aboutsummaryrefslogtreecommitdiff
path: root/src/main/java/at/knowcenter/wag/egov
diff options
context:
space:
mode:
Diffstat (limited to 'src/main/java/at/knowcenter/wag/egov')
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/PdfAS.java2
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/cfg/SettingsReader.java2
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/pdf/PDFSignatureObjectIText.java4
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/DetachedBKUConnector.java6
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/EnvelopedBase64BKUConnector.java8
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/DetachedLocRefMOAConnector.java8
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/EnvelopingBase64MOAConnector.java8
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/MOASoapWithAttachmentConnector.java8
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/mocca/LocRefDetachedMOCCAConnector.java9
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/mocca/MOCCAHelper.java4
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/web/FormFields.java2
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/DataURLServlet.java6
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/ProvidePDFServlet.java58
13 files changed, 96 insertions, 29 deletions
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/PdfAS.java b/src/main/java/at/knowcenter/wag/egov/egiz/PdfAS.java
index 5164ae4..c56a03e 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/PdfAS.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/PdfAS.java
@@ -96,7 +96,7 @@ public abstract class PdfAS
* The current version of the pdf-as library. This version string is logged on every invocation
* of the api or the web application.
*/
- public static final String PDFAS_VERSION = "3.0.9-20090206";
+ public static final String PDFAS_VERSION = "3.0.9-20090319";
/**
* The key of the strict mode setting.
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/cfg/SettingsReader.java b/src/main/java/at/knowcenter/wag/egov/egiz/cfg/SettingsReader.java
index bca5b17..5fd67d2 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/cfg/SettingsReader.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/cfg/SettingsReader.java
@@ -394,7 +394,7 @@ public class SettingsReader implements Serializable
logger_.info(" configuration path = \"" + CONFIG_PATH + "\"");
logger_.info(" certstore path = \"" + CERT_PATH + "\"");
logger_.info(" temporary path = \"" + TMP_PATH + "\"");
- logger_.info(" file.encoding = \"" + System.getProperty("file.encoding") + "\"");
+ logger_.debug(" file.encoding = \"" + System.getProperty("file.encoding") + "\"");
logger_.info(StringUtils.repeat("*", length + 25));
IAIK.addAsProvider();
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/pdf/PDFSignatureObjectIText.java b/src/main/java/at/knowcenter/wag/egov/egiz/pdf/PDFSignatureObjectIText.java
index 78aafbf..dc85a4f 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/pdf/PDFSignatureObjectIText.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/pdf/PDFSignatureObjectIText.java
@@ -323,7 +323,7 @@ public class PDFSignatureObjectIText implements PDFSignatureObject
String pdfa = SettingsReader.getInstance().getSetting("sig_obj." +profileid+".key."+SIG_PDFA1_B_VALID, "default."+SIG_PDFA1_B_VALID, "false");
pdfaValid= "true".equalsIgnoreCase(pdfa);
SubsetLocal.set(!pdfaValid);
- logger_.debug("Sign PDF/A complient:"+pdfa);
+ logger_.trace("Sign PDF/A complient:"+pdfa);
} catch (SettingsException e1)
{
logger_.error(e1);
@@ -346,7 +346,7 @@ public class PDFSignatureObjectIText implements PDFSignatureObject
font_string = cell_style.getValueFont();
}
- logger_.debug("using cell font: "+font_string);
+ logger_.trace("using cell font: "+font_string);
Font cell_font;
if(font_string.startsWith("TTF:"))
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/DetachedBKUConnector.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/DetachedBKUConnector.java
index d10afc6..5164771 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/DetachedBKUConnector.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/DetachedBKUConnector.java
@@ -130,6 +130,12 @@ public class DetachedBKUConnector implements Connector, LocalConnector
BKUHelper.checkResponseForError(response_string);
+ // TODO[tknall] Parse server type and version in order to prevent unsupported cces from signing pdfs
+ // http://www.buergerkarte.at/konzept/securitylayer/spezifikation/aktuell/bindings/bindings.html#http.kodierung.response.dataurl
+ log.debug("BKU response header \"user-agent\" header: " + bkuUserAgentHeader);
+ // http://www.buergerkarte.at/konzept/securitylayer/spezifikation/aktuell/bindings/bindings.html#http.kodierung.response.browser
+ log.debug("BKU response header \"server\" header: " + bkuServerHeader);
+
SignSignatureObject so;
if (MOCCAHelper.isMOCCACCEId(bkuServerHeader == null ? bkuUserAgentHeader : bkuServerHeader)) {
log.debug("Evaluating response as MOCCA response.");
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/EnvelopedBase64BKUConnector.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/EnvelopedBase64BKUConnector.java
index 40a7732..f30b4b7 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/EnvelopedBase64BKUConnector.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/EnvelopedBase64BKUConnector.java
@@ -360,6 +360,14 @@ public class EnvelopedBase64BKUConnector implements Connector, LocalConnector
BKUHelper.checkResponseForError(response_string);
+ // TODO[tknall] Parse server type and version in order to prevent unsupported cces from signing pdfs
+ String bkuServerHeader = response_properties.getProperty(BKUPostConnection.BKU_SERVER_HEADER_KEY);
+ String bkuUserAgentHeader = response_properties.getProperty(BKUPostConnection.BKU_USER_AGENT_HEADER_KEY);
+ // http://www.buergerkarte.at/konzept/securitylayer/spezifikation/aktuell/bindings/bindings.html#http.kodierung.response.dataurl
+ log.debug("BKU response header \"user-agent\" header: " + bkuUserAgentHeader);
+ // http://www.buergerkarte.at/konzept/securitylayer/spezifikation/aktuell/bindings/bindings.html#http.kodierung.response.browser
+ log.debug("BKU response header \"server\" header: " + bkuServerHeader);
+
SignSignatureObject so = BKUHelper.parseCreateXMLResponse(response_string, new HotfixIdFormatter());
log.debug("analyzeSignResponse finished."); //$NON-NLS-1$
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/DetachedLocRefMOAConnector.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/DetachedLocRefMOAConnector.java
index b31d1ec..6ad5b94 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/DetachedLocRefMOAConnector.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/DetachedLocRefMOAConnector.java
@@ -107,6 +107,14 @@ public class DetachedLocRefMOAConnector implements Connector
BKUHelper.checkResponseForError(response_string);
+ // TODO[tknall] Parse server type and version in order to prevent unsupported cces from signing pdfs
+ String bkuServerHeader = response_properties.getProperty(BKUPostConnection.BKU_SERVER_HEADER_KEY);
+ String bkuUserAgentHeader = response_properties.getProperty(BKUPostConnection.BKU_USER_AGENT_HEADER_KEY);
+ // http://www.buergerkarte.at/konzept/securitylayer/spezifikation/aktuell/bindings/bindings.html#http.kodierung.response.dataurl
+ log.debug("BKU response header \"user-agent\" header: " + bkuUserAgentHeader);
+ // http://www.buergerkarte.at/konzept/securitylayer/spezifikation/aktuell/bindings/bindings.html#http.kodierung.response.browser
+ log.debug("BKU response header \"server\" header: " + bkuServerHeader);
+
SignSignatureObject so = MOAHelper.parseCreateXMLResponse(response_string, new DetachedLocRefMOAIdFormatter());
log.debug("analyzeSignResponse finished."); //$NON-NLS-1$
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/EnvelopingBase64MOAConnector.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/EnvelopingBase64MOAConnector.java
index a6db63c..b309432 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/EnvelopingBase64MOAConnector.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/EnvelopingBase64MOAConnector.java
@@ -218,6 +218,14 @@ public class EnvelopingBase64MOAConnector implements Connector
BKUHelper.checkResponseForError(response_string);
+ // TODO[tknall] Parse server type and version in order to prevent unsupported cces from signing pdfs
+ String bkuServerHeader = response_properties.getProperty(BKUPostConnection.BKU_SERVER_HEADER_KEY);
+ String bkuUserAgentHeader = response_properties.getProperty(BKUPostConnection.BKU_USER_AGENT_HEADER_KEY);
+ // http://www.buergerkarte.at/konzept/securitylayer/spezifikation/aktuell/bindings/bindings.html#http.kodierung.response.dataurl
+ log.debug("BKU response header \"user-agent\" header: " + bkuUserAgentHeader);
+ // http://www.buergerkarte.at/konzept/securitylayer/spezifikation/aktuell/bindings/bindings.html#http.kodierung.response.browser
+ log.debug("BKU response header \"server\" header: " + bkuServerHeader);
+
SignSignatureObject so = MOAHelper.parseCreateXMLResponse(response_string, new OldMOAIdFormatter());
log.debug("analyzeSignResponse finished."); //$NON-NLS-1$
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/MOASoapWithAttachmentConnector.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/MOASoapWithAttachmentConnector.java
index 7776698..abd2b09 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/MOASoapWithAttachmentConnector.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/MOASoapWithAttachmentConnector.java
@@ -115,6 +115,14 @@ public class MOASoapWithAttachmentConnector implements Connector
BKUHelper.checkResponseForError(response_string);
+ // TODO[tknall] Parse server type and version in order to prevent unsupported cces from signing pdfs
+ String bkuServerHeader = response_properties.getProperty(BKUPostConnection.BKU_SERVER_HEADER_KEY);
+ String bkuUserAgentHeader = response_properties.getProperty(BKUPostConnection.BKU_USER_AGENT_HEADER_KEY);
+ // http://www.buergerkarte.at/konzept/securitylayer/spezifikation/aktuell/bindings/bindings.html#http.kodierung.response.dataurl
+ log.debug("BKU response header \"user-agent\" header: " + bkuUserAgentHeader);
+ // http://www.buergerkarte.at/konzept/securitylayer/spezifikation/aktuell/bindings/bindings.html#http.kodierung.response.browser
+ log.debug("BKU response header \"server\" header: " + bkuServerHeader);
+
SignSignatureObject so = MOAHelper.parseCreateXMLResponse(response_string, new DetachedLocRefMOAIdFormatter());
log.debug("analyzeSignResponse finished."); //$NON-NLS-1$
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/mocca/LocRefDetachedMOCCAConnector.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/mocca/LocRefDetachedMOCCAConnector.java
index 30212eb..c44f34b 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/mocca/LocRefDetachedMOCCAConnector.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/mocca/LocRefDetachedMOCCAConnector.java
@@ -115,6 +115,15 @@ public class LocRefDetachedMOCCAConnector implements Connector, LocalConnector {
log.debug("analyzeSignResponse:");
String response_string = response_properties.getProperty(BKUPostConnection.RESPONSE_STRING_KEY);
BKUHelper.checkResponseForError(response_string);
+
+ // TODO[tknall] Parse server type and version in order to prevent unsupported cces from signing pdfs
+ String bkuServerHeader = response_properties.getProperty(BKUPostConnection.BKU_SERVER_HEADER_KEY);
+ String bkuUserAgentHeader = response_properties.getProperty(BKUPostConnection.BKU_USER_AGENT_HEADER_KEY);
+ // http://www.buergerkarte.at/konzept/securitylayer/spezifikation/aktuell/bindings/bindings.html#http.kodierung.response.dataurl
+ log.debug("BKU response header \"user-agent\" header: " + bkuUserAgentHeader);
+ // http://www.buergerkarte.at/konzept/securitylayer/spezifikation/aktuell/bindings/bindings.html#http.kodierung.response.browser
+ log.debug("BKU response header \"server\" header: " + bkuServerHeader);
+
SignSignatureObject so = MOCCAHelper.parseCreateXMLResponse(response_string, new DetachedMOCIdFormatter());
so.response_properties = response_properties;
log.debug("analyzeSignResponse finished.");
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/mocca/MOCCAHelper.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/mocca/MOCCAHelper.java
index 1bb89be..fe23584 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/mocca/MOCCAHelper.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/mocca/MOCCAHelper.java
@@ -73,11 +73,11 @@ public final class MOCCAHelper {
log.debug("xmlResponse = " + xmlResponse);
}
- Pattern iss_nam_p_s = Pattern.compile("<[\\w]*:?X509IssuerName>");
+ Pattern iss_nam_p_s = Pattern.compile("<[\\w]*:?X509IssuerName[^>]*>");
Pattern iss_nam_p_e = Pattern.compile("</[\\w]*:?X509IssuerName>");
Pattern sig_tim_p_s = Pattern.compile("<[\\w]*:?SigningTime>");
Pattern sig_tim_p_e = Pattern.compile("</[\\w]*:?SigningTime>");
- Pattern ser_num_p_s = Pattern.compile("<[\\w]*:?X509SerialNumber>");
+ Pattern ser_num_p_s = Pattern.compile("<[\\w]*:?X509SerialNumber[^>]*>");
Pattern ser_num_p_e = Pattern.compile("</[\\w]*:?X509SerialNumber>");
Pattern sig_cer_p_s = Pattern.compile("<[\\w]*:?X509Certificate>");
Pattern sig_cer_p_e = Pattern.compile("</[\\w]*:?X509Certificate>");
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/FormFields.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/FormFields.java
index 7b8164a..7137741 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/web/FormFields.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/web/FormFields.java
@@ -85,6 +85,8 @@ public abstract class FormFields
public static final String FIELD_PDF_ID = "pdf-id";
+ public static final String FIELD_PDFAS_SESSION_ID = "pdfas-session-id";
+
public static final String FIELD_FILE_LENGTH = "num-bytes";
public static final String FIELD_INVOKE_APP_URL = "invoke-app-url";
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/DataURLServlet.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/DataURLServlet.java
index f74bd1c..7947d90 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/DataURLServlet.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/DataURLServlet.java
@@ -210,6 +210,12 @@ public class DataURLServlet extends HttpServlet
log.debug("There are still requests to be performed -> answering with request."); //$NON-NLS-1$
+ // TODO[tknall] Parse user agent's cce type and version in order to prevent unsupported cces from signing pdfs
+ // http://www.buergerkarte.at/konzept/securitylayer/spezifikation/aktuell/bindings/bindings.html#http.kodierung.response.dataurl
+ log.debug("BKU response header \"user-agent\" header: " + request.getHeader("User-Agent"));
+ // http://www.buergerkarte.at/konzept/securitylayer/spezifikation/aktuell/bindings/bindings.html#http.kodierung.response.browser
+ log.debug("BKU response header \"server\" header: " + request.getHeader("Server"));
+
LocalRequest local_request = si.localRequest;
String request_string = local_request.getRequestString();
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/ProvidePDFServlet.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/ProvidePDFServlet.java
index c40f3c6..803dc59 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/ProvidePDFServlet.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/ProvidePDFServlet.java
@@ -42,9 +42,9 @@ public class ProvidePDFServlet extends HttpServlet {
public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
String pdfIdString = request.getParameter(FormFields.FIELD_PDF_ID);
+ HttpSession session = request.getSession();
if (pdfIdString == null) {
- HttpSession session = request.getSession(true);
log.debug("No " + FormFields.FIELD_PDF_ID + " provided. Trying to retrieve PDF from session (" + session.getId() + ").");
SignSessionInformation si = (SignSessionInformation) session.getAttribute(SessionAttributes.SIGNED_PDF_DOCUMENT);
if (si == null) {
@@ -59,39 +59,51 @@ public class ProvidePDFServlet extends HttpServlet {
log.debug("Signed pdf found.");
session.removeAttribute(SessionAttributes.SIGNED_PDF_DOCUMENT);
log.debug("Returning signed pdf to browser.");
-// log.debug("Invalidating session.");
-// session.invalidate();
SignServletHelper.returnSignResponse(si, request, response);
return;
}
} else {
long pdfId = Long.parseLong(pdfIdString);
- Iterator it = signedDocuments.iterator();
+ byte[] pdf = null;
+
+ synchronized (signedDocuments) {
+ Iterator it = signedDocuments.iterator();
- while (it.hasNext()) {
- PDFContainer current = (PDFContainer) it.next();
- if (current.id == pdfId) {
- try {
- byte[] pdf = current.pdf;
-
- response.setContentType("application/pdf");
- response.setContentLength(pdf.length);
-
- InputStream is = new ByteArrayInputStream(pdf);
- final int bufferSize = 1024;
- byte[] buffer = new byte[bufferSize];
- int len = -1;
- while ((len = is.read(buffer)) != -1) {
- response.getOutputStream().write(buffer, 0, len);
- }
- response.getOutputStream().flush();
+ while (it.hasNext() && pdf == null) {
+ PDFContainer current = (PDFContainer) it.next();
+ if (current.id == pdfId) {
+ pdf = current.pdf;
signedDocuments.remove(current);
- } catch (IOException e) {
- log.error("IO excepton while providing pdf document: " + e.getMessage(), e);
}
}
}
+
+ if (pdf != null) {
+ try {
+
+ SignServletHelper.disableBrowserCacheForResponse(response);
+ response.setContentType("application/pdf");
+ response.setContentLength(pdf.length);
+
+ InputStream is = new ByteArrayInputStream(pdf);
+ final int bufferSize = 1024;
+ byte[] buffer = new byte[bufferSize];
+ int len = -1;
+ while ((len = is.read(buffer)) != -1) {
+ response.getOutputStream().write(buffer, 0, len);
+ }
+ response.getOutputStream().flush();
+ log.debug("File sent. Invalidating session.");
+ session.invalidate();
+ } catch (IOException e) {
+ log.error("IO excepton while providing pdf document: " + e.getMessage(), e);
+ }
+ } else {
+ log.error("Unable to find signed pdf (id=" + pdfId + ") in session (" + session.getId() + ").");
+ return;
+ }
+
}
}