From 4a334069beb85654e3cb35aef7e4508e04127036 Mon Sep 17 00:00:00 2001 From: mcentner Date: Tue, 26 Jan 2010 16:22:56 +0000 Subject: MOCCA 1.2.11 with SHA-2 enabled. git-svn-id: https://joinup.ec.europa.eu/svn/mocca/branches/mocca-1.2.11-sha2/mocca-1.2.11@599 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- BKUFonts/.classpath | 2 +- BKUFonts/.project | 4 +- BKULocal/src/main/resources/log4j.properties | 2 + BKUOnline/src/main/webapp/PINManagement.jsp | 3 +- .../src/main/webapp/WEB-INF/applicationContext.xml | 83 +++++++++++-------- .../gv/egiz/bku/binding/DataUrlConnectionImpl.java | 7 +- .../gv/egiz/bku/slcommands/SLCommandFactory.java | 54 ++++++------ .../impl/AbstractInfoboxCommandImpl.java | 21 ++++- .../egiz/bku/slcommands/impl/InfoboxFactory.java | 95 ++++------------------ .../java/moaspss/TestCreateAndVerifySignature.java | 4 +- bkucommon/src/test/resources/MOA-SPSS-1.3.wsdl | 2 +- 11 files changed, 128 insertions(+), 149 deletions(-) diff --git a/BKUFonts/.classpath b/BKUFonts/.classpath index d2236dff..54382402 100644 --- a/BKUFonts/.classpath +++ b/BKUFonts/.classpath @@ -2,7 +2,7 @@ - + diff --git a/BKUFonts/.project b/BKUFonts/.project index 484ff825..62c74cfb 100644 --- a/BKUFonts/.project +++ b/BKUFonts/.project @@ -16,12 +16,12 @@ - org.maven.ide.eclipse.maven2Builder + org.eclipse.wst.validation.validationbuilder - org.eclipse.wst.validation.validationbuilder + org.maven.ide.eclipse.maven2Builder diff --git a/BKULocal/src/main/resources/log4j.properties b/BKULocal/src/main/resources/log4j.properties index 86ddc7b4..a56f2683 100644 --- a/BKULocal/src/main/resources/log4j.properties +++ b/BKULocal/src/main/resources/log4j.properties @@ -17,6 +17,8 @@ # loglever DEBUG, appender STDOUT log4j.rootLogger=DEBUG, STDOUT +log4j.logger.at.gv.egiz.smcc=TRACE + # STDOUT appender log4j.appender.STDOUT=org.apache.log4j.ConsoleAppender log4j.appender.STDOUT.layout=org.apache.log4j.PatternLayout diff --git a/BKUOnline/src/main/webapp/PINManagement.jsp b/BKUOnline/src/main/webapp/PINManagement.jsp index 3555f99e..e48b8405 100644 --- a/BKUOnline/src/main/webapp/PINManagement.jsp +++ b/BKUOnline/src/main/webapp/PINManagement.jsp @@ -75,7 +75,8 @@ HelpURL : '../help/', SessionID : '<%=request.getSession().getId()%>', RedirectURL : '../', - RedirectTarget: '_parent' + RedirectTarget: '_parent', + EnforceRecommendedPINLength: 'true' }; var version = '1.6.0_04'; deployJava.runApplet(attributes, parameters, version); diff --git a/BKUOnline/src/main/webapp/WEB-INF/applicationContext.xml b/BKUOnline/src/main/webapp/WEB-INF/applicationContext.xml index 0324030e..fb3cae63 100644 --- a/BKUOnline/src/main/webapp/WEB-INF/applicationContext.xml +++ b/BKUOnline/src/main/webapp/WEB-INF/applicationContext.xml @@ -30,47 +30,64 @@ - - - - - - - - + + + + + + + + - - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + - - - - + + + + + + + + + + diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java index 93e5bb1c..82c1be53 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java @@ -274,7 +274,12 @@ public class DataUrlConnectionImpl implements DataUrlConnectionSPI { InputStreamReader reader = new InputStreamReader(formParameter.getData(), (formParameter.getCharSet() != null) ? formParameter.getCharSet() - : "UTF-8"); // assume request was application/x-www-form-urlencoded, formParam therefore UTF-8 + : "UTF-8"); + // Note, using UTF-8 as fallback for decoding is safe. + // If the request was x-www-form-urlencoded, + // UTF-8 has been used for encoding of non-ASCII characters. + // If the request was multipart/form-data and contains any transfer parameters, + // the data URL request is going to be multipart/form-data encoded (see below). while ((len = reader.read(cbuf)) != -1) { urlEnc.write(cbuf, 0, len); } diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLCommandFactory.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLCommandFactory.java index 8e3f6ece..6e84867e 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLCommandFactory.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/SLCommandFactory.java @@ -87,6 +87,11 @@ public class SLCommandFactory { */ private Map> slRequestTypeMap = new HashMap>(); + /** + * The mapping of a requests's qualified name to a concrete command factories. + */ + private Map slCommandFactories = new HashMap(); + /** * Configures the singleton instance with command implementations * @param commandImplMap @@ -101,7 +106,19 @@ public class SLCommandFactory { slRequestTypeMap.put(key, impl); } } - + + public void setConcreteFactories(Map factories) { + if (log.isDebugEnabled()) { + StringBuilder sb = new StringBuilder(); + sb.append("Registered sl command factory for"); + for (QName qname : factories.keySet()) { + sb.append("\n " + qname + " : " + factories.get(qname).getClass()); + } + log.debug(sb); + } + slCommandFactories = factories; + } + /** * Register an {@link SLCommand} implementation class of a Security Layer * command with the given namespaceUri and localname @@ -363,37 +380,16 @@ public class SLCommandFactory { log.info("Unsupported security layer request version : " + qName.getNamespaceURI()); throw new SLVersionException(qName.getNamespaceURI()); } - - Class implClass = getImplClass(qName); - if (implClass == null) { - // command not supported - log.info("Unsupported command received: " + qName.toString()); - throw new SLCommandException(4011, - SLExceptionMessages.EC4011_NOTIMPLEMENTED, new Object[]{qName.toString()}); - } - - - // try to instantiate - SLCommand slCommand; - try { - slCommand = implClass.newInstance(); - log.debug("SLCommand " + slCommand.getName() + " created."); - } catch (InstantiationException e) { - // unexpected error - log.error("Failed to instantiate security layer command implementation.", - e); - throw new SLRuntimeException(e); - } catch (IllegalAccessException e) { - // unexpected error - log.error("Failed to instantiate security layer command implementation.", - e); - throw new SLRuntimeException(e); + AbstractSLCommandFactory concreteFactory = slCommandFactories.get(qName); + if (concreteFactory == null) { + // command not supported + log.info("Unsupported command received: " + qName.toString()); + throw new SLCommandException(4011, + SLExceptionMessages.EC4011_NOTIMPLEMENTED, new Object[]{qName.toString()}); } - slCommand.init(context, (JAXBElement) object); - - return slCommand; + return concreteFactory.createSLCommand(context, (JAXBElement) object); } } \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractInfoboxCommandImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractInfoboxCommandImpl.java index 8a7edb71..b8e4030d 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractInfoboxCommandImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/AbstractInfoboxCommandImpl.java @@ -32,6 +32,25 @@ public abstract class AbstractInfoboxCommandImpl extends SLCommandImpl { * The infobox implementation. */ protected Infobox infobox; + + /** + * The infobox factory. + */ + protected InfoboxFactory infoboxFactory; + + /** + * @return the infoboxFactory + */ + public InfoboxFactory getInfoboxFactory() { + return infoboxFactory; + } + + /** + * @param infoboxFactory the infoboxFactory to set + */ + public void setInfoboxFactory(InfoboxFactory infoboxFactory) { + this.infoboxFactory = infoboxFactory; + } @Override public void init(SLCommandContext ctx, Object request) @@ -40,7 +59,7 @@ public abstract class AbstractInfoboxCommandImpl extends SLCommandImpl { String infoboxIdentifier = getInfoboxIdentifier(getRequestValue()); - infobox = InfoboxFactory.getInstance().createInfobox(infoboxIdentifier); + infobox = infoboxFactory.createInfobox(infoboxIdentifier); } /** diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxFactory.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxFactory.java index e9736f6d..fdf94297 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxFactory.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/InfoboxFactory.java @@ -17,7 +17,6 @@ package at.gv.egiz.bku.slcommands.impl; import java.util.HashMap; -import java.util.Map; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; @@ -39,68 +38,24 @@ public class InfoboxFactory { private static Log log = LogFactory.getLog(InfoboxFactory.class); /** - * The singleton instance of this InfoboxFactory. + * The mapping of Infobox name to concrete Infobox factory. */ - private static InfoboxFactory instance; - - /** - * @return an instance of this InfoboxFactory - */ - public synchronized static InfoboxFactory getInstance() { - if (instance == null) { - instance = new InfoboxFactory(); - } - return instance; - } - - /** - * The mapping of infobox identifier to implementation class. - */ - private HashMap> implementations; - - /** - * Private constructor. - */ - private InfoboxFactory() { - } - - /** - * Sets the mapping of infobox identifier to implementation class name. - * - * @param infoboxImplMap - * a mapping of infobox identifiers to implementation class names - * - * @throws ClassNotFoundException - * if implementation class is not an instance of {@link Infobox} - */ - @SuppressWarnings("unchecked") - public void setInfoboxImpl(Map infoboxImplMap) throws ClassNotFoundException { - HashMap> implMap = new HashMap>(); - ClassLoader cl = getClass().getClassLoader(); - for (String key : infoboxImplMap.keySet()) { - Class impl = (Class) cl.loadClass(infoboxImplMap.get(key)); - log.debug("Registering infobox '" + key + "' implementation '" + impl.getCanonicalName() + "'."); - implMap.put(key, impl); - } - implementations = implMap; - } - + private HashMap infoboxFactories = new HashMap(); + /** - * Returns the configured implementation class for the given - * infoboxIdentifier. - * - * @param infoboxIdentifier - * the infobox identifier - * - * @return the implementation class for the given infobox identifier or - * null if there is no implementation class configured + * @param infoboxFactories the infoboxFactories to set */ - public Class getImplClass(String infoboxIdentifier) { - if (implementations != null) { - return implementations.get(infoboxIdentifier); - } else { - return null; + public void setInfoboxFactories( + HashMap factories) { + if (log.isDebugEnabled()) { + StringBuilder sb = new StringBuilder(); + sb.append("Registered infobox factories for"); + for (String name : factories.keySet()) { + sb.append("\n " + name + " : " + factories.get(name).getClass()); + } + log.debug(sb); } + this.infoboxFactories = factories; } /** @@ -119,31 +74,15 @@ public class InfoboxFactory { */ public Infobox createInfobox(String infoboxIdentifier) throws SLCommandException, SLRuntimeException { - Class implClass = getImplClass(infoboxIdentifier); - if (implClass == null) { - // infobox not supported + AbstractInfoboxFactory factory = infoboxFactories.get(infoboxIdentifier); + if (factory == null) { log.info("Unsupported infobox '" + infoboxIdentifier + "."); throw new SLCommandException(4002, SLExceptionMessages.EC4002_INFOBOX_UNKNOWN, new Object[] { infoboxIdentifier }); } - // try to instantiate - Infobox infobox; - try { - infobox = implClass.newInstance(); - log.debug("Infobox '" + infobox.getIdentifier() + "' created."); - } catch (InstantiationException e) { - // unexpected error - log.error("Failed to instantiate infobox implementation.", e); - throw new SLRuntimeException(e); - } catch (IllegalAccessException e) { - // unexpected error - log.error("Failed to instantiate infobox implementation.", e); - throw new SLRuntimeException(e); - } - - return infobox; + return factory.createInfobox(); } diff --git a/bkucommon/src/test/java/moaspss/TestCreateAndVerifySignature.java b/bkucommon/src/test/java/moaspss/TestCreateAndVerifySignature.java index 8d995530..a9397d31 100644 --- a/bkucommon/src/test/java/moaspss/TestCreateAndVerifySignature.java +++ b/bkucommon/src/test/java/moaspss/TestCreateAndVerifySignature.java @@ -33,7 +33,7 @@ import org.xml.sax.SAXException; import at.buergerkarte.namespaces.securitylayer._1.ErrorResponseType; -@Ignore +//@Ignore public class TestCreateAndVerifySignature { protected Element parseCreateXMLSignatureRequest(InputStream is) @@ -141,7 +141,7 @@ public class TestCreateAndVerifySignature { } MOASPClient spClient = new MOASPClient(); - JAXBElement verifySignature = spClient.verifySignature(cxsResp, ".", "qualifiedSignature"); + JAXBElement verifySignature = spClient.verifySignature(cxsResp, ".", "qualifiedSignature+Test"); VerifyXMLSignatureResponseType vxsResp = verifySignature.getValue(); int signatureCheck = vxsResp.getSignatureCheck().getCode().intValue(); if (signatureCheck != 0) { diff --git a/bkucommon/src/test/resources/MOA-SPSS-1.3.wsdl b/bkucommon/src/test/resources/MOA-SPSS-1.3.wsdl index 8ec61420..25accfce 100644 --- a/bkucommon/src/test/resources/MOA-SPSS-1.3.wsdl +++ b/bkucommon/src/test/resources/MOA-SPSS-1.3.wsdl @@ -51,7 +51,7 @@ - + -- cgit v1.2.3