDAaBgNVBAsME2Etc2lnbi1jb3Jwb3JhdGUtMDMxHDAaBgNV

+BAMME2Etc2lnbi1jb3Jwb3JhdGUtMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw

+ggEKAoIBAQCp44qY+AiVXlcnHoKvch9s3ujoWFNktvcteIPwK7s0mb/uxTUW9UIF

+Die9n3AbyTsJE6R3nZYSJVHHi+1DKD72/WEo/B5NOOtd6KUMfJgca1tDmcsIwhFn

+82qkZrbNQwdIIdLe6+nDmjd9UBIaKv7yy1kq20jh09HOK3/bWhafVQE7EAgDfNrn

+8f0JfnnF0EA/La5kkg878L22fh9lRzt8H21THqJPtK4/e9SttjrJnPhFk2/MjAGS

+uaDufG6BV5Hnn7klR5qm5q32ypleLA6Zi4m9jRCVtPd4jRPYM40XpRkrJuFw+lxp

+rejfEZt/SRh1eQXiXDUgtgX8OaIylH9pAgMBAAGjgeMwgeAwDwYDVR0TAQH/BAUw

+AwEB/zARBgNVHQ4ECgQIQj75YZ1a5XIwEwYDVR0jBAwwCoAIRGqVZ1V5EU8wDgYD

+VR0PAQH/BAQDAgEGMIGUBgNVHR8EgYwwgYkwgYaggYOggYCGfmxkYXA6Ly9sZGFw

+LmEtdHJ1c3QuYXQvb3U9QS1UcnVzdC1uUXVhbC0wMyxvPUEtVHJ1c3QsYz1BVD9j

+ZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0P2Jhc2U/b2JqZWN0Y2xhc3M9ZWlkQ2Vy

+dGlmaWNhdGlvbkF1dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAQEARu7e1SyBRjlA

+g/thtFwtKQRvopTZKWj2LWpEdvPvwThOvf8Depnas+ly5af8r8YzsqJzfX3XWvhN

+qOOI24g5FmXfCUTq/kbtaeTq/AqV94793IJfcilPnpMOEHMqXNDiRUoAgR/9EVj8

+mDVvL2lLlJzeAltqOD5Bi9QwguaD2/3/E5ymFnqkf1dnlXbo8AhcwPEzReNKn1eM

+Ilg4FwP1bP0HUK3Fyz1UQ/Hncg+MS7c+SkjpNEd4sH7/GdxuQs5Sk7IRwot1+sbX

+3CkkPhSqiUzig9raxJYrtbb2kyiUO8+d5HzRyoP4BNzsdZdPc0gDYweXg5qarHOQ

+16IEOtBmKg==

+-----END CERTIFICATE-----

diff --git a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/a-sign-corporate-light-01a.cer b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/a-sign-corporate-light-01a.cer
new file mode 100644
index 00000000..0c68e593
--- /dev/null
+++ b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/a-sign-corporate-light-01a.cer
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIEJjCCAw6gAwIBAgIDAOJEMA0GCSqGSIb3DQEBBQUAMFUxCzAJBgNVBAYTAkFUMRAwDgYDVQQK
+EwdBLVRydXN0MRkwFwYDVQQLExBBLVRydXN0LW5RdWFsLTAxMRkwFwYDVQQDExBBLVRydXN0LW5R
+dWFsLTAxMB4XDTA0MTEzMDIzMDAwMFoXDTA4MTEzMDIzMDAwMFowgZ8xCzAJBgNVBAYTAkFUMUgw
+RgYDVQQKEz9BLVRydXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0
+ZW52ZXJrZWhyIEdtYkgxIjAgBgNVBAsTGWEtc2lnbi1jb3Jwb3JhdGUtbGlnaHQtMDExIjAgBgNV
+BAMTGWEtc2lnbi1jb3Jwb3JhdGUtbGlnaHQtMDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQDGC65v8rni63DojEBriynPwRqNCp14/SkN5ROkTUGNvLSabfSJV4PKGLTzasPAaChwX0g/
+kebahFM3R7nIyeVx2YB8VRvC4I/spP/mCs5+6pf1N+6Kiq4NcswgNBBfqAteaQIylBMy6HDkjoXY
+X/c+SxjyrqAkeZCK+SHMOraXCO1PZHWbYwleKXf4R2Z6ayEfJ2XWeVuqqon76WHp/POI0RADBchA
+6Vm1ROzSAHz39bay1TZunQXSs3VQ9cE3uQPjN+80efmf0ZgNF0sXsDTssoZg2feTANSOkTGM1bMC
+5xe1hWFL8MZNe4yZ+NSgFN2fofb8BPvyQAW0no2PNA6PAgMBAAGjgbMwgbAwDwYDVR0TAQH/BAUw
+AwEB/zARBgNVHQ4ECgQITp5/1C/JHx8wEwYDVR0jBAwwCoAITlnOxwIyhzAwDgYDVR0PAQH/BAQD
+AgEGMGUGA1UdHwReMFwwWqBYoFaGVGxkYXA6Ly9sZGFwLmEtdHJ1c3QuYXQvb3U9QS1UcnVzdC1u
+UXVhbC0wMSxvPUEtVHJ1c3QsYz1BVD9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0PzANBgkqhkiG
+9w0BAQUFAAOCAQEAOtuz2GqnTibk/poCLrdYKpZSrLyfWFsJJpfBYA9HMasnfpJBCHgRHJud6DAO
+xD900Vhmwy66D8dqsN3+fR8Bx8ZMKspnFN1B2Wz7LWOxMaKqP3JolJ/oVwzJRm0afcUMAfAumkc5
+Yqu0nC5qCF9zYY9YbJklh84uEzEg9j85kuRBHOCUc+5MVrnv7WPbirx6c95YFqXBQ0arA5QE9zYq
+MDO8aUYPOWEHgtrVI+kMwELYHqLDX7i9VqsXhgFPeVz1wIV7s/i3budGeHMS6hjnyIc30FqM7CTY
+fcvqVNZliErbjD1k1W1gMgvjLJowNvQC0W7K9/yoQhwTqtNMR4WZwA==
+-----END CERTIFICATE-----
diff --git a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/a-sign-corporate-light-02a.cer b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/a-sign-corporate-light-02a.cer
new file mode 100644
index 00000000..c300891d
--- /dev/null
+++ b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/a-sign-corporate-light-02a.cer
@@ -0,0 +1,27 @@
+-----BEGIN CERTIFICATE-----

+MIIEizCCA3OgAwIBAgIDAOSoMA0GCSqGSIb3DQEBBQUAMIGLMQswCQYDVQQGEwJB

+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp

+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1

+YWwtMDIxGDAWBgNVBAMMD0EtVHJ1c3QtUXVhbC0wMjAeFw0wNDEyMTQyMzAwMDBa

+Fw0xNDEyMTMyMzAwMDBaMIGfMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVz

+dCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVy

+a2VociBHbWJIMSIwIAYDVQQLDBlhLXNpZ24tY29ycG9yYXRlLWxpZ2h0LTAyMSIw

+IAYDVQQDDBlhLXNpZ24tY29ycG9yYXRlLWxpZ2h0LTAyMIIBIjANBgkqhkiG9w0B

+AQEFAAOCAQ8AMIIBCgKCAQEAk6V4oEauvXgEICqgjTbGHaiDhBVo2nosX23osoKM

+LTkkO/nOCgpdCYpLKgURxwrgHgVh9XT99yxhy6lDwt2rASajj0sQ1fY5BmWVyrXS

+dQ78ISMPb73XaG4M8H7PJFcsVEo9n8veVQwnMY5mSWy0r1IO8n93Bjbmmi4Zt8oS

+p9olWo5/8ByYW8S/AKZuQx+q+bFJv7geuApVjK2iVFe8yQqHhAgDsAsDlMvxDAQ/

+vhrGwHRv8N3sLsjirnbf5S2dGLDjASOMUFvwfLQd7gHH7PV37Xa+aQqa97eE6O4O

+sIhcGRYhoLk/tWTBDapcgHJ0yTtrftuwORVteLUAy0gBNwIDAQABo4HhMIHeMA8G

+A1UdEwEB/wQFMAMBAf8wEQYDVR0OBAoECEkcWDpP6A0DMBMGA1UdIwQMMAqACEI9

+KySmwUXOMA4GA1UdDwEB/wQEAwIBBjCBkgYDVR0fBIGKMIGHMIGEoIGBoH+GfWxk

+YXA6Ly9sZGFwLmEtdHJ1c3QuYXQvb3U9QS1UcnVzdC1RdWFsLTAyLG89QS1UcnVz

+dCxjPUFUP2NlcnRpZmljYXRlcmV2b2NhdGlvbmxpc3Q/YmFzZT9vYmplY3RjbGFz

+cz1laWRDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5MA0GCSqGSIb3DQEBBQUAA4IBAQBH

+opWG7LKmPBvuGjZnRV4KGKzzUYVuxSRS1E0VIUPbVLf5xW2r5uUpR8ud5EpiPrcw

+k6K0dzu2Vb4ZbMIP+6J16S/0qvTp/3A/3q87+nJ+ot+IT8GZFJfSw18th2WmZdzR

+ShbM6sgViPtGsFROCdWeiHl248w2+zG+09sf8Bu3UyvwLRAiiKaxuwVdQ9kc0TL3

+gvv+K5eisWWthQOX2IF2jGSEqoAVwfHhl7bc9Vt7XnJSpQFebHnsIVuV4Mv6w4ww

+86hQPCLLvvV7wWDiBQ8l2FWneX0pNH3Wg+A1TRUoptc+pPDdpoP272MDm4fXyPKV

+7QgIaIK+gXNUj2GGt1K9

+-----END CERTIFICATE-----

diff --git a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/a-sign-corporate-light-03.cer b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/a-sign-corporate-light-03.cer
new file mode 100644
index 00000000..2251ca22
--- /dev/null
+++ b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/a-sign-corporate-light-03.cer
@@ -0,0 +1,27 @@
+-----BEGIN CERTIFICATE-----

+MIIEjzCCA3egAwIBAgIDAartMA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJB

+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp

+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRkwFwYDVQQLDBBBLVRydXN0LW5R

+dWFsLTAzMRkwFwYDVQQDDBBBLVRydXN0LW5RdWFsLTAzMB4XDTA1MTExMzIzMDAw

+MFoXDTE1MTExMzIzMDAwMFowgZ8xCzAJBgNVBAYTAkFUMUgwRgYDVQQKDD9BLVRy

+dXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0ZW52

+ZXJrZWhyIEdtYkgxIjAgBgNVBAsMGWEtc2lnbi1jb3Jwb3JhdGUtbGlnaHQtMDMx

+IjAgBgNVBAMMGWEtc2lnbi1jb3Jwb3JhdGUtbGlnaHQtMDMwggEiMA0GCSqGSIb3

+DQEBAQUAA4IBDwAwggEKAoIBAQC359oitbHkkEgdErRPeBdkcYRK2DLdxfcnn+SI

+umSEYzWVscRTchPKSzb7f1a6EHPbB5WZsGJaUDX9KfTqsJNMo+7bASKk3gsLVxNZ

+qY2t2G+y8HvREYYejDOIzjAkcBQrt+nvuBUlGYVJQjEuyAn18f2vG0Y3VNvZFGKn

+PK8AVycUMk0Uw21RbK3vX5tbbPgQ/kcZkN4czi5VHepMvf6hAwwLoJj+KL9zxm8j

+yPK88qCBKAjMNCpZKsEhyanw1CjYbVmHs45Q5W6FBtqDcS6Iq4mC6TtUPGtCTuoH

+7/JLuhEp075ohp87v3fSlzeLJjBpkUDP9U8Tv7l2euD0t1UVAgMBAAGjgeMwgeAw

+DwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4ECgQIQZFpHL+t2JgwEwYDVR0jBAwwCoAI

+RGqVZ1V5EU8wDgYDVR0PAQH/BAQDAgEGMIGUBgNVHR8EgYwwgYkwgYaggYOggYCG

+fmxkYXA6Ly9sZGFwLmEtdHJ1c3QuYXQvb3U9QS1UcnVzdC1uUXVhbC0wMyxvPUEt

+VHJ1c3QsYz1BVD9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0P2Jhc2U/b2JqZWN0

+Y2xhc3M9ZWlkQ2VydGlmaWNhdGlvbkF1dGhvcml0eTANBgkqhkiG9w0BAQUFAAOC

+AQEADTRIaQtPwoPS6/TpyBhOw4wAHk/RM4gkLT76URPY2sUHihxqy+8qEElN+f5l

+I61myCP3IFTClflcHVR1QCoMg0ZI5/EcQTI8Dgd5iQkXuVjh3wCj87Ka2Tu7d1K+

+i9VJ4BR/ph/qmPKR7Lx/PtATw/vWo4k2rbt5o1QwixZ7CPt+BF9xCaAC4uL0bB0M

+9M3i9W2ePmqX6WIB3jMkT9FQC0KihPPfw/17KddNi4rFMMEiTyKvJTtTqDnIAwWW

+TqsL1G7oxMMtnnYaKWMQ6gQiOiRzCY7efcAi/3YwUX6ULW5zxqapNs1vqEbSGsQE

+l1eFl67HBZHYAPdoHGUnZF0KaQ==

+-----END CERTIFICATE-----

diff --git a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/a-sign-corporate-medium-01a.cer b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/a-sign-corporate-medium-01a.cer
new file mode 100644
index 00000000..2d7f1a03
--- /dev/null
+++ b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/a-sign-corporate-medium-01a.cer
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIEKDCCAxCgAwIBAgIDAOKKMA0GCSqGSIb3DQEBBQUAMFUxCzAJBgNVBAYTAkFUMRAwDgYDVQQK
+EwdBLVRydXN0MRkwFwYDVQQLExBBLVRydXN0LW5RdWFsLTAxMRkwFwYDVQQDExBBLVRydXN0LW5R
+dWFsLTAxMB4XDTA0MTIwNTIzMDAwMFoXDTA4MTEzMDIzMDAwMFowgaExCzAJBgNVBAYTAkFUMUgw
+RgYDVQQKEz9BLVRydXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0
+ZW52ZXJrZWhyIEdtYkgxIzAhBgNVBAsTGmEtc2lnbi1jb3Jwb3JhdGUtbWVkaXVtLTAxMSMwIQYD
+VQQDExphLXNpZ24tY29ycG9yYXRlLW1lZGl1bS0wMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
+AQoCggEBANEbZyIMIXZYBjTj/+3TrNGssRKNNdTedQlWB3vJQWLzeG89Kzmhy1WDX8IqDrMtvpXH
+5w6urK3ZT7HGu2Jldrib8rkEOdE9+uNGRtkP8Kuz//CvdXCbIDvBLqgvWn9a3Sl/rUicPqKwcEcN
+bP2Q0iU6NvvALmoqs93PymfTZlkGOwzUe+O88huXkauGWT/DkJd4JYDNJ0wlaGrJa+OorT4Izk1J
+EipqqedUjsAj4Gq3SKrZKG/H/CkoH9uWTzrzFgg8zQhCES4AClo84XVk//EIv3ABDw4hr+lqV1nF
+eXch9o4mLIe5u045471YLJLmyuCPDopb8U2VUoyldpMx+Y8CAwEAAaOBszCBsDAPBgNVHRMBAf8E
+BTADAQH/MBEGA1UdDgQKBAhOuHKxmCmfZDATBgNVHSMEDDAKgAhOWc7HAjKHMDAOBgNVHQ8BAf8E
+BAMCAQYwZQYDVR0fBF4wXDBaoFigVoZUbGRhcDovL2xkYXAuYS10cnVzdC5hdC9vdT1BLVRydXN0
+LW5RdWFsLTAxLG89QS1UcnVzdCxjPUFUP2NlcnRpZmljYXRlcmV2b2NhdGlvbmxpc3Q/MA0GCSqG
+SIb3DQEBBQUAA4IBAQDaukYSeJVxWAh8QShqGqA6Plp9aXCTzwl9hE2gb+/xGPASo+NVQi/sUa0+
+bx29oSJaW6lKzdHQLAx4dwW9XTpJ+0mebB4fQfYHH0lGc1O4au/4O9k+C3SrD6x4WeY9k/SpUFu1
+qjzH+tjta81UWtU7Jve1BhckNwdOFx7cR8fdW+pUQSDV9XnPJfyb+gb9KWhvX+XAbgJoXW1HjJOO
+P5sx6mFhMb3UqAfKQVoAuGbl4+uxIThBTqpICkaaD8WLdukqQjomUMDRbWIf6SblPuOEpPi1G/WM
+qkTkpqX77Wkj08QY/yj5DDrsYJ5NymnWvu7jcoxCFCKvEQ8Q4g7AYKnG
+-----END CERTIFICATE-----
diff --git a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/a-sign-corporate-medium-02a.cer b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/a-sign-corporate-medium-02a.cer
new file mode 100644
index 00000000..194d4d7c
--- /dev/null
+++ b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/certs/certStore/a-sign-corporate-medium-02a.cer
@@ -0,0 +1,27 @@
+-----BEGIN CERTIFICATE-----

+MIIEjTCCA3WgAwIBAgIDAOSpMA0GCSqGSIb3DQEBBQUAMIGLMQswCQYDVQQGEwJB

+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp

+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1

+YWwtMDIxGDAWBgNVBAMMD0EtVHJ1c3QtUXVhbC0wMjAeFw0wNDEyMTQyMzAwMDBa

+Fw0xNDEyMTMyMzAwMDBaMIGhMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVz

+dCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVy

+a2VociBHbWJIMSMwIQYDVQQLDBphLXNpZ24tY29ycG9yYXRlLW1lZGl1bS0wMjEj

+MCEGA1UEAwwaYS1zaWduLWNvcnBvcmF0ZS1tZWRpdW0tMDIwggEiMA0GCSqGSIb3

+DQEBAQUAA4IBDwAwggEKAoIBAQCuaTBb6rHd5JZqAdvpmGIl5ne0Hg6GbpJvBeCI

+U6l9Rs8ebMY6aIS++qJOE9rnJHdfZNzLzduuoWEzEuwm9a/azQThM+eT+xlG/Vcf

+NuOQTTjAuXHLvYQ7WxSrBIT/kmAyqJgq/DEPvdX4jmCtVkuZ1gbxYIChLOVBWkVC

+FCK49BuXECtNy5fzK/GyfouZOVoQgiQ1YfecqzibcwO0t+f68Pvp/s6HESAH5tXY

+PdENDw4c/W/qKaeR87jPq98AJ8Lr4bmjWLjK8/ITtGglnJy8osFz22oR7f6fbWl6

+5LdhJ3giM68WEabQcZkw8cx3RDOzbnL2Kn+PVNHHyp3Wh849AgMBAAGjgeEwgd4w

+DwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4ECgQISoLnpz/+q98wEwYDVR0jBAwwCoAI

+Qj0rJKbBRc4wDgYDVR0PAQH/BAQDAgEGMIGSBgNVHR8EgYowgYcwgYSggYGgf4Z9

+bGRhcDovL2xkYXAuYS10cnVzdC5hdC9vdT1BLVRydXN0LVF1YWwtMDIsbz1BLVRy

+dXN0LGM9QVQ/Y2VydGlmaWNhdGVyZXZvY2F0aW9ubGlzdD9iYXNlP29iamVjdGNs

+YXNzPWVpZENlcnRpZmljYXRpb25BdXRob3JpdHkwDQYJKoZIhvcNAQEFBQADggEB

+ABqg1oRs/TZ0hJLJRV/xJglFzgn2fDAXeoVvWnAE09F1d0n+ZorKAKbMfiZ2CuKs

+M0AhU23/5zM90DdrtYWXpa+P8ONALZtHJIqGfVuRKYJq7jY5TpE3yRkTcrp47smp

+WqTwUgG+0aBeU9m+ZtGUFOsBkq+MudD8IZGc7VcLd1n4ltND9ITjX20hu01ju56c

+YC69vFa5hmIccXg/Q3dGEV5Amx8MTQJluG3QvqBOY74yrAFICvK1zsvu+vOGvJQj

+i+PxKlbQdehrV82VDxyfSjpEUADWMGRfE5vg4YBGgfRosh4w7a6ThD2LMLFPmIhy

+P6+VGUBCm2tMDDOo9DVkXFs=

+-----END CERTIFICATE-----

diff --git a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/defaultConf.properties b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/defaultConf.properties
index 12deac35..a6bf9de6 100644
--- a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/defaultConf.properties
+++ b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/defaultConf.properties
@@ -1,3 +1,23 @@
 # Configuration for online CCE

+

+# security manager configuration

 AccessController.acceptUnmatched=false

-AccessController.policyResource=classpath:at/gv/egiz/bku/online/conf/accessControlConfig.xml
\ No newline at end of file
+AccessController.policyResource=classpath:at/gv/egiz/bku/online/conf/accessControlConfig.xml

+

+# ------------BEGIN SSL Config --------------------

+# SSL configuration for connections to external

+# resources (e.g. data urls)

+

+# directory where certificates for 

+# chain constructions can be placed

+SSL.certDirectory=classpath:at/gv/egiz/bku/online/conf/certs/certStore

+

+# Directory where trusted CA 

+# certificates are placed

+SSL.caDirectory=classpath:at/gv/egiz/bku/online/conf/certs/CACerts

+

+SSL.doRevocationChecking=true

+SSL.sslProtocol=TLS

+

+# ------------ END SSL Config  --------------------

+

diff --git a/BKUOnline/src/main/webapp/WEB-INF/applicationContext.xml b/BKUOnline/src/main/webapp/WEB-INF/applicationContext.xml
index c5da25c0..4bb5e8e2 100644
--- a/BKUOnline/src/main/webapp/WEB-INF/applicationContext.xml
+++ b/BKUOnline/src/main/webapp/WEB-INF/applicationContext.xml
@@ -46,7 +46,7 @@
 

 	<!-- Configure Configuration -->

 	<bean id="configurator" class="at.gv.egiz.bku.online.conf.SpringConfigurator"

-		scope="singleton">

+		scope="singleton" init-method="configure">

 		<property name="resource" value="classpath:at/gv/egiz/bku/online/conf/defaultConf.properties"/>

 	</bean>

 

diff --git a/BKUOnline/src/test/java/at/gv/egiz/bku/online/conf/SSLConfigTest.java b/BKUOnline/src/test/java/at/gv/egiz/bku/online/conf/SSLConfigTest.java
new file mode 100644
index 00000000..59ff693a
--- /dev/null
+++ b/BKUOnline/src/test/java/at/gv/egiz/bku/online/conf/SSLConfigTest.java
@@ -0,0 +1,37 @@
+package at.gv.egiz.bku.online.conf;

+

+import java.net.URL;

+

+import javax.net.ssl.HttpsURLConnection;

+

+import org.junit.After;

+import org.junit.Before;

+import org.junit.Test;

+import org.springframework.context.ApplicationContext;

+import org.springframework.context.support.ClassPathXmlApplicationContext;

+

+public class SSLConfigTest {

+	

+	private SpringConfigurator cfg;

+	private ApplicationContext ctx;

+		

+	@Before

+	public void setUp() throws Exception {

+		ctx = new ClassPathXmlApplicationContext("applicationContext.xml");

+		

+	}

+	

+	@Test

+	public void testConnect() throws Exception {

+		String url = "https://apps.egiz.gv.at/exchange-moa-id-auth/VerifyIdentityLink?MOASessionID=8151862969943601574";

+		URL u = new URL(url);

+		HttpsURLConnection uc = (HttpsURLConnection) u.openConnection();

+		uc.connect();

+		System.out.println(uc.getCipherSuite());

+	}

+	

+	@After

+	public void shutDown() {

+		

+	}

+}

diff --git a/BKUOnline/src/test/resources/applicationContext.xml b/BKUOnline/src/test/resources/applicationContext.xml
new file mode 100644
index 00000000..4bb5e8e2
--- /dev/null
+++ b/BKUOnline/src/test/resources/applicationContext.xml
@@ -0,0 +1,53 @@
+<?xml version="1.0" encoding="UTF-8"?>

+	<!--

+		Copyright 2008 Federal Chancellery Austria and Graz University of

+		Technology Licensed under the Apache License, Version 2.0 (the

+		"License"); you may not use this file except in compliance with the

+		License. You may obtain a copy of the License at

+		http://www.apache.org/licenses/LICENSE-2.0 Unless required by

+		applicable law or agreed to in writing, software distributed under the

+		License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR

+		CONDITIONS OF ANY KIND, either express or implied. See the License for

+		the specific language governing permissions and limitations under the

+		License.

+	-->
+<beans xmlns="http://www.springframework.org/schema/beans"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:tx="http://www.springframework.org/schema/tx"
+	xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-2.0.xsd">

+

+	<bean id="STALFactory" class="at.gv.egiz.stal.service.impl.RequestBrokerSTALFactory"

+		scope="singleton" />

+

+	<bean id="accessController" class="at.gv.egiz.bku.online.accesscontroller.SpringSecurityManager"

+		scope="singleton" init-method="init">

+		<property name="config" ref="configurator"/>

+		</bean>

+

+	<bean id="commandInvoker" class="at.gv.egiz.bku.binding.SLCommandInvokerImpl">

+		<property name="securityManager" ref="accessController" />

+	</bean>

+

+	<bean id="bindingProcessorManager" class="at.gv.egiz.bku.binding.BindingProcessorManagerImpl"

+		scope="singleton">

+		<constructor-arg ref="STALFactory"></constructor-arg>

+		<constructor-arg ref="commandInvoker"></constructor-arg>

+	</bean>

+

+	<bean

+		class="org.springframework.web.context.support.ServletContextAttributeExporter">

+		<property name="attributes">

+			<map>

+				<entry key="bindingProcessorManager">

+					<ref bean="bindingProcessorManager" />

+				</entry>

+			</map>

+		</property>

+	</bean>

+

+	<!-- Configure Configuration -->

+	<bean id="configurator" class="at.gv.egiz.bku.online.conf.SpringConfigurator"

+		scope="singleton" init-method="configure">

+		<property name="resource" value="classpath:at/gv/egiz/bku/online/conf/defaultConf.properties"/>

+	</bean>

+

+</beans>
\ No newline at end of file