From b1c8641a63a67e3c64d948f9e8dce5c01e11e2dd Mon Sep 17 00:00:00 2001 From: mcentner Date: Wed, 5 May 2010 15:29:01 +0000 Subject: Merged feature branch mocca-1.2.13-id@r724 back to trunk. git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@725 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../egiz/bku/local/webapp/BKURequestHandler.java | 135 ++++++++++++++------- .../bku/local/webapp/MoccaContextListener.java | 93 ++++++++++++++ .../bku/local/webapp/PINManagementServlet.java | 12 +- .../gv/egiz/bku/local/webapp/SpringBKUServlet.java | 9 +- 4 files changed, 189 insertions(+), 60 deletions(-) create mode 100644 BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/MoccaContextListener.java (limited to 'BKULocal/src/main/java/at/gv/egiz/bku/local/webapp') diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/BKURequestHandler.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/BKURequestHandler.java index 98be4047..cd81b592 100644 --- a/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/BKURequestHandler.java +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/BKURequestHandler.java @@ -16,98 +16,139 @@ */ package at.gv.egiz.bku.local.webapp; +import java.io.ByteArrayInputStream; +import java.io.InputStream; import java.util.Enumeration; import java.util.HashMap; -import java.util.Iterator; import java.util.Locale; import java.util.Map; +import java.util.concurrent.ExecutionException; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; -import at.gv.egiz.bku.binding.HTTPBindingProcessor; +import at.gv.egiz.bku.binding.BindingProcessorFuture; +import at.gv.egiz.bku.binding.BindingProcessorManager; +import at.gv.egiz.bku.binding.HTTPBindingProcessorImpl; import at.gv.egiz.bku.binding.HttpUtil; -import at.gv.egiz.bku.conf.Configurator; +import at.gv.egiz.bku.binding.Id; +import at.gv.egiz.bku.binding.IdFactory; +import at.gv.egiz.bku.binding.InputDecoderFactory; import at.gv.egiz.org.apache.tomcat.util.http.AcceptLanguage; public class BKURequestHandler extends SpringBKUServlet { - public final static String ENCODING = "UTF-8"; + private static final long serialVersionUID = 1L; - protected Log log = LogFactory.getLog(BKURequestHandler.class); + public final static String ENCODING = "UTF-8"; + private final Logger log = LoggerFactory.getLogger(BKURequestHandler.class); + + @Override protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, java.io.IOException { - log.debug("Received SecurityLayer request"); - String acceptLanguage = req.getHeader("Accept-Language"); Locale locale = AcceptLanguage.getLocale(acceptLanguage); - log.debug("Accept-Language locale: " + locale); + log.info("Received request. Accept-Language locale: {}.", locale); - HTTPBindingProcessor bindingProcessor; - bindingProcessor = (HTTPBindingProcessor) getBindingProcessorManager() - .createBindingProcessor(req.getRequestURL().toString(), null, locale); + BindingProcessorManager bindingProcessorManager = getBindingProcessorManager(); + + HTTPBindingProcessorImpl bindingProcessor; + bindingProcessor = (HTTPBindingProcessorImpl) bindingProcessorManager + .createBindingProcessor("HTTP", locale); Map headerMap = new HashMap(); - for (Enumeration headerName = req.getHeaderNames(); headerName + for (Enumeration headerName = req.getHeaderNames(); headerName .hasMoreElements();) { - String header = headerName.nextElement(); + String header = (String) headerName.nextElement(); if (header != null) { headerMap.put(header, req.getHeader(header)); } } - String charset = req.getCharacterEncoding(); - String contentType = req.getContentType(); - if (charset != null) { - contentType += ";" + charset; + + InputStream inputStream; + String charset; + if (req.getMethod().equals("POST")) { + charset = req.getCharacterEncoding(); + String contentType = req.getContentType(); + if (charset != null) { + contentType += ";" + charset; + } + headerMap.put(HttpUtil.HTTP_HEADER_CONTENT_TYPE, contentType); + inputStream = req.getInputStream(); + } else { + charset = "UTF-8"; + headerMap.put(HttpUtil.HTTP_HEADER_CONTENT_TYPE, + InputDecoderFactory.URL_ENCODED); + String queryString = req.getQueryString(); + if (queryString != null) { + inputStream = new ByteArrayInputStream(queryString.getBytes(charset)); + } else { + inputStream = new ByteArrayInputStream(new byte[] {}); + } } - headerMap.put(HttpUtil.HTTP_HEADER_CONTENT_TYPE, contentType); bindingProcessor.setHTTPHeaders(headerMap); - bindingProcessor.consumeRequestStream(req.getInputStream()); + bindingProcessor.consumeRequestStream(req.getRequestURL().toString(), inputStream); + req.getInputStream().close(); - // fixxme just for testing - bindingProcessor.run(); - if (bindingProcessor.getRedirectURL() != null) { - resp.sendRedirect(bindingProcessor.getRedirectURL()); - return; - } + String redirectURL = bindingProcessor.getRedirectURL(); + + Id id = IdFactory.getInstance().createId(); + BindingProcessorFuture bindingProcessorFuture = bindingProcessorManager + .process(id, bindingProcessor); + + if (redirectURL != null) { + // send redirect and return + resp.sendRedirect(redirectURL); + return; + } + + // wait for the binding processor to finish processing + try { + bindingProcessorFuture.get(); + } catch (InterruptedException e) { + resp.sendError(HttpServletResponse.SC_SERVICE_UNAVAILABLE); + return; + } catch (ExecutionException e) { + log.error("Request processing failed.", e); + resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + return; + } + resp.setStatus(bindingProcessor.getResponseCode()); - for (Iterator it = bindingProcessor.getResponseHeaders().keySet() - .iterator(); it.hasNext();) { - String header = it.next(); - resp.setHeader(header, bindingProcessor.getResponseHeaders().get(header)); + + // set response headers + Map responseHeaders = bindingProcessor.getResponseHeaders(); + for (String header : responseHeaders.keySet()) { + resp.setHeader(header, responseHeaders.get(header)); } - String version = configurator.getProperty(Configurator.SIGNATURE_LAYOUT); - if ((version != null) && (!"".equals(version.trim()))) { - log.debug("setting SignatureLayout header to " + version); - resp.setHeader(Configurator.SIGNATURE_LAYOUT, version); - } else { - log.debug("do not set SignatureLayout header"); + String serverHeader = bindingProcessor.getServerHeaderValue(); + if (serverHeader != null && !serverHeader.isEmpty()) { + resp.setHeader(HttpUtil.HTTP_HEADER_SERVER, serverHeader); + } + String signatureLayout = bindingProcessor.getSignatureLayoutHeaderValue(); + if (signatureLayout != null && !signatureLayout.isEmpty()) { + resp.setHeader("SignatureLayout", signatureLayout); } - - if (configurator.getProperty(Configurator.USERAGENT_CONFIG_P) != null) { - resp.setHeader(HttpUtil.HTTP_HEADER_SERVER, configurator - .getProperty(Configurator.USERAGENT_CONFIG_P)); - } else { - resp.setHeader(HttpUtil.HTTP_HEADER_SERVER, - Configurator.USERAGENT_DEFAULT); - } resp.setContentType(bindingProcessor.getResultContentType()); resp.setCharacterEncoding(ENCODING); bindingProcessor.writeResultTo(resp.getOutputStream(), ENCODING); - req.getInputStream().close(); + resp.getOutputStream().flush(); resp.getOutputStream().close(); - log.debug("Finished Request"); + log.debug("Finished Request."); } + @Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, java.io.IOException { doPost(req, resp); } + + } diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/MoccaContextListener.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/MoccaContextListener.java new file mode 100644 index 00000000..428190eb --- /dev/null +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/MoccaContextListener.java @@ -0,0 +1,93 @@ +/* +* Copyright 2009 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ + +package at.gv.egiz.bku.local.webapp; + +import iaik.security.ecc.provider.ECCProvider; +import iaik.security.provider.IAIK; +import iaik.xml.crypto.XSecProvider; + +import java.security.Provider; +import java.security.Security; + +import javax.servlet.ServletContextEvent; +import javax.servlet.ServletContextListener; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +public class MoccaContextListener implements ServletContextListener { + + private Logger log = LoggerFactory.getLogger(MoccaContextListener.class); + + @Override + public void contextDestroyed(ServletContextEvent sce) { + } + + @Override + public void contextInitialized(ServletContextEvent sce) { + + log.info("Registering security providers ..."); + + registerProviders(); + + if (log.isDebugEnabled()) { + StringBuilder sb = new StringBuilder(); + sb.append("Registered providers: "); + int i = 1; + for (Provider prov : Security.getProviders()) { + sb.append("\n" + (i++) + ". : " + prov); + } + log.debug(sb.toString()); + } + } + + protected void registerProvider(Provider provider, int position) { + String name = provider.getName(); + if (Security.getProvider(name) == null) { + // register IAIK provider at first position + try { + Security.insertProviderAt(provider, position); + } catch (SecurityException e) { + log.info("Failed to register required security Provider.", e); + } + } else { + log.info("Required security Provider {} already registered.", name); + } + + } + + protected void registerProviders() { + + registerProvider(new IAIK(), 1); + registerProvider(new ECCProvider(false), 2); + + final String name = XSecProvider.NAME; + if (Security.getProvider(XSecProvider.NAME) == null) { + // register XML Security provider + try { + XSecProvider.addAsProvider(false); + } catch (SecurityException e) { + log.info("Failed to register required security Provider.", e); + } + } else { + log.info("Required security Provider {} already registered.", name); + } + + } + +} diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/PINManagementServlet.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/PINManagementServlet.java index 0c35f1c9..ab41634e 100644 --- a/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/PINManagementServlet.java +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/PINManagementServlet.java @@ -29,8 +29,8 @@ import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; /** * PINManagementBKUWorker for non-applet version @@ -38,7 +38,9 @@ import org.apache.commons.logging.LogFactory; */ public class PINManagementServlet extends HttpServlet { - private static final Log log = LogFactory.getLog(PINManagementServlet.class); + private static final long serialVersionUID = 1L; + + private final Logger log = LoggerFactory.getLogger(PINManagementServlet.class); LocalSTALFactory stalFactory; @@ -59,9 +61,7 @@ public class PINManagementServlet extends HttpServlet { STAL pinMgmtSTAL = stalFactory.createSTAL(); List stalResps = pinMgmtSTAL.handleRequest(Collections.singletonList(new PINManagementRequest())); - if (log.isDebugEnabled()) { - log.debug("received STAL reponse " + stalResps.get(0).getClass()); - } + log.debug("Received STAL reponse {}.", stalResps.get(0).getClass()); pinMgmtSTAL.handleRequest(Collections.singletonList(new QuitRequest())); String redirect = request.getParameter("redirect"); diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/SpringBKUServlet.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/SpringBKUServlet.java index 3bd50ba7..62f393a8 100644 --- a/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/SpringBKUServlet.java +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/SpringBKUServlet.java @@ -19,21 +19,16 @@ package at.gv.egiz.bku.local.webapp; import javax.servlet.http.HttpServlet; import at.gv.egiz.bku.binding.BindingProcessorManager; -import at.gv.egiz.bku.conf.Configurator; public abstract class SpringBKUServlet extends HttpServlet { - public final static String BEAN_NAME = "bindingProcessorManager"; + private static final long serialVersionUID = 1L; - protected static Configurator configurator; + public final static String BEAN_NAME = "bindingProcessorManager"; protected BindingProcessorManager getBindingProcessorManager() { return (BindingProcessorManager) getServletContext() .getAttribute(BEAN_NAME); } - public static void setConfigurator(Configurator conf) { - configurator = conf; - } - } -- cgit v1.2.3