From b1c8641a63a67e3c64d948f9e8dce5c01e11e2dd Mon Sep 17 00:00:00 2001 From: mcentner Date: Wed, 5 May 2010 15:29:01 +0000 Subject: Merged feature branch mocca-1.2.13-id@r724 back to trunk. git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@725 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../accesscontroller/SpringSecurityManager.java | 65 ---------- .../gv/egiz/bku/local/conf/SpringConfigurator.java | 142 --------------------- .../java/at/gv/egiz/bku/local/gui/GUIProxy.java | 2 +- .../gv/egiz/bku/local/gui/LocalHelpListener.java | 58 ++++++--- .../egiz/bku/local/stal/ExclusiveAccessSTAL.java | 76 +++++++++++ .../bku/local/stal/ExclusiveAccessSTALFactory.java | 65 ++++++++++ .../at/gv/egiz/bku/local/stal/LocalBKUWorker.java | 2 +- .../gv/egiz/bku/local/stal/LocalSTALFactory.java | 69 +++++----- .../gv/egiz/bku/local/stal/LocalSecureViewer.java | 24 ++-- .../bku/local/stal/LocalSignRequestHandler.java | 9 +- .../egiz/bku/local/webapp/BKURequestHandler.java | 135 +++++++++++++------- .../bku/local/webapp/MoccaContextListener.java | 93 ++++++++++++++ .../bku/local/webapp/PINManagementServlet.java | 12 +- .../gv/egiz/bku/local/webapp/SpringBKUServlet.java | 9 +- 14 files changed, 422 insertions(+), 339 deletions(-) delete mode 100644 BKULocal/src/main/java/at/gv/egiz/bku/local/accesscontroller/SpringSecurityManager.java delete mode 100644 BKULocal/src/main/java/at/gv/egiz/bku/local/conf/SpringConfigurator.java create mode 100644 BKULocal/src/main/java/at/gv/egiz/bku/local/stal/ExclusiveAccessSTAL.java create mode 100644 BKULocal/src/main/java/at/gv/egiz/bku/local/stal/ExclusiveAccessSTALFactory.java create mode 100644 BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/MoccaContextListener.java (limited to 'BKULocal/src/main/java/at/gv') diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/accesscontroller/SpringSecurityManager.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/accesscontroller/SpringSecurityManager.java deleted file mode 100644 index 3f50fc78..00000000 --- a/BKULocal/src/main/java/at/gv/egiz/bku/local/accesscontroller/SpringSecurityManager.java +++ /dev/null @@ -1,65 +0,0 @@ -/* - * Copyright 2008 Federal Chancellery Austria and - * Graz University of Technology - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package at.gv.egiz.bku.local.accesscontroller; - -import java.io.IOException; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; -import org.springframework.context.ResourceLoaderAware; -import org.springframework.core.io.Resource; -import org.springframework.core.io.ResourceLoader; - -import at.gv.egiz.bku.accesscontroller.SecurityManagerFacade; -import at.gv.egiz.bku.conf.Configurator; - -public class SpringSecurityManager extends SecurityManagerFacade implements - ResourceLoaderAware { - - private ResourceLoader resourceLoader; - - private static Log log = LogFactory.getLog(SpringSecurityManager.class); - - protected Configurator config; - - public void setConfig(Configurator config) { - this.config = config; - } - - public void init() { - String noMatch = config.getProperty("AccessController.acceptNoMatch"); - if (noMatch != null) { - log.debug("Setting allow now match to: " + noMatch); - setAllowUnmatched(Boolean.getBoolean(noMatch)); - } - String policy = config.getProperty("AccessController.policyResource"); - policy = policy.replace("${user.home}", System.getProperty("user.home")); - log.info("Loading resource: " + policy); - try { - Resource res = resourceLoader.getResource(policy); - init(res.getInputStream()); - } catch (IOException e) { - log.error(e); - } - } - - @Override - public void setResourceLoader(ResourceLoader loader) { - this.resourceLoader = loader; - } - -} diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/conf/SpringConfigurator.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/conf/SpringConfigurator.java deleted file mode 100644 index 7b2641ff..00000000 --- a/BKULocal/src/main/java/at/gv/egiz/bku/local/conf/SpringConfigurator.java +++ /dev/null @@ -1,142 +0,0 @@ -/* - * Copyright 2008 Federal Chancellery Austria and - * Graz University of Technology - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package at.gv.egiz.bku.local.conf; - -import java.io.File; -import java.io.FileInputStream; -import java.io.IOException; -import java.io.InputStream; -import java.util.Properties; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; -import org.springframework.context.ResourceLoaderAware; -import org.springframework.core.io.Resource; -import org.springframework.core.io.ResourceLoader; - -import at.gv.egiz.bku.conf.Configurator; -import at.gv.egiz.bku.local.webapp.SpringBKUServlet; -import at.gv.egiz.bku.slexceptions.SLRuntimeException; - -public class SpringConfigurator extends Configurator implements - ResourceLoaderAware { - - private final static Log log = LogFactory.getLog(SpringConfigurator.class); - - private ResourceLoader resourceLoader; - - public SpringConfigurator() { - // File configDir = new File(System.getProperty("user.home") + - // "/.bku/conf"); - // if (configDir.exists()) { - // log.debug("Found existing config directory: " + configDir); - // } else { - // log.info("Config dir not existing, creating new"); - // if (!configDir.mkdirs()) { - // log.error("Cannot create directory: " + configDir); - // } - // } - } - - public void setResource(Resource resource) { - log.debug("Loading config from: " + resource); - if (resource != null) { - Properties props = new Properties(); - try { - props.load(resource.getInputStream()); - super.setConfiguration(props); - } catch (IOException e) { - log.error("Cannot load config", e); - } - } else { - log.warn("Cannot load properties, resource: " + resource); - } - } - - @Override - public void configure() { - if (properties == null) { - defaultInit(); - } - super.configure(); - SpringBKUServlet.setConfigurator(this); - } - - public void defaultInit() { - Properties props = new Properties(); - try { - props.load(new FileInputStream(System.getProperty("user.home") - + "/.mocca/war/mocca.war")); - super.setConfiguration(props); - } catch (IOException e) { - log.error("Cannot load config", e); - } - } - - @Override - public void setResourceLoader(ResourceLoader loader) { - this.resourceLoader = loader; - } - - private File getDirectory(String property) { - property = property - .replace("${user.home}", System.getProperty("user.home")); - if (property != null) { - Resource certDirRes = resourceLoader.getResource(property); - File certDir; - try { - certDir = certDirRes.getFile(); - } catch (IOException e) { - log.error("Cannot get cert directory", e); - throw new SLRuntimeException(e); - } - if (!certDir.isDirectory()) { - log.error("Expecting directory as SSL.certDirectory parameter"); - throw new SLRuntimeException( - "Expecting directory as SSL.certDirectory parameter"); - } - return certDir; - } - return null; - - } - - @Override - protected File getCADir() { - String caDirectory = getProperty("SSL.caDirectory"); - return getDirectory(caDirectory); - } - - @Override - protected File getCertDir() { - String certDirectory = getProperty("SSL.certDirectory"); - return getDirectory(certDirectory); - } - - @Override - protected InputStream getManifest() { - Resource r = resourceLoader.getResource("META-INF/MANIFEST.MF"); - if ((r != null) && r.isReadable()) { - try { - return r.getInputStream(); - } catch (IOException e) { - log.error("Cannot read manifest data: " + e); - } - } - return null; - } -} \ No newline at end of file diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/gui/GUIProxy.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/gui/GUIProxy.java index 38dd04d9..a9f21087 100644 --- a/BKULocal/src/main/java/at/gv/egiz/bku/local/gui/GUIProxy.java +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/gui/GUIProxy.java @@ -30,7 +30,7 @@ public class GUIProxy implements InvocationHandler { JFrame frame; BKUGUIFacade delegate; - static public Object newInstance(BKUGUIFacade gui, JFrame frame, Class[] interfaces) { + static public Object newInstance(BKUGUIFacade gui, JFrame frame, Class[] interfaces) { return java.lang.reflect.Proxy.newProxyInstance(gui.getClass().getClassLoader(), interfaces, new GUIProxy(gui, frame)); diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/gui/LocalHelpListener.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/gui/LocalHelpListener.java index c957e132..ced47d6c 100644 --- a/BKULocal/src/main/java/at/gv/egiz/bku/local/gui/LocalHelpListener.java +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/gui/LocalHelpListener.java @@ -16,46 +16,62 @@ */ package at.gv.egiz.bku.local.gui; -import at.gv.egiz.bku.gui.AbstractHelpListener; -import at.gv.egiz.bku.gui.DefaultHelpListener; +import at.gv.egiz.bku.gui.ViewerHelpListener; import java.awt.Desktop; -import java.io.IOException; -import java.net.URISyntaxException; -import java.net.URL; +import java.awt.event.KeyEvent; +import java.awt.event.MouseEvent; +import java.net.URI; import java.util.Locale; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + /** - * Open help document in browser, fallback to default (swing dialog) if Java Desktop API not supported. + * Open help document in browser, fallback to help viewer (swing dialog) if Java Desktop API not supported. * * @author Clemens Orthacker */ -public class LocalHelpListener extends AbstractHelpListener { +public class LocalHelpListener extends ViewerHelpListener { + private final Logger log = LoggerFactory.getLogger(LocalHelpListener.class); + protected Desktop desktop; - protected DefaultHelpListener fallback; - public LocalHelpListener(URL baseURL, Locale locale) { - super(baseURL, locale); - if (Desktop.isDesktopSupported()) { + public LocalHelpListener(String helpURL, Locale locale) { + super(helpURL, locale); + if (Desktop.isDesktopSupported() && Desktop.getDesktop().isSupported(Desktop.Action.BROWSE)) { desktop = Desktop.getDesktop(); } else { - log.info("Java Desktop API not available on current platform (libgnome installed?), falling back to DefaultHelpListener"); - fallback = new DefaultHelpListener(baseURL, locale); + log.warn("Java Desktop API not available on current platform (libgnome installed?), " + + "falling back to help viewer"); + } + } + + @Override + public void mouseClicked(MouseEvent e) { + if (desktop != null) { + try { + desktop.browse(new URI(getHelpURL())); + } catch (Exception ex) { + log.error("Failed display help document {}.", getHelpURL(), ex); + super.mouseClicked(e); + } + } else { + super.mouseClicked(e); } } @Override - public void showDocument(URL helpDocument, String helpTopic) throws IOException, URISyntaxException { + public void keyPressed(KeyEvent e) { if (desktop != null) { - if (!desktop.isSupported(Desktop.Action.BROWSE)) { - log.error("Failed to open default browser: The system provides the Desktop API, but does not support the BROWSE action"); - } else { - Desktop.getDesktop().browse(helpDocument.toURI()); + try { + desktop.browse(new URI(getHelpURL())); + } catch (Exception ex) { + log.error("Failed display help document {}.", getHelpURL(), ex); + super.keyPressed(e); } - } else if (fallback != null) { - fallback.showDocument(helpDocument, helpTopic); } else { - log.error("failed to display help document"); + super.keyPressed(e); } } } diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/ExclusiveAccessSTAL.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/ExclusiveAccessSTAL.java new file mode 100644 index 00000000..0b8511e3 --- /dev/null +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/ExclusiveAccessSTAL.java @@ -0,0 +1,76 @@ +/* +* Copyright 2009 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ + +package at.gv.egiz.bku.local.stal; + +import java.util.Collections; +import java.util.List; +import java.util.concurrent.TimeUnit; +import java.util.concurrent.locks.Lock; +import java.util.concurrent.locks.ReentrantLock; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import at.gv.egiz.stal.ErrorResponse; +import at.gv.egiz.stal.STAL; +import at.gv.egiz.stal.STALRequest; +import at.gv.egiz.stal.STALResponse; + +public class ExclusiveAccessSTAL implements STAL { + + private final Logger log = LoggerFactory.getLogger(ExclusiveAccessSTAL.class); + + private Lock lock = new ReentrantLock(true); + + private long timeout = 30; + + private STAL stal; + + public ExclusiveAccessSTAL(STAL stal) { + if (stal == null) { + throw new NullPointerException("Argument 'stal' must not be null."); + } + this.stal = stal; + } + + @Override + public List handleRequest( + List aRequestList) { + + try { + if (lock.tryLock(timeout, TimeUnit.SECONDS)) { + try { + return stal.handleRequest(aRequestList); + } finally { + lock.unlock(); + } + } else { + // time out + log.info("Timeout while waiting for exclusive access to STAL."); + ErrorResponse response = new ErrorResponse(6000); + return Collections.singletonList((STALResponse) response); + } + } catch (InterruptedException e) { + // interrupted + ErrorResponse response = new ErrorResponse(6000); + return Collections.singletonList((STALResponse) response); + } + + } + +} diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/ExclusiveAccessSTALFactory.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/ExclusiveAccessSTALFactory.java new file mode 100644 index 00000000..1dee8e2b --- /dev/null +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/ExclusiveAccessSTALFactory.java @@ -0,0 +1,65 @@ +/* +* Copyright 2009 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ + +package at.gv.egiz.bku.local.stal; + +import java.util.Locale; + +import at.gv.egiz.stal.STAL; +import at.gv.egiz.stal.STALFactory; + +public class ExclusiveAccessSTALFactory implements STALFactory { + + private STALFactory stalFactory; + + private ExclusiveAccessSTAL stal; + + private Locale locale; + + /** + * @return the stalFactory + */ + public STALFactory getStalFactory() { + return stalFactory; + } + + /** + * @param stalFactory the stalFactory to set + */ + public synchronized void setStalFactory(STALFactory stalFactory) { + this.stalFactory = stalFactory; + stalFactory.setLocale(locale); + } + + @Override + public synchronized STAL createSTAL() { + if (stal == null && stalFactory != null) { + STAL delegate = stalFactory.createSTAL(); + stal = new ExclusiveAccessSTAL(delegate); + } + return stal; + } + + @Override + public synchronized void setLocale(Locale locale) { + this.locale = locale; + if (stalFactory != null) { + stalFactory.setLocale(locale); + } + } + +} diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalBKUWorker.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalBKUWorker.java index 1e3f9a1d..d2e49039 100644 --- a/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalBKUWorker.java +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalBKUWorker.java @@ -49,7 +49,7 @@ public class LocalBKUWorker extends AbstractBKUWorker { public List handleRequest(List requestList) { signatureCard = null; List responses = super.handleRequest(requestList); - container.setVisible(false); + container.setVisible(false); return responses; } diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSTALFactory.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSTALFactory.java index 44322a07..a703ad5c 100644 --- a/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSTALFactory.java +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSTALFactory.java @@ -19,7 +19,6 @@ package at.gv.egiz.bku.local.stal; import at.gv.egiz.bku.viewer.ResourceFontLoader; import java.awt.Dimension; import java.awt.Toolkit; -import java.net.MalformedURLException; import java.util.Locale; @@ -31,10 +30,11 @@ import at.gv.egiz.bku.local.gui.GUIProxy; import at.gv.egiz.bku.local.gui.LocalHelpListener; import at.gv.egiz.stal.STAL; import at.gv.egiz.stal.STALFactory; -import java.net.URL; import javax.swing.JFrame; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; + +import org.apache.commons.configuration.Configuration; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; /** * Creates a PINManagementGUI and a LocalBKUWorker, which in turn registers @@ -44,55 +44,45 @@ import org.apache.commons.logging.LogFactory; */ public class LocalSTALFactory implements STALFactory { - protected static final Log log = LogFactory.getLog(LocalSTALFactory.class); + private final Logger log = LoggerFactory.getLogger(LocalSTALFactory.class); protected static final Dimension PREFERRED_SIZE = new Dimension(318, 200); protected String helpURL; protected Locale locale; + + protected Configuration configuration; + + @Override public STAL createSTAL() { - LocalBKUWorker stal; + final LocalBKUWorker stal; //http://java.sun.com/docs/books/tutorial/uiswing/misc/focus.html // use undecorated JFrame instead of JWindow, // which creates an invisible owning frame and therefore cannot getFocusInWindow() JFrame dialog = new JFrame("Bürgerkarte"); - if (log.isTraceEnabled()) { - log.debug("alwaysOnTop supported: " + dialog.isAlwaysOnTopSupported()); - } + log.debug("AlwaysOnTop supported: {}.", dialog.isAlwaysOnTopSupported()); // [#439] make mocca dialog alwaysOnTop dialog.setAlwaysOnTop(true); dialog.setIconImages(BKUIcons.icons); - dialog.setUndecorated(true); +// dialog.setUndecorated(true); // dialog.getRootPane().setWindowDecorationStyle(JRootPane.NONE); -// dialog.addWindowListener(new WindowAdapter() { -// -// @Override -// public void windowClosing(WindowEvent e) { -// super.windowClosing(e); -// log.debug("closing window ********************"); -// } -// -// }); + if (locale != null) { dialog.setLocale(locale); } LocalHelpListener helpListener = null; - try { - if (helpURL != null) { - helpListener = new LocalHelpListener(new URL(helpURL), locale); - } else { - log.warn("no HELP URL configured, help system disabled"); - } - } catch (MalformedURLException ex) { - log.error("failed to configure help listener: " + ex.getMessage(), ex); + if (helpURL != null) { + helpListener = new LocalHelpListener(helpURL, locale); + } else { + log.warn("No HELP URL configured, help system disabled."); } PINManagementGUIFacade gui = new PINManagementGUI(dialog.getContentPane(), dialog.getLocale(), BKUGUIFacade.Style.advanced, null, new ResourceFontLoader(), - helpListener, + helpListener, null); BKUGUIFacade proxy = (BKUGUIFacade) GUIProxy.newInstance(gui, dialog, new Class[] { PINManagementGUIFacade.class} ); stal = new LocalBKUWorker(proxy, dialog); @@ -116,11 +106,26 @@ public class LocalSTALFactory implements STALFactory { this.locale = locale; } - public String getHelpURL() { - return helpURL; - } - + /** + * spring injects helpURL + * @param helpURL + */ public void setHelpURL(String helpURL) { this.helpURL = helpURL; } + + /** + * @return the configuration + */ + public Configuration getConfiguration() { + return configuration; + } + + /** + * @param configuration the configuration to set + */ + public void setConfiguration(Configuration configuration) { + this.configuration = configuration; + } + } diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSecureViewer.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSecureViewer.java index ae58526c..749a455a 100644 --- a/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSecureViewer.java +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSecureViewer.java @@ -31,8 +31,8 @@ import java.io.ByteArrayOutputStream; import java.io.InputStream; import java.util.Collections; import java.util.List; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; /** * @@ -40,8 +40,8 @@ import org.apache.commons.logging.LogFactory; */ public class LocalSecureViewer implements SecureViewer { - private static final Log log = LogFactory.getLog(LocalSignRequestHandler.class); - private List hashDataInputs = Collections.EMPTY_LIST; + private final Logger log = LoggerFactory.getLogger(LocalSignRequestHandler.class); + private List hashDataInputs = Collections.emptyList(); protected BKUGUIFacade gui; @@ -63,8 +63,8 @@ public class LocalSecureViewer implements SecureViewer { ActionListener okListener, String okCommand) throws Exception { if (signedInfo.getReference().size() == 0) { - log.error("No hashdata input selected to be displayed: null"); - throw new Exception("No HashData Input selected to be displayed"); + log.error("No hashdata input selected to be displayed: null."); + throw new Exception("No HashData Input selected to be displayed."); } ArrayList selectedHashDataInputs = new ArrayList(); @@ -76,8 +76,8 @@ public class LocalSecureViewer implements SecureViewer { boolean hdiAvailable = false; for (HashDataInput hashDataInput : hashDataInputs) { if (dsigRefId.equals(hashDataInput.getReferenceId())) { - log.debug("display hashdata input for dsig:SignedReference " + - dsigRefId); + log.debug("Display hashdata input for dsig:SignedReference {}.", + dsigRefId); selectedHashDataInputs.add( ensureCachedHashDataInput(hashDataInput)); hdiAvailable = true; @@ -85,7 +85,7 @@ public class LocalSecureViewer implements SecureViewer { } } if (!hdiAvailable) { - log.error("no hashdata input for dsig:SignedReference " + dsigRefId); + log.error("No hashdata input for dsig:SignedReference {}.", dsigRefId); throw new Exception( "No HashDataInput available for dsig:SignedReference " + dsigRefId); } @@ -97,8 +97,8 @@ public class LocalSecureViewer implements SecureViewer { } if (selectedHashDataInputs.size() < 1) { - log.error("dsig:SignedInfo does not contain a data reference"); - throw new Exception("dsig:SignedInfo does not contain a data reference"); + log.error("dsig:SignedInfo does not contain a data reference."); + throw new Exception("dsig:SignedInfo does not contain a data reference."); } gui.showSecureViewer(selectedHashDataInputs, okListener, okCommand); } @@ -108,7 +108,7 @@ public class LocalSecureViewer implements SecureViewer { throws IOException { if (!(hashDataInput instanceof DataObjectHashDataInput)) { - log.warn("expected DataObjectHashDataInput for LocalSignRequestHandler, got " + + log.warn("Expected DataObjectHashDataInput for LocalSignRequestHandler, got {}.", hashDataInput.getClass().getName()); InputStream hdIs = hashDataInput.getHashDataInput(); diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSignRequestHandler.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSignRequestHandler.java index 9ae1d9b9..a1f77a85 100644 --- a/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSignRequestHandler.java +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/stal/LocalSignRequestHandler.java @@ -16,8 +16,8 @@ */ package at.gv.egiz.bku.local.stal; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; import at.gv.egiz.bku.smccstal.SignRequestHandler; import at.gv.egiz.stal.ErrorResponse; @@ -31,7 +31,7 @@ import at.gv.egiz.stal.SignRequest; */ public class LocalSignRequestHandler extends SignRequestHandler { - private static final Log log = LogFactory.getLog(LocalSignRequestHandler.class); + private final Logger log = LoggerFactory.getLogger(LocalSignRequestHandler.class); public LocalSignRequestHandler(LocalSecureViewer secureViewer) { super(secureViewer); @@ -44,7 +44,6 @@ public class LocalSignRequestHandler extends SignRequestHandler { * @param request * @return */ - @SuppressWarnings("unchecked") @Override public STALResponse handleRequest(STALRequest request) throws InterruptedException { @@ -54,7 +53,7 @@ public class LocalSignRequestHandler extends SignRequestHandler { ((LocalSecureViewer) secureViewer).setDataToBeSigned(signReq.getHashDataInput()); return super.handleRequest(request); } else { - log.fatal("Got unexpected STAL request: " + request); + log.error("Got unexpected STAL request: {}.", request); return new ErrorResponse(1000); } diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/BKURequestHandler.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/BKURequestHandler.java index 98be4047..cd81b592 100644 --- a/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/BKURequestHandler.java +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/BKURequestHandler.java @@ -16,98 +16,139 @@ */ package at.gv.egiz.bku.local.webapp; +import java.io.ByteArrayInputStream; +import java.io.InputStream; import java.util.Enumeration; import java.util.HashMap; -import java.util.Iterator; import java.util.Locale; import java.util.Map; +import java.util.concurrent.ExecutionException; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; -import at.gv.egiz.bku.binding.HTTPBindingProcessor; +import at.gv.egiz.bku.binding.BindingProcessorFuture; +import at.gv.egiz.bku.binding.BindingProcessorManager; +import at.gv.egiz.bku.binding.HTTPBindingProcessorImpl; import at.gv.egiz.bku.binding.HttpUtil; -import at.gv.egiz.bku.conf.Configurator; +import at.gv.egiz.bku.binding.Id; +import at.gv.egiz.bku.binding.IdFactory; +import at.gv.egiz.bku.binding.InputDecoderFactory; import at.gv.egiz.org.apache.tomcat.util.http.AcceptLanguage; public class BKURequestHandler extends SpringBKUServlet { - public final static String ENCODING = "UTF-8"; + private static final long serialVersionUID = 1L; - protected Log log = LogFactory.getLog(BKURequestHandler.class); + public final static String ENCODING = "UTF-8"; + private final Logger log = LoggerFactory.getLogger(BKURequestHandler.class); + + @Override protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, java.io.IOException { - log.debug("Received SecurityLayer request"); - String acceptLanguage = req.getHeader("Accept-Language"); Locale locale = AcceptLanguage.getLocale(acceptLanguage); - log.debug("Accept-Language locale: " + locale); + log.info("Received request. Accept-Language locale: {}.", locale); - HTTPBindingProcessor bindingProcessor; - bindingProcessor = (HTTPBindingProcessor) getBindingProcessorManager() - .createBindingProcessor(req.getRequestURL().toString(), null, locale); + BindingProcessorManager bindingProcessorManager = getBindingProcessorManager(); + + HTTPBindingProcessorImpl bindingProcessor; + bindingProcessor = (HTTPBindingProcessorImpl) bindingProcessorManager + .createBindingProcessor("HTTP", locale); Map headerMap = new HashMap(); - for (Enumeration headerName = req.getHeaderNames(); headerName + for (Enumeration headerName = req.getHeaderNames(); headerName .hasMoreElements();) { - String header = headerName.nextElement(); + String header = (String) headerName.nextElement(); if (header != null) { headerMap.put(header, req.getHeader(header)); } } - String charset = req.getCharacterEncoding(); - String contentType = req.getContentType(); - if (charset != null) { - contentType += ";" + charset; + + InputStream inputStream; + String charset; + if (req.getMethod().equals("POST")) { + charset = req.getCharacterEncoding(); + String contentType = req.getContentType(); + if (charset != null) { + contentType += ";" + charset; + } + headerMap.put(HttpUtil.HTTP_HEADER_CONTENT_TYPE, contentType); + inputStream = req.getInputStream(); + } else { + charset = "UTF-8"; + headerMap.put(HttpUtil.HTTP_HEADER_CONTENT_TYPE, + InputDecoderFactory.URL_ENCODED); + String queryString = req.getQueryString(); + if (queryString != null) { + inputStream = new ByteArrayInputStream(queryString.getBytes(charset)); + } else { + inputStream = new ByteArrayInputStream(new byte[] {}); + } } - headerMap.put(HttpUtil.HTTP_HEADER_CONTENT_TYPE, contentType); bindingProcessor.setHTTPHeaders(headerMap); - bindingProcessor.consumeRequestStream(req.getInputStream()); + bindingProcessor.consumeRequestStream(req.getRequestURL().toString(), inputStream); + req.getInputStream().close(); - // fixxme just for testing - bindingProcessor.run(); - if (bindingProcessor.getRedirectURL() != null) { - resp.sendRedirect(bindingProcessor.getRedirectURL()); - return; - } + String redirectURL = bindingProcessor.getRedirectURL(); + + Id id = IdFactory.getInstance().createId(); + BindingProcessorFuture bindingProcessorFuture = bindingProcessorManager + .process(id, bindingProcessor); + + if (redirectURL != null) { + // send redirect and return + resp.sendRedirect(redirectURL); + return; + } + + // wait for the binding processor to finish processing + try { + bindingProcessorFuture.get(); + } catch (InterruptedException e) { + resp.sendError(HttpServletResponse.SC_SERVICE_UNAVAILABLE); + return; + } catch (ExecutionException e) { + log.error("Request processing failed.", e); + resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + return; + } + resp.setStatus(bindingProcessor.getResponseCode()); - for (Iterator it = bindingProcessor.getResponseHeaders().keySet() - .iterator(); it.hasNext();) { - String header = it.next(); - resp.setHeader(header, bindingProcessor.getResponseHeaders().get(header)); + + // set response headers + Map responseHeaders = bindingProcessor.getResponseHeaders(); + for (String header : responseHeaders.keySet()) { + resp.setHeader(header, responseHeaders.get(header)); } - String version = configurator.getProperty(Configurator.SIGNATURE_LAYOUT); - if ((version != null) && (!"".equals(version.trim()))) { - log.debug("setting SignatureLayout header to " + version); - resp.setHeader(Configurator.SIGNATURE_LAYOUT, version); - } else { - log.debug("do not set SignatureLayout header"); + String serverHeader = bindingProcessor.getServerHeaderValue(); + if (serverHeader != null && !serverHeader.isEmpty()) { + resp.setHeader(HttpUtil.HTTP_HEADER_SERVER, serverHeader); + } + String signatureLayout = bindingProcessor.getSignatureLayoutHeaderValue(); + if (signatureLayout != null && !signatureLayout.isEmpty()) { + resp.setHeader("SignatureLayout", signatureLayout); } - - if (configurator.getProperty(Configurator.USERAGENT_CONFIG_P) != null) { - resp.setHeader(HttpUtil.HTTP_HEADER_SERVER, configurator - .getProperty(Configurator.USERAGENT_CONFIG_P)); - } else { - resp.setHeader(HttpUtil.HTTP_HEADER_SERVER, - Configurator.USERAGENT_DEFAULT); - } resp.setContentType(bindingProcessor.getResultContentType()); resp.setCharacterEncoding(ENCODING); bindingProcessor.writeResultTo(resp.getOutputStream(), ENCODING); - req.getInputStream().close(); + resp.getOutputStream().flush(); resp.getOutputStream().close(); - log.debug("Finished Request"); + log.debug("Finished Request."); } + @Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, java.io.IOException { doPost(req, resp); } + + } diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/MoccaContextListener.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/MoccaContextListener.java new file mode 100644 index 00000000..428190eb --- /dev/null +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/MoccaContextListener.java @@ -0,0 +1,93 @@ +/* +* Copyright 2009 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ + +package at.gv.egiz.bku.local.webapp; + +import iaik.security.ecc.provider.ECCProvider; +import iaik.security.provider.IAIK; +import iaik.xml.crypto.XSecProvider; + +import java.security.Provider; +import java.security.Security; + +import javax.servlet.ServletContextEvent; +import javax.servlet.ServletContextListener; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +public class MoccaContextListener implements ServletContextListener { + + private Logger log = LoggerFactory.getLogger(MoccaContextListener.class); + + @Override + public void contextDestroyed(ServletContextEvent sce) { + } + + @Override + public void contextInitialized(ServletContextEvent sce) { + + log.info("Registering security providers ..."); + + registerProviders(); + + if (log.isDebugEnabled()) { + StringBuilder sb = new StringBuilder(); + sb.append("Registered providers: "); + int i = 1; + for (Provider prov : Security.getProviders()) { + sb.append("\n" + (i++) + ". : " + prov); + } + log.debug(sb.toString()); + } + } + + protected void registerProvider(Provider provider, int position) { + String name = provider.getName(); + if (Security.getProvider(name) == null) { + // register IAIK provider at first position + try { + Security.insertProviderAt(provider, position); + } catch (SecurityException e) { + log.info("Failed to register required security Provider.", e); + } + } else { + log.info("Required security Provider {} already registered.", name); + } + + } + + protected void registerProviders() { + + registerProvider(new IAIK(), 1); + registerProvider(new ECCProvider(false), 2); + + final String name = XSecProvider.NAME; + if (Security.getProvider(XSecProvider.NAME) == null) { + // register XML Security provider + try { + XSecProvider.addAsProvider(false); + } catch (SecurityException e) { + log.info("Failed to register required security Provider.", e); + } + } else { + log.info("Required security Provider {} already registered.", name); + } + + } + +} diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/PINManagementServlet.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/PINManagementServlet.java index 0c35f1c9..ab41634e 100644 --- a/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/PINManagementServlet.java +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/PINManagementServlet.java @@ -29,8 +29,8 @@ import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; /** * PINManagementBKUWorker for non-applet version @@ -38,7 +38,9 @@ import org.apache.commons.logging.LogFactory; */ public class PINManagementServlet extends HttpServlet { - private static final Log log = LogFactory.getLog(PINManagementServlet.class); + private static final long serialVersionUID = 1L; + + private final Logger log = LoggerFactory.getLogger(PINManagementServlet.class); LocalSTALFactory stalFactory; @@ -59,9 +61,7 @@ public class PINManagementServlet extends HttpServlet { STAL pinMgmtSTAL = stalFactory.createSTAL(); List stalResps = pinMgmtSTAL.handleRequest(Collections.singletonList(new PINManagementRequest())); - if (log.isDebugEnabled()) { - log.debug("received STAL reponse " + stalResps.get(0).getClass()); - } + log.debug("Received STAL reponse {}.", stalResps.get(0).getClass()); pinMgmtSTAL.handleRequest(Collections.singletonList(new QuitRequest())); String redirect = request.getParameter("redirect"); diff --git a/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/SpringBKUServlet.java b/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/SpringBKUServlet.java index 3bd50ba7..62f393a8 100644 --- a/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/SpringBKUServlet.java +++ b/BKULocal/src/main/java/at/gv/egiz/bku/local/webapp/SpringBKUServlet.java @@ -19,21 +19,16 @@ package at.gv.egiz.bku.local.webapp; import javax.servlet.http.HttpServlet; import at.gv.egiz.bku.binding.BindingProcessorManager; -import at.gv.egiz.bku.conf.Configurator; public abstract class SpringBKUServlet extends HttpServlet { - public final static String BEAN_NAME = "bindingProcessorManager"; + private static final long serialVersionUID = 1L; - protected static Configurator configurator; + public final static String BEAN_NAME = "bindingProcessorManager"; protected BindingProcessorManager getBindingProcessorManager() { return (BindingProcessorManager) getServletContext() .getAttribute(BEAN_NAME); } - public static void setConfigurator(Configurator conf) { - configurator = conf; - } - } -- cgit v1.2.3