From d89f36b67ea1d838a78523538a24e044518f3587 Mon Sep 17 00:00:00 2001 From: mcentner Date: Tue, 26 Jan 2010 16:22:56 +0000 Subject: MOCCA 1.2.11 with SHA-2 enabled. git-svn-id: https://joinup.ec.europa.eu/svn/mocca/branches/mocca-1.2.11-sha2@599 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../src/main/custom-binding/cardchannel-custom.xml | 40 + .../src/main/custom-binding/stalservice-custom.xml | 116 +++ .../src/main/custom-binding/staltypes-custom.xml | 47 ++ .../accesscontroller/SpringSecurityManager.java | 63 ++ .../egiz/bku/online/conf/SpringConfigurator.java | 127 +++ .../egiz/bku/online/webapp/AppletDispatcher.java | 113 +++ .../egiz/bku/online/webapp/BKURequestHandler.java | 317 +++++++ .../gv/egiz/bku/online/webapp/ResultServlet.java | 154 ++++ .../gv/egiz/bku/online/webapp/SessionTimeout.java | 49 ++ .../gv/egiz/bku/online/webapp/ShutdownHandler.java | 48 ++ .../egiz/bku/online/webapp/SpringBKUServlet.java | 37 + .../service/impl/RequestBrokerSTALFactory.java | 45 + .../egiz/stal/service/impl/STALRequestBroker.java | 41 + .../stal/service/impl/STALRequestBrokerImpl.java | 324 ++++++++ .../gv/egiz/stal/service/impl/STALServiceImpl.java | 386 +++++++++ .../stal/service/impl/STALXJAXBContextFactory.java | 61 ++ .../egiz/stal/service/impl/TestSignatureData.java | 47 ++ .../BKUOnline/src/main/policy/50mocca.policy | 319 +++++++ .../egiz/bku/online/conf/accessControlConfig.xml | 84 ++ .../gv/egiz/bku/online/conf/defaultConf.properties | 56 ++ .../src/main/resources/commons-logging.properties | 16 + .../BKUOnline/src/main/resources/log4j.properties | 36 + .../BKUOnline/src/main/webapp/META-INF/MANIFEST.MF | 6 + .../BKUOnline/src/main/webapp/META-INF/context.xml | 19 + .../BKUOnline/src/main/webapp/PINManagement.jsp | 111 +++ .../BKUOnline/src/main/webapp/SLRequestForm.html | 215 +++++ .../src/main/webapp/WEB-INF/applicationContext.xml | 134 +++ .../src/main/webapp/WEB-INF/mocca-conf.xml | 51 ++ .../src/main/webapp/WEB-INF/sun-jaxws.xml | 36 + .../BKUOnline/src/main/webapp/WEB-INF/web.xml | 129 +++ .../src/main/webapp/WEB-INF/wsdl/stal.wsdl | 105 +++ .../src/main/webapp/WEB-INF/wsdl/stal.xsd | 168 ++++ mocca-1.2.11/BKUOnline/src/main/webapp/applet.jsp | 111 +++ .../BKUOnline/src/main/webapp/css/applet.css | 15 + .../src/main/webapp/css/appletAlternative.css | 12 + .../BKUOnline/src/main/webapp/css/main.css | 55 ++ .../BKUOnline/src/main/webapp/errorresponse.css | 12 + .../BKUOnline/src/main/webapp/expired.html | 29 + .../BKUOnline/src/main/webapp/img/chip16.ico | Bin 0 -> 1150 bytes .../BKUOnline/src/main/webapp/img/chip32.png | Bin 0 -> 1753 bytes .../BKUOnline/src/main/webapp/img/webstart.png | Bin 0 -> 4643 bytes mocca-1.2.11/BKUOnline/src/main/webapp/index.html | 59 ++ .../BKUOnline/src/main/webapp/js/deployJava.js | 925 +++++++++++++++++++++ .../src/main/webapp/js/deployJava_orig.js | 725 ++++++++++++++++ .../BKUOnline/src/main/wsdl/CardChannel.xsd | 148 ++++ .../BKUOnline/src/main/wsdl/stal-service.wsdl | 114 +++ .../BKUOnline/src/main/wsdl/stal-service.xsd | 183 ++++ .../at/gv/egiz/bku/online/conf/SSLConfigTest.java | 40 + .../egiz/stal/service/STALRequestBrokerTest.java | 534 ++++++++++++ .../BKUOnline/src/test/resources/appletTest.html | 29 + .../src/test/resources/applicationContext.xml | 55 ++ .../src/test/resources/commons-logging.properties | 16 + .../BKUOnline/src/test/resources/log4j.properties | 29 + 53 files changed, 6591 insertions(+) create mode 100644 mocca-1.2.11/BKUOnline/src/main/custom-binding/cardchannel-custom.xml create mode 100644 mocca-1.2.11/BKUOnline/src/main/custom-binding/stalservice-custom.xml create mode 100644 mocca-1.2.11/BKUOnline/src/main/custom-binding/staltypes-custom.xml create mode 100644 mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/bku/online/accesscontroller/SpringSecurityManager.java create mode 100644 mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java create mode 100644 mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/AppletDispatcher.java create mode 100644 mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/BKURequestHandler.java create mode 100644 mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/ResultServlet.java create mode 100644 mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/SessionTimeout.java create mode 100644 mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/ShutdownHandler.java create mode 100644 mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/SpringBKUServlet.java create mode 100644 mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/RequestBrokerSTALFactory.java create mode 100644 mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALRequestBroker.java create mode 100644 mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALRequestBrokerImpl.java create mode 100644 mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALServiceImpl.java create mode 100644 mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALXJAXBContextFactory.java create mode 100644 mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/TestSignatureData.java create mode 100644 mocca-1.2.11/BKUOnline/src/main/policy/50mocca.policy create mode 100644 mocca-1.2.11/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/accessControlConfig.xml create mode 100644 mocca-1.2.11/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/defaultConf.properties create mode 100644 mocca-1.2.11/BKUOnline/src/main/resources/commons-logging.properties create mode 100644 mocca-1.2.11/BKUOnline/src/main/resources/log4j.properties create mode 100644 mocca-1.2.11/BKUOnline/src/main/webapp/META-INF/MANIFEST.MF create mode 100644 mocca-1.2.11/BKUOnline/src/main/webapp/META-INF/context.xml create mode 100644 mocca-1.2.11/BKUOnline/src/main/webapp/PINManagement.jsp create mode 100644 mocca-1.2.11/BKUOnline/src/main/webapp/SLRequestForm.html create mode 100644 mocca-1.2.11/BKUOnline/src/main/webapp/WEB-INF/applicationContext.xml create mode 100644 mocca-1.2.11/BKUOnline/src/main/webapp/WEB-INF/mocca-conf.xml create mode 100644 mocca-1.2.11/BKUOnline/src/main/webapp/WEB-INF/sun-jaxws.xml create mode 100644 mocca-1.2.11/BKUOnline/src/main/webapp/WEB-INF/web.xml create mode 100644 mocca-1.2.11/BKUOnline/src/main/webapp/WEB-INF/wsdl/stal.wsdl create mode 100644 mocca-1.2.11/BKUOnline/src/main/webapp/WEB-INF/wsdl/stal.xsd create mode 100644 mocca-1.2.11/BKUOnline/src/main/webapp/applet.jsp create mode 100644 mocca-1.2.11/BKUOnline/src/main/webapp/css/applet.css create mode 100644 mocca-1.2.11/BKUOnline/src/main/webapp/css/appletAlternative.css create mode 100644 mocca-1.2.11/BKUOnline/src/main/webapp/css/main.css create mode 100644 mocca-1.2.11/BKUOnline/src/main/webapp/errorresponse.css create mode 100644 mocca-1.2.11/BKUOnline/src/main/webapp/expired.html create mode 100644 mocca-1.2.11/BKUOnline/src/main/webapp/img/chip16.ico create mode 100644 mocca-1.2.11/BKUOnline/src/main/webapp/img/chip32.png create mode 100644 mocca-1.2.11/BKUOnline/src/main/webapp/img/webstart.png create mode 100644 mocca-1.2.11/BKUOnline/src/main/webapp/index.html create mode 100644 mocca-1.2.11/BKUOnline/src/main/webapp/js/deployJava.js create mode 100644 mocca-1.2.11/BKUOnline/src/main/webapp/js/deployJava_orig.js create mode 100644 mocca-1.2.11/BKUOnline/src/main/wsdl/CardChannel.xsd create mode 100644 mocca-1.2.11/BKUOnline/src/main/wsdl/stal-service.wsdl create mode 100644 mocca-1.2.11/BKUOnline/src/main/wsdl/stal-service.xsd create mode 100644 mocca-1.2.11/BKUOnline/src/test/java/at/gv/egiz/bku/online/conf/SSLConfigTest.java create mode 100644 mocca-1.2.11/BKUOnline/src/test/java/at/gv/egiz/stal/service/STALRequestBrokerTest.java create mode 100644 mocca-1.2.11/BKUOnline/src/test/resources/appletTest.html create mode 100644 mocca-1.2.11/BKUOnline/src/test/resources/applicationContext.xml create mode 100644 mocca-1.2.11/BKUOnline/src/test/resources/commons-logging.properties create mode 100644 mocca-1.2.11/BKUOnline/src/test/resources/log4j.properties (limited to 'mocca-1.2.11/BKUOnline/src') diff --git a/mocca-1.2.11/BKUOnline/src/main/custom-binding/cardchannel-custom.xml b/mocca-1.2.11/BKUOnline/src/main/custom-binding/cardchannel-custom.xml new file mode 100644 index 00000000..b46aa6a8 --- /dev/null +++ b/mocca-1.2.11/BKUOnline/src/main/custom-binding/cardchannel-custom.xml @@ -0,0 +1,40 @@ + + + + + + + + + + diff --git a/mocca-1.2.11/BKUOnline/src/main/custom-binding/stalservice-custom.xml b/mocca-1.2.11/BKUOnline/src/main/custom-binding/stalservice-custom.xml new file mode 100644 index 00000000..7c5f604d --- /dev/null +++ b/mocca-1.2.11/BKUOnline/src/main/custom-binding/stalservice-custom.xml @@ -0,0 +1,116 @@ + + + + + + + + + + + + + + + + true + false + + + + + + + Initial connection, get the first request. + + + + + + + true + false + + + + + + Fetch the next request. + + + + + + + true + false + + + + + + Fetch the signed references corresponding to the previous SignatureRequest. + + + + + + + true + false + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/mocca-1.2.11/BKUOnline/src/main/custom-binding/staltypes-custom.xml b/mocca-1.2.11/BKUOnline/src/main/custom-binding/staltypes-custom.xml new file mode 100644 index 00000000..2925fb91 --- /dev/null +++ b/mocca-1.2.11/BKUOnline/src/main/custom-binding/staltypes-custom.xml @@ -0,0 +1,47 @@ + + + + + + + + + + + + diff --git a/mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/bku/online/accesscontroller/SpringSecurityManager.java b/mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/bku/online/accesscontroller/SpringSecurityManager.java new file mode 100644 index 00000000..5795478b --- /dev/null +++ b/mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/bku/online/accesscontroller/SpringSecurityManager.java @@ -0,0 +1,63 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.online.accesscontroller; + +import java.io.IOException; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.springframework.context.ResourceLoaderAware; +import org.springframework.core.io.Resource; +import org.springframework.core.io.ResourceLoader; + +import at.gv.egiz.bku.accesscontroller.SecurityManagerFacade; +import at.gv.egiz.bku.conf.Configurator; + +public class SpringSecurityManager extends SecurityManagerFacade implements + ResourceLoaderAware { + + private ResourceLoader resourceLoader; + + private static Log log = LogFactory.getLog(SpringSecurityManager.class); + + protected Configurator config; + + public void setConfig(Configurator config) { + this.config = config; + } + + public void init() { + String noMatch = config.getProperty("AccessController.acceptNoMatch"); + if (noMatch != null) { + log.debug("Setting allow now match to: " + noMatch); + setAllowUnmatched(Boolean.getBoolean(noMatch)); + } + String policy = config.getProperty("AccessController.policyResource"); + log.info("Loading resource: " + policy); + try { + Resource res = resourceLoader.getResource(policy); + init(res.getInputStream()); + } catch (IOException e) { + log.error(e); + } + } + + @Override + public void setResourceLoader(ResourceLoader loader) { + this.resourceLoader = loader; + } +} diff --git a/mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java b/mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java new file mode 100644 index 00000000..6030c1c0 --- /dev/null +++ b/mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java @@ -0,0 +1,127 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.online.conf; + +import java.io.File; +import java.io.IOException; +import java.io.InputStream; +import java.util.Properties; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.springframework.context.ResourceLoaderAware; +import org.springframework.core.io.Resource; +import org.springframework.core.io.ResourceLoader; + +import at.gv.egiz.bku.conf.Configurator; +import at.gv.egiz.bku.online.webapp.SpringBKUServlet; +import at.gv.egiz.bku.slexceptions.SLRuntimeException; +import at.gv.egiz.stal.service.impl.RequestBrokerSTALFactory; + +public class SpringConfigurator extends Configurator implements + ResourceLoaderAware { + + private final static Log log = LogFactory.getLog(SpringConfigurator.class); + + private ResourceLoader resourceLoader; + + public void setResource(Resource resource) { + log.debug("Loading config from: " + resource); + if (resource != null) { + Properties props = new Properties(); + try { + props.load(resource.getInputStream()); + super.setConfiguration(props); + } catch (IOException e) { + log.error("Cannot load config", e); + } + } else { + log.warn("Cannot load properties, resource: " + resource); + } + } + + public void configureNetwork() { + super.configureNetwork(); + String appletTimeout = getProperty("AppletTimeout"); + if ((appletTimeout != null)) { + try { + long ato = Long.parseLong(appletTimeout); + log.debug("Setting applet timeout to:"+ato); + RequestBrokerSTALFactory.setTimeout(ato); + } catch (NumberFormatException nfe) { + log.error("Cannot set Applettimeout", nfe); + } + + } + } + + public void configure() { + super.configure(); + SpringBKUServlet.setConfigurator(this); + } + + @Override + public void setResourceLoader(ResourceLoader loader) { + this.resourceLoader = loader; + } + + private File getDirectory(String property) { + if (property != null) { + Resource certDirRes = resourceLoader.getResource(property); + File certDir; + try { + certDir = certDirRes.getFile(); + } catch (IOException e) { + log.error("Cannot get cert directory", e); + throw new SLRuntimeException(e); + } + if (!certDir.isDirectory()) { + log.error("Expecting directory as SSL.certDirectory parameter"); + throw new SLRuntimeException( + "Expecting directory as SSL.certDirectory parameter"); + } + return certDir; + } + return null; + + } + + @Override + protected File getCADir() { + String caDirectory = getProperty("SSL.caDirectory"); + return getDirectory(caDirectory); + } + + @Override + protected File getCertDir() { + String certDirectory = getProperty("SSL.certDirectory"); + return getDirectory(certDirectory); + } + + @Override + protected InputStream getManifest() { + Resource r = resourceLoader.getResource("META-INF/MANIFEST.MF"); + if (r != null) { + try { + return r.getInputStream(); + } catch (IOException e) { + log.error("Cannot read manifest data:", e); + } + } + return null; + } +} \ No newline at end of file diff --git a/mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/AppletDispatcher.java b/mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/AppletDispatcher.java new file mode 100644 index 00000000..24938cd5 --- /dev/null +++ b/mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/AppletDispatcher.java @@ -0,0 +1,113 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package at.gv.egiz.bku.online.webapp; + +import java.io.IOException; +import java.util.regex.Pattern; +import javax.servlet.RequestDispatcher; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +/** + * prevent applet caching, + * could be removed once applet is loaded via jnlp + * + * @author Clemens Orthacker + */ +public class AppletDispatcher extends HttpServlet { + + protected final static Log log = LogFactory.getLog(AppletDispatcher.class); + + public static final String DISPATCH_CTX = "dispatch/"; + public static final String RAND_PREFIX = "__"; + public static final String RAND_ATTRIBUTE = "rand"; + public static final Pattern ctxPattern = Pattern.compile(DISPATCH_CTX); + public static final Pattern archivePattern = Pattern.compile(RAND_PREFIX + "[a-zA-Z0-9]*\\.jar$"); + + /** + * Processes requests for both HTTP GET and POST methods. + * @param request servlet request + * @param response servlet response + * @throws ServletException if a servlet-specific error occurs + * @throws IOException if an I/O error occurs + */ + protected void processRequest(HttpServletRequest request, HttpServletResponse response) + throws ServletException, IOException { + + String uri = request.getRequestURI(); +// log.trace("request URI " + uri); + + uri = uri.substring(request.getContextPath().length()); +// log.trace("removing contextPath " + uri); + + uri = ctxPattern.matcher(uri).replaceAll(""); +// log.trace("removing dispatch context " + uri); + + uri = archivePattern.matcher(uri).replaceAll(".jar"); +// log.trace("removing random suffix " + uri); + + if (log.isTraceEnabled()) { + log.trace("dispatching request URI " + request.getRequestURI() + + " to " + uri); + } + + RequestDispatcher dispatcher = getServletContext().getRequestDispatcher(uri); + dispatcher.forward(request, response); + } + + // + /** + * Handles the HTTP GET method. + * @param request servlet request + * @param response servlet response + * @throws ServletException if a servlet-specific error occurs + * @throws IOException if an I/O error occurs + */ + @Override + protected void doGet(HttpServletRequest request, HttpServletResponse response) + throws ServletException, IOException { + processRequest(request, response); + } + + /** + * Handles the HTTP POST method. + * @param request servlet request + * @param response servlet response + * @throws ServletException if a servlet-specific error occurs + * @throws IOException if an I/O error occurs + */ + @Override + protected void doPost(HttpServletRequest request, HttpServletResponse response) + throws ServletException, IOException { + processRequest(request, response); + } + + /** + * Returns a short description of the servlet. + * @return a String containing servlet description + */ + @Override + public String getServletInfo() { + return "Short description"; + }// + +} diff --git a/mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/BKURequestHandler.java b/mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/BKURequestHandler.java new file mode 100644 index 00000000..7dfec211 --- /dev/null +++ b/mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/BKURequestHandler.java @@ -0,0 +1,317 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.online.webapp; + +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.io.InputStream; +import java.net.MalformedURLException; +import java.net.URI; +import java.net.URISyntaxException; +import java.net.URL; +import java.net.URLEncoder; +import java.util.Arrays; +import java.util.Enumeration; +import java.util.HashMap; +import java.util.Locale; +import java.util.Map; +import java.util.regex.Pattern; + +import javax.servlet.RequestDispatcher; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.bku.binding.BindingProcessor; +import at.gv.egiz.bku.binding.HTTPBindingProcessor; +import at.gv.egiz.bku.binding.HttpUtil; +import at.gv.egiz.bku.binding.IdFactory; +import at.gv.egiz.bku.utils.StreamUtil; +import at.gv.egiz.org.apache.tomcat.util.http.AcceptLanguage; + +/** + * Handles SL requests and instantiates BindingProcessors + * + */ +public class BKURequestHandler extends SpringBKUServlet { + + private static final long serialVersionUID = 1L; + + public static final String APPLET_PAGE_P = "appletPage"; + public static final String APPLET_PAGE_DEFAULT = "BKUApplet"; + + public static final String PARAM_APPLET_WIDTH = "appletWidth"; + public static final String ATTR_APPLET_WIDTH = "appletWidth"; + + public static final String PARAM_APPLET_HEIGHT = "appletHeight"; + public static final String ATTR_APPLET_HEIGHT = "appletHeight"; + + public static final String PARAM_APPLET_BACKGROUND = "appletBackground"; + public static final String ATTR_APPLET_BACKGROUND = "appletBackground"; + + public static final String PARAM_APPLET_BACKGROUND_COLOR = "appletBackgroundColor"; + public static final String ATTR_APPLET_BACKGROUND_COLOR = "appletBackgroundColor"; + public static final Pattern PATTERM_APPLET_BACKGROUND_COLOR = Pattern.compile("\\#[0-9a-fA-F]{6}"); + + public static final String PARAM_APPLET_GUI_STYLE = "appletGuiStyle"; + public static final String ATTR_APPLET_GUI_STYLE = "appletGuiStyle"; + public static final String[] VALUES_APPLET_GUI_STYLE = new String[] {"tiny", "simple", "advanced"}; + + public static final String PARAM_APPLET_EXTENSION = "appletExtension"; + public static final String ATTR_APPLET_EXTENSION = "appletExtension"; + public static final String[] VALUES_APPLET_EXTENSION = new String[] {"pin", "activation"}; + + public static final String PARAM_LOCALE = "locale"; + public static final String ATTR_LOCALE = "locale"; + public static final Pattern PATTERN_LOCALE = Pattern.compile("[a-zA-Z][a-zA-Z](_[a-zA-Z][a-zA-Z]){0,2}"); + + public final static String REDIRECT_URL_SESSION_ATTRIBUTE = "redirectUrl"; + + protected Log log = LogFactory.getLog(BKURequestHandler.class); + + private static String getStringFromStream(InputStream is, String encoding) + throws IOException { + if (is == null) { + return null; + } + if (encoding == null) { + encoding = HttpUtil.DEFAULT_CHARSET; + } + ByteArrayOutputStream os = new ByteArrayOutputStream(); + StreamUtil.copyStream(is, os); + return new String(os.toByteArray(), encoding); + } + + @Override + protected void doPost(HttpServletRequest req, HttpServletResponse resp) + throws ServletException, java.io.IOException { + log.debug("Received SecurityLayer request"); + + HttpSession session = req.getSession(false); + if (session != null) { + log.warn("Already a session with id: " + session.getId() + + " active, trying to get Bindingprocessor"); + BindingProcessor bp = getBindingProcessorManager().getBindingProcessor( + IdFactory.getInstance().createId(session.getId())); + if (bp != null) { + log.debug("Found binding processor, using this one"); + String appletPage = getStringFromStream( + ((HTTPBindingProcessor) bp).getFormData(APPLET_PAGE_P), + req.getCharacterEncoding()); + getDispatcher(appletPage).forward(req, resp); + return; + } + log.debug("Did not find a binding processor, creating new ..."); + } + session = req.getSession(true); + if (log.isDebugEnabled()) { + log.debug("Using session id: " + session.getId()); + } + + String acceptLanguage = req.getHeader("Accept-Language"); + Locale locale = AcceptLanguage.getLocale(acceptLanguage); + log.debug("Accept-Language locale: " + locale); + + HTTPBindingProcessor bindingProcessor; + bindingProcessor = (HTTPBindingProcessor) getBindingProcessorManager() + .createBindingProcessor(req.getRequestURL().toString(), + session.getId(), locale); + + Map headerMap = new HashMap(); + for (Enumeration headerName = req.getHeaderNames(); headerName + .hasMoreElements();) { + String header = headerName.nextElement(); + if (header != null) { + headerMap.put(header, req.getHeader(header)); + } + } + String charset = req.getCharacterEncoding(); + String contentType = req.getContentType(); + if (charset != null) { + contentType += ";" + charset; + } + headerMap.put(HttpUtil.HTTP_HEADER_CONTENT_TYPE, contentType); + bindingProcessor.setHTTPHeaders(headerMap); + bindingProcessor.consumeRequestStream(req.getInputStream()); + req.getInputStream().close(); + getBindingProcessorManager().process(bindingProcessor); + + log.trace("Trying to find applet parameters in request"); + + // appletWidth + String width = getStringFromStream(bindingProcessor + .getFormData(PARAM_APPLET_WIDTH), charset); + if (width != null) { + try { + // must be a valid integer + session.setAttribute(ATTR_APPLET_WIDTH, Integer.parseInt(width)); + log.trace("Found parameter " + PARAM_APPLET_WIDTH + "='" + width +"'."); + } catch (NumberFormatException nfe) { + log.warn("Applet parameter " + PARAM_APPLET_WIDTH + + " does not contain a valid value.", nfe); + } + } + + // appletHeight + String height = getStringFromStream(bindingProcessor + .getFormData(PARAM_APPLET_HEIGHT), charset); + if (height != null) { + try { + // must be a valid integer + session.setAttribute(ATTR_APPLET_HEIGHT, Integer.parseInt(height)); + log.trace("Found parameter " + PARAM_APPLET_HEIGHT + "='" + height + "'."); + } catch (NumberFormatException nfe) { + log.warn("Applet parameter " + PARAM_APPLET_HEIGHT + + " does not contain a valid value.", nfe); + } + } + + // appletBackground + String background = getStringFromStream(bindingProcessor + .getFormData(PARAM_APPLET_BACKGROUND), charset); + if (background != null) { + session.setAttribute(ATTR_APPLET_BACKGROUND, background); + try { + // must be a valid http or https URL + URI backgroundURL = new URI(background); + if ("http".equals(backgroundURL.getScheme()) + || "https".equals(backgroundURL.getScheme())) { + session.setAttribute(ATTR_APPLET_BACKGROUND, backgroundURL.toASCIIString()); + log.trace("Found parameter " + PARAM_APPLET_BACKGROUND + "='" + + backgroundURL.toASCIIString() + "'."); + } else { + log.warn("Applet parameter " + PARAM_APPLET_BACKGROUND + "='" + + background + "' is not a valid http/https URL."); + } + } catch (URISyntaxException e) { + log.warn("Applet parameter " + PARAM_APPLET_BACKGROUND + "='" + + background + "' is not a valid http/https URL.", e); + } + } + + // appletBackgroundColor + String backgroundColor = getStringFromStream(bindingProcessor + .getFormData(PARAM_APPLET_BACKGROUND_COLOR), charset); + if (backgroundColor != null) { + // must be a valid color definition + if (PATTERM_APPLET_BACKGROUND_COLOR.matcher(backgroundColor).matches()) { + session.setAttribute(ATTR_APPLET_BACKGROUND_COLOR, backgroundColor); + log.trace("Faund parameter " + PARAM_APPLET_BACKGROUND_COLOR + "='" + + backgroundColor + "'."); + } else { + log.warn("Applet parameter " + PARAM_APPLET_BACKGROUND_COLOR + "='" + + backgroundColor + "' is not a valid color definition (must be of form '#hhhhhh')."); + } + } + + // appletGuiStyle + String guiStyle = getStringFromStream(bindingProcessor + .getFormData(PARAM_APPLET_GUI_STYLE), charset); + if (guiStyle != null) { + // must be one of VALUES_APPLET_GUI_STYLE + String style = guiStyle.toLowerCase(); + if (Arrays.asList(VALUES_APPLET_GUI_STYLE).contains(style)) { + session.setAttribute(ATTR_APPLET_GUI_STYLE, style); + log.trace("Found parameter " + PARAM_APPLET_GUI_STYLE + "='" + + style + "'."); + } else { + StringBuilder sb = new StringBuilder(); + sb.append("Applet parameter ").append(PARAM_APPLET_GUI_STYLE).append( + "='").append(guiStyle).append("' is not valid (must be one of ") + .append(Arrays.toString(VALUES_APPLET_GUI_STYLE)).append(")."); + log.warn(sb); + } + } + + // appletExtension + String extension = getStringFromStream(bindingProcessor + .getFormData(PARAM_APPLET_EXTENSION), charset); + if (extension != null) { + // must be one of VALUES_APPLET_EXTENSION + String ext = extension.toLowerCase(); + if (Arrays.asList(VALUES_APPLET_EXTENSION).contains(ext)) { + session.setAttribute(ATTR_APPLET_EXTENSION, ext); + log.trace("Found parameter " + PARAM_APPLET_EXTENSION + "='" + + ext + "'."); + } else { + StringBuilder sb = new StringBuilder(); + sb.append("Applet parameter ").append(PARAM_APPLET_EXTENSION).append( + "='").append(extension).append("' is not valid (must be one of ") + .append(Arrays.toString(VALUES_APPLET_EXTENSION)).append(")."); + log.warn(sb); + } + } + + // locale + String localeFormParam = getStringFromStream(bindingProcessor + .getFormData(PARAM_LOCALE), charset); + if (localeFormParam != null) { + // must be a valid locale + if (PATTERN_LOCALE.matcher(localeFormParam).matches()) { + locale = new Locale(localeFormParam); + log.debug("Overrule accept-language header locale " + locale + + " with form param " + localeFormParam + "."); + } else { + log.warn("Parameter " + PARAM_LOCALE + "='" + localeFormParam + + "' is not a valid locale definition."); + } + } + if (locale != null) { + log.debug("Using locale " + locale); + session.setAttribute(ATTR_LOCALE, locale.toString()); + } + + // handle server side redirect url after processing + String redirectUrl = bindingProcessor.getRedirectURL(); + if ( redirectUrl != null) { + log.info("Got redirect URL "+redirectUrl+". Deferring browser redirect."); + session.setAttribute(REDIRECT_URL_SESSION_ATTRIBUTE, redirectUrl); + } + + String appletPage = getStringFromStream(bindingProcessor + .getFormData(APPLET_PAGE_P), charset); + getDispatcher(appletPage).forward(req, resp); + } + + @Override + protected void doGet(HttpServletRequest req, HttpServletResponse resp) + throws ServletException, java.io.IOException { + doPost(req, resp); + } + + private RequestDispatcher getDispatcher(String appletPage) { + RequestDispatcher dispatcher = null; + if (appletPage != null) { + log.trace("requested appletPage " + appletPage); + dispatcher = getServletContext().getNamedDispatcher(appletPage); + } + if (dispatcher == null) { + log.debug("no appletPage requested or appletPage not configured, using default"); + appletPage = APPLET_PAGE_DEFAULT; + dispatcher = getServletContext().getNamedDispatcher(appletPage); + } +// session.setAttribute(APPLET_PAGE_P, appletPage); + log.debug("forward to applet " + appletPage); + + return dispatcher; + } + +} diff --git a/mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/ResultServlet.java b/mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/ResultServlet.java new file mode 100644 index 00000000..5ffe2399 --- /dev/null +++ b/mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/ResultServlet.java @@ -0,0 +1,154 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.online.webapp; + +import java.io.IOException; +import java.util.Iterator; + +import javax.servlet.ServletConfig; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.bku.binding.HTTPBindingProcessor; +import at.gv.egiz.bku.binding.HttpUtil; +import at.gv.egiz.bku.binding.IdFactory; +import at.gv.egiz.bku.conf.Configurator; +import at.gv.egiz.bku.utils.NullOutputStream; + +/** + * Delivers the result to the browser + * + */ +public class ResultServlet extends SpringBKUServlet { + + private final static Log log = LogFactory.getLog(ResultServlet.class); + + private String encoding = "UTF-8"; + private String expiredPage = "./expiredError.jsp"; + + public ResultServlet() { + } + + private void myInit() { + String enc = getServletContext().getInitParameter("responseEncoding"); + if (enc != null) { + log.debug("Init default encoding to: " + enc); + encoding = enc; + } + String expP = getServletConfig().getInitParameter("expiredPage"); + if (expP != null) { + log.debug("Init expired page to: " + expP); + expiredPage = expP; + } + } + + @Override + public void init() throws ServletException { + super.init(); + myInit(); + } + + @Override + public void init(ServletConfig config) throws ServletException { + super.init(config); + myInit(); + } + + protected void doPost(HttpServletRequest req, HttpServletResponse resp) + throws ServletException, IOException { + doGet(req, resp); + } + + protected void doGet(HttpServletRequest req, HttpServletResponse resp) + throws ServletException, java.io.IOException { + String version = configurator.getProperty(Configurator.SIGNATURE_LAYOUT); + if ((version != null) && (!"".equals(version.trim()))) { + log.debug("setting SignatureLayout header to " + version); + resp.setHeader(Configurator.SIGNATURE_LAYOUT, version); + } else { + log.debug("do not set SignatureLayout header"); + } + + if (configurator.getProperty(Configurator.USERAGENT_CONFIG_P) != null) { + resp.setHeader(HttpUtil.HTTP_HEADER_SERVER, configurator + .getProperty(Configurator.USERAGENT_CONFIG_P)); + } else { + resp.setHeader(HttpUtil.HTTP_HEADER_SERVER, + Configurator.USERAGENT_DEFAULT); + } + + HttpSession session = req.getSession(false); + if (session == null) { + resp.sendRedirect(expiredPage); + return; + } + String sessionId = session.getId(); + if (sessionId == null) { + resp.sendRedirect(expiredPage); + return; + } + log.debug("Got a result request for session: " + sessionId); + HTTPBindingProcessor bp = (HTTPBindingProcessor) getBindingProcessorManager() + .getBindingProcessor(IdFactory.getInstance().createId(sessionId)); + if (bp == null) { + session.invalidate(); + resp.sendRedirect(expiredPage); + return; + } + String redirectUrl = (String) session + .getAttribute(BKURequestHandler.REDIRECT_URL_SESSION_ATTRIBUTE); + if (redirectUrl == null) { + redirectUrl = bp.getRedirectURL(); + } + if (redirectUrl != null) { + try { + bp.writeResultTo(new NullOutputStream(), encoding); + getBindingProcessorManager().removeBindingProcessor(bp.getId()); + } finally { + log.info("Executing deferred browser redirect to: " + redirectUrl); + resp.sendRedirect(redirectUrl); + session.invalidate(); + } + return; + } + + log.trace("setting response code: " + bp.getResponseCode()); + resp.setStatus(bp.getResponseCode()); + resp.setHeader("Cache-Control", "no-store"); // HTTP 1.1 + resp.setHeader("Pragma", "no-cache"); // HTTP 1.0 + resp.setDateHeader("Expires", 0); + for (Iterator it = bp.getResponseHeaders().keySet().iterator(); it + .hasNext();) { + String header = it.next(); + if (log.isTraceEnabled()) { + log.trace("setting response header " + header + ": " + bp.getResponseHeaders().get(header)); + } + resp.setHeader(header, bp.getResponseHeaders().get(header)); + } + resp.setContentType(bp.getResultContentType()); + resp.setCharacterEncoding(encoding); + bp.writeResultTo(resp.getOutputStream(), encoding); + resp.getOutputStream().flush(); + session.invalidate(); + getBindingProcessorManager().removeBindingProcessor(bp.getId()); + } +} diff --git a/mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/SessionTimeout.java b/mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/SessionTimeout.java new file mode 100644 index 00000000..2b56166c --- /dev/null +++ b/mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/SessionTimeout.java @@ -0,0 +1,49 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.online.webapp; + +import javax.servlet.http.HttpSessionEvent; +import javax.servlet.http.HttpSessionListener; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.bku.binding.BindingProcessorManager; +import at.gv.egiz.bku.binding.IdFactory; + +/** + * Session listener to trigger the removal of the BindingProcessor + * + */ +public class SessionTimeout implements HttpSessionListener { + + private static Log log = LogFactory.getLog(SessionTimeout.class); + + @Override + public void sessionCreated(HttpSessionEvent arg0) { + // TODO Auto-generated method stub + + } + + @Override + public void sessionDestroyed(HttpSessionEvent event) { + BindingProcessorManager manager = (BindingProcessorManager) event.getSession().getServletContext().getAttribute(SpringBKUServlet.BEAN_NAME); + log.info("Removing session: "+event.getSession().getId()); + manager.removeBindingProcessor(IdFactory.getInstance().createId(event.getSession().getId())); + } + +} diff --git a/mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/ShutdownHandler.java b/mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/ShutdownHandler.java new file mode 100644 index 00000000..741b5e32 --- /dev/null +++ b/mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/ShutdownHandler.java @@ -0,0 +1,48 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package at.gv.egiz.bku.online.webapp; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.springframework.context.ApplicationEvent; +import org.springframework.context.ApplicationListener; +import org.springframework.context.event.ContextClosedEvent; + +import at.gv.egiz.bku.binding.BindingProcessorManager; + +public class ShutdownHandler implements ApplicationListener { + + private static Log log = LogFactory.getLog(ShutdownHandler.class); + + private BindingProcessorManager bindingProcessorManager; + + public void setBindingProcessorManager( + BindingProcessorManager bindingProcessorManager) { + this.bindingProcessorManager = bindingProcessorManager; + } + + @Override + public void onApplicationEvent(ApplicationEvent event) { + if (event instanceof ContextClosedEvent) { + log.info("Shutting down BKU"); + bindingProcessorManager.shutdownNow(); + } + + } + +} diff --git a/mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/SpringBKUServlet.java b/mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/SpringBKUServlet.java new file mode 100644 index 00000000..2c6f522e --- /dev/null +++ b/mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/SpringBKUServlet.java @@ -0,0 +1,37 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.online.webapp; + +import javax.servlet.http.HttpServlet; + +import at.gv.egiz.bku.binding.BindingProcessorManager; +import at.gv.egiz.bku.conf.Configurator; + +public abstract class SpringBKUServlet extends HttpServlet { + + public final static String BEAN_NAME="bindingProcessorManager"; + + protected static Configurator configurator; + + protected BindingProcessorManager getBindingProcessorManager() { + return (BindingProcessorManager) getServletContext().getAttribute(BEAN_NAME); + } + + public static void setConfigurator(Configurator conf) { + configurator = conf; + } +} diff --git a/mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/RequestBrokerSTALFactory.java b/mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/RequestBrokerSTALFactory.java new file mode 100644 index 00000000..305d8c1c --- /dev/null +++ b/mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/RequestBrokerSTALFactory.java @@ -0,0 +1,45 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ + +package at.gv.egiz.stal.service.impl; + +import java.util.Locale; + +import at.gv.egiz.stal.STAL; +import at.gv.egiz.stal.STALFactory; + +/** + * + * @author clemens + */ +public class RequestBrokerSTALFactory implements STALFactory { + + private static long timeout = -1; + + @Override + public STAL createSTAL() { + return new STALRequestBrokerImpl(timeout); + } + + @Override + public void setLocale(Locale locale) { + } + + public static void setTimeout(long millisec) { + timeout = millisec; + } +} diff --git a/mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALRequestBroker.java b/mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALRequestBroker.java new file mode 100644 index 00000000..b77f7660 --- /dev/null +++ b/mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALRequestBroker.java @@ -0,0 +1,41 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ + +package at.gv.egiz.stal.service.impl; + +import at.gv.egiz.stal.HashDataInput; +import at.gv.egiz.stal.STAL; +import at.gv.egiz.stal.service.types.RequestType; +import at.gv.egiz.stal.service.types.ResponseType; +import java.util.List; +import javax.xml.bind.JAXBElement; + +/** + * + * @author clemens + */ +public interface STALRequestBroker extends STAL { + + public static final int ERR_4500 = 4500; + public static final long DEFAULT_TIMEOUT_MS = 1000*60*5; //5mn + + public List> connect(); + + public List> nextRequest(List> responses); + + public List getHashDataInput(); +} diff --git a/mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALRequestBrokerImpl.java b/mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALRequestBrokerImpl.java new file mode 100644 index 00000000..a2447ab7 --- /dev/null +++ b/mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALRequestBrokerImpl.java @@ -0,0 +1,324 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package at.gv.egiz.stal.service.impl; + +import at.gv.egiz.stal.ErrorResponse; +import at.gv.egiz.stal.HashDataInput; +import at.gv.egiz.stal.QuitRequest; +import at.gv.egiz.stal.STALRequest; +import at.gv.egiz.stal.STALResponse; +import at.gv.egiz.stal.SignRequest; +import at.gv.egiz.stal.service.translator.STALTranslator; +import at.gv.egiz.stal.service.translator.TranslationException; +import at.gv.egiz.stal.service.types.ObjectFactory; +import at.gv.egiz.stal.service.types.QuitRequestType; +import at.gv.egiz.stal.service.types.RequestType; +import at.gv.egiz.stal.service.types.ResponseType; +import at.gv.egiz.stalx.service.translator.STALXTranslationHandler; +import java.util.ArrayList; +import java.util.Collections; +import java.util.List; +import javax.xml.bind.JAXBElement; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +/** + * An instance of STALRequestBroker is shared between a producer thread (SLCommand) + * and multiple consumer threads (STALService). + * This implementation assures that handleRequest is executed only once the previous invocation returned. + * The BindingProcessor assures that a new SLCommand calls handleRequest() only once + * the bindingProcessor called handleRequest(QUIT) after the previous SLCommand's handleRequest() returned. + * + * Multiple STALService threads might call nextRequest()/getSignedReferences() in any order. + * + * @author clemens + */ +public class STALRequestBrokerImpl implements STALRequestBroker { + + private static final Log log = LogFactory.getLog(STALRequestBrokerImpl.class); + + private ObjectFactory of = new ObjectFactory(); + private STALTranslator translator = new STALTranslator(); + + private boolean interrupted = false; + + protected final ArrayList> requests; + protected final ArrayList> responses; + + protected ArrayList hashDataInputs; + + private long timeout; + + public STALRequestBrokerImpl(long timeoutMillisec) { + if (timeoutMillisec <= 0) + timeoutMillisec = DEFAULT_TIMEOUT_MS; + timeout = timeoutMillisec; + requests = new ArrayList>(); + responses = new ArrayList>(); + hashDataInputs = new ArrayList(); + + // register handler for STAL-X + translator.registerTranslationHandler(new STALXTranslationHandler()); + } + + /** + * Produce requests (and HashDataInputCallback) and wait for responses. + * This method is not thread safe, since every bindingprocessor thread possesses it's own instance. + * It however assures cooperation with STAL webservice threads consuming the requests and producing responses. + * + * @param requests + * @return + * + * @pre requests: either single SignRequest, QuitRequest or multiple ReadInfoboxRequests + */ + @Override + public List handleRequest(List stalRequests) { + if (interrupted) { + return null; + } + try { + synchronized (requests) { + log.trace("produce request"); + + requests.clear(); + hashDataInputs.clear(); + + for (STALRequest stalRequest : stalRequests) { + try { + JAXBElement request = translator.translate(stalRequest); + requests.add(request); + if (stalRequest instanceof SignRequest) { + //TODO refactor SignRequestType to keep HDI + // and getHashDataInput() accesses request obj + // (requests are cleared only when we receive the response) + // DataObjectHashDataInput with reference caching enabled DataObject + hashDataInputs.addAll(((SignRequest) stalRequest).getHashDataInput()); + } else if (stalRequest instanceof QuitRequest) { + log.trace("Received QuitRequest, do not wait for responses."); + log.trace("notifying request consumers"); + requests.notify(); + return new ArrayList(); + } + } catch (TranslationException ex) { + log.error(ex.getMessage() + ", send QUIT"); + requests.clear(); + QuitRequestType reqT = of.createQuitRequestType(); + JAXBElement req = of.createGetNextRequestResponseTypeQuitRequest(reqT); + requests.add(req); + log.trace("notifying request consumers"); + requests.notify(); + return new ArrayList(); + } + } + + +// if (stalRequest instanceof SignRequest) { +// log.trace("Received SignRequest, keep HashDataInput."); +// SignRequestType reqT = of.createSignRequestType(); +// reqT.setKeyIdentifier(((SignRequest) stalRequest).getKeyIdentifier()); +// reqT.setSignedInfo(((SignRequest) stalRequest).getSignedInfo()); +// JAXBElement req = of.createGetNextRequestResponseTypeSignRequest(reqT); +// requests.add(req); +// //DataObjectHashDataInput with reference caching enabled DataObject +// hashDataInputs.addAll(((SignRequest) stalRequest).getHashDataInput()); +// break; +// } else if (stalRequest instanceof InfoboxReadRequest) { +// log.trace("Received InfoboxReadRequest"); +// InfoboxReadRequestType reqT = new InfoboxReadRequestType(); +// reqT.setInfoboxIdentifier(((InfoboxReadRequest) stalRequest).getInfoboxIdentifier()); +// reqT.setDomainIdentifier(((InfoboxReadRequest) stalRequest).getDomainIdentifier()); +// JAXBElement req = of.createGetNextRequestResponseTypeInfoboxReadRequest(reqT); +// requests.add(req); +// } else if (stalRequest instanceof QuitRequest) { +// log.trace("Received QuitRequest, do not wait for responses."); +// QuitRequestType reqT = of.createQuitRequestType(); +// JAXBElement req = of.createGetNextRequestResponseTypeQuitRequest(reqT); +// requests.add(req); +// log.trace("notifying request consumers"); +// requests.notify(); +// return new ArrayList(); +// } else { +// log.error("Received unsupported STAL request: " + stalRequest.getClass().getName() + ", send QUIT"); +// requests.clear(); +// QuitRequestType reqT = of.createQuitRequestType(); +// JAXBElement req = of.createGetNextRequestResponseTypeQuitRequest(reqT); +// requests.add(req); +// log.trace("notifying request consumers"); +// requests.notify(); +// return new ArrayList(); +// } +// } + log.trace("notifying request consumers"); + requests.notify(); + } + + synchronized (responses) { + long beforeWait = System.currentTimeMillis(); + while (responses.isEmpty()) { + log.trace("waiting to consume response"); + responses.wait(timeout); + if (System.currentTimeMillis() - beforeWait >= timeout) { + log.warn("timeout while waiting to consume response, cleanup requests"); + requests.clear(); + hashDataInputs.clear(); + return Collections.singletonList((STALResponse) new ErrorResponse(ERR_4500)); + } + } + log.trace("consuming responses"); + List stalResponses = new ArrayList(); + try { + for (JAXBElement resp : responses) { + STALResponse stalResp = translator.translate(resp); + stalResponses.add(stalResp); + } + } catch (TranslationException ex) { + log.error(ex.getMessage() + ", return ErrorResponse (4000)"); + ErrorResponse stalResp = new ErrorResponse(4000); + stalResp.setErrorMessage(ex.getMessage()); + stalResponses = Collections.singletonList((STALResponse) stalResp); + } + + responses.clear(); + log.trace("notifying response producers"); + responses.notify(); + + return stalResponses; + } + } catch (InterruptedException ex) { + log.warn("interrupt in handleRequest(): " + ex.getMessage()); + interrupted = true; + return null; + } + } + + @Override + public List> connect() { + if (interrupted) { + return null; + } + try { + synchronized (requests) { + long beforeWait = System.currentTimeMillis(); + while (requests.isEmpty()) { + log.trace("waiting to consume request"); + requests.wait(timeout); + if (System.currentTimeMillis() - beforeWait >= timeout) { + log.warn("timeout while waiting to consume request"); + return createSingleQuitRequest(); + } + } + log.trace("don't consume request now, leave for further connect calls"); + return requests; + } + } catch (InterruptedException ex) { + log.warn("interrupt in nextRequest(): " + ex.getMessage()); + interrupted = true; + return null; + } + } + + /** + * This method is thread-safe, except for + * an 'initial' call to nextRequest(null) followed by a + * 'zombie' call to nextRequest(notNull). + * This case (per design) leads to a timeout of the original call. + * (synchronizing the entire method does not + * hinder the zombie to interrupt two consecutive nextRequest() calls.) + * + * @param responses + * @return QUIT if expected responses are not provided + */ + @Override + public List> nextRequest(List> resps) { + if (interrupted) { + return null; + } + try { + synchronized (requests) { + log.trace("received responses, now consume request"); + if (requests.size() != 0) { + requests.clear(); + } else { + log.warn("requests queue is empty, response might have already been produced previously "); + // return QUIT? + } + } + + synchronized (responses) { + if (resps != null && resps.size() > 0) { + long beforeWait = System.currentTimeMillis(); + while (!responses.isEmpty()) { + log.trace("waiting to produce response"); + responses.wait(timeout); + if (System.currentTimeMillis() - beforeWait >= timeout) { + log.warn("timeout while waiting to produce response"); + return createSingleQuitRequest(); + } + } + log.trace("produce response"); + responses.addAll(resps); + //reset HashDataInputCallback iff SignResponse + if (log.isTraceEnabled()) { + for (JAXBElement response : resps) { + log.trace("Received STAL response: " + response.getValue().getClass().getName()); + } + } + log.trace("notifying response consumers"); + responses.notify(); + } else { + log.error("Received NextRequest without responses, return QUIT"); + return createSingleQuitRequest(); + } + } + + synchronized (requests) { + long beforeWait = System.currentTimeMillis(); + while (requests.isEmpty()) { + log.trace("waiting to consume request"); + requests.wait(timeout); + if (System.currentTimeMillis() - beforeWait >= timeout) { + log.warn("timeout while waiting to consume request"); + return createSingleQuitRequest(); + } + } + log.trace("don't consume request now, but on next response delivery"); + return requests; + } + } catch (InterruptedException ex) { + log.warn("interrupt in nextRequest(): " + ex.getMessage()); + interrupted = true; + return null; + } + } + + @Override + public List getHashDataInput() { + synchronized (requests) { + log.trace("return " + hashDataInputs.size() + " current HashDataInput(s) "); + return hashDataInputs; + } + } + + private List> createSingleQuitRequest() { + QuitRequestType quitT = of.createQuitRequestType(); + JAXBElement quit = of.createGetNextRequestResponseTypeQuitRequest(quitT); + ArrayList> l = new ArrayList>(); + l.add(quit); + return l; + } +} diff --git a/mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALServiceImpl.java b/mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALServiceImpl.java new file mode 100644 index 00000000..c8ab280f --- /dev/null +++ b/mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALServiceImpl.java @@ -0,0 +1,386 @@ + /* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.stal.service.impl; + +import at.buergerkarte.namespaces.cardchannel.service.CommandAPDUType; +import at.buergerkarte.namespaces.cardchannel.service.ScriptType; +import at.gv.egiz.bku.binding.BindingProcessor; +import at.gv.egiz.bku.binding.BindingProcessorManager; +import at.gv.egiz.bku.binding.Id; +import at.gv.egiz.bku.binding.IdFactory; + +import at.gv.egiz.stal.HashDataInput; +import at.gv.egiz.stal.service.GetHashDataInputFault; +import at.gv.egiz.stal.service.STALPortType; +import at.gv.egiz.stal.service.types.ErrorResponseType; +import at.gv.egiz.stal.service.types.GetHashDataInputFaultType; +import at.gv.egiz.stal.service.types.GetHashDataInputResponseType; +import at.gv.egiz.stal.service.types.GetHashDataInputType; +import at.gv.egiz.stal.service.types.GetNextRequestResponseType; +import at.gv.egiz.stal.service.types.GetNextRequestType; +import at.gv.egiz.stal.service.types.InfoboxReadRequestType; +import at.gv.egiz.stal.service.types.QuitRequestType; +import at.gv.egiz.stal.service.types.RequestType; +import at.gv.egiz.stal.service.types.ResponseType; +import at.gv.egiz.stal.service.types.SignRequestType; +import at.gv.egiz.stal.service.types.GetHashDataInputType.Reference; +//import at.gv.egiz.stal.service.types.GetHashDataInputResponseType.Reference; + +import com.sun.xml.ws.developer.UsesJAXBContext; +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.io.InputStream; +import java.nio.charset.Charset; +import java.util.HashMap; +import java.util.Iterator; +import java.util.List; +import java.util.Map; +import javax.annotation.Resource; +import javax.jws.WebService; +import javax.servlet.ServletContext; +import javax.xml.bind.JAXBElement; +import javax.xml.ws.WebServiceContext; +import javax.xml.ws.handler.MessageContext; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +/** + * + * @author clemens + */ +@WebService(endpointInterface = "at.gv.egiz.stal.service.STALPortType", portName="STALPort", serviceName="STALService", targetNamespace="http://www.egiz.gv.at/wsdl/stal", wsdlLocation="WEB-INF/wsdl/stal.wsdl") +@UsesJAXBContext(STALXJAXBContextFactory.class) +public class STALServiceImpl implements STALPortType { + + public static final String BINDING_PROCESSOR_MANAGER = "bindingProcessorManager"; + public static final Id TEST_SESSION_ID = IdFactory.getInstance().createId("TestSession"); + protected static final Log log = LogFactory.getLog(STALServiceImpl.class); + + + static { + if (log.isTraceEnabled()) { + log.trace("enabling webservice communication dump"); + System.setProperty("com.sun.xml.ws.transport.http.HttpAdapter.dump", "true"); + } else { + System.setProperty("com.sun.xml.ws.fault.SOAPFaultBuilder.disableCaptureStackTrace", "false"); + } + } + @Resource + protected WebServiceContext wsContext; + protected IdFactory idF = IdFactory.getInstance(); + /** JAXB ObjectFactories */ + private at.gv.egiz.stal.service.types.ObjectFactory stalObjFactory = new at.gv.egiz.stal.service.types.ObjectFactory(); + /** don't confuse with at.buergerkarte.namespaces.cardchannel */ + private at.buergerkarte.namespaces.cardchannel.service.ObjectFactory ccObjFactory = new at.buergerkarte.namespaces.cardchannel.service.ObjectFactory(); + + @Override + public GetNextRequestResponseType connect(String sessId) { + + if (sessId == null) { + throw new NullPointerException("No session id provided"); + } + + Id sessionId = idF.createId(sessId); + + if (log.isDebugEnabled()) { + log.debug("Received Connect [" + sessionId + "]"); + } + + if (TEST_SESSION_ID.equals(sessionId)) { + return getTestSessionNextRequestResponse(null); + } + + GetNextRequestResponseType response = new GetNextRequestResponseType(); + response.setSessionId(sessionId.toString()); + + STALRequestBroker stal = getStal(sessionId); + + if (stal != null) { + + List> requestsOut = ((STALRequestBroker) stal).connect(); + response.getInfoboxReadRequestOrSignRequestOrQuitRequest().addAll(requestsOut); + + if (log.isDebugEnabled()) { + StringBuilder sb = new StringBuilder("Returning initial GetNextRequestResponse ["); + sb.append(sessionId.toString()); + sb.append("] containing "); + sb.append(requestsOut.size()); + sb.append(" requests: "); + for (JAXBElement reqOut : requestsOut) { + sb.append(reqOut.getValue().getClass()); + sb.append(' '); + } + log.debug(sb.toString()); + } + } else { + log.error("Failed to get STAL for session " + sessionId + ", returning QuitRequest"); + QuitRequestType quitT = stalObjFactory.createQuitRequestType(); + JAXBElement quit = stalObjFactory.createGetNextRequestResponseTypeQuitRequest(quitT); + response.getInfoboxReadRequestOrSignRequestOrQuitRequest().add(quit); + } + return response; + } + + @Override + public GetNextRequestResponseType getNextRequest(GetNextRequestType request) { + + if (request.getSessionId() == null) { + throw new NullPointerException("No session id provided"); + } + + Id sessionId = idF.createId(request.getSessionId()); + + List> responsesIn = request.getInfoboxReadResponseOrSignResponseOrErrorResponse(); +// List responsesIn = request.getInfoboxReadResponseOrSignResponseOrErrorResponse();//getResponse(); + + if (log.isDebugEnabled()) { + StringBuilder sb = new StringBuilder("Received GetNextRequest ["); + sb.append(sessionId.toString()); + sb.append("] containing "); + sb.append(responsesIn.size()); + sb.append(" responses: "); + for (JAXBElement respIn : responsesIn) { + sb.append(respIn.getValue().getClass()); + sb.append(' '); + } + log.debug(sb.toString()); + } + + if (TEST_SESSION_ID.equals(sessionId)) { + return getTestSessionNextRequestResponse(responsesIn); + } + + GetNextRequestResponseType response = new GetNextRequestResponseType(); + response.setSessionId(sessionId.toString()); + + STALRequestBroker stal = getStal(sessionId); + + if (stal != null) { + + List> requestsOut = ((STALRequestBroker) stal).nextRequest(responsesIn); + response.getInfoboxReadRequestOrSignRequestOrQuitRequest().addAll(requestsOut); + + if (log.isDebugEnabled()) { + StringBuilder sb = new StringBuilder("Returning GetNextRequestResponse ["); + sb.append(sessionId.toString()); + sb.append("] containing "); + sb.append(requestsOut.size()); + sb.append(" requests: "); + for (JAXBElement reqOut : requestsOut) { + sb.append(reqOut.getValue().getClass()); + sb.append(' '); + } + log.debug(sb.toString()); + } + } else { + log.error("Failed to get STAL for session " + sessionId + ", returning QuitRequest"); + QuitRequestType quitT = stalObjFactory.createQuitRequestType(); + JAXBElement quit = stalObjFactory.createGetNextRequestResponseTypeQuitRequest(quitT); + response.getInfoboxReadRequestOrSignRequestOrQuitRequest().add(quit); + } + return response; + } + + @Override + public GetHashDataInputResponseType getHashDataInput(GetHashDataInputType request) throws GetHashDataInputFault { + + if (request.getSessionId() == null) { + throw new NullPointerException("No session id provided"); + } + + Id sessionId = idF.createId(request.getSessionId()); + + if (log.isDebugEnabled()) { + log.debug("Received GetHashDataInputRequest for session " + sessionId + " containing " + request.getReference().size() + " reference(s)"); + } + + if (TEST_SESSION_ID.equals(sessionId)) { + return getTestSessionHashDataInputResponse(request.getReference()); + } + + GetHashDataInputResponseType response = new GetHashDataInputResponseType(); + response.setSessionId(sessionId.toString()); + + STALRequestBroker stal = getStal(sessionId); + + if (stal != null) { + List hashDataInputs = stal.getHashDataInput(); + + if (hashDataInputs != null) { + + Map hashDataIdMap = new HashMap(); + for (HashDataInput hdi : hashDataInputs) { + if (log.isTraceEnabled()) { + log.trace("Provided HashDataInput for reference " + hdi.getReferenceId()); + } + hashDataIdMap.put(hdi.getReferenceId(), hdi); + } + + List reqRefs = request.getReference(); + for (GetHashDataInputType.Reference reqRef : reqRefs) { + String reqRefId = reqRef.getID(); + HashDataInput reqHdi = hashDataIdMap.get(reqRefId); + if (reqHdi == null) { + String msg = "Failed to resolve HashDataInput for reference " + reqRefId; + log.error(msg); + GetHashDataInputFaultType faultInfo = new GetHashDataInputFaultType(); + faultInfo.setErrorCode(1); + faultInfo.setErrorMessage(msg); + throw new GetHashDataInputFault(msg, faultInfo); + } + + InputStream hashDataIS = reqHdi.getHashDataInput(); + if (hashDataIS == null) { + //HashDataInput not cached? + String msg = "Failed to obtain HashDataInput for reference " + reqRefId + ", reference not cached"; + log.error(msg); + GetHashDataInputFaultType faultInfo = new GetHashDataInputFaultType(); + faultInfo.setErrorCode(1); + faultInfo.setErrorMessage(msg); + throw new GetHashDataInputFault(msg, faultInfo); + } + ByteArrayOutputStream baos = null; + try { + if (log.isDebugEnabled()) { + log.debug("Resolved HashDataInput " + reqRefId + " (" + reqHdi.getMimeType() + ";charset=" + reqHdi.getEncoding() + ")"); + } + baos = new ByteArrayOutputStream(hashDataIS.available()); + int c; + while ((c = hashDataIS.read()) != -1) { + baos.write(c); + } + GetHashDataInputResponseType.Reference ref = new GetHashDataInputResponseType.Reference(); + ref.setID(reqRefId); + ref.setMimeType(reqHdi.getMimeType()); + ref.setEncoding(reqHdi.getEncoding()); + ref.setFilename(reqHdi.getFilename()); + ref.setValue(baos.toByteArray()); + response.getReference().add(ref); + } catch (IOException ex) { + String msg = "Failed to get HashDataInput for reference " + reqRefId; + log.error(msg, ex); + GetHashDataInputFaultType faultInfo = new GetHashDataInputFaultType(); + faultInfo.setErrorCode(1); + faultInfo.setErrorMessage(msg); + throw new GetHashDataInputFault(msg, faultInfo, ex); + } finally { + try { + baos.close(); + } catch (IOException ex) { + } + } + } + return response; + } else { + String msg = "Failed to resolve any HashDataInputs for session " + sessionId; + log.error(msg); + GetHashDataInputFaultType faultInfo = new GetHashDataInputFaultType(); + faultInfo.setErrorCode(1); + faultInfo.setErrorMessage(msg); + throw new GetHashDataInputFault(msg, faultInfo); + } + } else { + String msg = "Session timeout"; //Failed to get STAL for session " + sessionId; + log.error(msg + " " + sessionId); + GetHashDataInputFaultType faultInfo = new GetHashDataInputFaultType(); + faultInfo.setErrorCode(1); + faultInfo.setErrorMessage(msg); + throw new GetHashDataInputFault(msg, faultInfo); + } + } + + private STALRequestBroker getStal(Id sessionId) { + if (log.isTraceEnabled()) { + log.trace("resolve STAL for session " + sessionId); + } + MessageContext mCtx = wsContext.getMessageContext(); + ServletContext sCtx = (ServletContext) mCtx.get(MessageContext.SERVLET_CONTEXT); + BindingProcessorManager bpMgr = (BindingProcessorManager) sCtx.getAttribute(BINDING_PROCESSOR_MANAGER); + BindingProcessor bp = bpMgr.getBindingProcessor(sessionId); + return (bp == null) ? null : (bp.isFinished() ? null : (STALRequestBroker) bp.getSTAL()); + } + + private GetNextRequestResponseType getTestSessionNextRequestResponse(List> responsesIn) { + GetNextRequestResponseType response = new GetNextRequestResponseType(); + response.setSessionId(TEST_SESSION_ID.toString()); + + List> reqs = response.getInfoboxReadRequestOrSignRequestOrQuitRequest(); + + if (responsesIn == null) { + log.info("[TestSession] CONNECT"); +// addTestCardChannelRequest(reqs); +// addTestInfoboxReadRequest("IdentityLink", reqs); +// addTestInfoboxReadRequest("SecureSignatureKeypair", reqs); +// addTestInfoboxReadRequest("CertifiedKeypair", reqs); + addTestSignatureRequests("SecureSignatureKeypair", reqs); + } else if (responsesIn != null && responsesIn.size() > 0 && responsesIn.get(0).getValue() instanceof ErrorResponseType) { + log.info("[TestSession] received ErrorResponse, return QUIT request"); + QuitRequestType quitT = stalObjFactory.createQuitRequestType(); + reqs.add(stalObjFactory.createGetNextRequestResponseTypeQuitRequest(quitT)); + } else { + log.info("[TestSession] received " + responsesIn.size() + " response(s), return QUIT" ); + QuitRequestType quitT = stalObjFactory.createQuitRequestType(); + reqs.add(stalObjFactory.createGetNextRequestResponseTypeQuitRequest(quitT)); + } + return response; + } + + + private GetHashDataInputResponseType getTestSessionHashDataInputResponse(List references) { + log.debug("[TestSession] received GET_HASHDATAINPUT"); + + GetHashDataInputResponseType response = new GetHashDataInputResponseType(); + response.setSessionId(TEST_SESSION_ID.toString()); + + for (Reference reference : references) { + String refId = reference.getID(); + log.debug("[TestSession] adding hashdata input for " + refId); + GetHashDataInputResponseType.Reference ref = new GetHashDataInputResponseType.Reference(); + ref.setID(refId); + ref.setMimeType(TestSignatureData.HASHDATA_MIMETYPES.get(refId)); //todo resolve from TestSignatureData + ref.setValue(TestSignatureData.HASHDATA_INPUT.get(refId)); + ref.setEncoding(TestSignatureData.ENCODING); + response.getReference().add(ref); + } + return response; + } + + private void addTestCardChannelRequest(List> requestList) { + log.info("[TestSession] add CARDCHANNEL request"); + ScriptType scriptT = ccObjFactory.createScriptType(); + CommandAPDUType cmd = ccObjFactory.createCommandAPDUType(); + cmd.setValue("TestSession CardChannelCMD 1234".getBytes()); + scriptT.getResetOrCommandAPDUOrVerifyAPDU().add(cmd); + requestList.add(ccObjFactory.createScript(scriptT)); + } + + private void addTestInfoboxReadRequest(String infoboxIdentifier, List> requestList) { + log.info("[TestSession] add READ "+ infoboxIdentifier + " request"); + InfoboxReadRequestType ibrT = stalObjFactory.createInfoboxReadRequestType(); + ibrT.setInfoboxIdentifier(infoboxIdentifier); + requestList.add(stalObjFactory.createGetNextRequestResponseTypeInfoboxReadRequest(ibrT)); + } + + private void addTestSignatureRequests(String keyIdentifier, List> reqs) { + log.info("[TestSession] add SIGN " + keyIdentifier + " request"); + SignRequestType sigT = stalObjFactory.createSignRequestType(); + sigT.setKeyIdentifier(keyIdentifier); + sigT.setSignedInfo(TestSignatureData.SIGNED_INFO.get(1)); //select! + reqs.add(stalObjFactory.createGetNextRequestResponseTypeSignRequest(sigT)); + } + +} diff --git a/mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALXJAXBContextFactory.java b/mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALXJAXBContextFactory.java new file mode 100644 index 00000000..9caf950f --- /dev/null +++ b/mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/STALXJAXBContextFactory.java @@ -0,0 +1,61 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.stal.service.impl; + +import com.sun.xml.bind.api.JAXBRIContext; +import com.sun.xml.bind.api.TypeReference; +import com.sun.xml.ws.api.model.SEIModel; +import com.sun.xml.ws.developer.JAXBContextFactory; +import java.util.ArrayList; +import java.util.List; +import javax.xml.bind.JAXBException; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +/** + * + * @author Clemens Orthacker + */ +public class STALXJAXBContextFactory implements JAXBContextFactory { + + private static final Log log = LogFactory.getLog(STALXJAXBContextFactory.class); + + @Override + public JAXBRIContext createJAXBContext(SEIModel sei, List classesToBind, List typeReferences) throws JAXBException { + if (log.isTraceEnabled()) { + log.trace("JAXBContext seed for SEI " + sei.getTargetNamespace() + ":"); + for (Class class1 : classesToBind) { + log.trace(" " + class1); + } + for (TypeReference typeReference : typeReferences) { + log.trace(" typeRef " + typeReference.tagName + " -> " + typeReference.type); + } + } + List classes = new ArrayList(); + classes.addAll(classesToBind); + Class ccOF = at.buergerkarte.namespaces.cardchannel.service.ObjectFactory.class; + if (!classes.contains(ccOF)) { + log.debug("adding " + ccOF + " to JAXBContext seed"); + classes.add(ccOF); + } + + //TODO add typeReference? + + return JAXBRIContext.newInstance(classes.toArray(new Class[classes.size()]), + typeReferences, null, sei.getTargetNamespace(), false, null); + } +} diff --git a/mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/TestSignatureData.java b/mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/TestSignatureData.java new file mode 100644 index 00000000..2f58bb3d --- /dev/null +++ b/mocca-1.2.11/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/TestSignatureData.java @@ -0,0 +1,47 @@ +package at.gv.egiz.stal.service.impl; + +import java.io.UnsupportedEncodingException; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +public final class TestSignatureData { + + protected final static Log log = LogFactory.getLog(TestSignatureData.class); + + public static final String[] ID = new String[] {"signed-data-reference-0-1214921968-27971781-24309", "signed-data-reference-1"}; + public static final String ENCODING = "UTF-8"; + + public static final Map HASHDATA_INPUT = new HashMap(); + static { + try { + HASHDATA_INPUT.put(ID[0], "Ich bin ein einfacher Text. lläöü߀".getBytes(ENCODING)); + HASHDATA_INPUT.put(ID[1], "2te referenz".getBytes(ENCODING)); + } catch (UnsupportedEncodingException ex) { + log.error("failed to init signature test data", ex); + } + } + public static final Map HASHDATA_MIMETYPES = new HashMap(); + static { + HASHDATA_MIMETYPES.put(ID[0], "text/plain"); + HASHDATA_MIMETYPES.put(ID[1], "any/mime-type"); + } + +// private static final byte[] signedInfo = " id('signed-data-object-0-1214921968-27971781-13578')/node() H1IePEEfGQ2SG03H6LTzw1TpCuM=yV6Q+I60buqR4mMaxA7fi+CV35A=".getBytes(); +// private static final byte[] signedInfo2Ref = " id('signed-data-object-0-1214921968-27971781-13578')/node() H1IePEEfGQ2SG03H6LTzw1TpCuM= id('signed-data-object-1')/node() H1IePEEfGQ2SG03H6LTzw1TpCuM=yV6Q+I60buqR4mMaxA7fi+CV35A=".getBytes(); +// private static final String signedInfo2Ref = " id('signed-data-object-1')/node() H1IePEEfGQ2SG03H6LTzw1TpCuM="; + /** + * SIGNED_INFO[0] contains reference ID[0] + * SIGNED_INFO[1] contains reference ID[0] and ID[1] + */ + public static final List SIGNED_INFO = new ArrayList(); + static { + SIGNED_INFO.add(" id('signed-data-object-0-1214921968-27971781-13578')/node() H1IePEEfGQ2SG03H6LTzw1TpCuM=yV6Q+I60buqR4mMaxA7fi+CV35A=".getBytes()); + SIGNED_INFO.add(" id('signed-data-object-0-1214921968-27971781-13578')/node() H1IePEEfGQ2SG03H6LTzw1TpCuM= id('signed-data-object-1')/node() H1IePEEfGQ2SG03H6LTzw1TpCuM=yV6Q+I60buqR4mMaxA7fi+CV35A=".getBytes()); + } + +} diff --git a/mocca-1.2.11/BKUOnline/src/main/policy/50mocca.policy b/mocca-1.2.11/BKUOnline/src/main/policy/50mocca.policy new file mode 100644 index 00000000..2d6bc13d --- /dev/null +++ b/mocca-1.2.11/BKUOnline/src/main/policy/50mocca.policy @@ -0,0 +1,319 @@ +// Copyright 2008 Federal Chancellery Austria and +// Graz University of Technology +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// +// ========================================================================= +// || IMPORTANT: REVIEW AND ADAPT TO YOUR NEEDS PRIOR TO INSTALLATION +// ========================================================================= +// +// (set -Djava.security.debug=access,failure and search for "FAILED") +// +// +// ========== MOCCA CODE PERMISSIONS ======================================= +// +// replace ${catalina.base}/webapps/bkuonline +// with ${catalina.base}/webapps/ +// replace ${catalina.base}/work/Catalina/localhost/bkuonline +// with ${catalina.base}/work/Catalina/localhost/ (the path to the compiled JSPs, excl. package dir: org/apache/jsp/) +// replace version info in utils-1.2.10.jar and bkucommon-1.2.10.jar +// with current version +// replace apps.egiz.gv.at +// with +// replace localhost:8080 +// with +// replace www.xslt-stylesheet-include-url.org:80 +// with +// replace ../conf/secret.xml +// with +// +// replace www.a-trust.at and ksp.ecard.sozialversicherung.gv.at +// with +// replace ldap.a-trust.at:389 and ocsp.ecard.sozialversicherung.at:80 +// with (OCSP, CRLs) +// + +// =========== container grants required by MOCCA +// +grant codeBase "file:${catalina.home}/bin/tomcat-juli.jar" { + permission java.lang.RuntimePermission "accessClassInPackage.sun.util.logging.resources"; + permission java.io.FilePermission "${catalina.base}/webapps/bkuonline/WEB-INF/classes/logging.properties", "read"; +}; + +grant codeBase "file:${catalina.base}/work/Catalina/localhost/bkuonline" { + permission java.io.FilePermission "/helpfiles/-", "read"; + permission java.lang.RuntimePermission "defineClassInPackage.org.apache.jasper.runtime"; +}; + +// =========== MOCCA grants +// +grant codeBase "file:${catalina.base}/webapps/bkuonline/WEB-INF/classes/-" { + permission java.security.AllPermission; +// permission java.io.FilePermission "${catalina.base}/logs", "read, write"; +// permission java.io.FilePermission "${catalina.base}/logs/*", "read, write"; +// permission java.io.FilePermission "${catalina.base}/logs/*", "delete"; +// permission java.util.PropertyPermission "com.sun.xml.ws.fault.SOAPFaultBuilder.disableCaptureStackTrace", "write"; +// permission java.util.PropertyPermission "com.sun.xml.ws.transport.http.HttpAdapter.dump", "write"; +}; + +grant codeBase "file:${catalina.base}/webapps/bkuonline/WEB-INF/lib/-" { + // the log4j configuration might want to write logs to ${catalina.base}/logs/bkuonline.log + permission java.io.FilePermission "${catalina.base}/logs", "read, write"; + permission java.io.FilePermission "${catalina.base}/logs/*", "read, write"; + permission java.io.FilePermission "${catalina.base}/logs/*", "delete"; + +}; + +grant codeBase "file:${catalina.base}/webapps/bkuonline/WEB-INF/lib/utils-1.2.10.jar" { + permission java.util.PropertyPermission "*", "read"; + permission java.net.SocketPermission "www.a-trust.at:80", "connect, resolve"; + permission java.net.SocketPermission "ksp.ecard.sozialversicherung.gv.at:80", "connect,resolve"; +// permission java.net.SocketPermission "localhost:8080", "connect, resolve"; + permission java.net.SocketPermission "www.xslt-stylesheet-include-url.org:80", "connect, resolve"; + permission java.lang.RuntimePermission "accessDeclaredMembers"; + permission java.lang.reflect.ReflectPermission "suppressAccessChecks"; +}; + +grant codeBase "file:${catalina.base}/webapps/bkuonline/WEB-INF/lib/bkucommon-1.2.10.jar" { + permission java.io.FilePermission "${catalina.base}/webapps/bkuonline/WEB-INF/classes/at/gv/egiz/bku/certs/certStore", "write"; + permission java.io.FilePermission "${catalina.base}/webapps/bkuonline/WEB-INF/classes/at/gv/egiz/bku/certs/certStore/-", "write"; + permission java.io.FilePermission "${catalina.base}/webapps/bkuonline/WEB-INF/classes/at/gv/egiz/bku/certs/certStore/toBeAdded/-", "delete"; + permission java.io.FilePermission "../conf/secret.xml", "read"; + permission java.net.SocketPermission "apps.egiz.gv.at:443", "connect, resolve"; + permission java.net.SocketPermission "www.a-trust.at:80", "connect, resolve"; + permission java.net.SocketPermission "ksp.ecard.sozialversicherung.gv.at:80", "connect,resolve"; + permission java.net.SocketPermission "ldap.a-trust.at:389", "connect, resolve"; + permission java.net.SocketPermission "ocsp.ecard.sozialversicherung.at:80", "connect, resolve"; +// permission java.net.SocketPermission "localhost:8080", "connect, resolve"; + permission java.net.SocketPermission "www.xslt-stylesheet-include-url.org:80", "connect, resolve"; + permission java.net.NetPermission "specifyStreamHandler"; + permission java.util.PropertyPermission "*", "read, write"; + permission java.security.SecurityPermission "insertProvider.IAIK"; + permission java.security.SecurityPermission "putProviderProperty.IAIK"; + permission java.security.SecurityPermission "removeProvider.IAIK"; + permission java.security.SecurityPermission "insertProvider.IAIK_ECC"; + permission java.security.SecurityPermission "putProviderProperty.IAIK_ECC"; + permission java.security.SecurityPermission "insertProvider.XSECT"; + permission java.security.SecurityPermission "putProviderProperty.XSECT"; + permission java.security.SecurityPermission "insertProvider.STAL"; + permission java.security.SecurityPermission "putProviderProperty.STAL"; + // XMLDSig is moved backwards by XSECT + permission java.security.SecurityPermission "insertProvider.XMLDSig"; + permission java.security.SecurityPermission "removeProvider.XMLDSig"; + permission java.lang.RuntimePermission "accessDeclaredMembers"; + permission java.lang.RuntimePermission "setFactory"; + permission java.lang.RuntimePermission "getProtectionDomain"; + permission java.lang.RuntimePermission "accessClassInPackage.sun.net.www.protocol.ldap"; + permission java.lang.RuntimePermission "modifyThread"; + permission java.lang.reflect.ReflectPermission "suppressAccessChecks"; +}; + +grant codeBase "file:${catalina.base}/webapps/bkuonline/WEB-INF/lib/iaik_jce_full_signed-3.16.jar" { + permission java.util.PropertyPermission "*", "read, write"; + permission java.security.SecurityPermission "insertProvider.IAIK"; + permission java.security.SecurityPermission "putProviderProperty.IAIK"; + permission java.security.SecurityPermission "removeProvider.IAIK"; + permission java.net.SocketPermission "ldap.a-trust.at:389", "connect, resolve"; + permission java.net.SocketPermission "ocsp.ecard.sozialversicherung.at:80", "connect, resolve"; +}; + +grant codeBase "file:${catalina.base}/webapps/bkuonline/WEB-INF/lib/iaik_ecc_signed-2.15.jar" { + permission java.security.SecurityPermission "insertProvider.IAIK_ECC"; + permission java.security.SecurityPermission "putProviderProperty.IAIK_ECC"; +}; + +grant codeBase "file:${catalina.base}/webapps/bkuonline/WEB-INF/lib/iaik_xsect-1.14.jar" { + permission java.util.PropertyPermission "*", "read, write"; + permission java.security.SecurityPermission "insertProvider.IAIK"; + permission java.security.SecurityPermission "putProviderProperty.IAIK"; + permission java.security.SecurityPermission "removeProvider.IAIK"; + permission java.security.SecurityPermission "insertProvider.XSECT"; + permission java.security.SecurityPermission "putProviderProperty.XSECT"; + permission java.security.SecurityPermission "insertProvider.XMLDSig"; + permission java.security.SecurityPermission "removeProvider.XMLDSig"; +}; + +grant codeBase "file:${catalina.base}/webapps/bkuonline/WEB-INF/lib/iaik_pki-1.0-MOCCA.jar" { + permission java.io.FilePermission "${catalina.base}/webapps/bkuonline/WEB-INF/classes/at/gv/egiz/bku/certs/certStore", "write"; + permission java.io.FilePermission "${catalina.base}/webapps/bkuonline/WEB-INF/classes/at/gv/egiz/bku/certs/certStore/-", "write"; + permission java.io.FilePermission "${catalina.base}/webapps/bkuonline/WEB-INF/classes/at/gv/egiz/bku/certs/certStore/toBeAdded/-", "delete"; + permission java.net.SocketPermission "www.a-trust.at:80", "connect, resolve"; + permission java.net.SocketPermission "ldap.a-trust.at:389", "connect, resolve"; + permission java.net.SocketPermission "ocsp.ecard.sozialversicherung.at:80", "connect, resolve"; + permission java.net.NetPermission "specifyStreamHandler"; + permission java.lang.RuntimePermission "accessClassInPackage.sun.net.www.protocol.ldap"; +}; + +grant codeBase "file:${catalina.base}/webapps/bkuonline/WEB-INF/lib/xalan-2.7.1.jar" { + permission java.io.FilePermission "${java.home}/lib/xalan.properties", "read"; + permission java.util.PropertyPermission "*", "read"; + permission java.lang.RuntimePermission "getClassLoader"; +}; + +grant codeBase "file:${catalina.base}/webapps/bkuonline/WEB-INF/lib/serializer-2.7.1.jar" { + permission java.util.PropertyPermission "*", "read"; + permission java.lang.RuntimePermission "getClassLoader"; +}; + +// allow xsl:include from the specified URL +grant codeBase "jar:file:${catalina.base}/webapps/bkuonline/WEB-INF/lib/xalan-2.7.1.jar!/org/apache/xalan/processor/-" { + permission java.net.SocketPermission "www.xslt-stylesheet-include-url.org:80", "connect, resolve"; +}; + +// allow XSLT document function to reference the specified URL +grant codeBase "jar:file:${catalina.base}/webapps/bkuonline/WEB-INF/lib/xalan-2.7.1.jar!/org/apache/xalan/xsltc/dom/LoadDocument.class" { + permission java.io.FilePermission "../conf/secret.xml", "read"; +}; + +// use tomcat/jre endorsed xerces instead +grant codeBase "file:${catalina.base}/webapps/bkuonline/WEB-INF/lib/xercesImpl-2.9.1.jar" { + permission java.io.FilePermission "${java.home}/lib/xerces.properties", "read"; +// permission java.io.FilePermission "../conf/secret.xml", "read"; +// permission java.net.SocketPermission "www.xslt-stylesheet-include-url.org:80", "connect, resolve"; + permission java.util.PropertyPermission "*", "read"; + permission java.lang.RuntimePermission "accessClassInPackage.org.apache.catalina"; + permission java.lang.RuntimePermission "accessClassInPackage.org.apache.catalina.*"; + permission java.lang.RuntimePermission "getClassLoader"; + permission java.lang.RuntimePermission "accessDeclaredMembers"; +}; + +grant codeBase "file:${catalina.base}/webapps/bkuonline/WEB-INF/lib/commons-logging-1.1.1.jar" { + permission java.util.PropertyPermission "org.apache.commons.logging.*", "read"; + permission java.util.PropertyPermission "log4j.*", "read"; + permission java.util.PropertyPermission "catalina.base", "read"; + permission java.lang.RuntimePermission "getClassLoader"; + permission java.lang.RuntimePermission "defineClassInPackage.java.lang"; +}; + +grant codeBase "file:${catalina.base}/webapps/bkuonline/WEB-INF/lib/log4j-1.2.12.jar" { + permission java.io.FilePermission "${catalina.base}/webapps/bkuonline/WEB-INF/classes/log4j.properties", "read"; + // allow log4j to read its own properties + permission java.util.PropertyPermission "log4j.*", "read"; + permission java.util.PropertyPermission "catalina.base", "read"; + permission java.lang.RuntimePermission "defineClassInPackage.java.lang"; +}; + +grant codeBase "file:${catalina.base}/webapps/bkuonline/WEB-INF/lib/spring-core-2.5.5.jar" { + permission java.lang.RuntimePermission "accessDeclaredMembers"; + permission java.lang.RuntimePermission "modifyThread"; +}; +grant codeBase "file:${catalina.base}/webapps/bkuonline/WEB-INF/lib/spring-web-2.5.5.jar" { + permission java.io.FilePermission "${catalina.base}/webapps/bkuonline/WEB-INF/classes/at/gv/egiz/bku/certs/certStore", "write"; + permission java.io.FilePermission "${catalina.base}/webapps/bkuonline/WEB-INF/classes/at/gv/egiz/bku/certs/certStore/-", "write"; + permission java.io.FilePermission "${catalina.base}/webapps/bkuonline/WEB-INF/classes/at/gv/egiz/bku/certs/certStore/toBeAdded/-", "delete"; + permission java.security.SecurityPermission "insertProvider.IAIK"; + permission java.security.SecurityPermission "putProviderProperty.IAIK"; + permission java.security.SecurityPermission "removeProvider.IAIK"; + permission java.security.SecurityPermission "insertProvider.IAIK_ECC"; + permission java.security.SecurityPermission "putProviderProperty.IAIK_ECC"; + permission java.security.SecurityPermission "insertProvider.XSECT"; + permission java.security.SecurityPermission "putProviderProperty.XSECT"; + permission java.security.SecurityPermission "insertProvider.STAL"; + permission java.security.SecurityPermission "putProviderProperty.STAL"; + permission java.security.SecurityPermission "insertProvider.XMLDSig"; + permission java.security.SecurityPermission "removeProvider.XMLDSig"; + permission java.util.PropertyPermission "*", "read, write"; + permission java.lang.RuntimePermission "accessDeclaredMembers"; + permission java.lang.RuntimePermission "modifyThread"; + permission java.lang.RuntimePermission "setFactory"; + permission java.lang.RuntimePermission "getProtectionDomain"; + permission java.lang.RuntimePermission "defineClassInPackage.java.lang"; + permission java.lang.reflect.ReflectPermission "suppressAccessChecks"; +}; +grant codeBase "file:${catalina.base}/webapps/bkuonline/WEB-INF/lib/spring-beans-2.5.5.jar" { + permission java.io.FilePermission "${catalina.base}/webapps/bkuonline/WEB-INF/classes/at/gv/egiz/bku/certs/certStore", "write"; + permission java.io.FilePermission "${catalina.base}/webapps/bkuonline/WEB-INF/classes/at/gv/egiz/bku/certs/certStore/-", "write"; + permission java.io.FilePermission "${catalina.base}/webapps/bkuonline/WEB-INF/classes/at/gv/egiz/bku/certs/certStore/toBeAdded/-", "delete"; + permission java.security.SecurityPermission "insertProvider.IAIK"; + permission java.security.SecurityPermission "putProviderProperty.IAIK"; + permission java.security.SecurityPermission "removeProvider.IAIK"; + permission java.security.SecurityPermission "insertProvider.IAIK_ECC"; + permission java.security.SecurityPermission "putProviderProperty.IAIK_ECC"; + permission java.security.SecurityPermission "insertProvider.XSECT"; + permission java.security.SecurityPermission "putProviderProperty.XSECT"; + permission java.security.SecurityPermission "insertProvider.STAL"; + permission java.security.SecurityPermission "putProviderProperty.STAL"; + permission java.security.SecurityPermission "insertProvider.XMLDSig"; + permission java.security.SecurityPermission "removeProvider.XMLDSig"; + permission java.util.PropertyPermission "*", "read, write"; + permission java.lang.RuntimePermission "accessDeclaredMembers"; + permission java.lang.RuntimePermission "setFactory"; + permission java.lang.RuntimePermission "getProtectionDomain"; + permission java.lang.RuntimePermission "defineClassInPackage.java.lang"; + permission java.lang.reflect.ReflectPermission "suppressAccessChecks"; +}; +grant codeBase "file:${catalina.base}/webapps/bkuonline/WEB-INF/lib/spring-context-2.5.5.jar" { + permission java.io.FilePermission "${catalina.base}/webapps/bkuonline/WEB-INF/classes/at/gv/egiz/bku/certs/certStore", "write"; + permission java.io.FilePermission "${catalina.base}/webapps/bkuonline/WEB-INF/classes/at/gv/egiz/bku/certs/certStore/-", "write"; + permission java.io.FilePermission "${catalina.base}/webapps/bkuonline/WEB-INF/classes/at/gv/egiz/bku/certs/certStore/toBeAdded/-", "delete"; + permission java.security.SecurityPermission "insertProvider.IAIK"; + permission java.security.SecurityPermission "putProviderProperty.IAIK"; + permission java.security.SecurityPermission "removeProvider.IAIK"; + permission java.security.SecurityPermission "insertProvider.IAIK_ECC"; + permission java.security.SecurityPermission "putProviderProperty.IAIK_ECC"; + permission java.security.SecurityPermission "insertProvider.XSECT"; + permission java.security.SecurityPermission "putProviderProperty.XSECT"; + permission java.security.SecurityPermission "insertProvider.STAL"; + permission java.security.SecurityPermission "putProviderProperty.STAL"; + permission java.security.SecurityPermission "insertProvider.XMLDSig"; + permission java.security.SecurityPermission "removeProvider.XMLDSig"; + permission java.util.PropertyPermission "*", "read, write"; + permission java.lang.RuntimePermission "accessDeclaredMembers"; + permission java.lang.RuntimePermission "modifyThread"; + permission java.lang.RuntimePermission "setFactory"; + permission java.lang.RuntimePermission "getProtectionDomain"; + permission java.lang.RuntimePermission "defineClassInPackage.java.lang"; + permission java.lang.reflect.ReflectPermission "suppressAccessChecks"; +}; + +grant codeBase "file:${catalina.base}/webapps/bkuonline/WEB-INF/lib/jaxws-rt-2.1.5.jar" { + // need write access to set disableCaptureStackTrace and HttpAdapter.dump + permission java.util.PropertyPermission "com.sun.xml.ws.*", "read, write"; + permission java.util.PropertyPermission "com.sun.xml.bind.*", "read"; + permission java.util.PropertyPermission "javax.xml.soap.*", "read"; + permission java.util.PropertyPermission "javax.activation.*", "read"; + permission java.util.PropertyPermission "xml.catalog.*", "read"; + permission java.util.PropertyPermission "user.dir", "read"; + permission java.util.PropertyPermission "user.home", "read"; + permission java.io.FilePermission "${java.home}/lib/jaxm.properties", "read"; + permission java.io.FilePermission "${java.home}/lib/mailcap", "read"; + permission java.io.FilePermission "${user.home}/.mailcap", "read"; + permission java.io.FilePermission "basename", "read"; + permission java.io.FilePermission "${catalina.home}/bin/xcatalog", "read"; + permission java.lang.reflect.ReflectPermission "suppressAccessChecks"; + permission java.lang.RuntimePermission "accessDeclaredMembers"; + permission java.lang.RuntimePermission "accessClassInPackage.sun.util.logging.resources"; + permission java.lang.RuntimePermission "setContextClassLoader"; + permission javax.management.MBeanServerPermission "createMBeanServer"; + permission javax.management.MBeanPermission "com.sun.xml.ws.*", "registerMBean"; + permission javax.management.MBeanTrustPermission "register"; + permission java.lang.reflect.ReflectPermission "suppressAccessChecks"; +}; + +grant codeBase "file:${catalina.base}/webapps/bkuonline/WEB-INF/lib/jaxb-impl-2.1.9.jar" { + permission java.lang.reflect.ReflectPermission "suppressAccessChecks"; + permission java.lang.RuntimePermission "accessDeclaredMembers"; + permission java.util.PropertyPermission "com.sun.xml.bind.v2.*", "read"; + permission java.util.PropertyPermission "user.dir", "read"; +}; + +grant codeBase "file:${catalina.base}/webapps/bkuonline/WEB-INF/lib/commons-httpclient-3.1.jar" { + permission java.util.PropertyPermission "*", "read"; +}; + +// ======== NETBEANS + +//grant codeBase "file:${catalina.base}/nblib/-" { +// permission java.security.AllPermission; +//}; \ No newline at end of file diff --git a/mocca-1.2.11/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/accessControlConfig.xml b/mocca-1.2.11/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/accessControlConfig.xml new file mode 100644 index 00000000..f8d1411c --- /dev/null +++ b/mocca-1.2.11/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/accessControlConfig.xml @@ -0,0 +1,84 @@ + + + + + + + + + + + allow + + confirm + + + + + + + + + certifiedGovAgency + + allow + + confirm + + + anonymous + + Command + + + + + + + + certified + + IdentityLink + derived + + + allow + + confirm + + + anonymous + + IdentityLink + + + deny + + info + + + + allow + + + + + + diff --git a/mocca-1.2.11/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/defaultConf.properties b/mocca-1.2.11/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/defaultConf.properties new file mode 100644 index 00000000..b4ecfd86 --- /dev/null +++ b/mocca-1.2.11/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/defaultConf.properties @@ -0,0 +1,56 @@ +# +# Copyright 2008 Federal Chancellery Austria and +# Graz University of Technology +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + + +# Configuration for online CCE + +# security manager configuration +AccessController.acceptUnmatched=false +AccessController.policyResource=classpath:at/gv/egiz/bku/online/conf/accessControlConfig.xml + +# ------------BEGIN SSL Config -------------------- +# SSL configuration for connections to external +# resources (e.g. data urls) + +# directory where certificates for +# chain constructions can be placed +#SSL.certDirectory=classpath:at/gv/egiz/bku/online/conf/certs/certStore +SSL.certDirectory=classpath:at/gv/egiz/bku/certs/certStore + + +# Directory where trusted CA +# certificates are placed +SSL.caDirectory=classpath:at/gv/egiz/bku/certs/trustStore +SSL.sslProtocol=TLS + +# warning do not set the following property to true +# its intended for debugging and testing only +SSL.disableAllChecks=false +#SSL.disableHostnameVerification=true + +# ------------ END SSL Config -------------------- + +#UserAgent=citizen-card-environment/1.2 MOCCA/1.2 +#UserAgent=citizen-card-environment/1.2 trustDeskbasic/2.8.1 + +ValidateHashDataInputs=true +AppletTimeout=300000 + +#HTTPProxyHost=taranis.iaik.tugraz.at +#HTTPProxyPort=8888 +DefaultSocketTimeout=200 +#SignatureLayout= \ No newline at end of file diff --git a/mocca-1.2.11/BKUOnline/src/main/resources/commons-logging.properties b/mocca-1.2.11/BKUOnline/src/main/resources/commons-logging.properties new file mode 100644 index 00000000..0d497b1b --- /dev/null +++ b/mocca-1.2.11/BKUOnline/src/main/resources/commons-logging.properties @@ -0,0 +1,16 @@ +# Copyright 2008 Federal Chancellery Austria and +# Graz University of Technology +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +org.apache.commons.logging.Log=org.apache.commons.logging.impl.Log4JLogger diff --git a/mocca-1.2.11/BKUOnline/src/main/resources/log4j.properties b/mocca-1.2.11/BKUOnline/src/main/resources/log4j.properties new file mode 100644 index 00000000..d4a03fe7 --- /dev/null +++ b/mocca-1.2.11/BKUOnline/src/main/resources/log4j.properties @@ -0,0 +1,36 @@ +# Copyright 2008 Federal Chancellery Austria and +# Graz University of Technology +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +#log4j.rootLogger=DEBUG, STDOUT, file +log4j.rootLogger=INFO, file +#log4j.logger.at.gv=TRACE + + +# STDOUT appender +log4j.appender.STDOUT=org.apache.log4j.ConsoleAppender +log4j.appender.STDOUT.layout=org.apache.log4j.PatternLayout +#log4j.appender.STDOUT.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %20c | %10t | %m%n +#log4j.appender.STDOUT.layout.ConversionPattern=%-4r [%t] %-5p %c %x - %m%n +log4j.appender.STDOUT.layout.ConversionPattern=%-5p | %t | %c %x - %m%n + +# FILE appender +log4j.appender.file=org.apache.log4j.RollingFileAppender +log4j.appender.file.maxFileSize=500KB +log4j.appender.file.maxBackupIndex=9 +log4j.appender.file.File=${catalina.base}/logs/bkuonline.log +log4j.appender.file.threshold=trace +log4j.appender.file.layout=org.apache.log4j.PatternLayout +log4j.appender.file.layout.ConversionPattern=%d{ABSOLUTE} %5p | %t | %c{1}:%L - %m%n \ No newline at end of file diff --git a/mocca-1.2.11/BKUOnline/src/main/webapp/META-INF/MANIFEST.MF b/mocca-1.2.11/BKUOnline/src/main/webapp/META-INF/MANIFEST.MF new file mode 100644 index 00000000..ae3f7b68 --- /dev/null +++ b/mocca-1.2.11/BKUOnline/src/main/webapp/META-INF/MANIFEST.MF @@ -0,0 +1,6 @@ +Manifest-Version: 1.0 +Archiver-Version: Plexus Archiver +Created-By: Apache Maven +Built-By: clemens +Build-Jdk: 1.6.0_10 +Implementation-Build: 1.1.1-SNAPSHOT-r1 diff --git a/mocca-1.2.11/BKUOnline/src/main/webapp/META-INF/context.xml b/mocca-1.2.11/BKUOnline/src/main/webapp/META-INF/context.xml new file mode 100644 index 00000000..f38215a1 --- /dev/null +++ b/mocca-1.2.11/BKUOnline/src/main/webapp/META-INF/context.xml @@ -0,0 +1,19 @@ + + + + diff --git a/mocca-1.2.11/BKUOnline/src/main/webapp/PINManagement.jsp b/mocca-1.2.11/BKUOnline/src/main/webapp/PINManagement.jsp new file mode 100644 index 00000000..e48b8405 --- /dev/null +++ b/mocca-1.2.11/BKUOnline/src/main/webapp/PINManagement.jsp @@ -0,0 +1,111 @@ + +<%@ page language="java" contentType="text/html; charset=UTF-8" + pageEncoding="UTF-8" + import="at.gv.egiz.org.apache.tomcat.util.http.AcceptLanguage"%> + + + + + + MOCCA PIN Management + + + + + + + + + <% + String locale = request.getParameter("locale"); + if (locale == null) { + String acceptLanguage = request.getHeader("Accept-Language"); + locale = AcceptLanguage.getLocale(acceptLanguage).toString(); + } + String widthP = request.getParameter("appletWidth"); + String heightP = request.getParameter("appletHeight"); + int width = (widthP == null) ? 295 + : Integer.parseInt(widthP); + int height = (heightP == null) ? 200 + : Integer.parseInt(heightP); + String guiStyle = request.getParameter("appletGuiStyle"); + if (guiStyle == null) { + guiStyle = "advanced"; + } + String backgroundImg = request.getParameter("appletBackground"); + %> + + + + + + + diff --git a/mocca-1.2.11/BKUOnline/src/main/webapp/SLRequestForm.html b/mocca-1.2.11/BKUOnline/src/main/webapp/SLRequestForm.html new file mode 100644 index 00000000..2de652a7 --- /dev/null +++ b/mocca-1.2.11/BKUOnline/src/main/webapp/SLRequestForm.html @@ -0,0 +1,215 @@ + + + + + Security-Layer v1.2 Request Formular + + + + + + + + +

Security-Layer v1.2 Request Formular

+

+

+ +
Enter XML Request +

+ + + +
+
Request Parameters +

+ + tiny + simple + advanced +

+ +

+

+

+

+

+ +

+ + Default + Alternative +

+ + + + +
+
+
+ + + diff --git a/mocca-1.2.11/BKUOnline/src/main/webapp/WEB-INF/applicationContext.xml b/mocca-1.2.11/BKUOnline/src/main/webapp/WEB-INF/applicationContext.xml new file mode 100644 index 00000000..fb3cae63 --- /dev/null +++ b/mocca-1.2.11/BKUOnline/src/main/webapp/WEB-INF/applicationContext.xml @@ -0,0 +1,134 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/mocca-1.2.11/BKUOnline/src/main/webapp/WEB-INF/mocca-conf.xml b/mocca-1.2.11/BKUOnline/src/main/webapp/WEB-INF/mocca-conf.xml new file mode 100644 index 00000000..5c96dc58 --- /dev/null +++ b/mocca-1.2.11/BKUOnline/src/main/webapp/WEB-INF/mocca-conf.xml @@ -0,0 +1,51 @@ + + + + + + + + + + + + + + + + + + diff --git a/mocca-1.2.11/BKUOnline/src/main/webapp/WEB-INF/sun-jaxws.xml b/mocca-1.2.11/BKUOnline/src/main/webapp/WEB-INF/sun-jaxws.xml new file mode 100644 index 00000000..02d632eb --- /dev/null +++ b/mocca-1.2.11/BKUOnline/src/main/webapp/WEB-INF/sun-jaxws.xml @@ -0,0 +1,36 @@ + + + + + + + + + + diff --git a/mocca-1.2.11/BKUOnline/src/main/webapp/WEB-INF/web.xml b/mocca-1.2.11/BKUOnline/src/main/webapp/WEB-INF/web.xml new file mode 100644 index 00000000..41cd400f --- /dev/null +++ b/mocca-1.2.11/BKUOnline/src/main/webapp/WEB-INF/web.xml @@ -0,0 +1,129 @@ + + + + http-security-layer-request + + + + contextConfigLocation + /WEB-INF/applicationContext.xml + + + org.springframework.web.context.ContextLoaderListener + + + + + + at.gv.egiz.bku.online.webapp.SessionTimeout + + + com.sun.xml.ws.transport.http.servlet.WSServletContextListener + + + BKUServlet + at.gv.egiz.bku.online.webapp.BKURequestHandler + + + ResultServlet + at.gv.egiz.bku.online.webapp.ResultServlet + + responseEncoding + UTF-8 + + + expiredPage + + expired.html + + + + BKUApplet + /applet.jsp + + + STALService + com.sun.xml.ws.transport.http.servlet.WSServlet + 1 + + + BKUServlet + /http-security-layer-request + + + BKUServlet + /https-security-layer-request + + + ResultServlet + /bkuResult + + + + + + + + + + + + + STALService + /stal + + + 5 + + + index.html + index.jsp + + diff --git a/mocca-1.2.11/BKUOnline/src/main/webapp/WEB-INF/wsdl/stal.wsdl b/mocca-1.2.11/BKUOnline/src/main/webapp/WEB-INF/wsdl/stal.wsdl new file mode 100644 index 00000000..dc7ad8f1 --- /dev/null +++ b/mocca-1.2.11/BKUOnline/src/main/webapp/WEB-INF/wsdl/stal.wsdl @@ -0,0 +1,105 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/mocca-1.2.11/BKUOnline/src/main/webapp/WEB-INF/wsdl/stal.xsd b/mocca-1.2.11/BKUOnline/src/main/webapp/WEB-INF/wsdl/stal.xsd new file mode 100644 index 00000000..a420035f --- /dev/null +++ b/mocca-1.2.11/BKUOnline/src/main/webapp/WEB-INF/wsdl/stal.xsd @@ -0,0 +1,168 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/mocca-1.2.11/BKUOnline/src/main/webapp/applet.jsp b/mocca-1.2.11/BKUOnline/src/main/webapp/applet.jsp new file mode 100644 index 00000000..582bee7e --- /dev/null +++ b/mocca-1.2.11/BKUOnline/src/main/webapp/applet.jsp @@ -0,0 +1,111 @@ + +<%@ page language="java" contentType="text/html; charset=UTF-8" + pageEncoding="UTF-8" + import="at.gv.egiz.bku.online.webapp.AppletDispatcher, org.apache.commons.lang.RandomStringUtils, org.apache.commons.lang.StringEscapeUtils" %> + + + + + + MOCCA Applet + + + + + + + + + <% + String locale = StringEscapeUtils.escapeJavaScript( + (String) session.getAttribute("locale")); + + int width = session.getAttribute("appletWidth") == null ? 190 + : (Integer) session.getAttribute("appletWidth"); + int height = session.getAttribute("appletHeight") == null ? 130 + : (Integer) session.getAttribute("appletHeight"); + String backgroundImg = StringEscapeUtils.escapeJavaScript( + session.getAttribute("appletBackground") == null + ? "../img/chip32.png" + : (String) session.getAttribute("appletBackground")); + String backgroundColor = StringEscapeUtils.escapeJavaScript( + (String) session.getAttribute("appletBackgroundColor")); + String guiStyle = StringEscapeUtils.escapeJavaScript( + (String) session.getAttribute("appletGuiStyle")); + + String sessionId = StringEscapeUtils.escapeJavaScript(session.getId()); + + String extension = (String) session.getAttribute("appletExtension"); + String appletClass, appletArchive; + if ("activation".equalsIgnoreCase(extension)) { + appletArchive = "BKUAppletExt"; + appletClass = "at.gv.egiz.bku.online.applet.ActivationApplet.class"; + } else if ("pin".equalsIgnoreCase(extension)) { + appletArchive = "BKUAppletExt"; + appletClass = "at.gv.egiz.bku.online.applet.PINManagementApplet.class"; + } else { + appletArchive = "BKUApplet"; + appletClass = "at.gv.egiz.bku.online.applet.BKUApplet.class"; + } + + // disable applet caching + boolean disableAppletCaching = false; + String codebase = "applet"; + + if (disableAppletCaching) { + // run in AppletDispatcher context and + // append random alphanumeric string to avoid applet caching + // TODO prepend ../ to all xxxURL applet paramaters + codebase += "/" + AppletDispatcher.DISPATCH_CTX; + String rand = AppletDispatcher.RAND_PREFIX + + RandomStringUtils.randomAlphanumeric(16); + appletArchive += rand; + } + + %> + + + + diff --git a/mocca-1.2.11/BKUOnline/src/main/webapp/css/applet.css b/mocca-1.2.11/BKUOnline/src/main/webapp/css/applet.css new file mode 100644 index 00000000..d2c734a1 --- /dev/null +++ b/mocca-1.2.11/BKUOnline/src/main/webapp/css/applet.css @@ -0,0 +1,15 @@ +root { + display: block; +} + +body { + background: #ffffff; + /*background-image: url(../img/mocca-t_s.png);*/ + padding: 0; + margin: 0; + border-style: none; + /* + width:<%=width%> + */ +} + diff --git a/mocca-1.2.11/BKUOnline/src/main/webapp/css/appletAlternative.css b/mocca-1.2.11/BKUOnline/src/main/webapp/css/appletAlternative.css new file mode 100644 index 00000000..ce11f1b2 --- /dev/null +++ b/mocca-1.2.11/BKUOnline/src/main/webapp/css/appletAlternative.css @@ -0,0 +1,12 @@ +root { + display: block; +} + +body { + background: #ffffff; + background-image: url(../img/mocca-t_s.png); + padding: 0; + margin: 0; + border-style: none; +} + diff --git a/mocca-1.2.11/BKUOnline/src/main/webapp/css/main.css b/mocca-1.2.11/BKUOnline/src/main/webapp/css/main.css new file mode 100644 index 00000000..b6d6e906 --- /dev/null +++ b/mocca-1.2.11/BKUOnline/src/main/webapp/css/main.css @@ -0,0 +1,55 @@ +/* +Document : main +Created on : 27.02.2009, 10:24:41 +Author : clemens +Description: +Purpose of the stylesheet follows. +*/ + +/* +TODO customize this sample style +Syntax recommendation http://www.w3.org/TR/REC-CSS2/ +*/ + +root { + display: block; +} + +body { + font-family: sans-serif; + font-size: 14px; +} + +h1 { + font-size: 16px; +} + +.disabled { + /* for IE */ + filter:alpha(opacity=60); + /* CSS3 standard */ + opacity:0.4; +} + +.box { + margin-top: 10px; + color: #292929; + width: 250px; + border: 1px solid #BABABA; + background-color: #ddd; + padding-left: 10px; + padding-right: 10px; + margin-left: 10px; + margin-bottom: 1em; + -o-border-radius: 10px; + -moz-border-radius: 12px; + -webkit-border-radius: 10px; + -webkit-box-shadow: 0px 3px 7px #adadad; + border-radius: 10px; + -moz-box-sizing: border-box; + -opera-sizing: border-box; + -webkit-box-sizing: border-box; + -khtml-box-sizing: border-box; + box-sizing: border-box; + overflow: hidden; +} \ No newline at end of file diff --git a/mocca-1.2.11/BKUOnline/src/main/webapp/errorresponse.css b/mocca-1.2.11/BKUOnline/src/main/webapp/errorresponse.css new file mode 100644 index 00000000..41402e71 --- /dev/null +++ b/mocca-1.2.11/BKUOnline/src/main/webapp/errorresponse.css @@ -0,0 +1,12 @@ +@CHARSET "UTF-8"; +sl\:ErrorResponse {margin: 0.5em; display: block;} +sl\:ErrorCode {display: inline;} +sl\:Info {display: inline;} + +ErrorResponse:lang(de):before {content: "Bei der Verarbeitung der Anfrage durch die Bürgerkartenumgebung ist ein Fehler aufgetreten: "; font-weight: bolder;} +ErrorResponse:before {content: "An error has occoured upon request processing by the citizen card software: "; font-weight: bold;} +ErrorResponse {margin: 0.5em; display: block;} +ErrorCode:lang(de):before {content: "Fehler-Code: ";} +ErrorCode:before {content: "Error Code: ";} +ErrorCode {display: block;} +Info {display: block;} \ No newline at end of file diff --git a/mocca-1.2.11/BKUOnline/src/main/webapp/expired.html b/mocca-1.2.11/BKUOnline/src/main/webapp/expired.html new file mode 100644 index 00000000..2bb961f5 --- /dev/null +++ b/mocca-1.2.11/BKUOnline/src/main/webapp/expired.html @@ -0,0 +1,29 @@ + + + + + +Session Expired + + +

+ Ihre Sitzung ist abgelaufen. + +

+ + \ No newline at end of file diff --git a/mocca-1.2.11/BKUOnline/src/main/webapp/img/chip16.ico b/mocca-1.2.11/BKUOnline/src/main/webapp/img/chip16.ico new file mode 100644 index 00000000..42175127 Binary files /dev/null and b/mocca-1.2.11/BKUOnline/src/main/webapp/img/chip16.ico differ diff --git a/mocca-1.2.11/BKUOnline/src/main/webapp/img/chip32.png b/mocca-1.2.11/BKUOnline/src/main/webapp/img/chip32.png new file mode 100644 index 00000000..e7efb020 Binary files /dev/null and b/mocca-1.2.11/BKUOnline/src/main/webapp/img/chip32.png differ diff --git a/mocca-1.2.11/BKUOnline/src/main/webapp/img/webstart.png b/mocca-1.2.11/BKUOnline/src/main/webapp/img/webstart.png new file mode 100644 index 00000000..87d1cf7b Binary files /dev/null and b/mocca-1.2.11/BKUOnline/src/main/webapp/img/webstart.png differ diff --git a/mocca-1.2.11/BKUOnline/src/main/webapp/index.html b/mocca-1.2.11/BKUOnline/src/main/webapp/index.html new file mode 100644 index 00000000..b39dafb7 --- /dev/null +++ b/mocca-1.2.11/BKUOnline/src/main/webapp/index.html @@ -0,0 +1,59 @@ + + + + + MOCCA + + + + + + + +
+

+

MOCCA Online

+

+ Security Layer Request (demo request form) +

+

+ PIN Management (pin management applet) +

+

+ STAL Service (web service endpoint) +

+

+
+ + +
+

+

MOCCA Web Start

+

+

+

MOCCA JNLP File (requires MIME-type association)

+

Java Cache Viewer (local installation)

+

+
+ + diff --git a/mocca-1.2.11/BKUOnline/src/main/webapp/js/deployJava.js b/mocca-1.2.11/BKUOnline/src/main/webapp/js/deployJava.js new file mode 100644 index 00000000..e25902c0 --- /dev/null +++ b/mocca-1.2.11/BKUOnline/src/main/webapp/js/deployJava.js @@ -0,0 +1,925 @@ +/* + * Copyright (c) 2008 Sun Microsystems, Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * - Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * - Neither the name of Sun Microsystems nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS + * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR + * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +/* + * Added by EGIZ: + * This file contains workarounds to + * [#423] Firefox 3.0.11 bug #498132 causes applet loading failure + * (lines 95-99) + * [#424] Web Start loading via java plugin (Sun deployment script) fails on WinXP/Vista + * (lines 501-506) + * + * features: + * [#425] Disable WebStart Launch Button for MacOS + * (lines 492-504) + * + */ + +/* + * deployJava.js + * + * This file is part of the Deployment Toolkit. It provides functions for web + * pages to detect the presence of a JRE, install the latest JRE, and easily run + * applets or Web Start programs. Usage guide may be found at http:///. + * + * The "live" copy of this file may be found at + * http://java.com/js/deployJava.js. + * You are encouraged to link directly to the live copy of the file. + * + * @version @(#)deployJava.js 1.13 08/10/28 + */ + +var deployJava = { + debug: null, + + myInterval: null, + preInstallJREList: null, + returnPage: null, + brand: null, + locale: null, + installType: null, + + EAInstallEnabled: false, + EarlyAccessURL: null, + + // GetJava page + getJavaURL: 'http://java.sun.com/webapps/getjava/BrowserRedirect?host=java.com', + + // Apple redirect page + appleRedirectPage: 'http://www.apple.com/support/downloads/', + + // mime-type of the DeployToolkit plugin object + mimeType: 'application/npruntime-scriptable-plugin;DeploymentToolkit', + + // location of the Java Web Start launch button graphic + launchButtonPNG: 'img/webstart.png', + + /** + * Returns an array of currently-installed JRE version strings. + * Version strings are of the form #.#[.#[_#]], with the function returning + * as much version information as it can determine, from just family + * versions ("1.4.2", "1.5") through the full version ("1.5.0_06"). + * + * Detection is done on a best-effort basis. Under some circumstances + * only the highest installed JRE version will be detected, and + * JREs older than 1.4.2 will not always be detected. + */ + getJREs: function() { + var list = new Array(); + if (deployJava.isPluginInstalled()) { + var plugin = deployJava.getPlugin(); + //[#423] Firefox 3.0.11 bug #498132 causes applet loading failure + var jvms = plugin.jvms; + for (var i = 0; i < jvms.getLength(); i++) { + list[i] = jvms.get(i).version; + } + } else { + var browser = deployJava.getBrowser(); + + if (browser == 'MSIE') { + if (deployJava.testUsingActiveX('1.8.0')) { + list[0] = '1.8.0'; + } else if (deployJava.testUsingActiveX('1.7.0')) { + list[0] = '1.7.0'; + } else if (deployJava.testUsingActiveX('1.6.0')) { + list[0] = '1.6.0'; + } else if (deployJava.testUsingActiveX('1.5.0')) { + list[0] = '1.5.0'; + } else if (deployJava.testUsingActiveX('1.4.2')) { + list[0] = '1.4.2'; + } else if (deployJava.testForMSVM()) { + list[0] = '1.1'; + } + } + else if (browser == 'Netscape Family') { + if (deployJava.testUsingMimeTypes('1.8')) { + list[0] = '1.8.0'; + } else if (deployJava.testUsingMimeTypes('1.7')) { + list[0] = '1.7.0'; + } else if (deployJava.testUsingMimeTypes('1.6')) { + list[0] = '1.6.0'; + } else if (deployJava.testUsingMimeTypes('1.5')) { + list[0] = '1.5.0'; + } else if (deployJava.testUsingMimeTypes('1.4.2')) { + list[0] = '1.4.2'; + } + } else if (browser == 'Safari') { + if (deployJava.testUsingPluginsArray('1.8.0')) { + list[0] = '1.8.0'; + } else if (deployJava.testUsingPluginsArray('1.7.0')) { + list[0] = '1.7.0'; + } else if (deployJava.testUsingPluginsArray('1.6.0')) { + list[0] = '1.6.0'; + } else if (deployJava.testUsingPluginsArray('1.5.0')) { + list[0] = '1.5.0'; + } else if (deployJava.testUsingPluginsArray('1.4.2')) { + list[0] = '1.4.2'; + } + } + } + + if (deployJava.debug) { + for (var i = 0; i < list.length; ++i) { + alert('We claim to have detected Java SE ' + list[i]); + } + } + + return list; + }, + + /** + * Triggers a JRE installation. The exact effect of triggering an + * installation varies based on platform, browser, and if the + * Deployment Toolkit plugin is installed. + * + * The requestVersion string is of the form #[.#[.#[_#]]][+|*], + * which includes strings such as "1.4", "1.5.0*", and "1.6.0_02+". + * A star (*) means "any version starting within this family" and + * a plus (+) means "any version greater or equal to this". + * "1.5.0*" * matches 1.5.0_06 but not 1.6.0_01, whereas + * "1.5.0+" matches both. + * + * If the Deployment Toolkit plugin is not present, this will just call + * deployJava.installLatestJRE(). + */ + installJRE: function(requestVersion) { + var ret = false; + if (deployJava.isPluginInstalled()) { + if (deployJava.getPlugin().installJRE(requestVersion)) { + deployJava.refresh(); + if (deployJava.returnPage != null) { + document.location = deployJava.returnPage; + } + return true; + } else { + return false; + } + } else { + return deployJava.installLatestJRE(); + } + }, + + + /** + * Triggers a JRE installation. The exact effect of triggering an + * installation varies based on platform, browser, and if the + * Deployment Toolkit plugin is installed. + * + * In the simplest case, the browser window will be redirected to the + * java.com JRE installation page, and (if possible) a redirect back to + * the current URL upon successful installation. The return redirect is + * not always possible, as the JRE installation may require the browser to + * be restarted. + * + * In the best case (when the Deployment Toolkit plugin is present), this + * function will immediately cause a progress dialog to be displayed + * as the JRE is downloaded and installed. + */ + installLatestJRE: function() { + if (deployJava.isPluginInstalled()) { + if (deployJava.getPlugin().installLatestJRE()) { + deployJava.refresh(); + if (deployJava.returnPage != null) { + document.location = deployJava.returnPage; + } + return true; + } else { + return false; + } + } else { + var browser = deployJava.getBrowser(); + var platform = navigator.platform.toLowerCase(); + if ((deployJava.EAInstallEnabled == 'true') && + (platform.indexOf('win') != -1) && + (deployJava.EarlyAccessURL != null)) { + + deployJava.preInstallJREList = deployJava.getJREs(); + if (deployJava.returnPage != null) { + deployJava.myInterval = + setInterval("deployJava.poll()", 3000); + } + + location.href = deployJava.EarlyAccessURL; + + // we have to return false although there may be an install + // in progress now, when complete it may go to return page + return false; + } else { + if (browser == 'MSIE') { + return deployJava.IEInstall(); + } else if ((browser == 'Netscape Family') && + (platform.indexOf('win32') != -1)) { + return deployJava.FFInstall(); + } else { + location.href = deployJava.getJavaURL + + ((deployJava.returnPage != null) ? + ('&returnPage=' + deployJava.returnPage) : '') + + ((deployJava.locale != null) ? + ('&locale=' + deployJava.locale) : '') + + ((deployJava.brand != null) ? + ('&brand=' + deployJava.brand) : ''); + } + // we have to return false although there may be an install + // in progress now, when complete it may go to return page + return false; + } + } + }, + + + /** + * Ensures that an appropriate JRE is installed and then runs an applet. + * minimumVersion is of the form #[.#[.#[_#]]], and is the minimum + * JRE version necessary to run this applet. minimumVersion is optional, + * defaulting to the value "1.1" (which matches any JRE). + * If an equal or greater JRE is detected, runApplet() will call + * writeAppletTag(attributes, parameters) to output the applet tag, + * otherwise it will call installJRE(minimumVersion + '+'). + * + * After installJRE() is called, the script will attempt to detect that the + * JRE installation has completed and begin running the applet, but there + * are circumstances (such as when the JRE installation requires a browser + * restart) when this cannot be fulfilled. + * + * As with writeAppletTag(), this function should only be called prior to + * the web page being completely rendered. Note that version wildcards + * (star (*) and plus (+)) are not supported, and including them in the + * minimumVersion will result in an error message. + */ + runApplet: function(attributes, parameters, minimumVersion) { + if (minimumVersion == 'undefined' || minimumVersion == null) { + minimumVersion = '1.1'; + } + + var regex = "^(\\d+)(?:\\.(\\d+)(?:\\.(\\d+)(?:_(\\d+))?)?)?$"; + + var matchData = minimumVersion.match(regex); + + if (deployJava.returnPage == null) { + // if there is an install, come back here and run the applet + deployJava.returnPage = document.location; + } + + if (matchData != null) { + var browser = deployJava.getBrowser(); + if ((browser != '?') && (browser != 'Safari')) { + if (deployJava.versionCheck(minimumVersion + '+')) { + deployJava.writeAppletTag(attributes, parameters); + } else if (deployJava.installJRE(minimumVersion + '+')) { + // after successfull install we need to refresh page to pick + // pick up new plugin + deployJava.refresh(); + location.href = document.location; + deployJava.writeAppletTag(attributes, parameters); + } + } else { + // for unknown or Safari - just try to show applet + deployJava.writeAppletTag(attributes, parameters); + } + } else { + if (deployJava.debug) { + alert('Invalid minimumVersion argument to runApplet():' + + minimumVersion); + } + } + }, + + + /** + * Outputs an applet tag with the specified attributes and parameters, where + * both attributes and parameters are associative arrays. Each key/value + * pair in attributes becomes an attribute of the applet tag itself, while + * key/value pairs in parameters become tags. No version checking + * or other special behaviors are performed; the tag is simply written to + * the page using document.writeln(). + * + * As document.writeln() is generally only safe to use while the page is + * being rendered, you should never call this function after the page + * has been completed. + */ + writeAppletTag: function(attributes, parameters) { + var s = '<' + 'applet '; + for (var attribute in attributes) { + s += (' ' + attribute + '="' + attributes[attribute] + '"'); + } + s += '>'; + document.write(s); + + if (parameters != 'undefined' && parameters != null) { + var codebaseParam = false; + for (var parameter in parameters) { + if (parameter == 'codebase_lookup') { + codebaseParam = true; + } + s = ''; + document.write(s); + } + if (!codebaseParam) { + document.write(''); + } + } + document.write('<' + '/' + 'applet' + '>'); + }, + + + /** + * Returns true if there is a matching JRE version currently installed + * (among those detected by getJREs()). The versionPattern string is + * of the form #[.#[.#[_#]]][+|*], which includes strings such as "1.4", + * "1.5.0*", and "1.6.0_02+". + * A star (*) means "any version within this family" and a plus (+) means + * "any version greater or equal to the specified version". "1.5.0*" + * matches 1.5.0_06 but not 1.6.0_01, whereas "1.5.0+" matches both. + * + * If the versionPattern does not include all four version components + * but does not end with a star or plus, it will be treated as if it + * ended with a star. "1.5" is exactly equivalent to "1.5*", and will + * match any version number beginning with "1.5". + * + * If getJREs() is unable to detect the precise version number, a match + * could be ambiguous. For example if getJREs() detects "1.5", there is + * no way to know whether the JRE matches "1.5.0_06+". versionCheck() + * compares only as much of the version information as could be detected, + * so versionCheck("1.5.0_06+") would return true in in this case. + * + * Invalid versionPattern will result in a JavaScript error alert. + * versionPatterns which are valid but do not match any existing JRE + * release (e.g. "32.65+") will always return false. + */ + versionCheck: function(versionPattern) + { + var index = 0; + var regex = "^(\\d+)(?:\\.(\\d+)(?:\\.(\\d+)(?:_(\\d+))?)?)?(\\*|\\+)?$"; + + var matchData = versionPattern.match(regex); + + if (matchData != null) { + var familyMatch = true; + + var patternArray = new Array(); + + for (var i = 1; i < matchData.length; ++i) { + // browser dependency here. + // Fx sets 'undefined', IE sets '' string for unmatched groups + if ((typeof matchData[i] == 'string') && (matchData[i] != '')) { + patternArray[index] = matchData[i]; + index++; + } + } + + if (patternArray[patternArray.length-1] == '+') { + familyMatch = false; + patternArray.length--; + } else { + if (patternArray[patternArray.length-1] == '*') { + patternArray.length--; + } + } + + var list = deployJava.getJREs(); + for (var i = 0; i < list.length; ++i) { + if (deployJava.compareVersionToPattern(list[i], patternArray, + familyMatch)) { + return true; + } + } + + return false; + } else { + alert('Invalid versionPattern passed to versionCheck: ' + + versionPattern); + return false; + } + }, + + + /** + * Returns true if an installation of Java Web Start of the specified + * minimumVersion can be detected. minimumVersion is optional, and + * if not specified, '1.4.2' will be used. + * (Versions earlier than 1.4.2 may not be detected.) + */ + isWebStartInstalled: function(minimumVersion) { + + var browser = deployJava.getBrowser(); + if ((browser == '?') || (browser == 'Safari')) { + // we really don't know - better to try to use it than reinstall + return true; + } + + if (minimumVersion == 'undefined' || minimumVersion == null) { + minimumVersion = '1.4.2'; + } + + var retval = false; + var regex = "^(\\d+)(?:\\.(\\d+)(?:\\.(\\d+)(?:_(\\d+))?)?)?$"; + var matchData = minimumVersion.match(regex); + + if (matchData != null) { + retval = deployJava.versionCheck(minimumVersion + '+'); + } else { + if (deployJava.debug) { + alert('Invalid minimumVersion argument to isWebStartInstalled(): ' + minimumVersion); + } + retval = deployJava.versionCheck('1.4.2+'); + } + return retval; + }, + + + /** + * Outputs a launch button for the specified JNLP URL. When clicked, the + * button will ensure that an appropriate JRE is installed and then launch + * the JNLP application. minimumVersion is of the form #[.#[.#[_#]]], and + * is the minimum JRE version necessary to run this JNLP application. + * minimumVersion is optional, and if it is not specified, '1.4.2' + * will be used. + * If an appropriate JRE or Web Start installation is detected, + * the JNLP application will be launched, otherwise installLatestJRE() + * will be called. + * + * After installLatestJRE() is called, the script will attempt to detect + * that the JRE installation has completed and launch the JNLP application, + * but there are circumstances (such as when the JRE installation + * requires a browser restart) when this cannot be fulfilled. + */ + createWebStartLaunchButton: function(jnlp, minimumVersion) { + + if (deployJava.returnPage == null) { + // if there is an install, come back and run the jnlp file + deployJava.returnPage = jnlp; + } + + var url = 'javascript:' + + 'if (!deployJava.isWebStartInstalled("' + + minimumVersion + '")) {' + + 'if (deployJava.installLatestJRE()) {' + + 'if (deployJava.launch("' + jnlp + '")) {}' + + '}' + + '} else {' + + 'if (deployJava.launch("' + jnlp + '")) {}' + + '}'; + + // [#425] Disable WebStart Launch Button for MacOS + if (navigator.appVersion.toLowerCase().indexOf("mac")!=-1 && + navigator.userAgent.toLowerCase().indexOf("os x 10_6")==-1 && + navigator.userAgent.toLowerCase().indexOf("os x 10.6")==-1 ) + { + document.write('<' + 'a disabled="disabled"' + + ' onMouseOver="window.status=\'\'; ' + + 'return true;"><' + 'img class="disabled"' + + 'src="' + deployJava.launchButtonPNG + '" ' + + 'border="0" /><' + '/' + 'a' + '>'); + } else { + document.write('<' + 'a href="' + url + + '" onMouseOver="window.status=\'\'; ' + + 'return true;"><' + 'img ' + + 'src="' + deployJava.launchButtonPNG + '" ' + + 'border="0" /><' + '/' + 'a' + '>'); + } + }, + + + /** + * Launch a JNLP application, (using the plugin if available) + */ + launch: function(jnlp) { + //[#424] Web Start loading via java plugin (Sun deployment script) fails on WinXP +// if (deployJava.isPluginInstalled()) { +// return deployJava.getPlugin().launch(jnlp); +// } else { + document.location=jnlp; + return true; +// } + }, + + + /* + * returns true if the ActiveX or XPI plugin is installed + */ + isPluginInstalled: function() { + var plugin = deployJava.getPlugin(); + if (plugin && plugin.jvms) { + return true; + } else { + return false; + } + }, + + /* + * returns true if the plugin is installed and AutoUpdate is enabled + */ + isAutoUpdateEnabled: function() { + if (deployJava.isPluginInstalled()) { + return deployJava.getPlugin().isAutoUpdateEnabled(); + } + return false; + }, + + /* + * sets AutoUpdate on if plugin is installed + */ + setAutoUpdateEnabled: function() { + if (deployJava.isPluginInstalled()) { + return deployJava.getPlugin().setAutoUpdateEnabled(); + } + return false; + }, + + /* + * sets the preferred install type : null, online, kernel + */ + setInstallerType: function(type) { + deployJava.installType = type; + if (deployJava.isPluginInstalled()) { + return deployJava.getPlugin().setInstallerType(type); + } + return false; + }, + + /* + * sets additional package list - to be used by kernel installer + */ + setAdditionalPackages: function(packageList) { + if (deployJava.isPluginInstalled()) { + return deployJava.getPlugin().setAdditionalPackages( + packageList); + } + return false; + }, + + /* + * sets preference to install Early Access versions if available + */ + setEarlyAccess: function(enabled) { + deployJava.EAInstallEnabled = enabled; + }, + + /* + * Determines if the next generation plugin (Plugin II) is default + */ + isPlugin2: function() { + if (deployJava.isPluginInstalled()) { + try { + return deployJava.getPlugin().isPlugin2(); + } catch (err) { + // older plugin w/o isPlugin2() function - just fall through + } + } + return false; + }, + + + getPlugin: function() { + deployJava.refresh(); + var ret = document.getElementById('deployJavaPlugin'); + return ret; + }, + + compareVersionToPattern: function(version, patternArray, familyMatch) { + var regex = "^(\\d+)(?:\\.(\\d+)(?:\\.(\\d+)(?:_(\\d+))?)?)?$"; + var matchData = version.match(regex); + + if (matchData != null) { + var index = 0; + var result = new Array(); + + for (var i = 1; i < matchData.length; ++i) { + if ((typeof matchData[i] == 'string') && (matchData[i] != '')) + { + result[index] = matchData[i]; + index++; + } + } + + var l = Math.min(result.length, patternArray.length); + + if (familyMatch) { + for (var i = 0; i < l; ++i) { + if (result[i] != patternArray[i]) return false; + } + + return true; + } else { + for (var i = 0; i < l; ++i) { + if (result[i] < patternArray[i]) { + return false; + } else if (result[i] > patternArray[i]) { + return true; + } + } + + return true; + } + } else { + return false; + } + }, + + + getBrowser: function() { + var browser = navigator.userAgent.toLowerCase(); + + if (deployJava.debug) { + alert('userAgent -> ' + browser); + } + + if ((navigator.vendor) && + (navigator.vendor.toLowerCase().indexOf('apple') != -1) && + (browser.indexOf('safari') != -1)) { + if (deployJava.debug) { + alert('We claim to have detected "Safari".'); + } + return 'Safari'; + } else if (browser.indexOf('msie') != -1) { + if (deployJava.debug) { + alert('We claim to have detected "IE".'); + } + return 'MSIE'; +// } else if ((browser.indexOf('konqueror') != -1)) { +// if (deployJava.debug) { +// alert('We claim to have detected "Konqueror".'); +// } + } else if ((browser.indexOf('mozilla') != -1) || + (browser.indexOf('firefox') != -1)) { + if (deployJava.debug) { + alert('We claim to have detected a Netscape family browser.'); + } + return 'Netscape Family'; + } else { + if (deployJava.debug) { + alert('We claim to have failed to detect a browser.'); + } + return '?'; + } + }, + + + testUsingActiveX: function(version) { + var objectName = 'JavaWebStart.isInstalled.' + version + '.0'; + + if (!ActiveXObject) { + if (deployJava.debug) { + alert ('Browser claims to be IE, but no ActiveXObject object?'); + } + return false; + } + + try { + return (new ActiveXObject(objectName) != null); + } catch (exception) { + return false; + } + }, + + + testForMSVM: function() { + var clsid = '{08B0E5C0-4FCB-11CF-AAA5-00401C608500}'; + + if (typeof oClientCaps != 'undefined') { + var v = oClientCaps.getComponentVersion(clsid, "ComponentID"); + if ((v == '') || (v == '5,0,5000,0')) { + return false; + } else { + return true; + } + } else { + return false; + } + }, + + + testUsingMimeTypes: function(version) { + if (!navigator.mimeTypes) { + if (deployJava.debug) { + alert ('Browser claims to be Netscape family, but no mimeTypes[] array?'); + } + return false; + } + + for (var i = 0; i < navigator.mimeTypes.length; ++i) { + s = navigator.mimeTypes[i].type; + var m = s.match(/^application\/x-java-applet\x3Bversion=(1\.8|1\.7|1\.6|1\.5|1\.4\.2)$/); + if (m != null) { + if (deployJava.compareVersions(m[1], version)) { + return true; + } + } + } + return false; + }, + + + testUsingPluginsArray: function(version) { + if ((!navigator.plugins) || (!navigator.plugins.length)) { + if (deployJava.debug) { + alert ('Browser claims to be Safari, but no plugins[] array?'); + } + return false; + } + + for (var i = 0; i < navigator.plugins.length; ++i) { + s = navigator.plugins[i].description; + + if (s.search(/^Java Switchable Plug-in/) != -1) { + return true; + } + + m = s.match(/^Java (1\.4\.2|1\.5|1\.6|1\.7).* Plug-in/); + if (m != null) { + if (deployJava.compareVersions(m[1], version)) return true; + } + } + return false; + }, + + IEInstall: function() { + + location.href = deployJava.getJavaURL + + ((deployJava.returnPage != null) ? + ('&returnPage=' + deployJava.returnPage) : '') + + ((deployJava.locale != null) ? + ('&locale=' + deployJava.locale) : '') + + ((deployJava.brand != null) ? ('&brand=' + deployJava.brand) : '') + + ((deployJava.installType != null) ? + ('&type=' + deployJava.installType) : ''); + + // should not actually get here + return false; + }, + + done: function (name, result) { + }, + + FFInstall: function() { + + location.href = deployJava.getJavaURL + + ((deployJava.returnPage != null) ? + ('&returnPage=' + deployJava.returnPage) : '') + + ((deployJava.locale != null) ? + ('&locale=' + deployJava.locale) : '') + + ((deployJava.brand != null) ? ('&brand=' + deployJava.brand) : '') + + ((deployJava.installType != null) ? + ('&type=' + deployJava.installType) : ''); + + // should not actually get here + return false; + }, + + // return true if 'installed' (considered as a JRE version string) is + // greater than or equal to 'required' (again, a JRE version string). + compareVersions: function(installed, required) { + + var a = installed.split('.'); + var b = required.split('.'); + + for (var i = 0; i < a.length; ++i) { + a[i] = Number(a[i]); + } + for (var i = 0; i < b.length; ++i) { + b[i] = Number(b[i]); + } + if (a.length == 2) { + a[2] = 0; + } + + if (a[0] > b[0]) return true; + if (a[0] < b[0]) return false; + + if (a[1] > b[1]) return true; + if (a[1] < b[1]) return false; + + if (a[2] > b[2]) return true; + if (a[2] < b[2]) return false; + + return true; + }, + + + enableAlerts: function() { + deployJava.debug = true; + }, + + poll: function() { + + deployJava.refresh(); + var postInstallJREList = deployJava.getJREs(); + + if ((deployJava.preInstallJREList.length == 0) && + (postInstallJREList.length != 0)) { + clearInterval(deployJava.myInterval); + if (deployJava.returnPage != null) { + location.href = deployJava.returnPage; + }; + } + + if ((deployJava.preInstallJREList.length != 0) && + (postInstallJREList.length != 0) && + (deployJava.preInstallJREList[0] != postInstallJREList[0])) { + clearInterval(deployJava.myInterval); + if (deployJava.returnPage != null) { + location.href = deployJava.returnPage; + } + } + + }, + + writePluginTag: function() { + var browser = deployJava.getBrowser(); + if (browser == 'MSIE') { + document.write('<' + + 'object classid="clsid:CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA" ' + + 'id="deployJavaPlugin" width="0" height="0">' + + '<' + '/' + 'object' + '>'); + } else if (browser == 'Netscape Family') { + if (navigator.mimeTypes != null) for (var i=0; + i < navigator.mimeTypes.length; i++) { + if (navigator.mimeTypes[i].type == deployJava.mimeType) { + if (navigator.mimeTypes[i].enabledPlugin) { + document.write('<' + + 'embed id="deployJavaPlugin" type="' + + deployJava.mimeType + '" hidden="true" />'); + } + } + } + } + }, + + refresh: function() { + navigator.plugins.refresh(false); + + var browser = deployJava.getBrowser(); + if (browser == 'Netscape Family') { + var plugin = document.getElementById('deployJavaPlugin'); + // only do this again if no plugin + if (plugin == null) { + if (navigator.mimeTypes != null) for (var i=0; + i < navigator.mimeTypes.length; i++) { + if (navigator.mimeTypes[i].type == deployJava.mimeType) { + if (navigator.mimeTypes[i].enabledPlugin) { + document.write('<' + + 'embed id="deployJavaPlugin" type="' + + deployJava.mimeType + '" hidden="true" />'); + } + } + } + } + } + }, + + do_initialize: function() { + deployJava.writePluginTag(); + if (deployJava.locale == null) { + var loc = null; + + if (loc == null) try { + loc = navigator.userLanguage; + } catch (err) { } + + if (loc == null) try { + loc = navigator.systemLanguage; + } catch (err) { } + + if (loc == null) try { + loc = navigator.language; + } catch (err) { } + + if (loc != null) { + loc.replace("-","_") + deployJava.locale = loc; + } + } + } + +}; +deployJava.do_initialize(); + diff --git a/mocca-1.2.11/BKUOnline/src/main/webapp/js/deployJava_orig.js b/mocca-1.2.11/BKUOnline/src/main/webapp/js/deployJava_orig.js new file mode 100644 index 00000000..316fa278 --- /dev/null +++ b/mocca-1.2.11/BKUOnline/src/main/webapp/js/deployJava_orig.js @@ -0,0 +1,725 @@ +/* + * Copyright (c) 2008 Sun Microsystems, Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * - Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * - Neither the name of Sun Microsystems nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS + * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR + * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +/* + * Added by EGIZ: + * This file contains workarounds to + * [#423] Firefox 3.0.11 bug #498132 causes applet loading failure + * (lines 95-99) + * [#424] Web Start loading via java plugin (Sun deployment script) fails on WinXP/Vista + * (lines 501-506) + * + * features: + * [#425] Disable WebStart Launch Button for MacOS + * (lines 492-504) + * + */ + +/* + * deployJava.js + * + * This file is part of the Deployment Toolkit. It provides functions for web + * pages to detect the presence of a JRE, install the latest JRE, and easily run + * applets or Web Start programs. Usage guide may be found at http:///. + * + * The "live" copy of this file may be found at + * http://java.com/js/deployJava.js. + * You are encouraged to link directly to the live copy of the file. + * + * @version @(#)deployJava.js XXXXX + */ + +var deployJava={ + debug:null, + + myInterval:null, + preInstallJREList:null, + returnPage:null, + brand:null, + locale:null, + installType:null, + + EAInstallEnabled:false, + EarlyAccessURL:null, + + // GetJava page + getJavaURL:'http://java.sun.com/webapps/getjava/BrowserRedirect?host=java.com', + + // Apple redirect page + appleRedirectPage:'http://www.apple.com/support/downloads/', + oldMimeType:'application/npruntime-scriptable-plugin;DeploymentToolkit', + mimeType:'application/java-deployment-toolkit', + launchButtonPNG:'http://java.sun.com/products/jfc/tsc/articles/swing2d/webstart.png', + + getJREs:function(){ + var list=new Array(); + if(deployJava.isPluginInstalled()){ + var plugin=deployJava.getPlugin(); + var VMs=plugin.jvms; + for(var i=0;i'; + document.write(s); + } + if(!codebaseParam){ + document.write(''); + } + } + document.write('<'+'/'+'applet'+'>'); + }, + + versionCheck:function(versionPattern) + + { + var index=0; + var regex="^(\\d+)(?:\\.(\\d+)(?:\\.(\\d+)(?:_(\\d+))?)?)?(\\*|\\+)?$"; + + var matchData=versionPattern.match(regex); + + if(matchData!=null){ + var familyMatch=true; + + var patternArray=new Array(); + + for(var i=1;i<'+'img '+'src="'+deployJava.launchButtonPNG+'" '+'border="0" /><'+'/'+'a'+'>'); + }, + + launch:function(jnlp){ + if(deployJava.isPluginInstalled()){ + return deployJava.getPlugin().launch(jnlp); + }else{ + document.location=jnlp;return true; + } + }, + + isPluginInstalled:function(){ + var plugin=deployJava.getPlugin(); + if(plugin&&plugin.jvms){ + return true; + }else{ + return false; + } + }, + + isAutoUpdateEnabled:function(){ + if(deployJava.isPluginInstalled()){ + return deployJava.getPlugin().isAutoUpdateEnabled(); + } + return false; + }, + + setAutoUpdateEnabled:function(){ + if(deployJava.isPluginInstalled()){ + return deployJava.getPlugin().setAutoUpdateEnabled(); + } + return false; + }, + + setInstallerType:function(type){ + deployJava.installType=type; + if(deployJava.isPluginInstalled()){ + return deployJava.getPlugin().setInstallerType(type); + } + return false; + }, + + setAdditionalPackages:function(packageList){ + if(deployJava.isPluginInstalled()){ + return deployJava.getPlugin().setAdditionalPackages( + packageList); + } + return false; + }, + + setEarlyAccess:function(enabled){ + deployJava.EAInstallEnabled=enabled; + }, + + isPlugin2:function(){ + if(deployJava.isPluginInstalled()){ + if(deployJava.versionCheck('1.6.0_10+')){ + try{ + return deployJava.getPlugin().isPlugin2(); + }catch(err){ + + } + } + } + return false; + }, + + + getPlugin:function(){ + deployJava.refresh(); + var ret=document.getElementById('deployJavaPlugin'); + return ret; + }, + + compareVersionToPattern:function(version,patternArray,familyMatch){ + var regex="^(\\d+)(?:\\.(\\d+)(?:\\.(\\d+)(?:_(\\d+))?)?)?$"; + var matchData=version.match(regex); + + if(matchData!=null){ + var index=0; + var result=new Array(); + + for(var i=1;ipatternArray[i]){ + return true; + } + } + + return true; + } + }else{ + return false; + } + }, + + + getBrowser:function(){ + var browser=navigator.userAgent.toLowerCase(); + + if(deployJava.debug){ + alert('userAgent -> '+browser); + } + + if((navigator.vendor)&& + (navigator.vendor.toLowerCase().indexOf('apple')!=-1)&& + (browser.indexOf('safari')!=-1)){ + if(deployJava.debug){ + alert('We claim to have detected "Safari".'); + } + return'Safari'; + }else if(browser.indexOf('msie')!=-1){ + if(deployJava.debug){ + alert('We claim to have detected "IE".'); + } + return'MSIE'; + }else if((browser.indexOf('mozilla')!=-1)|| + (browser.indexOf('firefox')!=-1)){ + if(deployJava.debug){ + alert('We claim to have detected a Netscape family browser.'); + } + return'Netscape Family'; + }else{ + if(deployJava.debug){ + alert('We claim to have failed to detect a browser.'); + } + return'?'; + } + }, + + + testUsingActiveX:function(version){ + var objectName='JavaWebStart.isInstalled.'+version+'.0'; + + if(!ActiveXObject){ + if(deployJava.debug){ + alert('Browser claims to be IE, but no ActiveXObject object?'); + } + return false; + } + + try{ + return(new ActiveXObject(objectName)!=null); + }catch(exception){ + return false; + } + }, + + + testForMSVM:function(){ + var clsid='{08B0E5C0-4FCB-11CF-AAA5-00401C608500}'; + + if(typeof oClientCaps!='undefined'){ + var v=oClientCaps.getComponentVersion(clsid,"ComponentID"); + if((v=='')||(v=='5,0,5000,0')){ + return false; + }else{ + return true; + } + }else{ + return false; + } + }, + + + testUsingMimeTypes:function(version){ + if(!navigator.mimeTypes){ + if(deployJava.debug){ + alert('Browser claims to be Netscape family, but no mimeTypes[] array?'); + } + return false; + } + + for(var i=0;ib[0])return true; + if(a[0]b[1])return true; + if(a[1]b[2])return true; + if(a[2]'+ + '<'+'/'+'object'+'>'); + }else if(browser=='Netscape Family'){ + deployJava.writeEmbedTag(); + } + }, + + refresh:function(){ + navigator.plugins.refresh(false);var browser=deployJava.getBrowser();if(browser=='Netscape Family'){ + var plugin=document.getElementById('deployJavaPlugin');if(plugin==null){ + deployJava.writeEmbedTag(); + } + } + }, + + writeEmbedTag:function(){ + var written=false;if(navigator.mimeTypes!=null){ + for(var i=0;i