From 30837bfd9b162d32e8cf6a8f8e2fad1b46baf81f Mon Sep 17 00:00:00 2001
From: RIHTARSIC Joze <joze.rihtarsic@ext.ec.europa.eu>
Date: Sun, 23 Apr 2023 10:19:30 +0200
Subject: [PATCH] fix signature types (eddsa, ecda, etc), ui enhancements.,
---
pom.xml | 6 +
.../src/app/common/enums/visibility.enum.ts | 6 +-
.../src/app/common/model/domain-ro.model.ts | 1 -
.../membership-panel.component.html | 7 +-
.../membership-panel.component.ts | 27 ++-
.../_search-table.component-theme.scss | 9 +-
.../search-table/search-table.component.ts | 8 +-
.../group-dialog/group-dialog.component.ts | 2 +-
.../resource-dialog.component.ts | 2 +-
.../resource-details-panel.component.ts | 2 +-
.../admin-domain/admin-domain.component.html | 58 +++---
.../admin-domain/admin-domain.component.ts | 24 ++-
.../domain-panel/domain-panel.component.ts | 2 +-
...omain-sml-integration-panel.component.html | 2 +-
.../domain-sml-integration-panel.component.ts | 32 ++--
.../admin-extension/extension.component.html | 5 +-
.../admin-keystore.component.html | 6 +-
.../admin-truststore.component.html | 6 +-
.../admin-users/admin-user.component.html | 9 +-
.../domain/domain-controller.ts | 1 -
.../domain-details-dialog.component.ts | 5 -
.../domain/domain.component.ts | 8 +-
smp-angular/src/styles.css | 5 +
.../db-scripts/sml-mysql5innodb-data.sql | 2 +-
smp-docker/images/build-docker-images.sh | 9 +-
smp-docker/images/shared-artefacts/README.md | 11 ++
.../sml-mysql5innodb-data.sql | 41 ++++
.../sml-truststore-docker-demo.p12 | Bin 0 -> 2070 bytes
.../smp-keystore-docker-demo.p12 | Bin 0 -> 10065 bytes
.../images/tomcat-mysql-smp-sml/entrypoint.sh | 178 +++++++++---------
smp-server-library/pom.xml | 16 +-
...09CertificateToCertificateROConverter.java | 12 +-
.../ec/edelivery/smp/data/dao/QueryNames.java | 2 +-
.../edelivery/smp/data/dao/ResourceDao.java | 29 ++-
.../smp/data/dao/ResourceMemberDao.java | 16 +-
.../smp/data/enums/SMLAuthenticationType.java | 16 ++
.../smp/data/enums/VisibilityType.java | 2 +-
.../ec/edelivery/smp/data/model/DBDomain.java | 12 --
.../smp/data/model/doc/DBResource.java | 60 ++++--
.../model/doc/DBServiceGroupExtension.java | 80 --------
.../smp/data/model/user/DBResourceMember.java | 4 +
.../ec/edelivery/smp/data/ui/DomainRO.java | 9 -
.../edelivery/smp/security/ResourceGuard.java | 61 +++---
.../edelivery/smp/services/DomainService.java | 39 ++--
.../smp/services/SMLIntegrationService.java | 115 ++++-------
.../resource/ResourceResolverService.java | 10 +-
.../services/spi/SmpXmlSignatureService.java | 47 +++--
.../smp/services/ui/UIDomainService.java | 8 +-
.../smp/services/ui/UIResourceService.java | 24 ++-
.../ui/UIServiceGroupSearchService.java | 35 ++--
.../services/ui/UIServiceGroupService.java | 3 +
.../smp/services/ui/UISubresourceService.java | 5 +
.../edelivery/smp/sml/SmlClientFactory.java | 15 +-
.../ec/edelivery/smp/sml/SmlConnector.java | 56 +++---
.../config/SmlIntegrationConfiguration.java | 1 -
.../smp/data/dao/AuditIntegrationTest.java | 3 -
.../smp/data/dao/GroupMemberDaoTest.java | 12 +-
.../smp/data/dao/ResourceDaoSearchTest.java | 74 ++++++++
.../edelivery/smp/data/dao/TestUtilsDao.java | 42 +++++
...ntegrationServiceNoSMLIntegrationTest.java | 4 +-
.../services/SMLIntegrationServiceTest.java | 15 +-
.../smp/services/ui/UIDomainServiceTest.java | 2 -
...nticationByClientCertFromKeystoreTest.java | 14 +-
...yAuthenticationByClientCertHttpHeader.java | 8 +-
.../edelivery/smp/testutil/TestDBUtils.java | 2 +-
.../src/test/resources/cleanup-database.sql | 4 -
.../mysql-4.1_integration_test_data.sql | 4 +-
.../oracle-4.1_integration_test_data.sql | 6 +-
smp-webapp/pom.xml | 2 -
.../ui/edit/SubresourceEditController.java | 23 +--
.../database-scripts/mysql5innodb-data.sql | 4 +-
.../database-scripts/mysql5innodb-drop.ddl | 12 --
.../database-scripts/mysql5innodb.ddl | 30 ---
.../database-scripts/oracle10g-data.sql | 3 +-
.../database-scripts/oracle10g-drop.ddl | 4 -
.../smp-setup/database-scripts/oracle10g.ddl | 39 ----
.../src/test/resources/cleanup-database.sql | 4 -
.../webapp_integration_test_data.sql | 6 +-
78 files changed, 752 insertions(+), 716 deletions(-)
create mode 100644 smp-docker/images/shared-artefacts/README.md
create mode 100644 smp-docker/images/shared-artefacts/sml-mysql5innodb-data.sql
create mode 100644 smp-docker/images/shared-artefacts/sml-truststore-docker-demo.p12
create mode 100644 smp-docker/images/shared-artefacts/smp-keystore-docker-demo.p12
create mode 100644 smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/enums/SMLAuthenticationType.java
delete mode 100644 smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/model/doc/DBServiceGroupExtension.java
create mode 100644 smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/data/dao/ResourceDaoSearchTest.java
diff --git a/pom.xml b/pom.xml
index 858ffb4c0..8b7453388 100644
--- a/pom.xml
+++ b/pom.xml
@@ -257,6 +257,12 @@
<artifactId>h2</artifactId>
<version>${h2.version}</version>
</dependency>
+ <dependency>
+ <groupId>org.apache.santuario</groupId>
+ <artifactId>xmlsec</artifactId>
+ <version>2.3.3</version>
+ </dependency>
+
<!-- dependency>
<groupId>javax.xml.bind</groupId>
<artifactId>jaxb-api</artifactId>
diff --git a/smp-angular/src/app/common/enums/visibility.enum.ts b/smp-angular/src/app/common/enums/visibility.enum.ts
index 446815b94..9445cfe30 100644
--- a/smp-angular/src/app/common/enums/visibility.enum.ts
+++ b/smp-angular/src/app/common/enums/visibility.enum.ts
@@ -4,11 +4,7 @@ export enum VisibilityEnum {
*/
Public= 'PUBLIC',
/**
- * Access to the resource is within the domain/group. Users must be authenticated and must be members of the domain/group/resource in order to read it.
- */
- Internal= 'INTERNAL',
- /**
- * Access to the resource is possible only to the resource members
+ * Access to the resource, group or domain
*/
Private= 'PRIVATE'
}
diff --git a/smp-angular/src/app/common/model/domain-ro.model.ts b/smp-angular/src/app/common/model/domain-ro.model.ts
index 8b2193d86..2182ef215 100644
--- a/smp-angular/src/app/common/model/domain-ro.model.ts
+++ b/smp-angular/src/app/common/model/domain-ro.model.ts
@@ -7,7 +7,6 @@ export interface DomainRo extends SearchTableEntity {
smlSubdomain?: string;
smlSmpId?: string;
smlParticipantIdentifierRegExp?: string;
- smlClientCertHeader?: string;
smlClientKeyAlias?: string;
signatureKeyAlias?: string;
smlRegistered?: boolean;
diff --git a/smp-angular/src/app/common/panels/membership-panel/membership-panel.component.html b/smp-angular/src/app/common/panels/membership-panel/membership-panel.component.html
index 400ced398..56e37c8a1 100644
--- a/smp-angular/src/app/common/panels/membership-panel/membership-panel.component.html
+++ b/smp-angular/src/app/common/panels/membership-panel/membership-panel.component.html
@@ -81,10 +81,11 @@
</table>
</div>
- <mat-paginator class="mat-elevation-z2" [length]="resultsLength"
+ <mat-paginator class="mat-elevation-z2" [length]="resultsLength" #memberPaginator
(page)="onPageChanged($event)"
- [pageSize]="5"
- [pageSizeOptions]="[5, 10, 25]"
+ [hidePageSize]="true"
+ [pageSize]="pageSize"
+ [showFirstLastButtons]="true"
[disabled]="entityNotSelected"
aria-label="Select pages"></mat-paginator>
</div>
diff --git a/smp-angular/src/app/common/panels/membership-panel/membership-panel.component.ts b/smp-angular/src/app/common/panels/membership-panel/membership-panel.component.ts
index c2daaace1..458ea3c11 100644
--- a/smp-angular/src/app/common/panels/membership-panel/membership-panel.component.ts
+++ b/smp-angular/src/app/common/panels/membership-panel/membership-panel.component.ts
@@ -26,6 +26,7 @@ import {ResourceRo} from "../../model/resource-ro.model";
})
export class MembershipPanelComponent implements BeforeLeaveGuard {
+ pageSize: number = 10;
@Input() membershipType: MemberTypeEnum = MemberTypeEnum.DOMAIN;
private _domain: DomainRo;
@@ -39,7 +40,7 @@ export class MembershipPanelComponent implements BeforeLeaveGuard {
filter: any = {};
resultsLength = 0;
isLoadingResults = false;
- @ViewChild(MatPaginator) paginator: MatPaginator;
+ @ViewChild('memberPaginator') paginator: MatPaginator;
constructor(private domainService: AdminDomainService,
private membershipService: MembershipService,
@@ -71,13 +72,10 @@ export class MembershipPanelComponent implements BeforeLeaveGuard {
@Input() set domain(value: DomainRo) {
this._domain = value;
-
if (!!value) {
- if (this.membershipType == MemberTypeEnum.DOMAIN) {
+ if (this.membershipType === MemberTypeEnum.DOMAIN) {
this.loadMembershipData();
}
- } else {
- this.isLoadingResults = false;
}
}
@@ -89,26 +87,22 @@ export class MembershipPanelComponent implements BeforeLeaveGuard {
this._group = value;
if (!!value) {
- if (this.membershipType == MemberTypeEnum.GROUP) {
+ if (this.membershipType === MemberTypeEnum.GROUP) {
this.loadMembershipData();
}
- } else {
- this.isLoadingResults = false;
}
}
+
get resource(): ResourceRo {
return this._resource;
}
@Input() set resource(value: ResourceRo) {
this._resource = value;
-
if (!!value) {
if (this.membershipType == MemberTypeEnum.RESOURCE) {
this.loadMembershipData();
}
- } else {
- this.isLoadingResults = false;
}
}
@@ -155,7 +149,7 @@ export class MembershipPanelComponent implements BeforeLeaveGuard {
}
public refresh() {
- if (this.paginator) {
+ if (!!this.paginator) {
this.paginator.firstPage();
}
this.loadMembershipData();
@@ -223,14 +217,15 @@ export class MembershipPanelComponent implements BeforeLeaveGuard {
}
protected getMembershipListService(): Observable<SearchTableResult> {
+ let page = this.paginator ? this.paginator.pageIndex : 0;
+ let pageSize = this.paginator ? this.paginator.pageSize : this.pageSize;
switch (this.membershipType) {
case MemberTypeEnum.DOMAIN:
-
- return !this._domain?null:this.membershipService.getDomainMembersObservable(this._domain.domainId, this.filter, this.paginator.pageIndex, this.paginator.pageSize);
+ return !this._domain ? null : this.membershipService.getDomainMembersObservable(this._domain.domainId, this.filter, page, pageSize);
case MemberTypeEnum.GROUP:
- return !this._group?null: this.membershipService.getGroupMembersObservable(this._group.groupId, this._domain.domainId, this.filter, this.paginator.pageIndex, this.paginator.pageSize);
+ return !this._group ? null : this.membershipService.getGroupMembersObservable(this._group.groupId, this._domain.domainId, this.filter, page, pageSize);
case MemberTypeEnum.RESOURCE:
- return !this._resource?null: this.membershipService.getResourceMembersObservable(this._resource, this._group, this._domain, this.filter, this.paginator.pageIndex, this.paginator.pageSize);
+ return !this._resource ? null : this.membershipService.getResourceMembersObservable(this._resource, this._group, this._domain, this.filter, page, pageSize);
}
}
diff --git a/smp-angular/src/app/common/search-table/_search-table.component-theme.scss b/smp-angular/src/app/common/search-table/_search-table.component-theme.scss
index 243ba2b6a..64f3c9333 100644
--- a/smp-angular/src/app/common/search-table/_search-table.component-theme.scss
+++ b/smp-angular/src/app/common/search-table/_search-table.component-theme.scss
@@ -2,12 +2,19 @@
@mixin set-component-colors($theme) {
.ngx-datatable .datatable-row-odd {
-
background-color: rgba(155, 155, 155, .1);
}
.ngx-datatable .datatable-header-cell {
background-color: smp.get-theme-color($theme, primary, 800, 0.1) !important;
}
+
+ .ngx-datatable .datatable-row-selected {
+ background-color: red;
+ }
+
+ .ngx-datatable .datatable-body-row:hover,.ngx-datatable .datatable-row-odd:hover {
+ background-color: smp.get-theme-color($theme, primary, 300) !important;
+ }
}
diff --git a/smp-angular/src/app/common/search-table/search-table.component.ts b/smp-angular/src/app/common/search-table/search-table.component.ts
index b1d76afab..9c3d40ee4 100644
--- a/smp-angular/src/app/common/search-table/search-table.component.ts
+++ b/smp-angular/src/app/common/search-table/search-table.component.ts
@@ -17,7 +17,6 @@ import {ConfirmationDialogComponent} from "../dialogs/confirmation-dialog/confir
import {SearchTableValidationResult} from "./search-table-validation-result.model";
import {ExtendedHttpClient} from "../../http/extended-http-client";
import {Router} from "@angular/router";
-import {authenticationGuard} from "../../guards/authentication.guard";
import ObjectUtils from "../utils/object-utils";
@Component({
@@ -138,6 +137,7 @@ export class SearchTableComponent implements OnInit {
getRowClass(row) {
return {
+ 'datatable-row-selected': (this.selected && this.selected.length >= 0 && this.rows.indexOf(row) === this.rowNumber),
'table-row-new': (row.status === EntityStatus.NEW),
'table-row-updated': (row.status === EntityStatus.UPDATED),
'deleted': (row.status === EntityStatus.REMOVED)
@@ -253,9 +253,7 @@ export class SearchTableComponent implements OnInit {
formRef.afterClosed().subscribe(result => {
if (result) {
this.rows = [...this.rows, {...formRef.componentInstance.getCurrent()}];
- //this.rows = this.rows.concat(formRef.componentInstance.current);
this.count++;
- // this.searchable.refresh();
} else {
this.unselectRows();
}
@@ -291,14 +289,10 @@ export class SearchTableComponent implements OnInit {
try {
this.dialog.open(SaveDialogComponent).afterClosed().subscribe(result => {
if (result) {
- // this.unselectRows();
const modifiedRowEntities = this.rows.filter(el => el.status !== EntityStatus.PERSISTED);
- // this.isBusy = true;
this.showSpinner = true;
this.http.put(this.managementUrl, modifiedRowEntities).toPromise().then(res => {
this.showSpinner = false;
- // this.isBusy = false;
- // this.getUsers();
this.alertService.success('The operation \'update\' completed successfully.', false);
this.forceRefresh = true;
this.onRefresh();
diff --git a/smp-angular/src/app/edit/edit-domain/domain-group-panel/group-dialog/group-dialog.component.ts b/smp-angular/src/app/edit/edit-domain/domain-group-panel/group-dialog/group-dialog.component.ts
index fc30e583e..90f6cfd07 100644
--- a/smp-angular/src/app/edit/edit-domain/domain-group-panel/group-dialog/group-dialog.component.ts
+++ b/smp-angular/src/app/edit/edit-domain/domain-group-panel/group-dialog/group-dialog.component.ts
@@ -15,7 +15,7 @@ import {EditDomainService} from "../../edit-domain.service";
export class GroupDialogComponent {
readonly groupVisibilityOptions = Object.keys(VisibilityEnum)
- .filter(el => el !== "Private").map(el => {
+ .map(el => {
return {key: el, value: VisibilityEnum[el]}
});
formTitle = "Group dialog";
diff --git a/smp-angular/src/app/edit/edit-group/group-resource-panel/resource-dialog/resource-dialog.component.ts b/smp-angular/src/app/edit/edit-group/group-resource-panel/resource-dialog/resource-dialog.component.ts
index 1fc34f7c6..f9c22cba5 100644
--- a/smp-angular/src/app/edit/edit-group/group-resource-panel/resource-dialog/resource-dialog.component.ts
+++ b/smp-angular/src/app/edit/edit-group/group-resource-panel/resource-dialog/resource-dialog.component.ts
@@ -17,7 +17,7 @@ import {EditGroupService} from "../../edit-group.service";
export class ResourceDialogComponent {
readonly groupVisibilityOptions = Object.keys(VisibilityEnum)
- .filter(el => el !== "Private").map(el => {
+ .map(el => {
return {key: el, value: VisibilityEnum[el]}
});
formTitle = "Resource dialog";
diff --git a/smp-angular/src/app/edit/edit-resources/resource-details-panel/resource-details-panel.component.ts b/smp-angular/src/app/edit/edit-resources/resource-details-panel/resource-details-panel.component.ts
index f372d2086..c95ad7234 100644
--- a/smp-angular/src/app/edit/edit-resources/resource-details-panel/resource-details-panel.component.ts
+++ b/smp-angular/src/app/edit/edit-resources/resource-details-panel/resource-details-panel.component.ts
@@ -20,7 +20,7 @@ import {NavigationNode, NavigationService} from "../../../window/sidenav/navigat
export class ResourceDetailsPanelComponent implements BeforeLeaveGuard {
readonly groupVisibilityOptions = Object.keys(VisibilityEnum)
- .filter(el => el !== "Private").map(el => {
+ .map(el => {
return {key: el, value: VisibilityEnum[el]}
});
diff --git a/smp-angular/src/app/system-settings/admin-domain/admin-domain.component.html b/smp-angular/src/app/system-settings/admin-domain/admin-domain.component.html
index da072fe61..153a1a502 100644
--- a/smp-angular/src/app/system-settings/admin-domain/admin-domain.component.html
+++ b/smp-angular/src/app/system-settings/admin-domain/admin-domain.component.html
@@ -4,10 +4,14 @@
text="System Domain administration panel is a tool for creating and removing domains from DomiSMP"
[labelColumnContent]="searchDomainPanel">
-
- <mat-tab-group #domainTabs style="height: 100%" >
- <mat-tab >
- <ng-template mat-tab-label><smp-label icon="domain" label="Domain data"></smp-label></ng-template>
+ <ng-template #noDataFound>
+ <div class="empty-data-panel">No domain selected.</div>
+ </ng-template>
+ <mat-tab-group #domainTabs style="height: 100%" *ngIf="selected;else noDataFound">
+ <mat-tab>
+ <ng-template mat-tab-label>
+ <smp-label icon="domain" label="Domain data"></smp-label>
+ </ng-template>
<domain-panel #domainPanelComponent
[domain]="selected"
[keystoreCertificates]="keystoreCertificates"
@@ -17,28 +21,34 @@
></domain-panel>
</mat-tab>
<mat-tab>
- <ng-template mat-tab-label><smp-label icon="extension" label="Resource Types"></smp-label></ng-template>
- <domain-resource-type-panel #domainResourceTypePanelComponent
- [domain]="selected"
- [domiSMPResourceDefinitions]="domiSMPResourceDefinitions"
- (onSaveResourceTypesEvent)="onSaveResourceTypesEvent($event)"
+ <ng-template mat-tab-label>
+ <smp-label icon="extension" label="Resource Types"></smp-label>
+ </ng-template>
+ <domain-resource-type-panel #domainResourceTypePanelComponent
+ [domain]="selected"
+ [domiSMPResourceDefinitions]="domiSMPResourceDefinitions"
+ (onSaveResourceTypesEvent)="onSaveResourceTypesEvent($event)"
></domain-resource-type-panel>
</mat-tab>
- <mat-tab>
- <ng-template mat-tab-label><smp-label icon="dns" label="SML integration"></smp-label></ng-template>
- <domain-sml-integration-panel #domainSmlIntegrationPanelComponent
- [keystoreCertificates]="keystoreCertificates"
- [domain]="selected"
- (onSaveSmlIntegrationDataEvent)="onSaveSmlIntegrationDataEvent($event)"
- ></domain-sml-integration-panel>
- </mat-tab>
- <mat-tab label="Members">
- <ng-template mat-tab-label><smp-label icon="groups" label="Members"></smp-label></ng-template>
+ <mat-tab label="Members" >
+ <ng-template mat-tab-label>
+ <smp-label icon="groups" label="Members"></smp-label>
+ </ng-template>
<domain-member-panel #domainMemberPanelComponent
[membershipType]="membershipType"
[domain]="selected"
></domain-member-panel>
</mat-tab>
+ <mat-tab>
+ <ng-template mat-tab-label>
+ <smp-label icon="dns" label="SML integration"></smp-label>
+ </ng-template>
+ <domain-sml-integration-panel #domainSmlIntegrationPanelComponent
+ [keystoreCertificates]="keystoreCertificates"
+ [domain]="selected"
+ (onSaveSmlIntegrationDataEvent)="onSaveSmlIntegrationDataEvent($event)"
+ ></domain-sml-integration-panel>
+ </mat-tab>
</mat-tab-group>
</data-panel>
</div>
@@ -49,12 +59,12 @@
<input matInput (keyup)="applyDomainFilter($event)" placeholder="Domain code" #inputDomainFilter>
</mat-form-field>
- <mat-toolbar class ="mat-elevation-z2">
- <mat-toolbar-row class="smp-toolbar-row">
+ <mat-toolbar class="mat-elevation-z2">
+ <mat-toolbar-row class="smp-toolbar-row">
<button mat-raised-button
mat-flat-button color="primary"
(click)="onCreateDomainClicked()"
- >Create domain
+ >Create domain
</button>
<button mat-raised-button
@@ -75,7 +85,7 @@
<tr mat-header-row *matHeaderRowDef="displayedColumns"></tr>
<tr mat-row *matRowDef="let odd = odd; let row; columns: displayedColumns;"
(click)="domainSelected(row)"
- [ngClass]="{'datatable-row-selected': row==selected,'datatable-row-odd': odd}"
+ [ngClass]="{'datatable-row-selected': row===selected,'datatable-row-odd': odd}"
></tr>
@@ -89,7 +99,7 @@
</tr>
</table>
- <mat-paginator class="mat-elevation-z2" id="extension-paginator"
+ <mat-paginator class="mat-elevation-z2" id="domain-paginator"
[hidePageSize]="true"
[showFirstLastButtons]="true"
[pageSize]="5" aria-label="Select page"></mat-paginator>
diff --git a/smp-angular/src/app/system-settings/admin-domain/admin-domain.component.ts b/smp-angular/src/app/system-settings/admin-domain/admin-domain.component.ts
index e81c04113..ca7330e57 100644
--- a/smp-angular/src/app/system-settings/admin-domain/admin-domain.component.ts
+++ b/smp-angular/src/app/system-settings/admin-domain/admin-domain.component.ts
@@ -28,7 +28,7 @@ import {MemberTypeEnum} from "../../common/enums/member-type.enum";
styleUrls: ['./admin-domain.component.css']
})
export class AdminDomainComponent implements OnInit, AfterViewInit, BeforeLeaveGuard {
- membershipType:MemberTypeEnum = MemberTypeEnum.DOMAIN;
+ readonly membershipType:MemberTypeEnum = MemberTypeEnum.DOMAIN;
displayedColumns: string[] = ['domainCode'];
dataSource: MatTableDataSource<DomainRo> = new MatTableDataSource();
selected?: DomainRo;
@@ -37,7 +37,7 @@ export class AdminDomainComponent implements OnInit, AfterViewInit, BeforeLeaveG
domiSMPResourceDefinitions: ResourceDefinitionRo[] = [];
currenTabIndex: number = 0;
- handleTabClick;
+ handleTabClick = null;
@ViewChild(MatPaginator) paginator: MatPaginator;
@@ -104,6 +104,9 @@ export class AdminDomainComponent implements OnInit, AfterViewInit, BeforeLeaveG
}
registerTabClick(): void {
+ if (!this.domainTabs) {
+ return;
+ }
// Get the handler reference
this.handleTabClick = this.domainTabs._handleClick;
@@ -189,8 +192,11 @@ export class AdminDomainComponent implements OnInit, AfterViewInit, BeforeLeaveG
}
onCreateDomainClicked() {
- this.domainTabs.selectedIndex = 0;
this.selected = this.newDomain();
+ if ( !this.handleTabClick) {
+ this.registerTabClick();
+ }
+ this.domainTabs.selectedIndex = 0;
this.domainPanelComponent.setFocus();
}
@@ -202,7 +208,6 @@ export class AdminDomainComponent implements OnInit, AfterViewInit, BeforeLeaveG
smlSubdomain: '',
smlSmpId: '',
smlParticipantIdentifierRegExp: '',
- smlClientCertHeader: '',
smlClientKeyAlias: '',
signatureKeyAlias: '',
status: EntityStatus.NEW,
@@ -250,7 +255,12 @@ export class AdminDomainComponent implements OnInit, AfterViewInit, BeforeLeaveG
}
public domainSelected(domainSelected: DomainRo) {
- if (this.selected === domainSelected) {
+ if (domainSelected && !this.handleTabClick) {
+ this.registerTabClick();
+ }
+
+
+ if (this.selected == domainSelected) {
return;
}
if (this.isCurrentTabDirty()) {
@@ -263,6 +273,8 @@ export class AdminDomainComponent implements OnInit, AfterViewInit, BeforeLeaveG
}
});
} else {
+ console.log("domain selected")
+
this.selected = domainSelected;
}
}
@@ -306,7 +318,7 @@ export class AdminDomainComponent implements OnInit, AfterViewInit, BeforeLeaveG
}
get canNotDelete():boolean{
- return !this.selected || this.domainSmlIntegrationPanelComponent.isDomainRegistered || this.isNewDomain()
+ return !this.selected || this.domainSmlIntegrationPanelComponent?.isDomainRegistered || this.isNewDomain()
}
get editMode(): boolean {
diff --git a/smp-angular/src/app/system-settings/admin-domain/domain-panel/domain-panel.component.ts b/smp-angular/src/app/system-settings/admin-domain/domain-panel/domain-panel.component.ts
index 9f1629131..9dd2246e2 100644
--- a/smp-angular/src/app/system-settings/admin-domain/domain-panel/domain-panel.component.ts
+++ b/smp-angular/src/app/system-settings/admin-domain/domain-panel/domain-panel.component.ts
@@ -21,7 +21,7 @@ export class DomainPanelComponent implements BeforeLeaveGuard {
readonly warningTimeout: number = 50000;
readonly domainCodePattern = '^[a-zA-Z0-9]{1,63}$';
readonly domainVisibilityOptions = Object.keys(VisibilityEnum)
- .filter(el => el !== "Private").map(el => {
+ .map(el => {
return {key: el, value: VisibilityEnum[el]}
});
diff --git a/smp-angular/src/app/system-settings/admin-domain/domain-sml-panel/domain-sml-integration-panel.component.html b/smp-angular/src/app/system-settings/admin-domain/domain-sml-panel/domain-sml-integration-panel.component.html
index 6d91319ba..8d3d5f4bc 100644
--- a/smp-angular/src/app/system-settings/admin-domain/domain-sml-panel/domain-sml-integration-panel.component.html
+++ b/smp-angular/src/app/system-settings/admin-domain/domain-sml-panel/domain-sml-integration-panel.component.html
@@ -72,7 +72,7 @@
<mat-label>SML Client Certificate Alias</mat-label>
<mat-select
placeholder="SML ClientCert Alias"
- formControlName="smlClientKeyCertificate"
+ formControlName="smlClientKeyAlias"
id="smlClientKeyAlias_id">
<mat-option [value]="''">Choose certificate for signing soap response</mat-option>
<mat-option *ngFor="let cert of keystoreCertificates" [value]="cert.alias">
diff --git a/smp-angular/src/app/system-settings/admin-domain/domain-sml-panel/domain-sml-integration-panel.component.ts b/smp-angular/src/app/system-settings/admin-domain/domain-sml-panel/domain-sml-integration-panel.component.ts
index 6bfa7a709..e88054430 100644
--- a/smp-angular/src/app/system-settings/admin-domain/domain-sml-panel/domain-sml-integration-panel.component.ts
+++ b/smp-angular/src/app/system-settings/admin-domain/domain-sml-panel/domain-sml-integration-panel.component.ts
@@ -81,7 +81,6 @@ export class DomainSmlIntegrationPanelComponent implements BeforeLeaveGuard {
disabled: this.isDomainRegistered
}, [Validators.pattern(this.smpIdDomainPattern),
this.notInList(this.lookups.cachedDomainList.map(a => a.smlSmpId), this._domain?.smlSmpId)]),
- 'smlClientCertHeader': new FormControl({value: '', readonly: true}),
'smlClientKeyAlias': new FormControl({value: '', readonly: true}),
'smlClientCertAuth': new FormControl({value: '', readonly: true}),
'smlClientKeyCertificate': new FormControl({value: '', readonly: true}),
@@ -96,7 +95,6 @@ export class DomainSmlIntegrationPanelComponent implements BeforeLeaveGuard {
newDomain.smlSubdomain = this.domainForm.get('smlSubdomain').value;
newDomain.smlSmpId = this.domainForm.get('smlSmpId').value;
newDomain.smlClientKeyAlias = this.domainForm.get('smlClientKeyAlias').value;
- newDomain.smlClientCertHeader = this.domainForm.get('smlClientCertHeader').value;
newDomain.smlClientCertAuth = this.domainForm.get('smlClientCertAuth').value;
return newDomain;
}
@@ -107,15 +105,16 @@ export class DomainSmlIntegrationPanelComponent implements BeforeLeaveGuard {
this.domainForm.controls['smlSubdomain'].setValue(this._domain.smlSubdomain);
this.domainForm.controls['smlSmpId'].setValue(this._domain.smlSmpId);
this.domainForm.controls['smlClientKeyAlias'].setValue(this._domain.smlClientKeyAlias);
- this.domainForm.controls['smlClientCertHeader'].setValue(this._domain.smlClientCertHeader);
this.domainForm.controls['smlRegistered'].setValue(this._domain.smlRegistered);
this.domainForm.controls['smlClientCertAuth'].setValue(this._domain.smlClientCertAuth);
this.domainForm.enable();
+ if (this.isDomainRegistered) {
+ this.domainForm.controls['smlSmpId'].disable()
+ }
} else {
this.domainForm.controls['smlSubdomain'].setValue("");
this.domainForm.controls['smlSmpId'].setValue("");
this.domainForm.controls['smlClientKeyAlias'].setValue("");
- this.domainForm.controls['smlClientCertHeader'].setValue("");
this.domainForm.controls['smlRegistered'].setValue("");
this.domainForm.controls['smlClientCertAuth'].setValue("");
this.domainForm.disable();
@@ -156,14 +155,12 @@ export class DomainSmlIntegrationPanelComponent implements BeforeLeaveGuard {
return false;
}
- if (!this._domain.smlClientCertHeader && this._domain.smlClientCertAuth) {
- return false;
- }
- if (!this._domain.smlClientKeyAlias && !this._domain.smlClientCertAuth) {
+ if (!this._domain.smlClientKeyAlias ) {
+ console.log("enableSMLRegister 4")
return false;
}
-
- // entity must be first persisted in order to be enabled to registering to SML
+ console.log("enableSMLRegister 5")
+ // entity must be first persisted in order to be enabled to register to SML
return !this._domain.smlRegistered;
}
@@ -172,9 +169,6 @@ export class DomainSmlIntegrationPanelComponent implements BeforeLeaveGuard {
return false;
}
- if (this._domain.smlClientCertHeader && this._domain.smlClientCertAuth) {
- return false;
- }
if (!this._domain.smlClientKeyAlias && !this._domain.smlClientCertAuth) {
return false;
}
@@ -183,7 +177,7 @@ export class DomainSmlIntegrationPanelComponent implements BeforeLeaveGuard {
return this.isDomainRegistered;
}
- get isDomainRegistered() {
+ get isDomainRegistered():boolean {
return this._domain?.smlRegistered;
}
@@ -196,7 +190,7 @@ export class DomainSmlIntegrationPanelComponent implements BeforeLeaveGuard {
this.dialog.open(ConfirmationDialogComponent, {
data: {
title: "Unregister domain to SML",
- description: "Action will unregister domain: " + this._domain + " and all its resources from SML. Do you wish to continue?"
+ description: "Action will unregister domain: [" + this._domain?.domainCode + "] and all its resources from SML. Do you wish to continue?"
}
}).afterClosed().subscribe(result => {
if (result) {
@@ -213,7 +207,7 @@ export class DomainSmlIntegrationPanelComponent implements BeforeLeaveGuard {
this.dialog.open(ConfirmationDialogComponent, {
data: {
title: "Register domain to SML",
- description: "Action will register domain: " + this._domain + " and all its service groups to SML. Do you wish to continue?"
+ description: "Action will register domain: [" + this._domain?.domainCode + "] and all its service groups to SML. Do you wish to continue?"
}
}).afterClosed().subscribe(result => {
if (result) {
@@ -229,9 +223,10 @@ export class DomainSmlIntegrationPanelComponent implements BeforeLeaveGuard {
// this.searchTable.showSpinner = false;
if (res) {
if (res.success) {
- this.alertService.success("Domain " + domain.domainCode + " registered to sml!");
+ this.alertService.success("Domain [" + domain.domainCode + "] registered to sml!");
this.lookups.refreshDomainLookupForLoggedUser();
domain.smlRegistered = true;
+ this.domain = domain;
} else {
this.alertService.exception('Error occurred while registering domain:' + domain.domainCode, res.errorMessage);
}
@@ -252,9 +247,10 @@ export class DomainSmlIntegrationPanelComponent implements BeforeLeaveGuard {
// this.searchTable.showSpinner = false;
if (res) {
if (res.success) {
- this.alertService.success("Domain " + domain.domainCode + " unregistered from sml!");
+ this.alertService.success("Domain [" + domain.domainCode + "] unregistered from sml!");
this.lookups.refreshDomainLookupForLoggedUser();
domain.smlRegistered = false;
+ this.domain = domain;
} else {
this.alertService.exception('Error occurred while unregistering domain:' + domain.domainCode, res.errorMessage);
}
diff --git a/smp-angular/src/app/system-settings/admin-extension/extension.component.html b/smp-angular/src/app/system-settings/admin-extension/extension.component.html
index 18eb0dc4c..d55cc075e 100644
--- a/smp-angular/src/app/system-settings/admin-extension/extension.component.html
+++ b/smp-angular/src/app/system-settings/admin-extension/extension.component.html
@@ -4,7 +4,10 @@
text="Registered DomiSMP extensions. <br /> DomiSMP supports document types via custom designed extension. The extensions implements
tools for validating and generating the resources and subresources. <br /> Extensions can also implement custom logic for the payload scaning eg. virus detections. "
[labelColumnContent]="searchExtensionPanel">
- <extension-panel [extension]="selected"></extension-panel>
+ <ng-template #noDataFound>
+ <div class="empty-data-panel">No extension selected.</div>
+ </ng-template>
+ <extension-panel [extension]="selected" *ngIf="selected;else noDataFound "></extension-panel>
</data-panel>
</div>
diff --git a/smp-angular/src/app/system-settings/admin-keystore/admin-keystore.component.html b/smp-angular/src/app/system-settings/admin-keystore/admin-keystore.component.html
index 9ddb11874..359bdbcd7 100644
--- a/smp-angular/src/app/system-settings/admin-keystore/admin-keystore.component.html
+++ b/smp-angular/src/app/system-settings/admin-keystore/admin-keystore.component.html
@@ -3,8 +3,10 @@
title="Keystore administration"
text="Keystore is contains keys for singing responses and Client keys for SML integrations ."
[labelColumnContent]="searchKeyCertificatePanel">
-
- <certificate-panel [certificate]="selected"></certificate-panel>
+ <ng-template #noDataFound>
+ <div class="empty-data-panel">No certificate selected.</div>
+ </ng-template>
+ <certificate-panel [certificate]="selected" *ngIf="selected;else noDataFound"></certificate-panel>
</data-panel>
</div>
diff --git a/smp-angular/src/app/system-settings/admin-truststore/admin-truststore.component.html b/smp-angular/src/app/system-settings/admin-truststore/admin-truststore.component.html
index 348eda464..d5b1cd912 100644
--- a/smp-angular/src/app/system-settings/admin-truststore/admin-truststore.component.html
+++ b/smp-angular/src/app/system-settings/admin-truststore/admin-truststore.component.html
@@ -3,8 +3,10 @@
title="Truststore administration"
text="Truststore is contains certificate trust anchors. <br /> Certificates used for authentication must have trust anchors in the truststore."
[labelColumnContent]="searchCertificatePanel">
-
- <certificate-panel [certificate]="selected"></certificate-panel>
+ <ng-template #noDataFound>
+ <div class="empty-data-panel">No certificate selected.</div>
+ </ng-template>
+ <certificate-panel [certificate]="selected" *ngIf="selected; else noDataFound"></certificate-panel>
</data-panel>
</div>
diff --git a/smp-angular/src/app/system-settings/admin-users/admin-user.component.html b/smp-angular/src/app/system-settings/admin-users/admin-user.component.html
index ea2c1b307..60b434d89 100644
--- a/smp-angular/src/app/system-settings/admin-users/admin-user.component.html
+++ b/smp-angular/src/app/system-settings/admin-users/admin-user.component.html
@@ -3,7 +3,10 @@
title="System User administration"
text="System User administration panel is a tool for creating and removing users from DomiSMP"
[labelColumnContent]="searchUserPanel">
- <user-profile-panel
+ <ng-template #noDataFound>
+ <div class="empty-data-panel">No user selected.</div>
+ </ng-template>
+ <user-profile-panel *ngIf="managedUserData;else noDataFound"
[showDataPanelTitles] =false
[managedUserData]="managedUserData"
(onSaveUserEvent)="onSaveUserEvent($event)"
@@ -67,8 +70,8 @@
<mat-paginator class="mat-elevation-z2" id="extension-paginator"
[length]="resultsLength"
(page)="onPageChanged($event)"
- [pageSize]="5"
- [pageSizeOptions]="[5, 10, 25]"
+ [hidePageSize]="true"
+ [pageSize]="10"
[showFirstLastButtons]="true"
aria-label="Select page"></mat-paginator>
</ng-template>
diff --git a/smp-angular/src/app/system-settings/domain/domain-controller.ts b/smp-angular/src/app/system-settings/domain/domain-controller.ts
index adc45188d..7f333c67e 100644
--- a/smp-angular/src/app/system-settings/domain/domain-controller.ts
+++ b/smp-angular/src/app/system-settings/domain/domain-controller.ts
@@ -39,7 +39,6 @@ export class DomainController implements SearchTableController {
smlSubdomain: '',
smlSmpId: '',
smlParticipantIdentifierRegExp: '',
- smlClientCertHeader: '',
smlClientKeyAlias: '',
signatureKeyAlias: '',
status: EntityStatus.NEW,
diff --git a/smp-angular/src/app/system-settings/domain/domain-details-dialog/domain-details-dialog.component.ts b/smp-angular/src/app/system-settings/domain/domain-details-dialog/domain-details-dialog.component.ts
index 917a7e38a..8af1638bd 100644
--- a/smp-angular/src/app/system-settings/domain/domain-details-dialog/domain-details-dialog.component.ts
+++ b/smp-angular/src/app/system-settings/domain/domain-details-dialog/domain-details-dialog.component.ts
@@ -81,7 +81,6 @@ export class DomainDetailsDialogComponent {
this.notInList(this.lookups.cachedDomainList.map(a => a.smlSubdomain), this.current.smlSubdomain)]),
'smlSmpId': new UntypedFormControl({value: ''}, [Validators.pattern(this.smpIdDomainPattern),
this.notInList(this.lookups.cachedDomainList.map(a => a.smlSmpId), this.current.smlSmpId)]),
- 'smlClientCertHeader': new UntypedFormControl({value: ''}, null),
'smlClientKeyAlias': new UntypedFormControl({value: ''}, null),
'smlClientKeyCertificate': new UntypedFormControl({value: this.selectedSMLCert}, null),
'signatureKeyAlias': new UntypedFormControl({value: ''}, null),
@@ -95,7 +94,6 @@ export class DomainDetailsDialogComponent {
this.domainForm.controls['smlSmpId'].setValue(this.current.smlSmpId);
this.domainForm.controls['smlClientKeyAlias'].setValue(this.current.smlClientKeyAlias);
- this.domainForm.controls['smlClientCertHeader'].setValue(this.current.smlClientCertHeader);
this.domainForm.controls['signatureKeyAlias'].setValue(this.current.signatureKeyAlias);
this.domainForm.controls['smlRegistered'].setValue(this.current.smlRegistered);
@@ -164,13 +162,10 @@ export class DomainDetailsDialogComponent {
this.current.smlSubdomain = this.domainForm.value['smlSubdomain'];
}
this.current.smlSmpId = this.domainForm.value['smlSmpId'];
- this.current.smlClientCertHeader = this.domainForm.value['smlClientCertHeader'];
if (this.domainForm.value['smlClientKeyCertificate']) {
this.current.smlClientKeyAlias = this.domainForm.value['smlClientKeyCertificate'].alias;
- this.current.smlClientCertHeader = this.domainForm.value['smlClientKeyCertificate'].clientCertHeader;
} else {
this.current.smlClientKeyAlias = '';
- this.current.smlClientCertHeader = '';
}
this.current.signatureKeyAlias = this.domainForm.value['signatureKeyAlias'];
this.current.smlClientCertAuth = this.domainForm.value['smlClientCertAuth'];
diff --git a/smp-angular/src/app/system-settings/domain/domain.component.ts b/smp-angular/src/app/system-settings/domain/domain.component.ts
index e52fe0804..e1dba178a 100644
--- a/smp-angular/src/app/system-settings/domain/domain.component.ts
+++ b/smp-angular/src/app/system-settings/domain/domain.component.ts
@@ -168,7 +168,7 @@ export class DomainComponent implements OnInit, AfterViewInit, AfterViewChecked
msg = "The domain should have a defined signature CertAlias."
}
if (this.lookups.cachedApplicationConfig.smlIntegrationOn) {
- if (!domain.smlSmpId || !domain.smlClientCertHeader) {
+ if (!domain.smlSmpId || !domain.smlClientKeyAlias) {
msg = (!msg ? "" : msg + " ") + "For SML integration the SMP SMP ID and SML client certificate must be defined!"
}
}
@@ -194,9 +194,6 @@ export class DomainComponent implements OnInit, AfterViewInit, AfterViewChecked
}
let domainRo = (this.searchTable.selected[0] as DomainRo);
- if (!domainRo.smlClientCertHeader && domainRo.smlClientCertAuth) {
- return false;
- }
if (!domainRo.smlClientKeyAlias && !domainRo.smlClientCertAuth) {
return false;
}
@@ -214,9 +211,6 @@ export class DomainComponent implements OnInit, AfterViewInit, AfterViewChecked
}
let domainRo = (this.searchTable.selected[0] as DomainRo);
- if (!domainRo.smlClientCertHeader && domainRo.smlClientCertAuth) {
- return false;
- }
if (!domainRo.smlClientKeyAlias && !domainRo.smlClientCertAuth) {
return false;
}
diff --git a/smp-angular/src/styles.css b/smp-angular/src/styles.css
index 9ca764708..460b94234 100644
--- a/smp-angular/src/styles.css
+++ b/smp-angular/src/styles.css
@@ -205,7 +205,12 @@ a:hover {
box-shadow: 0 1px 3px 0 rgba(0, 0, 0, 0.12), 0 1px 2px 0 rgba(0, 0, 0, 0.24);
}
+.empty-data-panel {
+ margin-bottom: 10px;
+ padding: 10px;
+ box-shadow: 0 1px 3px 0 rgba(0, 0, 0, 0.12), 0 1px 2px 0 rgba(0, 0, 0, 0.24);
+}
.smp-toolbar-row {
display: flex;
diff --git a/smp-docker/compose/tomcat-mysql-smp-sml/properties/db-scripts/sml-mysql5innodb-data.sql b/smp-docker/compose/tomcat-mysql-smp-sml/properties/db-scripts/sml-mysql5innodb-data.sql
index 2392d6d40..7b6b00682 100644
--- a/smp-docker/compose/tomcat-mysql-smp-sml/properties/db-scripts/sml-mysql5innodb-data.sql
+++ b/smp-docker/compose/tomcat-mysql-smp-sml/properties/db-scripts/sml-mysql5innodb-data.sql
@@ -23,7 +23,7 @@ insert into bdmsl_configuration(property, value, description, created_on, last_u
('configurationDir','/opt/smlconf/','The absolute path to the folder containing all the configuration files (keystore and sig0 key)', NOW(), NOW()),
('certificateChangeCronExpression','0 0 2 ? * *','Cron expression for the changeCertificate job. Example: 0 0 2 ? * * (everyday at 2:00 am)', NOW(), NOW()),
('authorization.smp.certSubjectRegex','^.*(CN=SMP_|OU=PEPPOL TEST SMP).*$','User with ROOT-CA is granted SMP_ROLE only if its certificates Subject matches configured regexp', NOW(), NOW()),
-('smp.automation.authentication.external.tls.clientCert.enabled','true','Enables reverse proxy authentication.', NOW(), NOW()),
+('authentication.bluecoat.enabled','true','Enables reverse proxy authentication.', NOW(), NOW()),
('adminPassword','$2a$10$9RzbkquhBYRkHUoKMTNZhOPJmevTbUKWf549MEiCWUd.1LdblMhBi','BCrypt Hashed password to access admin services', NOW(), NOW()),
('mail.smtp.host','smtp.localhost','BCrypt Hashed password to access admin services', NOW(), NOW()),
('mail.smtp.port','25','BCrypt Hashed password to access admin services', NOW(), NOW()),
diff --git a/smp-docker/images/build-docker-images.sh b/smp-docker/images/build-docker-images.sh
index b90fce6b2..7893de781 100755
--- a/smp-docker/images/build-docker-images.sh
+++ b/smp-docker/images/build-docker-images.sh
@@ -165,6 +165,9 @@ validateAndPrepareArtefacts() {
exit 1
else
# copy artefact to docker build folder
+ cp -r shared-artefacts ./weblogic-12.2-smp/artefacts/
+ cp -r shared-artefacts ./weblogic-14.1-smp/artefacts/
+ cp -r shared-artefacts ./tomcat-mysql-smp-sml/artefacts/
# for weblogic
cp "${SMP_ARTEFACTS}/smp.war" ./weblogic-12.2-smp/artefacts/smp.war
cp "${SMP_ARTEFACTS}/smp.war" ./weblogic-14.1-smp/artefacts/smp.war
@@ -196,9 +199,9 @@ validateAndPrepareArtefacts() {
# build docker images
# -----------------------------------------------------------------------------
buildImages() {
- buildOracleDatabaseImage
- buildWebLogicOracleImages12
- buildWebLogicOracleImages14
+ #buildOracleDatabaseImage
+ #buildWebLogicOracleImages12
+ #buildWebLogicOracleImages14
buildTomcatMysqlImages
buildUtils
}
diff --git a/smp-docker/images/shared-artefacts/README.md b/smp-docker/images/shared-artefacts/README.md
new file mode 100644
index 000000000..eb736c872
--- /dev/null
+++ b/smp-docker/images/shared-artefacts/README.md
@@ -0,0 +1,11 @@
+The SMP keystore and SML truststore are needed for SMP/SML integration.
+ - [sml-truststore.p12](sml-truststore.p12)
+ - [smp-keystore-docker.p12](smp-keystore-docker.p12)
+
+The smp certificates
+ - CN=smp_domain_01,OU=edelivery,O=digit,C=eu
+ - CN=smp_domain_02,OU=edelivery,O=digit,C=eu
+are registered in SML as trusted certificates for domains
+ - domain-01.test.edelivery.local
+ - domain-02.test.edelivery.local
+For detailed DomiSML configuration see the SML init script:[sml-mysql5innodb-data.sql](sml-mysql5innodb-data.sql)
diff --git a/smp-docker/images/shared-artefacts/sml-mysql5innodb-data.sql b/smp-docker/images/shared-artefacts/sml-mysql5innodb-data.sql
new file mode 100644
index 000000000..886595706
--- /dev/null
+++ b/smp-docker/images/shared-artefacts/sml-mysql5innodb-data.sql
@@ -0,0 +1,41 @@
+insert into bdmsl_configuration(property, value, description, created_on, last_updated_on) values
+('useProxy','false','true if a proxy is required to connect to the internet. Possible values: true/false', NOW(), NOW()),
+('unsecureLoginAllowed','false','true if the use of HTTPS is not required. If the value is set to true, then the user unsecure-http-client is automatically created. Possible values: true/false', NOW(), NOW()),
+('signResponse','false','true if the responses must be signed. Possible values: true/false', NOW(), NOW()),
+('paginationListRequest','100','Number of participants per page for the list operation of ManageParticipantIdentifier service. This property is used for pagination purposes.', NOW(), NOW()),
+('keystorePassword','vXA7JjCy0iDQmX1UEN1Qwg==','Base64 encrypted password for Keystore.', NOW(), NOW()),
+('keystoreFileName','keystore.jks','The JKS keystore file. Should be just the filename if the file is in the classpath or in the configurationDir', NOW(), NOW()),
+('keystoreAlias','sendercn','The signing certificate alias in the keystore.', NOW(), NOW()),
+('truststorePassword','vXA7JjCy0iDQmX1UEN1Qwg==','Base64 encrypted password for Keystore.', NOW(), NOW()),
+('truststoreFileName','sml-truststore-docker-demo.p12','The JKS keystore file. Should be just the filename if the file is in the classpath or in the configurationDir', NOW(), NOW()),
+('httpProxyUser','user','The proxy user', NOW(), NOW()),
+('httpProxyPort','80','The http proxy port', NOW(), NOW()),
+('httpProxyPassword','setencPasswd','Base64 encrypted password for Proxy.', NOW(), NOW()),
+('httpProxyHost','127.0.0.1','The http proxy host', NOW(), NOW()),
+('encriptionPrivateKey','encriptionPrivateKey.private','Name of the 256 bit AES secret key to encrypt or decrypt passwords.', NOW(), NOW()),
+('dnsClient.server','127.0.0.1','The DNS server', NOW(), NOW()),
+('dnsClient.publisherPrefix','publisher','This is the prefix for the publishers (SMP). This is to be concatenated with the associated DNS domain in the table bdmsl_certificate_domain', NOW(), NOW()),
+('dnsClient.enabled','true','true if registration of DNS records is required. Must be true in production. Possible values: true/false', NOW(), NOW()),
+('dnsClient.show.entries','true','if true than service ListDNS transfer and show the DNS entries. (Not recommended for large zones) Possible VALUES: true/false', NOW(), NOW()),
+('dnsClient.SIG0PublicKeyName','sig0.test.edelivery.local.','The public key name of the SIG0 key', NOW(), NOW()),
+('dnsClient.SIG0KeyFileName','SIG0.private','The actual SIG0 key file. Should be just the filename if the file is in the classpath or in the configurationDir', NOW(), NOW()),
+('dnsClient.SIG0Enabled','false','true if the SIG0 signing is enabled. Required fr DNSSEC. Possible values: true/false', NOW(), NOW()),
+('dataInconsistencyAnalyzer.senderEmail','automated-notifications@nomail.ec.europa.eu','Sender email address for reporting Data Inconsistency Analyzer.', NOW(), NOW()),
+('dataInconsistencyAnalyzer.recipientEmail','email@domain.com','Email address to receive Data Inconsistency Checker results', NOW(), NOW()),
+('dataInconsistencyAnalyzer.cronJobExpression','0 0 3 ? * *','Cron expression for dataInconsistencyChecker job. Example: 0 0 3 ? * * (everyday at 3:00 am)', NOW(), NOW()),
+('configurationDir','/opt/smlconf/','The absolute path to the folder containing all the configuration files (keystore and sig0 key)', NOW(), NOW()),
+('certificateChangeCronExpression','0 0 2 ? * *','Cron expression for the changeCertificate job. Example: 0 0 2 ? * * (everyday at 2:00 am)', NOW(), NOW()),
+('authorization.smp.certSubjectRegex','^.*(CN=smp_|CN=SMP_|OU=PEPPOL TEST SMP).*$','User with ROOT-CA is granted SMP_ROLE only if its certificates Subject matches configured regexp', NOW(), NOW()),
+('authentication.bluecoat.enabled','true','Enables reverse proxy authentication. with CLient-Cert header', NOW(), NOW()),
+('authentication.sslclientcert.enabled','true','Enables reverse proxy authentication with SSLCLientCert header.', NOW(), NOW()),
+('sml.property.refresh.cronJobExpression','5 */1 * * * *','Properies update', NOW(), NOW());
+
+
+insert into bdmsl_subdomain(subdomain_id, subdomain_name,dns_zone, description, participant_id_regexp, dns_record_types, smp_url_schemas, created_on, last_updated_on) values
+(1, 'domain-01.test.edelivery.local','test.edelivery.local','Domain for no trestriction ','^.*$','all','all', NOW(), NOW()),
+(2, 'domain-02.test.edelivery.local', 'test.edelivery.local','Domain for with party id restriction', '^((((0002|0007|0009|0037|0060|0088|0096|0097|0106|0135|0142|9901|9902|9904|9905|9906|9907|9908|9909|9910|9912|9913|9914|9915|9916|9917|9918|9919|9920|9921|9922|9923|9924|9925|9926|9927|9928|9929|9930|9931|9932|9933|9934|9935|9936|9937|9938|9939|9940|9941|9942|9943|9944|9945|9946|9947|9948|9949|9950|9951|9952|9953|9954|9955|9956|9957|0184):).*)|(\\*))$','all','all', NOW(), NOW());
+
+
+INSERT INTO bdmsl_certificate_domain(truststore_alias, certificate, crl_url, is_root_ca, fk_subdomain_id, created_on, last_updated_on, is_admin) VALUES
+('CN=smp_domain_01', 'CN=smp_domain_01,O=digit,C=eu','',0, 1, NOW(), NOW(),1),
+('CN=smp_domain_02','CN=smp_domain_02,O=digit,C=eu','',0, 2, NOW(), NOW(),1);
diff --git a/smp-docker/images/shared-artefacts/sml-truststore-docker-demo.p12 b/smp-docker/images/shared-artefacts/sml-truststore-docker-demo.p12
new file mode 100644
index 0000000000000000000000000000000000000000..82789e63c8915a4740b6b9fc65578e4187621231
GIT binary patch
literal 2070
zcmV+x2<i7Qf(Q}<0Ru3C2fPLeDuzgg_YDCD0ic2htptJxsW5^Er7(gAp#}*mhDe6@
z4FLxRpn?aIFoFk;0s#Opf(M5N2`Yw2hW8Bt2LUi<1_>&LNQU<f0R;^(Sui*T2`Yw2
zhW8Bt1q?7N1Qgb6uQ#%XA%}YEF+oRS8hz^{#XSN7ClCSwATSID2r7n1hW8Bu2?YQ!
z9R>+thDZTr0|Wso1Q5fRY>FMbe6i?+f&L&eSJQxk2M~>Zy-GRJRUgO`a9G#?WqF4n
zU%X+Ab}bb&t!luGOzUOn&vTi6OWBl?7=y$xoq+A5dByzvT~%NUIr))~Toh*7z&+U+
zdMaffdr7t<z56+AY9FWa$&P<laKhy8WTT^Z9qZalh=9Bs#qVq`{(H?MLCuNi;7<m-
zc_7Au<Vc+7oZpsJDITSOF_m7UNye5J0wFO8C<9BTZ1Ctt;&&YtDFnjRh6f0<pUWN)
z7{Q%k1GzpiAhopek)v{74#4>;=k~jz_PdaSskFn)KX@=}6W*cz7hq^_`7wsoO`;`%
zehpcA;h|Bab5|>=v1E_)2}dDIMAW}i540q-*+s*Drt;<9U2hfL>VdZPu%*p;jnpkw
zP(kSeh6WGmbHXflz~=)d$e~F;jj}&6Z|4PE8Z_8U1{7VdW?uj#n^BNh%rj$M?eE?e
zoMfup#Ph3x0O2V!fql<YoA>)`OGUt($L*Ysd~Xmm0GqO6FrXvh9?PsRP$(0wqK2s6
z3WNh>Gq-U=8rN!+Y)dX5ATU`g;O98Pk#U=7`j_*mU>z;>rASw?Fh*Mfn$S@pPl}LO
zALaw9<z$0=V*u%%MoIUvsK^gJUVPCsaRX)>%I=#+6Wn{RJIZ65s8)SQnaEeeWl2{n
z43${*kETGAC#nsJ2RC_TRiKk@R_{qgIcr|GpLHD>M+P0^YC5}`b)H!Iq^d)4^pT4t
z*K-j_VS6WDJ0~xES(TpvZgPTxR%OuS-1(m+DQ1vbn{&qH3DgB*WKh)*w?}@oZ?=jo
zR4YT9J7n8_*p)yc)Y48v6mvd<NQt~xfW<K439OlMIC5C8A&40^3s5y0ki_M$xl)KF
zdlKbgyGBqD-jBhzAvSN8^cZ@wgL*ByekFWIbOI=@a_iRB>d9CROA$GnE@>J$7_s|A
zYImjoLHd4V;lJZgmPvfyIpi^+n>+ZS8tt!k;OH86)H3Q+W?PvW=MC6@<3aI!qZKc{
z?YN}3QrS2;=%)P1#5%&%z@r$%N<fr{xA#Pn8UZP`4uLk0_Vm_WP(|UER3;SL^&$a+
z62G&%O3KR6y;Ehg(EkRPdoLekpG!Sso3d}|`plWivKDYSIO6io>o}yu1da+8Fr5OD
zVLU?8MJO4KTW86DPDq`^&{uTb>Qco!nb^=eEMic+>OI_aeGYH)fUGGhi@U$(KpvY6
z;^peouducIf1YD4u%9EEzz-j!tQ<8IZW5EzR;0<jZ-N`o7YSf?2h&g;6+;+mck2tD
zIB;L8^&D@TuQM&y`}xH9*(zP-SnEJMDVEtNY(*tB#p>+1z1yN|1nSuQ|DLOrn@NW}
zhbsAxsX)h95<?lg{3Nk=72C`SxN4b1H692;I^<4h#8%Wmo1Heso>FD9QYd6U4No5M
zG?~U1L*=?7)v2B(?>=5|9L!nX=HiYR)p~bSS_E)#83>C=@2{DSA{>jT9qi7tUkPGp
zAE3UHz!j_oi>TKD3bCde7tSss`->EjRO4Y`1d(!y5=4a0!DITCL?{jO1n~E#&GBF@
zpv~(Fb18V6Ytk~TPPWJKK|c8|*Tw+a7k<jcP?eKU!}IvEifI~2M-F3N@$>e8nOP`7
z{8e*rMxHFXW?lXogPNzv&i`dU#;;ly+p(=gx|C`tgpvl8AIg;sS3x~&)Y0`nVg&j{
z)#;@Nyoc2fSy%1tNS{R!^3Wh0>(Vr9j%B>g#4-X|WuRIBn(n-Mn@uAJ1y5CkNY98p
zWKDp5wE?op$Rl--k?x)e*b>LLKH1)L#B?Xnr3@5OXw-vT^?YQlJ029>mkb?39llCh
zHVA<B=8|s7D83%%o#+l$+-x6O&)vRYF_8jzGxeFb4$N~A7H86^9U1O;;}YPfOx~AU
zZeEK~0_9Ci)TA-@eShN4IXjcD8r9!b3ZPAa2@l15;`Rff{)$1q0s=>xC*kp#T79$H
z!&E&5$;YTUFond&->apQ4O$hi97}q|3BqYwasK50h9>Z{dIm+aqqhnGe72Lqay&T;
z0Q0B6L;<sc01`;kb^c1YCxZ5iIrfdMFxK7=tFC(j#W8h(U<|N3G|R8VksF_^*nk1T
zvDuL5`pd$CzU4pri6zZAoMK1y<w>fR=r80BbDJW=CGV=ytE_opZrII@1#@aG^LBfU
zd|bxCy7^iB8iC-m7Oym(OmkRdT)wZmzw&vpoOm%=?0SBis^<UUyg?2m!_ABBT5|AM
z6gpwGVmBJ&gMdo8p0-8I6XBx>ac|~a1^|ER8ngepK6hlP6oSJj(&P?-H31jlr(v#j
z)aS^>wCCBkiAOJ6vH+7pZx7SwPS(Vs%fEenb}mfofn?^ZWk_nkST&uH0%`iyba(PP
z?X73T)&)J}2-T2@FIffZ_WySci7_xuFflL<1_@w>NC9O71OfpC00bZ=xdzEFr=q!I
zh)wk@SQ2pTk!2wRC|989rJ29>^r;X86yT{Mw|UZAdW^tx5X54|u4ojy=mG*K5cDz5
Ag8%>k
literal 0
HcmV?d00001
diff --git a/smp-docker/images/shared-artefacts/smp-keystore-docker-demo.p12 b/smp-docker/images/shared-artefacts/smp-keystore-docker-demo.p12
new file mode 100644
index 0000000000000000000000000000000000000000..b98490ab6f55a61121fd59f5911cbb32556aadd2
GIT binary patch
literal 10065
zcmbVybyQqk_GMAHySqD7VTD`aZV7?l?!kfwm*5aAKyY`0y9IaGpuycC=%i<6eck>0
zqx+j#Z#_BZzI*@JXRW>WdG~<=8I^%Bu%JMOI|O8wP`S`MbQnaK>_CQnxIl*OKj{rn
zAinIs4dL^{1>*DkNrOOv@Hq&m|92J|3Jfqi5MKOGQW#|M*9>@ckPe9dpCKBE6%G%U
zc@)1{q*%JN#LI@OR!TV4#*73AWW)l(P=U}8kp9n#KxB9Th#UdgC{zx{92O3S1rDo-
zJY4kM5LE4Y@|BV95knj<5N;B?L7uRyt<!Chgyuv&AYod$vX!&`?(T&-j`IWg^`e$W
zd~0LI`%PIYo~PMDwsLInYv|5Y{Ly=`xRr|fp798x!&#%Jp~mM@q0IQYsx>+~n&-3h
z10nb~7k#2Asia?A#m!C#M6_9$e5%!3B{EKV07@o7v^a+_5QOQm`CA@C1bT&c6BVG+
zDAV(9LjrPWIbQW921|p*G(W~uuoV4(Ca`(uo?lD-E!RB3>ZOEirI_$uUNj_oY?GD5
zC-m1lj^BLVzh_Yt$u(#Pq-U~HpVHBHt9vtdAX>kTmblkmf8gk*RR+)Y7jIMg$J|${
zQB-x5HPza@mV}~xX}}>U4&yXH4U`GO(An4kd%;f0*zYA*9Kh8t+Xt81>kWdOmIV~p
z2pbbvf2whaE7%Gj^DioXG_-{Aas*-h6n_ZX^JDaOdzk*VKrGo^JxsH1HOtBZ|B=_6
zI9XB@+os>5zR@faHfH95)sI2ID<F~xuAOh4drBMX_MAn;?#ZDY#(i1W)Rz?7L=@?E
zZCo}Iq+^q?Ef9q*8A}dl7xy-86CDI`#{Bj0NyD?7o9*g+w@>(~e2nE%9_IJmYdMv8
zTsrqolxt0t&K&|}cCrb*ROG&4Kq^%f5`o`1p&y}HhNG$Y9(=#frk-r3E*6UTT$Pga
zh<eHKa9$i@b%+@sZci7W>VY9=)H6+zFo*ctnf8nsiREy=NMqbLN7tXjr+00GRH%lb
zY&VEFjNXwc#p~*ZxTp7VWu9Q6doLLk-TO3M;C_a6n<P_BGce2;ADDR_Dv!r6G?Jc^
zaN>+dgAZ_T*E2Z5Xk<;0Vrijw?Dkr=7<Tf-R4QUi;Z(^?wy<)d%TR(|ZO!O8W9M(n
zfuhUZ;edTBSmt8zu&pr$K1iqaUo5}9Vb<7cS#YBh0LceV;OL_^Mteqc{*W&Y9-Q+S
zerl3=H>#KFOIoE9*y|%<^f5iyy_z>jO;RIJLDKcq4NGELdq%@-Y?}Y3T=-(x;ndRg
zBUQ7Uk?ox2VtsPsZ&5t)yEc(yd<mwc_Y()|5)5z6cz%8jQQ5Kg6=qM!57<q$9!I43
zw&jUbAJs9i?IZT8o){S_6lMDQxytmHVTjl7l_)XqkQuSbeDV(#bA>;r$QQkX^zY&G
zibBg3H&g@QbzJf~@Hg7D<rVP}B=1%DL7X!Lmp`?S5^!p7;4t4JEa_hn(Q1QNV@CWk
zPp*_)^;@Tlo;n&HLxKIf5~hc@GXYf(6kjqK4QKWVK)#-_Ht%Up9b<B5>^aP$&*T`A
zA1C!GNlkL_;dYdTueR4OklRo9OrLBYY)=N43X;7REB9xm2e?#2-(YB&yofKqh;s~a
zMWd<bIO-fL5$KM584C;^$KvPGb;5D<-;=Jx0*jBt<gQeNNjT)u!0n$C#<O_$4hV-F
z#@s4%HC8=g-;j<SXk!+%dTv;?&Sx;eqJU*PuBMQ@?08I8&?pFthJ`4DM&k)Jv&fws
z;ID7YLXI-ZOtDTf)N2f3Im&JO&C4IXKMIoWGiBRAGzD0kGbw*}qD+QQ+rqpZT41P9
zWGEE(B@j?)*)j1jilknfBf?P75{&;W3NM2p1Aou-%69@GfL$c_Te6+Rc6GjamZ?lv
z)Z~*!YX+-;nE#?nWIQk#1qr|fU=MHv7y`@yAO1WU1FQiKe<Bb745I$$tN36%I2<i&
zdvhu<A3xWh69nQC;Nb@a!hrvsqyxr40mJ`|qB%S`6K%~RkU{|U`bf83QFChXaDRuQ
zo4ytR5(07QF5GXC3#$s`;fzL%A5Z9Rbtw8&(yWkC?qx$v@nHvWtFxy2&HEKrzervV
zkABVSCSJz;Y7@6$XU32rtB?X?q}f4N@&<d)^scYaP0g03aLtxdtWUI|qd<7y)NJla
zUCm|+AyhQcL{<Q-0b>6r3V2{D3W~n~Gyemb*`LVx4_sUT-aiKzAn+eS1M`ExJb%>f
z|5Mq_zZv3Huj0`L?i0^pvQtKGYJz?K4s1L|hR>z;@RHUvH<!=NxIg}(Y)K2svkAt=
zqp2xV-^;QLN-;d}kU;p`AIL{5*#?zQiUl;4D@!XjG$N~wG5tvB#Z%um&Y?&a2%i5o
zSg0^OXOxwk@{+8)9gZ%1mKsJIr&fMdxgSSF<c102t5ic0xQc<06H&s6BCQgzO;sQ-
zx^OFwngsL4K;>&KoqnpgLM;5pt-N6{`yd}6d*`#%pJ2`ysF^I`EIy{&^;1ZH6ZvQ|
zZRGvgIjXm^1jBW{NlC)DjIueL3W@g^J(|jaEK3vRjNd;{45?joaBPZPD(v#jeY)!0
zr~VN65jV4+6^o1>VxDuK2`D<7-W&&{Fd{h(A&8E59A@CK?2x3d8kq8USChlGz&HwW
z^!=nZHkEO0L?iOVAy}$vPb6ijftBJE7_h)KUE&<y0U_7lJ>Y<n4QQylueni1gOqh%
zTW<~3EJWHX?ag)1r<+CN5m~zy35*gW6RA6e)q|;{AWubvCZo&{VX5+30n4vQw9;x_
zeL=T_`XaD+NPE#K#iKJ<ZD1FP!q+Yqj0?T=G3{>O;H~oEkNaXt?cvT+q;K(UfE-^w
zvn<+Wu4mqneib>OE%enMS#ANCk*!y3%?v1iQkOAWCMK&~?pyLItExVCRRjE<JSg5y
zXDhCF&}pTb4}s1x`?a68NLSD;t<0|?biT!y>8n-g7(+fvvS&mwI-6!-!yf#q<_S%-
zKlEtXWBO{#PA0$x^%CVKAx4zif?Xq6N@8O!{>TRw6Dmxrc5E#@(iyaIROiyE<~`GW
z3}M~R#K;9v;+|=oFQkj7O!xj${e=#5u(`WAcSez)C-5NM3U-+|tJ308HawF&x3nRA
zpYdUv#6!P0LQHeR=FrX9fu7OSr8s+vv~N4a@0-AAp|uK5<mPt#7S^O9DuYUCE%A;5
z1NE!s6h>p*TRVGCLf`R}C)TRIJyPQ;lLt+mnXeEj;88W9klK6A9vl<jy>H9FbEut|
zSl5c`S4qRLGUHv1OjRS>BlkXWPv*lCA4W&4Qq%b$v21mlhPKDHfkQJBtoeo*LJR`p
z$m^=<6gtT!GUy_^Q4%JeC?vk_VZS$K{(LQEYbx;JlPaR?)VCmkUaEnmiti$R;;Q46
zx;w!P#m@@}FNPs7(zI@PKveq61fU|Dj2}t@s5%$^<hXB|=ZQexamtpP1p_)TvCDh1
zvz2v8?qaUO_QD;1{bt;%{b;RcegSDqNQ2AZjSD7;O)r$|_nd2ncF^GEB}le)(AOB@
zkrJ0ga;H7yb^E>?6F_xCuORJg2<b$#zIeR~kHpBKw5-~#qH+5mo^Pdbgo8xInaKDv
z{*X{8wv89PH}Dtluc#`NNicLsON&lop>eG6Ui{#G1e?d)eA{A>wMJOeYh9kL;UKzv
z_zkd$*y>31kyDLryW3AhN0;RHijSzvD_g0rRFF39xC)ZVYDHaDuBL6O$${AGl*R+g
ztRR+m+c5_&?a!42X=#cFBBoT+!DPOoPV<%YsSsSmBdM{}>pXZ<VG`T~xhMe!mE8|~
z!b~=<>-27DP_`QJ*^9{0tuFhJSe-zyGLK8+k>wB~wMy61td7ydgpWEl8I#2+TV$PH
zH)kgR6BcnNzD4mK(`mD0S2{oZ;goxyu_U4ZC86*CMcKIiBS~{{bA!Q<KgwqCKa}kS
z6!7@pl<hXx-ODhH+CRlEgx$paa8BY8vF`6s^jq8O&tYZJ!m|yW*B+c~+;9PLX_}bZ
zhwV&lua~b6)cc4QiUr};aL7F^yo)TC$2s@y?=7r%{Sz7KE89;2TH6+KJe1tfR;j7X
z*zq1~1F7Nj94`?HM<(A2ete>*Qx%zxTvH7=SJkk68ov#kZhv$Y8Qdh&8iwBmxqW;|
zNE<gIH)vjGA`)5WaY`ssTA#duu)hbA?I?PRQ}LdXV>E$^{|VuLl|mi>4}kwaAPj+U
z@o)=(|HvRr`M)C^2qX3<DfHhkzS`uqrt78uig+tz;f_B~nAgc`{dX`f6CxNBh?!0S
zFWID*e_WY>3z*z{Ko~0u>NC?TbeGrL3>Re6Vk%dIK6IK<F(I;_BI9X!YIdp9Wfz!)
z7TW2>76wX{c1J<6?$Yu0uYh!|w(>SB*o4b|+s^qezXAprgsYR?2RwX>V~FqRzfHVv
znhl>HLC(M|OjxY>o-d^qUiUsFH17op$ip*idH!Hznv^<Sk39M~%GwABYE#>;g^KvC
z9kR%MI`LT3l<;?m-PC<*ao?a=hX(p`?ZhpkxN5*f%OZB5=xV>3yv6+(arOpoQ&c;x
zX7w!an@6HlcNZa87sUIoc7=(8;a}{E>0frm;g8F60k{I#0VaQ{1^SP+1p?vW2J`R=
z{IM<R|D#@iuOUA<Dtk{*tT390*;H{wQ_Pb3D>D1<)N3It-tFU;#Jq%l*@3g|GQxk@
zmLcNSlWZqUTJ`3DzV;RHmK*wl3dug>&fCR&)Xqi*EZsBEt31(*+x8|`{u6%Q`aGpx
zy9N`Qy5y6@6D4xO5WY4vNfmYG>YAcK7-ls;F~}#$|H;B!a7`q$r0d$En{+yV<A_+R
z*6;^K;V^%oL?c-Uw`Z0yXMW90%<Cx!T*A(G(9P>I0qxDuX9?;#`1%2>$euw)i9TxQ
z=pshRd<4Ux&UZgJiJ9z_z>|%K^l8R78e+<Q4FS!C4=;vFit>JIB;Vm0rUeynw-MN5
zYiHLkT*~raT33y8igP8Dv80R!j=EEn*1FTd#_LJDUzA-SGo!YY7hWBf?@by=I7DTD
zr|h3mUnPz(>5^;O>6>;GO&(+zs)u*ei#Ow@7xlvWP6^DoV}as1VH4WaFynIMD*3Cu
zALRl)L8yxRQhxA=!vsKU@pImurDAf3?$T6|WRqpe74xLAsui`rMI#G(39HSTY~~uL
zlQ7$BL_e$G-X3Yy`R@cmyw{aUY_6&q=nK#5)ShvS-E*=$?vS!-_812YPv!U-YRD9l
zEoD>CIy;-jSkZ=g)@hGQa`XtA-76`8$y4K_$pQfA3^BLXQ6I1kF&&&_ln>A7sThvi
zgQf>)lffiLW1NFBo^msN;z@mEIzt}eF=Vk{=a18T=G%`$g`zzdCsu~1IFn_^@l@m#
z)H2OSxPgdgliNr+!JT8q*r<we@6Byd1VN2!0|@+wJ=HbEl2h6-b}aHNbJoTd2kCQB
zk65g!2fsp4%%>4PRUa=M!+!Tt3DFx3-rSv*eYW?vLe)8d4{Mbp@mn#Pzod41!<M|^
zATlqDMVmQZ@0PN`r3@v5lp>T7y5DHvJZ!jTVA44YJKRZ@ym({DGeHqzPow>qoMnIM
zR*ovKdQzcyYQ#lNK@AALwmoP1d2I~T_fcnOmj{a@2z+<6PPj~vHd~Rm7E!l^>c({2
zpQ1~+PAOcVqvT|@%`ZPx_rzjS{6yj|Vjvg6I-wRTsWGkEANsNDUngR^)8(<aOLEsQ
z<epS&;_27}q4Kjmi0vKkjAE5AvRLDYU`E&$@nVL~;>dG5TYn%OR-UwFwvF&N-6E;E
zmkdth6(D^H^P{Kl+Pv7j^+}(Xr4l&ExCd1BQ%(?QJ9!DZt1C=)o=xb|?<E*qcqk5J
zZfDNI`{ex)H@a@i3|&7^N$8ep#=tBG6-h;Gair%SNvnrlv<rB67|?Xv$t@6Klwtcz
z&e%HHVue}BH2om-t+RrBt8cjHXojVOMs@mN66&`H3G-Y6U~MZzM(tF=CYQC$kH<)K
zIGzU4jil>Z6lh|-6hx}Z`|5`R$U~?!VCfESQ<qXc4%nf9J02|coLuU_O&qEv)qqi=
zine1A2g)mqsauQlXAe53Pmn5HZ)(5&#fRJcd!02VbfETx^R$|@6)So|8uQ1FKGEsf
zN2N?4F;VAEuBHblv!=j#;tUuo9o+EUNJ-F~Wn{_>W=QHXRbX5DZX=9E2W}-y*sG(j
zd8}AOy;b1Eu5OKVSd)8L!#srqaoQhy{|%f7P>rX^$09-%5U?Do=Jd%CtYOEnT6~Qm
zfm>Vs73T{vxhX@miY1zwq*XAl&qV|fK)nga>b(fqdsI0C%YkVBm9PmY@cws4`Hz;|
z4q*PLv$Xwl_52TV`ll1;;o}DJfdaAP|5^zVAv+K|@K4GY2m|<YbN}ZE%zu;D!7n40
zK{1EHuu!K|N;G7rK(F)dzeCrnyqcSulsIWh8sQ%>aX!)e2Vw)}$oDiWKkVx86l^KI
z`0Km|i|W36RTi4r2<R|}mA^+SLVJv*$})3v0N+>k$8^~deyyNzibxTMN)nLx698;1
z+P-W%M$lIc$&R-_r?ccXRt(}%H%108mA5@-B|SmD_qC8<`@wHTGe0g%+}7J7eAD5>
zNh*uyj#H^3vk{LMHXu8G_%6)wGrWPYkW*MLCW|_7f<~$b>d6P^DG2MPrpxrCh0mTa
zo9KJL{&hffF7d%fDZY4!f%waW$H;g8+^YVAvUL)E4Pkf^fiagKmfr(YW(vV#3j3Ce
zI7(v<rP)N@=`Dk0BxgkKN3!EUFDxP5nj4odGD8IMd$X|i%+9OTAMP+25-5f%LFt2Z
zBG()+`1D37w6Pqw2eqI4%kV<C&Zn%GE@y|NllK%U-;BQ?C7Hb5hI^)ce-#K{_~l*E
zSn{#yY)YyWhgM|Xc@!*^a(uZaKp(Ki@g&S2eJPcrQ|sopQ8nw$1Z}jy9hAgSjC6~L
zM3;M-F_jl(Mw=3F<u(0GERwk-fBm+s##gANqc$@UI=xq=muq+6lYdbD-7*<Mb3>;`
zT(YB)NJ&rn%HoxQ?;T2p@1$-CNyZ~OXp4oGv;frVcefT5dI`BiUy)>U9d%cn9Ly}M
z%(I^~mc?IERWH=J*(KP*21?oTlzuq1HEU`4R<Nnp$f92Y*W?KIum*=}?%~P#f%+Nh
zy-GY*`dBDPl5{$9HDY)uDYPlAs9XoX_+Nt1KRao^DPNa+eQwilRk)+|xN%2Rcq@)t
zs?LO*0#l^neCCdB5EmR2Nxt(|LL3K7K-<nNjJexF)=y5e3-2!biGq(l=tL%<ficGZ
zv!I_lr%&N!FIT3F5`elOe|E64!2d_KYDi88xl~r;k_Dd%<e~2%R_euoE)&H}dv4zb
z2NS}tDmNrcB#Lv#|877Y5VC}sag=cdWJr*cu&=-1uymQcbt^;uQR3ef&bRUFo_~08
zL93B*`F_^PU-r6}+pimb5#nfW*9uqAeg|!36IG}Gd@`#q`9q(nhuI<e_h^VG%^9l0
z;Ui-D7YbRyla(YWSGQP{<DNUbx|*W8VDCsIFLgj(U8!HStq8GSKFihmo1CzGv=;An
z?E8@-6fuu!P0S@PonD4SnyiNR%#zCm!v5ICi)mWCpTJ|u8ps=Hc3yRrnLgcz8LihT
z@XuqQrZ@-1ABxKPDbIuLT<?=`St4y4J)VC@PiPNBOs!)0ICteI&Ket0H(%A}9?G#+
z@>b)Y*Nw#Qh6lDJ%ybe5B%Qyl-yJPtGRNDB`z_`={#Fay+F2mUQE#%(T5{tWB*3B2
zh&szO>4D;+MiUlxv_E^H2a<Vb)#~D|_4C*y>!R<eM9ni!GW>a<a1STH)&eW{Fmfc#
zfLz-Ip@Vly>+anEn%Z|es+LaZ=(2slFKck=7~7mkZ@;&S69k({PjcwX$Y38#co$Ld
z*2}aav5W5EIk%4-DdIX=el-u>FR-pwMjf}~>~wsrQh(rV0*6AV)#NEsef2V2Y`rin
zxzd&pJP&&jg5}9>Rlfjb7U&AY1G2s*_?^a-WxvLnrcAqrRvz&<w-w9Aj+i!iW)Q1|
z3dYjv7e4=I=?FcZ%k5Xy0VtO@GEt9?O=h+`Yu_AjmwD|iw!P3{Cy+_FU45T^56Jtn
z*<Ng+Y{h}d4JWg6rOy$oVx9@DKV{{*=ueg&tHsVy!qgA2!*I>p*b9+BSDQ+_+&yV{
z>=n^iYAVpRN*wUKA<YgN75Uu~du)Ljarf{pBI#jG`Q0D`Q&dTCmXbVw#<_m)Mr<Vp
z9v$>vBF))W7h#R1jlzNYo|jgdvnnG-KH(dk$-B?qRpmlcS8yw07)bMnUisL)Z2)nE
zZfT9O5}#|rjJ!jH*B?l&siD;B=ZNnI$a}1#4G+cSu6Yjj>KTlBG849D+)a0n4Oha;
zW~>peDI839v-*f1Tjc|8N=i=7c7(lLTlDvps#lfrY%_M1gO>{g&M%tJsga;53JHu{
zT#yC<XLswREW$kEL0^>od}Ie5mws-RM0CU;`F5jqF`?AumLIV_3a+s2u}r#NXr#Oj
zwl{uBRIl^BEHI7H^;twHn(;p><>YxJy}b6ul5A^a4Neo`kjL6MK*|mD%W5;B`|ZTz
z9`l@>)1&G}zsdA{tNR$4PPT;iCaZHV6iPk}VJmb!Ga#wjxvSdXei>GzH+l_B(oKw+
z_dhn-eRe<uH<M0tK3{#?pQXgQi((8vAvy6w-F?y8<G^8JiKP5Kb72&i-WB|yN)10K
zPvVS%R+AzsWLwP;S4aOOh^P09(hh+}=tuY`Skeez;f46K0I5a;5G{Ka&2vvFaKg@a
z?}AcyQd+mFBLYGn$p<?~Y{RiM@q%2~<4rflTkhzjH&D0j)Kfd?SNrfGW>OHF7n!7A
zfjY3NPGD>c|3Yu>K6MaH187bgHb`1L{AkGsXE;sMfIu0_V?EJ85A0$OtA(K!)nWgD
z6Z2hTAz05j<tANTvypw6F15mCV@kZFZNmG#K?qYDG07si5U<pF^W%JZY{~VXjg;h>
zb?w;~@=QO6iL>JUnSm5ir%0~q0ZU0?ScAiKMVl1?Qzuk0x?^``WF}P@=<JL)`h@+B
zPqM5L3ZL!{E?@J|J7_TTjRMxZjR9-Ys)@5=FT200wLhZw#Fn&0^~q`4(DaO#0+;g6
z(8R;d(?B2+B#3imv;5{e&P+m21zMd83>*;U7s(cGTkuZ<DvGiACNny1484<!D|nfz
zf*~Y7HlvKVH5>`yTJ<plLaGnZGGWq7Ez5q{pHCK-pDoAAuiU;AF5!|p*V1`6k0@B+
zBN5)kRW+{arq4?v{2&S*6?&j2WE6uLvgwwASs*Bgm$cuGX<&T^9=D`s{!ULwf(`Z%
z{X&VW{&HQET-4VTpo?Qi?_dh6u+O-d<!NubIM#il+yRH7&=ln<UWXLtBD4-t#j^ga
zg{PIku3Vs4a2;^z2YlzUr^Vht@BvxIirkV!_MloZ$=+=ko(4W{2=y!j#(fvql)U&R
zUC~^3juYEZwrsQGMzSV-{S%_=%rF%~mRvVhumpC-cc-Pf7AiPesoT8r5_bB5b7>dR
zI`z2i0rTm`)!V~G(4U>MB?JEoNSK>F$boaYT0ANo&K17p5`spzt3abESJ<QIBY(ZP
zL@v`1ADj5nzau)@c$$%;Z*T1o<fzxfm(1#FW630se72Y}G(a_B8>7_!Ry*<cEaYAS
zJ>~Y>E<Mp_abmYuPENQ867kpSLG-%$y2iOP6q8mO1*qhBDiPpj?DxTNyxvmJ`>vZ@
zCH&HTXCA#}PqK3Yk)Z6M74~q2ubB^l!YI#2Im`tgvZE*opT_Yl_OdXWGQo~1=Vqec
zZ{=!(+%Z#i7ay)^sq-upmLkGvE|Sgl{I?B&^skdqs@{hb<@nn#oL>OX0<VT2pb29s
zYn$k_P`N@h`uEv$iQ*_4lh;_eT`HI;%G<M8t%C8N3_cu{H&fhERiKq9_oP~>c>lx~
zq{l3;9p8I1FKaEdRl@oC=lbR{>z(lVP==C>6!j{sUZr}Agav+}gW^U?uS)*tR0>{g
zrfXafR!?U>4rY6D3&-Tws*(wE!hu@dgdRHo6abwM7gqPp)@6^^H_IaZl_kmL94kyk
zRJt?$@x+zM6$J>$pT?5LfS4C$%wcJtID0IyQzyGhNSNZCd1nVKEMh7Kai)mXR??-Q
zD~9l!^x(0=p!@CZU|$pIEFohplc|YrHLkCm?1j~c0oyT&Cr!>gWk?0bN#*905@)z_
z^QJp|;V<&Z*cVBy=@osfzz~vw-Cq(-=LBDWeY6e0<sZZ8H6<oWLh2<my4#^C?)j9w
z-^!NV|78fA;vwC_P-X_X)W67<ye_gL-<Nwnpo+kJs#~)MRH;b)g!}a=Y@-H0AUEWu
zad{i{D~utF+(bcvD&7(<p!lJ*oUY3OStdwMX^Rdes>XclcfNVKXq`%Fcm5qQ&KbF}
zuZ>q3o6ePWPm&^;#%)@_bEn>g$M0#4COKzJL@bLQpam)-=A<R#yP1=3Y_+tj%AW~M
zJnc7U?&QWozO_?*gfTgzc7MYN+a9xjht;gycw53*f|g70QM4Wd&#=)=eGwr+otoff
zBr=*RzFO-|ag*ikO|;@M<i;)rWJ=BcE<&@AT*g**0YW}}K1Zw<?Rn_3&7n4<GEV1&
z&n&NK9OU`YzLyR2LJ(9K@ZpYu7iar3zkl}RvTMY{IL-@I)7wi*vt}*RjvwZ!98s;4
zQ(JS%yH9kp7U`smd0VXQrG2iU0gXwc*wkicKXhBB^TyxSs+vy{#`;@s3TbM*XuL){
ziF@3sYfswK@KPnvQ`V|>X0fe>5s?c9^9#@7lJhe$htQ1^ftM7IY)}cAW{vr1;#ML%
zAJ-X&!EMvrRo-MnAC#XMv7gSlhRwF~U|zeCZ1WDbnDW>67p2}uF^~yUceL%{QOs*G
zt9F(FZ8V1mL%YyTpfRM3;muQg)V0CJPlVm@by{XA#M>g9<YYaX8=nq@1gmA~;;xCK
zFDBKKw5wmh4`~R618qh_QJItnC9v_V_JDV)FhAd?7W(ikWK$)YF3n@oX23uDJX64>
zxM(+(PU;2~Br(D&13e2WX~X(gYs<`HZ`0Vv1ZTE$sDBdr6)!OPyIJ|#C;M^)_Ffy+
z*Ofi>3UV)uOc0hSEPHb(r&=R=j^^OD5+IK$d|5mSVH^8l%~c*vpSKa+;rDhNt400O
zFoLq-j(x@c_0KK_%^qBAK-Wix2Y8H|G<z0g+8kno=IS(Vrg#xSF14z!_YFi8-J^6S
z{Hv78F$_)Y_CiaC%JWj@6()F`RPhgqw{q|<l;Evf)H|<%!yJc*1>F+!B)7O6Fb;Ua
zu?i}x{xJjA8lfzAvf#6YAd*!QvCs)|BX>zZIyanmHF3qfw7`2g{nm0%yU_3LD|h|f
z6J9X0;l9ZUgO9SJs94>mkB|W&{Oa2Lf%26)5eL5Z3y_~H{teP)*8R?iA?p$QN{6&I
zA#8UC6#av|$4{NN%)7dZVyPJ0bRVU<1`b--G7VA5;!p33hqw4=SX_%LJM;~PgqwgZ
z`V^(O(O7Js2;T|6TfC<6w%#|edcCP*w?*tL@t+AD(`4jKM!K3ahC|!BU)=11^<4tZ
zJeB7;GpziwTU4oTnHx2}mRFpcXYl!MNEWyJr6SOj=P*~=1ksJOvVMy0Gk5uK^Kw2$
zB*ae`BFAf+_s^HAl!mmiH}NGPu^ZmBV@frpo9^H7cgHx8N;U#WPr~8$Tyu<VC<ixB
zFIr0oK72~q-T<`3vR<vb{YP_xmm1jHq|Fxg%)FL-<?Hk%clP!CS-#6rf3}$gg{+3w
zo6%b&#$@!(S;0eh?bp+m^tZY=lJ><#uiv7F8LW$Re>}KR^XFH5!8G6n`gcgC=wOi{
zS;3kOY16^%mD`?;Zyb*2a_?L%*U3$9sfmFOe2cce7pLe)4~)nljq*S-+AF4owz488
z?Yu>4$AZ^*k~2B+AZZC^0}&|Y?><dAapIuIz+8_^QqdUJd0h5kEi%(K720(kO9a5M
zNIB#d<}5%&o%A}6Gx?wJB<tHx$+Y8!voIGd=%?-zBQOY8NA|vjPcbiyTH!OzzI`_W
zB;H9le~=kcQiGBDslFeTM{PUf?$*9qVl%De_MQ_9M>UKFQ6Y%7fbdb;Cz$9?^!|FZ
zSvBLsfJg{M2V5`CdDkJU)|%((4eY(7#z>^TUl&g5)D=h>1O}o1^_v+G1|9%M)i6TS
zH(9>*?5vcl$DQqFc`h>&-Lc-tfEX=_u<b;935RDj3VSnwnhklcsP@ztG!K7#4)gXO
HpJ4tMAJ6_~
literal 0
HcmV?d00001
diff --git a/smp-docker/images/tomcat-mysql-smp-sml/entrypoint.sh b/smp-docker/images/tomcat-mysql-smp-sml/entrypoint.sh
index 3a197d7af..b64cd3de6 100755
--- a/smp-docker/images/tomcat-mysql-smp-sml/entrypoint.sh
+++ b/smp-docker/images/tomcat-mysql-smp-sml/entrypoint.sh
@@ -18,9 +18,8 @@ TOMCAT_DIR=${DATA_DIR}/tomcat
TOMCAT_HOME=${SMP_HOME}/apache-tomcat-$TOMCAT_VERSION/
BIND_DATA_DIR=${DATA_DIR}/bind
-
if [ ! -d ${DATA_DIR} ]; then
- mkdir -p ${DATA_DIR}
+ mkdir -p ${DATA_DIR}
fi
init_tomcat() {
@@ -36,20 +35,18 @@ init_tomcat() {
JAVA_OPTS="$JAVA_OPTS -Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true -Djdk.http.auth.tunneling.disabledSchemes="
# add truststore for eulogin
if [ -e /tmp/keystores/smp-eulogin-mock.p12 ]; then
- echo "add eulogin trustStore: /tmp/keystores/smp-eulogin-mock.p12"
- JAVA_OPTS="$JAVA_OPTS -Djavax.net.ssl.trustStore=/tmp/keystores/smp-eulogin-mock.p12 -Djavax.net.ssl.trustStoreType=PKCS12 -Djavax.net.ssl.trustStorePassword=test123"
+ echo "add eulogin trustStore: /tmp/keystores/smp-eulogin-mock.p12"
+ JAVA_OPTS="$JAVA_OPTS -Djavax.net.ssl.trustStore=/tmp/keystores/smp-eulogin-mock.p12 -Djavax.net.ssl.trustStoreType=PKCS12 -Djavax.net.ssl.trustStorePassword=test123"
fi
- # add external extensions
+ # add external extensions
for extensionLibFile in /tmp/artefacts/*.jar; do
# Check if the glob gets expanded to existing files.
- [ -e "$extensionLibFile" ] && mv $extensionLibFile $SMP_HOME/apache-tomcat-$TOMCAT_VERSION/smp-libs || echo "Extensions do not exist"
+ [ -e "$extensionLibFile" ] && mv $extensionLibFile $SMP_HOME/apache-tomcat-$TOMCAT_VERSION/smp-libs || echo "Extensions do not exist"
done
-
echo "[INFO] init tomcat JAVA_OPTS: $JAVA_OPTS"
- export JAVA_OPTS
-
+ export JAVA_OPTS
echo "[INFO] init tomcat folders: $tfile"
if [ ! -d ${TOMCAT_DIR} ]; then
@@ -58,21 +55,21 @@ init_tomcat() {
# move tomcat log folder to data folder
if [ ! -d ${TOMCAT_DIR}/logs ]; then
- if [ ! -d ${TOMCAT_HOME}/logs ]; then
+ if [ ! -d ${TOMCAT_HOME}/logs ]; then
mkdir -p ${TOMCAT_DIR}/logs
- else
+ else
mv ${TOMCAT_HOME}/logs ${TOMCAT_DIR}/
- rm -rf ${TOMCAT_HOME}/logs
+ rm -rf ${TOMCAT_HOME}/logs
fi
fi
- rm -rf ${TOMCAT_HOME}/logs
+ rm -rf ${TOMCAT_HOME}/logs
ln -sf ${TOMCAT_DIR}/logs ${TOMCAT_HOME}/logs
# move tomcat conf folder to data folder
if [ ! -d ${TOMCAT_DIR}/conf ]; then
- mv ${TOMCAT_HOME}/conf ${TOMCAT_DIR}/
+ mv ${TOMCAT_HOME}/conf ${TOMCAT_DIR}/
fi
- rm -rf ${TOMCAT_HOME}/conf
+ rm -rf ${TOMCAT_HOME}/conf
ln -sf ${TOMCAT_DIR}/conf ${TOMCAT_HOME}/conf
# move smp conf folder to data folder
@@ -81,29 +78,13 @@ init_tomcat() {
fi
rm -rf ${TOMCAT_HOME}/classes
ln -sf ${TOMCAT_DIR}/classes ${TOMCAT_HOME}/
+ # set smp data/security folder
+ mkdir ${DATA_DIR}/smp/
- # sleep a little to avoid mv issues
- sleep 5s
-}
-
-init_smp_properties() {
- echo "[INFO] init smp properties:"
-
- { echo "# SMP init parameters"
- echo "smp.libraries.folder=$SMP_HOME/apache-tomcat-$TOMCAT_VERSION/smp-libs"
- echo "bdmsl.integration.logical.address=${SMP_LOGICAL_ADDRESS:-http://localhost:8080/smp/}"
- echo "smp.automation.authentication.external.tls.clientCert.enabled=true"
- echo "bdmsl.integration.enabled=true"
- echo "bdmsl.integration.physical.address=0.0.0.0"
- echo "bdmsl.participant.multidomain.enabled=false"
- echo "bdmsl.integration.url=http://localhost:8080/edelivery-sml/"
- echo "bdmsl.integration.logical.address=${SMP_LOGICAL_ADDRESS:-http://localhost:8080/smp/}"
- } >> "$SMP_HOME/apache-tomcat-$TOMCAT_VERSION/classes/smp.config.properties"
-
- addOrReplaceProperties "$SMP_HOME/apache-tomcat-$TOMCAT_VERSION/classes/smp.config.properties" "$SMP_INIT_PROPERTIES" "$SMP_INIT_PROPERTY_DELIMITER"
+ # sleep a little to avoid mv issues
+ sleep 5s
}
-
init_mysql() {
echo "[INFO] init database:"
if [ ! -d "/run/mysqld" ]; then
@@ -116,7 +97,7 @@ init_mysql() {
sleep 3s
mv /var/lib/mysql ${DATA_DIR}
fi
-
+
rm -rf /var/lib/mysql
ln -sf ${MYSQL_DATA_DIR} /var/lib/mysql
chmod -R 0777 ${MYSQL_DATA_DIR}
@@ -124,36 +105,34 @@ init_mysql() {
echo '[INFO] start MySQL'
sleep 5s
service mysql start
-
+ echo "[INFO] ----------------------------------------"
echo "[INFO] create SMP database: ${SMP_DB_SCHEMA}"
if [ -d ${MYSQL_DATA_DIR}/${SMP_DB_SCHEMA} ]; then
echo "[INFO] MySQL ${SMP_DB_SCHEMA} already present, skipping creation"
- else
+ else
echo "[INFO] MySQL ${SMP_DB_SCHEMA} not found, creating initial DBs"
echo 'Create smp database'
mysql -h localhost -u root -e "ALTER USER 'root'@'localhost' IDENTIFIED BY '$MYSQL_ROOT_PASSWORD';drop schema if exists $SMP_DB_SCHEMA;DROP USER IF EXISTS $SMP_DB_USER; create schema $SMP_DB_SCHEMA;alter database $SMP_DB_SCHEMA charset=utf8; create user $SMP_DB_USER identified by '$SMP_DB_USER_PASSWORD';grant all on $SMP_DB_SCHEMA.* to $SMP_DB_USER;"
- if [ -f "/tmp/custom-data/mysql5innodb.sql" ]
- then
- echo "Use custom database script! "
- mysql -h localhost -u root --password=$MYSQL_ROOT_PASSWORD $SMP_DB_SCHEMA < "tmp/custom-data/mysql5innodb.ddl"
+ if [ -f "/tmp/custom-data/mysql5innodb.sql" ]; then
+ echo "Use custom database script! "
+ mysql -h localhost -u root --password=$MYSQL_ROOT_PASSWORD $SMP_DB_SCHEMA <"tmp/custom-data/mysql5innodb.ddl"
else
- echo "Use default database ddl script!"
- mysql -h localhost -u root --password=$MYSQL_ROOT_PASSWORD $SMP_DB_SCHEMA < "/tmp/smp-setup/database-scripts/mysql5innodb.ddl"
+ echo "Use default database ddl script!"
+ mysql -h localhost -u root --password=$MYSQL_ROOT_PASSWORD $SMP_DB_SCHEMA <"/tmp/smp-setup/database-scripts/mysql5innodb.ddl"
fi
- if [ -f "/tmp/custom-data/mysql5innodb-data.sql" ]
- then
- echo "Use custom init script! "
- mysql -h localhost -u root --password=$MYSQL_ROOT_PASSWORD $SMP_DB_SCHEMA < "/tmp/custom-data/mysql5innodb-data.sql"
- else
- echo "Use default init script!"
- mysql -h localhost -u root --password=$MYSQL_ROOT_PASSWORD $SMP_DB_SCHEMA < "/tmp/smp-setup/database-scripts/mysql5innodb-data.sql"
+ if [ -f "/tmp/custom-data/mysql5innodb-data.sql" ]; then
+ echo "Use custom init script! "
+ mysql -h localhost -u root --password=$MYSQL_ROOT_PASSWORD $SMP_DB_SCHEMA <"/tmp/custom-data/mysql5innodb-data.sql"
+ else
+ echo "Use default init script!"
+ mysql -h localhost -u root --password=$MYSQL_ROOT_PASSWORD $SMP_DB_SCHEMA < "/tmp/smp-setup/database-scripts/mysql5innodb-data.sql"
fi
fi
-
+ echo "[INFO] ----------------------------------------"
echo "[INFO] create SML database: ${SML_DB_SCHEMA}"
if [ -d ${MYSQL_DATA_DIR}/${SML_DB_SCHEMA} ]; then
echo "[INFO] MySQL $SML_DB_SCHEMA already present, skipping creation"
@@ -161,31 +140,26 @@ init_mysql() {
echo "[INFO] MySQL ${SML_DB_SCHEMA} not found, creating initial DBs"
echo 'Create sml database'
- mysql -h localhost -u root -e "ALTER USER 'root'@'localhost' IDENTIFIED BY '$MYSQL_ROOT_PASSWORD';drop schema if exists $SML_DB_SCHEMA;DROP USER IF EXISTS $SML_DB_USER; create schema $SML_DB_SCHEMA;alter database $SML_DB_SCHEMA charset=utf8; create user $SML_DB_USER identified by '$SML_DB_USER_PASSWORD';grant all on $SML_DB_SCHEMA.* to $SML_DB_USER;"
+ mysql -h localhost -u root -e "ALTER USER 'root'@'localhost' IDENTIFIED BY '$MYSQL_ROOT_PASSWORD';drop schema if exists $SML_DB_SCHEMA;DROP USER IF EXISTS $SML_DB_USER; create schema $SML_DB_SCHEMA;alter database $SML_DB_SCHEMA charset=utf8; create user $SML_DB_USER identified by '$SML_DB_USER_PASSWORD';grant all on $SML_DB_SCHEMA.* to $SML_DB_USER;"
- if [ -f "/tmp/custom-data/sml-mysql5innodb.sql" ]
- then
- echo "Use custom database script! "
- mysql -h localhost -u root --password=$MYSQL_ROOT_PASSWORD $SML_DB_SCHEMA < "/tmp/custom-data/sml-mysql5innodb.ddl"
+ if [ -f "/tmp/custom-data/sml-mysql5innodb.sql" ]; then
+ echo "Use custom database script! "
+ mysql -h localhost -u root --password=$MYSQL_ROOT_PASSWORD $SML_DB_SCHEMA <"/tmp/custom-data/sml-mysql5innodb.ddl"
else
- echo "Use default database ddl script!"
- mysql -h localhost -u root --password=$MYSQL_ROOT_PASSWORD $SML_DB_SCHEMA < "/tmp/sml-setup/database-scripts/mysql5innodb.ddl"
+ echo "Use default database ddl script!"
+ mysql -h localhost -u root --password=$MYSQL_ROOT_PASSWORD $SML_DB_SCHEMA <"/tmp/sml-setup/database-scripts/mysql5innodb.ddl"
fi
- if [ -f "/tmp/custom-data/sml-mysql5innodb-data.sql" ]
- then
- echo "Use custom init script! "
- mysql -h localhost -u root --password=$MYSQL_ROOT_PASSWORD $SML_DB_SCHEMA < "/tmp/custom-data/sml-mysql5innodb-data.sql"
- else
- echo "Use default init script!"
- mysql -h localhost -u root --password=$MYSQL_ROOT_PASSWORD $SML_DB_SCHEMA < "/tmp/sml-setup/database-scripts/mysql5innodb-data.sql"
+ if [ -f "/tmp/custom-data/sml-mysql5innodb-data.sql" ]; then
+ echo "Use custom init script! "
+ mysql -h localhost -u root --password=$MYSQL_ROOT_PASSWORD $SML_DB_SCHEMA <"/tmp/custom-data/sml-mysql5innodb-data.sql"
+ else
+ echo "Use default init script!"
+ mysql -h localhost -u root --password=$MYSQL_ROOT_PASSWORD $SML_DB_SCHEMA <"/tmp/artefacts/shared-artefacts/sml-mysql5innodb-data.sql"
+ #mysql -h localhost -u root --password=$MYSQL_ROOT_PASSWORD $SML_DB_SCHEMA <"/tmp/sml-setup/database-scripts/mysql5innodb-data.sql"
fi
fi
-
-
sleep 5s
- # start mysql
-
}
addOrReplaceProperties() {
@@ -193,7 +167,7 @@ addOrReplaceProperties() {
PROP_FILE=$1
INIT_PROPERTIES=$2
INIT_PROPERTY_DELIMITER=$3
-
+
# replace domibus properties
if [ -n "$INIT_PROPERTIES" ]; then
echo "Parse init properties: $INIT_PROPERTIES"
@@ -211,8 +185,8 @@ addOrReplaceProperties() {
for property in "${array[@]}"; do
read -r key value <<<"$property"
# escape regex chars and remove trailing and leading spaces..
- keyRE="$(printf '%s' "${key// }" | sed 's/[[\*^$()+?{|]/\\&/g')"
- propertyRE="$(printf '%s' "${property// }" | sed 's/[[\*^$()+?{|/]/\\&/g')"
+ keyRE="$(printf '%s' "${key// /}" | sed 's/[[\*^$()+?{|]/\\&/g')"
+ propertyRE="$(printf '%s' "${property// /}" | sed 's/[[\*^$()+?{|/]/\\&/g')"
echo "replace or add property: [$keyRE] with value [$propertyRE]"
# replace key line and commented #key line with new property
@@ -224,7 +198,6 @@ addOrReplaceProperties() {
fi
}
-
init_bind() {
# move configuration if it does not exist
@@ -238,33 +211,60 @@ init_bind() {
chmod -R 0775 ${BIND_DATA_DIR}
chown -R ${BIND_USER}:${BIND_USER} ${BIND_DATA_DIR}
- # init data
- if [ -f "/tmp/custom-data/db.test.edelivery.local" ]
- then
- echo "Use custom zone file! "
- rm -rf /etc/bind/db.test.edelivery.local
- cp /tmp/custom-data/db.test.edelivery.local /etc/bind/
- fi
+ # init data
+ if [ -f "/tmp/custom-data/db.test.edelivery.local" ]; then
+ echo "Use custom zone file! "
+ rm -rf /etc/bind/db.test.edelivery.local
+ cp /tmp/custom-data/db.test.edelivery.local /etc/bind/
+ fi
+}
+
+init_sml() {
+ #copy the sml truststore with SMP trusted certificates
+ cp /tmp/artefacts/shared-artefacts/sml-truststore.p12 /opt/smlconf/sml-truststore-docker-demo.p12
+}
+
+init_smp() {
+ # copy smp keystore with sml authorized sml certificates
+ cp /tmp/artefacts/shared-artefacts/smp-keystore-docker-demo.p12 "${DATA_DIR}/smp/smp-keystore-docker-demo.p12"
+}
+init_smp_properties() {
+ echo "[INFO] init smp properties:"
+ {
+ echo "# SMP init parameters"
+ echo "smp.security.folder=${DATA_DIR}/smp/"
+ echo "smp.libraries.folder=$SMP_HOME/apache-tomcat-$TOMCAT_VERSION/smp-libs"
+ echo "bdmsl.integration.logical.address=${SMP_LOGICAL_ADDRESS:-http://localhost:8080/smp/}"
+ echo "smp.automation.authentication.external.tls.clientCert.enabled=true"
+ echo "bdmsl.integration.enabled=true"
+ echo "bdmsl.integration.physical.address=0.0.0.0"
+ echo "bdmsl.participant.multidomain.enabled=false"
+ echo "bdmsl.integration.url=http://localhost:8080/edelivery-sml/"
+ echo "bdmsl.integration.logical.address=${SMP_LOGICAL_ADDRESS:-http://localhost:8080/smp/}"
+ echo "smp.keystore.filename=smp-keystore-docker-demo.p12"
+ echo "smp.keystore.type=PKCS12"
+ echo "smp.truststore.filename=smp-truststore-docker-demo.p12"
+ echo "smp.truststore.type=PKCS12"
+ echo "smp.keystore.password={DEC}{test123}"
+ echo "smp.truststore.password={DEC}{test123}"
+ } >>"$SMP_HOME/apache-tomcat-$TOMCAT_VERSION/classes/smp.config.properties"
+
+ addOrReplaceProperties "$SMP_HOME/apache-tomcat-$TOMCAT_VERSION/classes/smp.config.properties" "$SMP_INIT_PROPERTIES" "$SMP_INIT_PROPERTY_DELIMITER"
}
init_smp_properties
init_bind
init_mysql
init_tomcat
-
+init_sml
+init_smp
echo "Starting named..."
-$(which named) -u ${BIND_USER} &> $BIND_DATA_DIR/bind-console.out &
-
-
+$(which named) -u ${BIND_USER} &>$BIND_DATA_DIR/bind-console.out &
echo '[INFO] start running SMP'
chmod u+x $SMP_HOME/apache-tomcat-$TOMCAT_VERSION/bin/*.sh
cd $SMP_HOME/apache-tomcat-$TOMCAT_VERSION/
# run from this folder in order to be smp log in logs folder
exec ./bin/catalina.sh jpda run
-
-
-
-
diff --git a/smp-server-library/pom.xml b/smp-server-library/pom.xml
index 68b085503..f4286b483 100644
--- a/smp-server-library/pom.xml
+++ b/smp-server-library/pom.xml
@@ -151,22 +151,10 @@
<artifactId>httpclient</artifactId>
<version>4.5.14</version>
</dependency>
- <!-- dependency>
- <groupId>com.sun.xml.bind</groupId>
- <artifactId>jaxb-impl</artifactId>
- </dependency>
<dependency>
- <groupId>com.sun.xml.bind</groupId>
- <artifactId>jaxb-core</artifactId>
- </dependency -->
- <!-- dependency>
- <groupId>org.bouncycastle</groupId>
- <artifactId>bcprov-jdk15on</artifactId>
+ <groupId>org.apache.santuario</groupId>
+ <artifactId>xmlsec</artifactId>
</dependency>
- <dependency>
- <groupId>org.bouncycastle</groupId>
- <artifactId>bcpkix-jdk15on</artifactId>
- </dependency -->
<!-- Tests -->
<dependency>
diff --git a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/conversion/X509CertificateToCertificateROConverter.java b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/conversion/X509CertificateToCertificateROConverter.java
index d36e07bbd..2e53bb863 100644
--- a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/conversion/X509CertificateToCertificateROConverter.java
+++ b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/conversion/X509CertificateToCertificateROConverter.java
@@ -14,6 +14,7 @@ import org.springframework.stereotype.Component;
import java.io.StringWriter;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
+import java.security.Key;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
@@ -66,7 +67,7 @@ public class X509CertificateToCertificateROConverter implements Converter<X509Ce
cro.setCertificateId(certId);
cro.setSubject(subject);
cro.setIssuer(issuer);
- cro.setPublicKeyType(cert.getPublicKey().getAlgorithm());
+ cro.setPublicKeyType(getKeyAlgorithm(cert.getPublicKey()));
cro.setCrlUrl(url);
if (certPolicyIdentifiers!=null && !certPolicyIdentifiers.isEmpty()) {
cro.getCertificatePolicies().addAll(certPolicyIdentifiers);
@@ -115,4 +116,13 @@ public class X509CertificateToCertificateROConverter implements Converter<X509Ce
}
return "";
}
+ public String getKeyAlgorithm(Key key) {
+ if (StringUtils.equals(key.getAlgorithm(), "1.3.101.112")) {
+ return "Ed25519";
+ }
+ if (StringUtils.equals(key.getAlgorithm(), "1.3.101.113")) {
+ return "Ed448";
+ }
+ return key.getAlgorithm();
+ }
}
diff --git a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/dao/QueryNames.java b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/dao/QueryNames.java
index 09fb0f0b0..bae9ceb41 100644
--- a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/dao/QueryNames.java
+++ b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/dao/QueryNames.java
@@ -70,7 +70,7 @@ public class QueryNames {
public static final String QUERY_RESOURCE_MEMBER_BY_USER_DOMAIN_RESOURCE_COUNT = "DBResourceMember.getByUserAndDomainResourceCount";
public static final String QUERY_RESOURCE_MEMBER_BY_USER_DOMAIN_RESOURCE_ROLE_COUNT = "DBResourceMember.getByUserAndDomainRoleResourceCount";
public static final String QUERY_RESOURCE_MEMBER_BY_USER_GROUP_RESOURCES_ROLE_COUNT = "DBResourceMember.getByUserAndGroupsResourcesAndRoleCount";
-
+ public static final String QUERY_RESOURCE_MEMBER_BY_USER_GROUP_RESOURCES_COUNT = "DBResourceMember.getByUserAndGroupsResourcesCount";
public static final String QUERY_RESOURCE_MEMBERS_COUNT = "DBResourceMember.getByResourceCount";
public static final String QUERY_RESOURCE_MEMBERS_FILTER_COUNT = "DBResourceMember.getByResourceFilterCount";
public static final String QUERY_RESOURCE_MEMBERS = "DBResourceMember.getByResource";
diff --git a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/dao/ResourceDao.java b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/dao/ResourceDao.java
index 5fd057ead..eca074ce5 100644
--- a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/dao/ResourceDao.java
+++ b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/dao/ResourceDao.java
@@ -18,6 +18,7 @@ import eu.europa.ec.edelivery.smp.data.model.DBDomainResourceDef;
import eu.europa.ec.edelivery.smp.data.model.doc.DBResource;
import eu.europa.ec.edelivery.smp.data.model.doc.DBResourceFilter;
import eu.europa.ec.edelivery.smp.data.model.ext.DBResourceDef;
+import eu.europa.ec.edelivery.smp.data.model.user.DBUser;
import eu.europa.ec.edelivery.smp.exceptions.ErrorCode;
import eu.europa.ec.edelivery.smp.logging.SMPLogger;
import eu.europa.ec.edelivery.smp.logging.SMPLoggerFactory;
@@ -82,9 +83,6 @@ public class ResourceDao extends BaseDao<DBResource> {
query.setParameter(PARAM_USER_ID, resourceFilter.getUserId());
query.setParameter(PARAM_MEMBERSHIP_ROLES, resourceFilter.getMembershipRoleTypes());
query.setParameter(PARAM_RESOURCE_FILTER, resourceFilter.getIdentifierFilter());
-
- LOG.info("RESOURCE+FILTER: [{}]", resourceFilter.getIdentifierFilter());
-
return query.getSingleResult();
}
@@ -108,6 +106,31 @@ public class ResourceDao extends BaseDao<DBResource> {
return query.getResultList();
}
+ public List<DBResource> getPublicResourcesSearch(int iPage, int iPageSize, DBUser user, String schema, String identifier) {
+ TypedQuery<DBResource> query = memEManager.createNamedQuery("DBResource.getPublicSearch", DBResource.class);
+ if (iPageSize > -1 && iPage > -1) {
+ query.setFirstResult(iPage * iPageSize);
+ }
+ if (iPageSize > 0) {
+ query.setMaxResults(iPageSize);
+ }
+ query.setParameter(PARAM_USER_ID, user != null ? user.getId() : null);
+ query.setParameter(PARAM_RESOURCE_SCHEME, StringUtils.isBlank(schema)? null: StringUtils.wrapIfMissing(schema,"%"));
+ query.setParameter(PARAM_RESOURCE_IDENTIFIER, StringUtils.isBlank(identifier)? null: StringUtils.wrapIfMissing(identifier,"%"));
+
+ return query.getResultList();
+ }
+
+ public Long getPublicResourcesSearchCount(DBUser user, String schema, String identifier) {
+ TypedQuery<Long> query = memEManager.createNamedQuery("DBResource.getPublicSearchCount", Long.class);
+
+ query.setParameter(PARAM_USER_ID, user != null ? user.getId() : null);
+ query.setParameter(PARAM_RESOURCE_SCHEME, StringUtils.isBlank(schema)? null: StringUtils.wrapIfMissing(schema,"%"));
+ query.setParameter(PARAM_RESOURCE_IDENTIFIER, StringUtils.isBlank(identifier)? null: StringUtils.wrapIfMissing(identifier,"%"));
+
+ return query.getSingleResult();
+ }
+
/**
* Method returns ServiceGroup by participant identifier. If there is no service group it returns empty Option.
diff --git a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/dao/ResourceMemberDao.java b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/dao/ResourceMemberDao.java
index 76c9267fb..2c4d4d5c9 100644
--- a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/dao/ResourceMemberDao.java
+++ b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/dao/ResourceMemberDao.java
@@ -17,7 +17,6 @@ import eu.europa.ec.edelivery.smp.data.enums.MembershipRoleType;
import eu.europa.ec.edelivery.smp.data.model.DBDomain;
import eu.europa.ec.edelivery.smp.data.model.DBGroup;
import eu.europa.ec.edelivery.smp.data.model.doc.DBResource;
-import eu.europa.ec.edelivery.smp.data.model.user.DBGroupMember;
import eu.europa.ec.edelivery.smp.data.model.user.DBResourceMember;
import eu.europa.ec.edelivery.smp.data.model.user.DBUser;
import eu.europa.ec.edelivery.smp.logging.SMPLogger;
@@ -101,12 +100,21 @@ public class ResourceMemberDao extends BaseDao<DBResourceMember> {
LOG.debug("User [{}], group [{}], Role [{}]", userId, groupId, roleType);
TypedQuery<Long> query = memEManager.createNamedQuery(QUERY_RESOURCE_MEMBER_BY_USER_GROUP_RESOURCES_ROLE_COUNT,
Long.class);
- query.setParameter(PARAM_USER_ID,userId);
+ query.setParameter(PARAM_USER_ID, userId);
query.setParameter(PARAM_GROUP_ID, groupId);
query.setParameter(PARAM_MEMBERSHIP_ROLE, roleType);
return query.getSingleResult() > 0;
}
+ public boolean isUserAnyGroupResourceMember(DBUser user, DBGroup group) {
+ LOG.debug("User [{}], group [{}]", user, group);
+ TypedQuery<Long> query = memEManager.createNamedQuery(QUERY_RESOURCE_MEMBER_BY_USER_GROUP_RESOURCES_COUNT,
+ Long.class);
+ query.setParameter(PARAM_USER_ID, user.getId());
+ query.setParameter(PARAM_GROUP_ID, group.getId());
+ return query.getSingleResult() > 0;
+ }
+
public List<DBResourceMember> getResourceMembers(Long resourceId, int iPage, int iPageSize, String filter) {
boolean hasFilter = StringUtils.isNotBlank(filter);
@@ -121,7 +129,7 @@ public class ResourceMemberDao extends BaseDao<DBResourceMember> {
}
query.setParameter(PARAM_RESOURCE_ID, resourceId);
if (hasFilter) {
- query.setParameter(PARAM_USER_FILTER, StringUtils.wrapIfMissing(StringUtils.trim(filter),"%" ));
+ query.setParameter(PARAM_USER_FILTER, StringUtils.wrapIfMissing(StringUtils.trim(filter), "%"));
}
return query.getResultList();
}
@@ -131,7 +139,7 @@ public class ResourceMemberDao extends BaseDao<DBResourceMember> {
TypedQuery<Long> query = memEManager.createNamedQuery(hasFilter ? QUERY_RESOURCE_MEMBERS_FILTER_COUNT : QUERY_RESOURCE_MEMBERS_COUNT, Long.class);
query.setParameter(PARAM_RESOURCE_ID, groupId);
if (hasFilter) {
- query.setParameter(PARAM_USER_FILTER, StringUtils.wrapIfMissing(StringUtils.trim(filter),"%" ));
+ query.setParameter(PARAM_USER_FILTER, StringUtils.wrapIfMissing(StringUtils.trim(filter), "%"));
}
return query.getSingleResult();
}
diff --git a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/enums/SMLAuthenticationType.java b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/enums/SMLAuthenticationType.java
new file mode 100644
index 000000000..d5fcbb026
--- /dev/null
+++ b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/enums/SMLAuthenticationType.java
@@ -0,0 +1,16 @@
+package eu.europa.ec.edelivery.smp.data.enums;
+
+/**
+ * Specifies
+ *
+ * Specifies sml authentication type as SML Client-Cert header, SSLCLientCert header and mTLS .
+ *
+ * @author Joze Rihtarsic
+ * @since 5.0
+ */
+public enum SMLAuthenticationType {
+
+ HTTP_HEADER_STRING,
+ HTTP_HEADER_CERTIFICATE,
+ TLS_CLIENT_CERTIFICATE
+}
diff --git a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/enums/VisibilityType.java b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/enums/VisibilityType.java
index 1f5a263dc..5a402425f 100644
--- a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/enums/VisibilityType.java
+++ b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/enums/VisibilityType.java
@@ -19,7 +19,7 @@ public enum VisibilityType {
*/
INTERNAL,
/**
- * Access to the resource is possible only to the resource members
+ * Access to the domain, group or resource is possible only if you are only direct or un-direct member of the domain, group or resource
*/
PRIVATE
}
diff --git a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/model/DBDomain.java b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/model/DBDomain.java
index 43ea855ca..da2edc068 100644
--- a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/model/DBDomain.java
+++ b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/model/DBDomain.java
@@ -92,9 +92,6 @@ public class DBDomain extends BaseEntity {
@Column(name = "SML_SMP_ID", length = CommonColumnsLengths.MAX_SML_SMP_ID_LENGTH)
@ColumnDescription(comment = "SMP ID used for SML integration")
String smlSmpId;
- @Column(name = "SML_CLIENT_CERT_HEADER", length = CommonColumnsLengths.MAX_FREE_TEXT_LENGTH)
- @ColumnDescription(comment = "Client-Cert header used behind RP - ClientCertHeader for SML integration")
- String smlClientCertHeader;
@Column(name = "SML_CLIENT_KEY_ALIAS", length = CommonColumnsLengths.MAX_CERT_ALIAS_LENGTH)
@ColumnDescription(comment = "Client key alias used for SML integration")
String smlClientKeyAlias;
@@ -174,14 +171,6 @@ public class DBDomain extends BaseEntity {
this.smlSmpId = smlSmpId;
}
- public String getSmlClientCertHeader() {
- return smlClientCertHeader;
- }
-
- public void setSmlClientCertHeader(String smlClientCertHeader) {
- this.smlClientCertHeader = smlClientCertHeader;
- }
-
public String getSmlClientKeyAlias() {
return smlClientKeyAlias;
}
@@ -279,7 +268,6 @@ public class DBDomain extends BaseEntity {
.append(id, dbDomain.id).append(domainCode, dbDomain.domainCode)
.append(smlSubdomain, dbDomain.smlSubdomain)
.append(smlSmpId, dbDomain.smlSmpId)
- .append(smlClientCertHeader, dbDomain.smlClientCertHeader)
.append(smlClientKeyAlias, dbDomain.smlClientKeyAlias)
.append(signatureKeyAlias, dbDomain.signatureKeyAlias)
.append(signatureAlgorithm, dbDomain.signatureAlgorithm)
diff --git a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/model/doc/DBResource.java b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/model/doc/DBResource.java
index 5b06e6b48..8e7dc163c 100644
--- a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/model/doc/DBResource.java
+++ b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/model/doc/DBResource.java
@@ -33,7 +33,6 @@ import static eu.europa.ec.edelivery.smp.data.dao.QueryNames.*;
@Entity
@Audited
-// the SMP_SG_UNIQ_PARTC_IDX is natural key
@Table(name = "SMP_RESOURCE",
indexes = {@Index(name = "SMP_RS_UNIQ_IDENT_DOREDEF_IDX", columnList = "IDENTIFIER_SCHEME, IDENTIFIER_VALUE, FK_DOREDEF_ID", unique = true),
@Index(name = "SMP_RS_ID_IDX", columnList = "IDENTIFIER_VALUE"),
@@ -49,13 +48,6 @@ import static eu.europa.ec.edelivery.smp.data.dao.QueryNames.*;
@NamedQuery(name = QUERY_RESOURCES_BY_DOMAIN_ID_RESOURCE_DEF_ID_COUNT, query = "SELECT count(d.id) FROM DBResource d WHERE d.domainResourceDef.domain.id = :domain_id " +
" and d.domainResourceDef.resourceDef.id = :resource_def_id ")
@NamedQuery(name = QUERY_RESOURCES_BY_DOMAIN_ID_COUNT, query = "SELECT count(d.id) FROM DBResource d WHERE d.domainResourceDef.domain.id = :domain_id ")
-
-/*
-@NamedQuery(name = QUERY_RESOURCE_FILTER_COUNT, query = "SELECT count(r.id) FROM DBResource r WHERE " +
- " (:group_id IS NULL OR r.group.id = :group_id) " +
- "AND (:domain_id IS NULL OR r.domainResourceDef.domain.id = :domain_id) " +
- "AND (:resource_def_id IS NULL OR r.domainResourceDef.resourceDef.id = :resource_def_id) ")
-*/
@NamedQuery(name = QUERY_RESOURCE_FILTER_COUNT, query = "SELECT count(r.id) FROM DBResource r " +
" JOIN DBDomainResourceDef dr ON dr.id = r.domainResourceDef.id " +
" WHERE (:group_id IS NULL OR r.group.id = :group_id) " +
@@ -72,17 +64,6 @@ import static eu.europa.ec.edelivery.smp.data.dao.QueryNames.*;
" AND (:resource_def_id IS NULL OR dr.resourceDef.id = :resource_def_id) " +
" AND (:resource_filter IS NULL OR lower(r.identifierValue) like lower(:resource_filter) OR (r.identifierScheme IS NOT NULL AND lower(r.identifierScheme) like lower(:resource_filter)) )" +
"order by r.id asc")
-
-
-//JOIN DBResourceMember rm ON r.id = rm.resource.id
-// user.id = :user_id AND rm.role in (:membership_roles)
-/*
- " (:group_id IS NULL OR r.group.id = :group_id) " +
- "AND (:domain_id IS NULL OR r.domainResourceDef.domain.id = :domain_id) " +
- "AND (:resource_def_id IS NULL OR r.domainResourceDef.resourceDef.id = :resource_def_id) ")
-*/
-
-
@NamedQuery(name = "DBResource.getServiceGroupByID", query = "SELECT d FROM DBResource d WHERE d.id = :id")
@NamedQuery(name = "DBResource.getServiceGroupByIdentifier", query = "SELECT d FROM DBResource d WHERE d.identifierValue = :participantIdentifier " +
" AND (:participantScheme IS NULL AND d.identifierScheme IS NULL " +
@@ -91,6 +72,47 @@ import static eu.europa.ec.edelivery.smp.data.dao.QueryNames.*;
@NamedNativeQuery(name = "DBResource.deleteAllOwnerships", query = "DELETE FROM SMP_RESOURCE_MEMBER WHERE FK_SG_ID=:serviceGroupId")
+// get All public
+@NamedQuery(name = "DBResource.getPublicSearch", query = "SELECT r FROM DBResource r WHERE r.group.visibility='PUBLIC' " +
+ " AND (r.group.domain.visibility='PUBLIC' " +
+ " OR :user_id IS NOT NULL " +
+ " AND ( (select count(id) from DBDomainMember dm where dm.user.id = :user_id and dm.domain.id = r.group.domain.id) > 0 " +
+ " OR (select count(id) from DBGroupMember gm where gm.user.id = :user_id and gm.group.domain.id = r.group.domain.id) > 0 " +
+ " OR (select count(id) from DBResourceMember rm where rm.user.id = :user_id and rm.resource.group.domain.id = r.group.domain.id) > 0 " +
+ " ) " +
+ " ) " +
+ " AND (r.group.visibility='PUBLIC' " +
+ " OR :user_id IS NOT NULL " +
+ " AND ( (select count(id) from DBGroupMember gm where gm.user.id = :user_id and gm.group.id = r.group.id) > 0 " +
+ " OR (select count(id) from DBResourceMember rm where rm.user.id = :user_id and rm.resource.group.id = r.group.id) > 0 " +
+ " ) " +
+ " ) " +
+ " AND ( r.visibility = 'PUBLIC' " +
+ " OR :user_id IS NOT NULL " +
+ " AND (select count(id) from DBResourceMember rm where rm.user.id = :user_id and rm.resource.id = r.id) > 0 ) " +
+ " AND (:resource_identifier IS NULL OR r.identifierValue like :resource_identifier )" +
+ " AND (:resource_scheme IS NULL OR r.identifierScheme like :resource_scheme) order by r.identifierScheme, r.identifierValue"
+)
+@NamedQuery(name = "DBResource.getPublicSearchCount", query = "SELECT count(r.id) FROM DBResource r WHERE r.group.visibility='PUBLIC' " +
+ " AND (r.group.domain.visibility='PUBLIC' " +
+ " OR :user_id IS NOT NULL " +
+ " AND ( (select count(id) from DBDomainMember dm where dm.user.id = :user_id and dm.domain.id = r.group.domain.id) > 0 " +
+ " OR (select count(id) from DBGroupMember gm where gm.user.id = :user_id and gm.group.domain.id = r.group.domain.id) > 0 " +
+ " OR (select count(id) from DBResourceMember rm where rm.user.id = :user_id and rm.resource.group.domain.id = r.group.domain.id) > 0 " +
+ " ) " +
+ " ) " +
+ " AND (r.group.visibility='PUBLIC' " +
+ " OR :user_id IS NOT NULL " +
+ " AND ( (select count(id) from DBGroupMember gm where gm.user.id = :user_id and gm.group.id = r.group.id) > 0 " +
+ " OR (select count(id) from DBResourceMember rm where rm.user.id = :user_id and rm.resource.group.id = r.group.id) > 0 " +
+ " ) " +
+ " ) " +
+ " AND ( r.visibility = 'PUBLIC' " +
+ " OR :user_id IS NOT NULL " +
+ " AND (select count(id) from DBResourceMember rm where rm.user.id = :user_id and rm.resource.id = r.id) > 0 ) " +
+ " AND (:resource_identifier IS NULL OR r.identifierValue like :resource_identifier )" +
+ " AND (:resource_scheme IS NULL OR r.identifierScheme like :resource_scheme)"
+)
public class DBResource extends BaseEntity {
@Id
diff --git a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/model/doc/DBServiceGroupExtension.java b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/model/doc/DBServiceGroupExtension.java
deleted file mode 100644
index dc1a6c23f..000000000
--- a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/model/doc/DBServiceGroupExtension.java
+++ /dev/null
@@ -1,80 +0,0 @@
-package eu.europa.ec.edelivery.smp.data.model.doc;
-
-import eu.europa.ec.edelivery.smp.data.dao.utils.ColumnDescription;
-import eu.europa.ec.edelivery.smp.data.model.BaseEntity;
-import org.hibernate.envers.Audited;
-
-import javax.persistence.*;
-import java.util.Objects;
-
-/**
- * Database optimization: load xmlContent only when needed and
- * keep blobs/clobs in separate table!
- *
- * @author Joze Rihtarsic
- * @since 4.1
- */
-
-@Entity
-@Audited
-@Table(name = "SMP_SG_EXTENSION")
-@org.hibernate.annotations.Table(appliesTo = "SMP_SG_EXTENSION", comment = "Service group extension blob")
-@NamedQueries({
- @NamedQuery(name = "DBServiceGroupExtension.deleteById", query = "DELETE FROM DBServiceGroupExtension d WHERE d.id = :id"),
-
-})
-public class DBServiceGroupExtension extends BaseEntity {
-
- @Id
- @ColumnDescription(comment = "Shared primary key with master table SMP_RESOURCE")
- private Long id;
-
- @Lob
- @Column(name = "EXTENSION")
- @ColumnDescription(comment = "XML extension(s) for servicegroup ")
- byte[] extension;
-
- @OneToOne
- @JoinColumn(name = "ID")
- @MapsId
- DBResource dbServiceGroup;
-
- @Override
- public Long getId() {
- return id;
- }
-
- public void setId(Long id) {
- this.id = id;
- }
-
- public DBResource getDbServiceGroup() {
- return dbServiceGroup;
- }
-
- public void setDbServiceGroup(DBResource dbServiceGroup) {
- this.dbServiceGroup = dbServiceGroup;
- }
-
- public byte[] getExtension() {
- return extension;
- }
-
- public void setExtension(byte[] extension) {
- this.extension = extension;
- }
-
- @Override
- public boolean equals(Object o) {
- if (this == o) return true;
- if (o == null || getClass() != o.getClass()) return false;
- if (!super.equals(o)) return false;
- DBServiceGroupExtension that = (DBServiceGroupExtension) o;
- return Objects.equals(id, that.id);
- }
-
- @Override
- public int hashCode() {
- return Objects.hash(super.hashCode(), id);
- }
-}
diff --git a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/model/user/DBResourceMember.java b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/model/user/DBResourceMember.java
index c34140f9f..47b588352 100644
--- a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/model/user/DBResourceMember.java
+++ b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/model/user/DBResourceMember.java
@@ -34,6 +34,10 @@ import static eu.europa.ec.edelivery.smp.data.dao.QueryNames.*;
@NamedQuery(name = QUERY_RESOURCE_MEMBER_BY_USER_GROUP_RESOURCES_ROLE_COUNT, query = "SELECT count(c) FROM DBResourceMember c " +
" WHERE c.user.id = :user_id AND c.resource.group.id = :group_id AND c.role= :membership_role ")
+@NamedQuery(name = QUERY_RESOURCE_MEMBER_BY_USER_GROUP_RESOURCES_COUNT, query = "SELECT count(c) FROM DBResourceMember c " +
+ " WHERE c.user.id = :user_id AND c.resource.group.id = :group_id")
+
+
@NamedQuery(name = QUERY_RESOURCE_MEMBERS_COUNT, query = "SELECT count(c) FROM DBResourceMember c " +
" WHERE c.resource.id = :resource_id")
@NamedQuery(name = QUERY_RESOURCE_MEMBERS, query = "SELECT c FROM DBResourceMember c " +
diff --git a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/ui/DomainRO.java b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/ui/DomainRO.java
index 51fca3e65..c0cddbfcd 100644
--- a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/ui/DomainRO.java
+++ b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/ui/DomainRO.java
@@ -19,7 +19,6 @@ public class DomainRO extends BaseRO {
private String domainCode;
private String smlSubdomain;
private String smlSmpId;
- private String smlClientCertHeader;
private String smlClientKeyAlias;
private String signatureKeyAlias;
private boolean smlClientCertAuth;
@@ -61,14 +60,6 @@ public class DomainRO extends BaseRO {
this.smlSmpId = smlSmpId;
}
- public String getSmlClientCertHeader() {
- return smlClientCertHeader;
- }
-
- public void setSmlClientCertHeader(String smlClientCertHeader) {
- this.smlClientCertHeader = smlClientCertHeader;
- }
-
public String getSmlClientKeyAlias() {
return smlClientKeyAlias;
}
diff --git a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/security/ResourceGuard.java b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/security/ResourceGuard.java
index 387b621d2..d2380ceba 100644
--- a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/security/ResourceGuard.java
+++ b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/security/ResourceGuard.java
@@ -8,8 +8,10 @@ import eu.europa.ec.edelivery.smp.data.dao.ResourceMemberDao;
import eu.europa.ec.edelivery.smp.data.enums.MembershipRoleType;
import eu.europa.ec.edelivery.smp.data.enums.VisibilityType;
import eu.europa.ec.edelivery.smp.data.model.DBDomain;
+import eu.europa.ec.edelivery.smp.data.model.DBGroup;
import eu.europa.ec.edelivery.smp.data.model.doc.DBResource;
import eu.europa.ec.edelivery.smp.data.model.doc.DBSubresource;
+import eu.europa.ec.edelivery.smp.data.model.user.DBUser;
import eu.europa.ec.edelivery.smp.exceptions.ErrorCode;
import eu.europa.ec.edelivery.smp.exceptions.SMPRuntimeException;
import eu.europa.ec.edelivery.smp.identifiers.Identifier;
@@ -68,10 +70,6 @@ public class ResourceGuard {
switch (action) {
case READ:
return canRead(user, subresource);
- /* case UPDATE:
- return canUpdate(user, subresource);
- case CREATE:
- return canCreate(user, subresource); */
case DELETE:
return canDelete(user, subresource);
}
@@ -82,12 +80,35 @@ public class ResourceGuard {
public boolean canRead(SMPUserDetails user, DBResource resource) {
LOG.debug(SMPLogger.SECURITY_MARKER, "User [{}] is trying to read resource [{}]", user, resource);
+ DBGroup group = resource.getGroup();
+ DBDomain domain = group.getDomain();
+ DBUser dbuser = user == null ? null : user.getUser();
+ // if domain is internal check if user is member of domain, or any internal resources, groups
+ if (domain.getVisibility() == VisibilityType.PRIVATE &&
+ (dbuser == null ||
+ !(domainMemberDao.isUserDomainMember(dbuser, domain)
+ || groupMemberDao.isUserAnyDomainGroupResourceMember(dbuser, domain)
+ || resourceMemberDao.isUserAnyDomainResourceMember(dbuser, domain)))
+ ) {
+ LOG.debug(SMPLogger.SECURITY_MARKER, "User [{}] is not authorized to read internal domain [{}] resources", user, domain);
+ return false;
+ }
+ // if group is internal check if user is member of group, or any group resources,
+ if (group.getVisibility() == VisibilityType.PRIVATE &&
+ (dbuser == null ||
+ !(groupMemberDao.isUserGroupMember(dbuser, Collections.singletonList(group))
+ || resourceMemberDao.isUserAnyGroupResourceMember(dbuser, group))
+ )) {
+ LOG.debug(SMPLogger.SECURITY_MARKER, "User [{}] is not authorized to read internal group [{}] resources", user, domain);
+ return false;
+ }
+
// if resource is public anybody can see it
if (resource.getVisibility() == VisibilityType.PUBLIC) {
LOG.debug(SMPLogger.SECURITY_MARKER, "User [{}] authorized to read public resource [{}]", user, resource);
return true;
}
- if (user == null || user.getUser() == null) {
+ if (dbuser == null) {
LOG.debug(SMPLogger.SECURITY_MARKER, "Anonymous user [{}] is not authorized to read resource [{}]", user, resource);
return false;
}
@@ -97,15 +118,16 @@ public class ResourceGuard {
LOG.debug(SMPLogger.SECURITY_MARKER, "User [{}] authorized: [{}] to read private resource [{}]", user, isResourceMember, resource);
return isResourceMember;
}
+ /*
// if resource is internal the domain, group members and resource member can see it
if (resource.getVisibility() == VisibilityType.INTERNAL) {
- boolean isAuthorized = domainMemberDao.isUserDomainMember(user.getUser(), resource.getDomainResourceDef().getDomain())
- || groupMemberDao.isUserGroupMember(user.getUser(), Collections.singletonList(resource.getGroup()));
+ boolean isAuthorized = domainMemberDao.isUserDomainMember(dbuser, resource.getDomainResourceDef().getDomain())
+ || groupMemberDao.isUserGroupMember(dbuser, Collections.singletonList(resource.getGroup()));
LOG.debug(SMPLogger.SECURITY_MARKER, "User [{}] authorized: [{}] to read internal resource [{}]", user, isAuthorized, resource);
return isAuthorized;
}
-
+*/
LOG.debug(SMPLogger.SECURITY_MARKER, "User [{}] is not authorized to read resource [{}]", user, resource);
return false;
}
@@ -171,29 +193,6 @@ public class ResourceGuard {
return canUpdate(user, subresource);
}
- /**
- * Method validates if user is member of the resource with admin rights
- *
- * @param userIdentifier
- * @param resourceIdentifier
- */
- public boolean isResourceAdmin(String userIdentifier, String resourceIdentifier) {
- Identifier pt = identifierService.normalizeParticipantIdentifier(resourceIdentifier);
- return isResourceAdmin(userIdentifier, pt.getValue(), pt.getScheme());
- }
-
- public boolean isResourceAdmin(String userIdentifier, String resourceIdentifierValue, String resourceIdentifierScheme) {
- // TODO
- /**
- * ParticipantIdentifierType pt = identifierService.normalizeParticipantIdentifier(serviceGroupIdentifier);
- * Optional<DBResource> osg = serviceGroupDao.findServiceGroup(pt.getValue(), pt.getScheme());
- * Optional<DBUser> own = userDao.findUserByIdentifier(ownerIdentifier);
- * return osg.isPresent() && own.isPresent() && osg.get().getUsers().contains(own.get());
- * }
- */
- return false;
- }
-
/**
* Method validates if any of the service group users contains userID
*
diff --git a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/DomainService.java b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/DomainService.java
index 6b9ff9742..66e9ab52e 100644
--- a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/DomainService.java
+++ b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/DomainService.java
@@ -5,10 +5,10 @@ import eu.europa.ec.edelivery.smp.data.dao.DomainDao;
import eu.europa.ec.edelivery.smp.data.dao.ResourceDao;
import eu.europa.ec.edelivery.smp.data.model.DBDomain;
import eu.europa.ec.edelivery.smp.data.model.doc.DBResource;
+import eu.europa.ec.edelivery.smp.data.model.doc.DBResourceFilter;
import eu.europa.ec.edelivery.smp.exceptions.SMPRuntimeException;
import eu.europa.ec.edelivery.smp.logging.SMPLogger;
import eu.europa.ec.edelivery.smp.logging.SMPLoggerFactory;
-import eu.europa.ec.edelivery.smp.services.ui.filters.ResourceFilter;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
@@ -23,6 +23,7 @@ import static eu.europa.ec.edelivery.smp.exceptions.ErrorCode.*;
/**
* Service for domain
+ *
* @author Joze Rihtarsic
* @since 4.1
*/
@@ -38,13 +39,12 @@ public class DomainService {
private SMLIntegrationService smlIntegrationService;
@Autowired
- private ResourceDao serviceGroupDao;
+ private ResourceDao resourceDao;
@Autowired
private DomainDao domainDao;
-
/**
* Method checks if domain is in right format. Domain must contains only alphanomeric chars and it must
* not be longer than 50 chars.
@@ -76,44 +76,33 @@ public class DomainService {
/**
* If domain is not yet registered and sml integration is on. Than it tries to register domain and all participants
* on that domain. If integration is off it return an configuration exception.
- *
+ * <p>
* Method is not in transaction - but sub-methods are. if registering domain or particular serviceGroup succeed
* then the database flag (SML_REGISTERED) is turned on ( if method fails
* while execution the SML_REGISTERED reflect the real status in SML). Running the method again updates only
* serviceGroup which are not yet registered.
*
- *
* @param domain
*/
- public void registerDomainAndParticipants(DBDomain domain){
+ public void registerDomainAndParticipants(DBDomain domain) {
LOG.info("Start registerDomainAndParticipants for domain:" + domain.getDomainCode());
smlIntegrationService.registerDomain(domain);
- // get all participant for domain and register them
- ResourceFilter serviceGroupFilter = new ResourceFilter();
- serviceGroupFilter.setDomain(domain);
-
- // register all service groups
- List<DBResource> serviceGroupList = serviceGroupDao.getServiceGroupList(-1, -1, null, null, serviceGroupFilter);
- for (DBResource sg: serviceGroupList){
- smlIntegrationService.registerParticipant(sg.getIdentifierValue(), sg.getIdentifierScheme(), domain.getDomainCode());
+ DBResourceFilter filter = DBResourceFilter.createBuilder().domain(domain).build();
+ List<DBResource> resources = resourceDao.getResourcesForFilter(-1, -1, filter);
+ for (DBResource resource : resources) {
+ smlIntegrationService.registerParticipant(resource, domain);
}
}
- public void unregisterDomainAndParticipantsFromSml(DBDomain domain){
-
- // get all participant for domain and register them
- ResourceFilter serviceGroupFilter = new ResourceFilter();
- serviceGroupFilter.setDomain(domain);
+ public void unregisterDomainAndParticipantsFromSml(DBDomain domain) {
- // register all service groups
- List<DBResource> serviceGroupList = serviceGroupDao.getServiceGroupList(-1, -1, null, null, serviceGroupFilter);
- LOG.info("Unregister participants (count: {}) for domain: {}: ", serviceGroupList.size(), domain.getDomainCode());
- for (DBResource sg: serviceGroupList){
- smlIntegrationService.unregisterParticipant(sg.getIdentifierValue(), sg.getIdentifierScheme(), domain.getDomainCode());
+ DBResourceFilter filter = DBResourceFilter.createBuilder().domain(domain).build();
+ List<DBResource> resources = resourceDao.getResourcesForFilter(-1, -1, filter);
+ for (DBResource resource : resources) {
+ smlIntegrationService.unregisterParticipant(resource, domain);
}
-
smlIntegrationService.unRegisterDomain(domain);
}
diff --git a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/SMLIntegrationService.java b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/SMLIntegrationService.java
index ac8851de5..758b51974 100644
--- a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/SMLIntegrationService.java
+++ b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/SMLIntegrationService.java
@@ -3,21 +3,20 @@ package eu.europa.ec.edelivery.smp.services;
import eu.europa.ec.edelivery.smp.conversion.IdentifierService;
import eu.europa.ec.edelivery.smp.data.dao.DomainDao;
-import eu.europa.ec.edelivery.smp.data.dao.ResourceDao;
import eu.europa.ec.edelivery.smp.data.model.DBDomain;
-import eu.europa.ec.edelivery.smp.data.model.DBDomainResourceDef;
+import eu.europa.ec.edelivery.smp.data.model.doc.DBResource;
import eu.europa.ec.edelivery.smp.exceptions.SMPRuntimeException;
import eu.europa.ec.edelivery.smp.identifiers.Identifier;
import eu.europa.ec.edelivery.smp.logging.SMPLogger;
import eu.europa.ec.edelivery.smp.logging.SMPLoggerFactory;
-import eu.europa.ec.edelivery.smp.logging.SMPMessageCode;
import eu.europa.ec.edelivery.smp.sml.SmlConnector;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Propagation;
import org.springframework.transaction.annotation.Transactional;
import static eu.europa.ec.edelivery.smp.exceptions.ErrorCode.CONFIGURATION_ERROR;
-import static eu.europa.ec.edelivery.smp.logging.SMPMessageCode.BUS_SML_UNREGISTER_SERVICE_GROUP;
+import static eu.europa.ec.edelivery.smp.logging.SMPMessageCode.*;
/**
@@ -39,9 +38,6 @@ public class SMLIntegrationService {
@Autowired
private SmlConnector smlConnector;
- @Autowired
- private ResourceDao serviceGroupDao;
-
@Autowired
private DomainDao domainDao;
@@ -85,94 +81,77 @@ public class SMLIntegrationService {
/**
- * Method in transaction update servicegroupDomain status and registers participant to SML.
+ * Method in transaction update resource status and registers it to SML.
* If registration fails - transaction is rolled back
*
- * @param participantId - Participant schema
- * @param participantSchema - Participant schema
- * @param domainCode - register to domain
+ * @param resource
+ * @param domain
*/
- @Transactional
- public void registerParticipant(String participantId, String participantSchema, String domainCode) {
- /*
- LOG.businessDebug(BUS_SML_REGISTER_SERVICE_GROUP, participantId, participantSchema, domainCode);
+ @Transactional(propagation = Propagation.REQUIRES_NEW)
+ public void registerParticipant(DBResource resource, DBDomain domain) {
+
+ LOG.businessDebug(BUS_SML_REGISTER_SERVICE_GROUP, resource.getIdentifierValue(), resource.getIdentifierScheme(), domain.getDomainCode());
if (!isSMLIntegrationEnabled()) {
String msg = "SML integration is not enabled!";
- LOG.businessError(BUS_SML_REGISTER_SERVICE_GROUP_FAILED, participantId, participantSchema, domainCode, msg);
+ LOG.businessError(BUS_SML_REGISTER_SERVICE_GROUP_FAILED, resource.getIdentifierValue(), resource.getIdentifierScheme(), domain.getDomainCode(), msg);
throw new SMPRuntimeException(CONFIGURATION_ERROR, msg);
}
- DBDomainResourceDef serviceGroupDomain = getAndValidateServiceGroupDomain(participantId,
- participantSchema, domainCode, BUS_SML_REGISTER_SERVICE_GROUP_FAILED);
-
- ParticipantIdentifierType normalizedParticipantId = identifierService
- .normalizeParticipant(participantSchema, participantId);
-
-
+ Identifier normalizedParticipantId = identifierService
+ .normalizeParticipant(resource.getIdentifierScheme(), resource.getIdentifierValue());
// register only not registered services
- if (!serviceGroupDomain.isSmlRegistered()) {
+ if (!resource.isSmlRegistered()) {
// update value
- serviceGroupDomain.setSmlRegistered(true);
- serviceGroupDao.updateServiceGroupDomain(serviceGroupDomain);
- smlConnector.registerInDns(normalizedParticipantId, serviceGroupDomain.getDomain());
- LOG.businessDebug(BUS_SML_REGISTER_SERVICE_GROUP, participantId, participantSchema, domainCode);
+ resource.setSmlRegistered(true);
+ smlConnector.registerInDns(normalizedParticipantId, domain);
+ LOG.businessDebug(BUS_SML_REGISTER_SERVICE_GROUP, resource.getIdentifierValue(), resource.getIdentifierScheme(), domain.getDomainCode());
} else {
- LOG.businessWarn(BUS_SML_REGISTER_SERVICE_GROUP_ALREADY_REGISTERED, participantId, participantSchema, domainCode);
+ LOG.businessWarn(BUS_SML_REGISTER_SERVICE_GROUP_ALREADY_REGISTERED, resource.getIdentifierValue(), resource.getIdentifierScheme(), domain.getDomainCode());
}
-*/
+
}
/**
- * Method in transaction update servicegroupDomain status and unregisters participant to SML.
- * Method is meant for unregistering participants which are still in database. If they are delete
- * then this method should not be used.
+ * Method in transaction update resource status and unregisters participant to SML.
* <p>
* If registration fails - transaction is rolled back
*
- * @param participantId - Participant schema
- * @param participantSchema - Participant schema
- * @param domainCode - register to domain
+ * @param resource
+ * @param domain
*/
- @Transactional
- public void unregisterParticipant(String participantId, String participantSchema, String domainCode) {
- /* LOG.businessDebug(BUS_SML_UNREGISTER_SERVICE_GROUP, participantId, participantSchema, domainCode);
+ @Transactional(propagation = Propagation.REQUIRES_NEW)
+ public void unregisterParticipant(DBResource resource, DBDomain domain) {
+ LOG.businessDebug(BUS_SML_UNREGISTER_SERVICE_GROUP, resource.getIdentifierValue(), resource.getIdentifierScheme(), domain.getDomainCode());
if (!isSMLIntegrationEnabled()) {
String msg = "SML integration is not enabled!";
- LOG.businessError(BUS_SML_UNREGISTER_SERVICE_GROUP_FAILED, participantId, participantSchema, domainCode, msg);
+ LOG.businessError(BUS_SML_UNREGISTER_SERVICE_GROUP_FAILED, resource.getIdentifierValue(), resource.getIdentifierScheme(), domain.getDomainCode(), msg);
throw new SMPRuntimeException(CONFIGURATION_ERROR, msg);
}
-
- DBDomainResourceDef serviceGroupDomain = getAndValidateServiceGroupDomain(participantId, participantSchema, domainCode, BUS_SML_UNREGISTER_SERVICE_GROUP_FAILED);
-
// unregister only registered participants
- if (serviceGroupDomain.isSmlRegistered()) {
+ if (resource.isSmlRegistered()) {
// update value
- serviceGroupDomain.setSmlRegistered(false);
- serviceGroupDao.updateServiceGroupDomain(serviceGroupDomain);
- unregisterParticipantFromSML(participantId, participantSchema, serviceGroupDomain.getDomain());
- LOG.businessDebug(BUS_SML_UNREGISTER_SERVICE_GROUP, participantId, participantSchema, domainCode);
+ resource.setSmlRegistered(false);
+ unregisterParticipantFromSML(resource, domain);
+ LOG.businessDebug(BUS_SML_UNREGISTER_SERVICE_GROUP, resource.getIdentifierValue(), resource.getIdentifierScheme(), domain.getDomainCode());
} else {
- LOG.businessWarn(BUS_SML_UNREGISTER_SERVICE_GROUP_ALREADY_REGISTERED, participantId, participantSchema, domainCode);
+ LOG.businessWarn(BUS_SML_UNREGISTER_SERVICE_GROUP_ALREADY_REGISTERED, resource.getIdentifierValue(), resource.getIdentifierScheme(), domain.getDomainCode());
}
-
- */
}
/**
* Method unregisters participant from SML. It does not check if Participant is in database or of is unregistered
*
- * @param participantId - Participant schema
- * @param participantSchema - Participant schema
- * @param domain - register to domain
+ * @param resource - Participant
+ * @param domain - unregister to domain
*/
- public boolean unregisterParticipantFromSML(String participantId, String participantSchema, DBDomain domain) {
- LOG.businessDebug(BUS_SML_UNREGISTER_SERVICE_GROUP, participantId, participantSchema, domain.getDomainCode());
+ public boolean unregisterParticipantFromSML(DBResource resource, DBDomain domain) {
+ LOG.businessDebug(BUS_SML_UNREGISTER_SERVICE_GROUP, resource.getIdentifierValue(), resource.getIdentifierScheme(), domain.getDomainCode());
Identifier normalizedParticipantId = identifierService
- .normalizeParticipant(participantSchema, participantId);
+ .normalizeParticipant(resource.getIdentifierScheme(), resource.getIdentifierValue());
// unregister only registered participants
return smlConnector.unregisterFromDns(normalizedParticipantId, domain);
@@ -198,28 +177,6 @@ public class SMLIntegrationService {
}
- private DBDomainResourceDef getAndValidateServiceGroupDomain(String participantId, String participantSchema, String domainCode, SMPMessageCode messageCode) {
- /* // retrieve participant (session must be on - lazy loading... )
- Optional<DBResource> optionalServiceGroup = serviceGroupDao.findServiceGroup(participantId, participantSchema);
- if (!optionalServiceGroup.isPresent()) {
- String msg = "Service group not exists anymore !";
- LOG.businessError(messageCode, participantId, participantId, domainCode, msg);
- throw new SMPRuntimeException(SG_NOT_EXISTS, participantId, participantSchema);
- }
-
- DBResource serviceGroup = optionalServiceGroup.get();
- Optional<DBDomainResourceDef> optionalServiceGroupDomain = serviceGroup.getServiceGroupForDomain(domainCode);
- if (!optionalServiceGroupDomain.isPresent()) {
- String msg = "Service group is not registered for domain on this SMP - register participant on domain first!";
- LOG.businessError(messageCode, participantId, participantId, domainCode, msg);
- throw new SMPRuntimeException(SG_NOT_REGISTRED_FOR_DOMAIN, domainCode, participantId, participantSchema);
- }
-
-
- return optionalServiceGroupDomain.get(); */
- return null;
- }
-
public boolean isSMLIntegrationEnabled() {
return configurationService.isSMLIntegrationEnabled();
}
diff --git a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/resource/ResourceResolverService.java b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/resource/ResourceResolverService.java
index 529eec63f..0ee093ec1 100644
--- a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/resource/ResourceResolverService.java
+++ b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/resource/ResourceResolverService.java
@@ -19,6 +19,7 @@ import eu.europa.ec.edelivery.smp.services.ConfigurationService;
import eu.europa.ec.edelivery.smp.servlet.ResourceAction;
import eu.europa.ec.edelivery.smp.servlet.ResourceRequest;
import org.apache.commons.lang3.StringUtils;
+import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
@@ -117,10 +118,10 @@ public class ResourceResolverService {
locationVector.setResource(resource);
if (resourceGuard.userIsNotAuthorizedForAction(user, resourceRequest.getAction(), resource, domain)) {
- LOG.info(SECURITY_MARKER, "User [{}] is NOT authorized for action [{}] on the resource [{}]", user, resourceRequest.getAction(), resource);
- throw new SMPRuntimeException(ErrorCode.USER_IS_NOT_OWNER, user.getUsername(), resource.getIdentifierValue(), resource.getIdentifierScheme());
+ LOG.info(SECURITY_MARKER, "User [{}] is NOT authorized for action [{}] on the resource [{}]", getUsername(user), resourceRequest.getAction(), resource);
+ throw new SMPRuntimeException(ErrorCode.UNAUTHORIZED);
} else {
- LOG.info(SECURITY_MARKER, "User: [{}] is authorized for action [{}] on the resource [{}]", user, resourceRequest.getAction(), resource);
+ LOG.info(SECURITY_MARKER, "User: [{}] is authorized for action [{}] on the resource [{}]", getUsername(user), resourceRequest.getAction(), resource);
}
if (pathParameters.size() == ++iParameterIndex) {
@@ -294,7 +295,10 @@ public class ResourceResolverService {
if (configurationService.getParticipantSchemeMandatory() && StringUtils.isBlank(identifier.getScheme())) {
throw new SMPRuntimeException(SML_INVALID_IDENTIFIER, identifier.getValue());
}
+ }
+ public String getUsername(UserDetails user){
+ return user ==null? "Anonymous":user.getUsername();
}
}
diff --git a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/spi/SmpXmlSignatureService.java b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/spi/SmpXmlSignatureService.java
index 0a84ef901..756ba2024 100644
--- a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/spi/SmpXmlSignatureService.java
+++ b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/spi/SmpXmlSignatureService.java
@@ -38,6 +38,7 @@ import javax.xml.crypto.dsig.keyinfo.X509Data;
import javax.xml.crypto.dsig.spec.C14NMethodParameterSpec;
import javax.xml.crypto.dsig.spec.TransformParameterSpec;
import java.security.InvalidAlgorithmParameterException;
+import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
@@ -54,8 +55,6 @@ import static javax.xml.crypto.dsig.Transform.ENVELOPED;
public final class SmpXmlSignatureService implements SmpXmlSignatureApi {
private static final SMPLogger LOG = SMPLoggerFactory.getLogger(SmpXmlSignatureService.class);
-
- private static final String DEFAULT_SIGNATURE_METHOD = org.apache.xml.security.signature.XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256;
private static final String DEFAULT_HASH_METHOD = javax.xml.crypto.dsig.DigestMethod.SHA256;
DomainDao domainDao;
@@ -70,13 +69,14 @@ public final class SmpXmlSignatureService implements SmpXmlSignatureApi {
private static XMLSignatureFactory getDomSigFactory() {
// According to Javadoc, only static methods of this factory are thread-safe
// We cannot share and re-use the same instance in every place
- return XMLSignatureFactory.getInstance("DOM");
+ // set apache santuario xmlsec signature factory
+ return XMLSignatureFactory.getInstance("DOM", new org.apache.jcp.xml.dsig.internal.dom.XMLDSigRI());
}
/**
* Creates an Enveloped XML signature which is embed to the specified node (parentSignatureNode) of the document.
* The marshalled <code>XMLSignature</code> will be added as the last
- * child element of the specified pparentSignatureNode.
+ * child element of the specified parentSignatureNode.
*
* @param parentSignatureNode the parent of the signing node. The element must be part of the XML document to be signed
* @param signedElementURIList the parent node the list of URIs to be signed. If List is empty then the whole document is signed
@@ -108,7 +108,8 @@ public final class SmpXmlSignatureService implements SmpXmlSignatureApi {
createEnvelopedSignature(documentToSign.getDocumentElement(), Collections.emptyList(), keyAlias, signatureAlgorithm, signatureHashMethod);
}
- public void createEnvelopedSignature(Element parentSignatureNode, List<String> signedElementURIList, String keyAlias, String signatureAlgorithm, String signatureHashMethod) {
+ public void createEnvelopedSignature(Element parentSignatureNode, List<String> signedElementURIList, String keyAlias,
+ String signatureAlgorithm, String signatureHashMethod) {
LOG.info("Sing document with alias {}", keyAlias);
try {
if (StringUtils.isBlank(keyAlias) && uiKeystoreService.getKeystoreEntriesList().size() > 1) {
@@ -117,21 +118,26 @@ public final class SmpXmlSignatureService implements SmpXmlSignatureApi {
}
XMLSignatureFactory domSigFactory = getDomSigFactory();
+ Key signingKey = uiKeystoreService.getKey(keyAlias);
+ String signAlg = getSignatureAlgorithmForKey(signingKey, signatureAlgorithm);
+ String referenceHash = StringUtils.defaultIfEmpty(signatureHashMethod, DEFAULT_HASH_METHOD);
+
+
List<Reference> referenceList;
if (signedElementURIList.isEmpty()) {
// Create a Reference to the ENVELOPED document
// URI "" means that the whole document is signed
- referenceList = singletonList(createReferenceForUri("", domSigFactory, signatureHashMethod));
+ referenceList = singletonList(createReferenceForUri("", domSigFactory, referenceHash));
} else {
- referenceList = signedElementURIList.stream().map(uri -> createReferenceForUri(uri, domSigFactory, signatureHashMethod)).collect(Collectors.toList());
+ referenceList = signedElementURIList.stream().map(uri -> createReferenceForUri(uri, domSigFactory, referenceHash)).collect(Collectors.toList());
}
-
-
+ LOG.info("Create signature with signature algorithm : [{}]", signAlg);
SignedInfo singedInfo = domSigFactory.newSignedInfo(
domSigFactory.newCanonicalizationMethod(INCLUSIVE, (C14NMethodParameterSpec) null),
- domSigFactory.newSignatureMethod(StringUtils.defaultIfEmpty(signatureAlgorithm, DEFAULT_SIGNATURE_METHOD), null),
+ domSigFactory.newSignatureMethod(signAlg, null),
referenceList);
+
DOMSignContext domSignContext = new DOMSignContext(uiKeystoreService.getKey(keyAlias), parentSignatureNode);
// Create the XMLSignature, but don't sign it yet
@@ -149,7 +155,7 @@ public final class SmpXmlSignatureService implements SmpXmlSignatureApi {
try {
return domSigFactory.newReference(
elementUri,
- domSigFactory.newDigestMethod(StringUtils.defaultIfEmpty(signatureHashMethod, DEFAULT_HASH_METHOD), null),
+ domSigFactory.newDigestMethod(signatureHashMethod, null),
singletonList(domSigFactory.newTransform(ENVELOPED, (TransformParameterSpec) null)),
null,
null);
@@ -168,4 +174,23 @@ public final class SmpXmlSignatureService implements SmpXmlSignatureApi {
return keyInfoFactory.newKeyInfo(singletonList(x509Data));
}
+ public String getSignatureAlgorithmForKey(Key key, String algorithm) {
+ if (StringUtils.isNotBlank(algorithm)) {
+ return algorithm;
+ }
+
+ if (StringUtils.equalsAnyIgnoreCase(key.getAlgorithm(), "1.3.101.112","ed25519")) {
+ return org.apache.xml.security.signature.XMLSignature.ALGO_ID_SIGNATURE_EDDSA_ED25519;
+ }
+
+ if (StringUtils.equalsAnyIgnoreCase(key.getAlgorithm(), "1.3.101.113","ed448")) {
+ return org.apache.xml.security.signature.XMLSignature.ALGO_ID_SIGNATURE_EDDSA_ED448;
+ }
+
+ if (StringUtils.equalsIgnoreCase(key.getAlgorithm(), "ec")) {
+ return org.apache.xml.security.signature.XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA256;
+ }
+ return org.apache.xml.security.signature.XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256;
+ }
+
}
diff --git a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/ui/UIDomainService.java b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/ui/UIDomainService.java
index fcd081cf4..118d92e93 100644
--- a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/ui/UIDomainService.java
+++ b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/ui/UIDomainService.java
@@ -38,15 +38,14 @@ public class UIDomainService extends UIServiceBase<DBDomain, DomainRO> {
private ResourceDefDao resourceDefDao;
private DomainResourceDefDao domainResourceDefDao;
private ConversionService conversionService;
- private SmlConnector smlConnector;
- public UIDomainService(ConversionService conversionService, DomainDao domainDao, ResourceDao resourceDao, ResourceDefDao resourceDefDao, DomainResourceDefDao domainResourceDefDao, SmlConnector smlConnector) {
+
+ public UIDomainService(ConversionService conversionService, DomainDao domainDao, ResourceDao resourceDao, ResourceDefDao resourceDefDao, DomainResourceDefDao domainResourceDefDao) {
this.conversionService = conversionService;
this.domainDao = domainDao;
this.resourceDao = resourceDao;
this.resourceDefDao = resourceDefDao;
this.domainResourceDefDao = domainResourceDefDao;
- this.smlConnector = smlConnector;
}
@Override
@@ -117,7 +116,7 @@ public class UIDomainService extends UIServiceBase<DBDomain, DomainRO> {
if (domain == null) {
throw new BadRequestException(ErrorBusinessCode.NOT_FOUND, "Domain does not exist in database!");
}
- if (domain.isSmlRegistered() && StringUtils.equals(data.getSmlSmpId(), domain.getSmlSmpId())){
+ if (domain.isSmlRegistered() && !StringUtils.equals(data.getSmlSmpId(), domain.getSmlSmpId())){
String msg = "SMP-SML identifier must not change for registered domain ["+domain.getDomainCode()+"]!";
throw new BadRequestException(ErrorBusinessCode.NOT_FOUND, msg);
}
@@ -125,7 +124,6 @@ public class UIDomainService extends UIServiceBase<DBDomain, DomainRO> {
domain.setSmlSubdomain(data.getSmlSubdomain());
domain.setSmlSmpId(data.getSmlSmpId());
domain.setSmlClientKeyAlias(data.getSmlClientKeyAlias());
- domain.setSmlClientCertHeader(data.getSmlClientCertHeader());
domain.setSmlClientCertAuth(data.isSmlClientCertAuth());
}
diff --git a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/ui/UIResourceService.java b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/ui/UIResourceService.java
index adebe411a..496466214 100644
--- a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/ui/UIResourceService.java
+++ b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/ui/UIResourceService.java
@@ -2,6 +2,7 @@ package eu.europa.ec.edelivery.smp.services.ui;
import eu.europa.ec.edelivery.smp.data.dao.*;
import eu.europa.ec.edelivery.smp.data.enums.MembershipRoleType;
+import eu.europa.ec.edelivery.smp.data.model.DBDomain;
import eu.europa.ec.edelivery.smp.data.model.DBDomainResourceDef;
import eu.europa.ec.edelivery.smp.data.model.DBGroup;
import eu.europa.ec.edelivery.smp.data.model.doc.DBDocument;
@@ -17,7 +18,7 @@ import eu.europa.ec.edelivery.smp.exceptions.ErrorCode;
import eu.europa.ec.edelivery.smp.exceptions.SMPRuntimeException;
import eu.europa.ec.edelivery.smp.logging.SMPLogger;
import eu.europa.ec.edelivery.smp.logging.SMPLoggerFactory;
-import eu.europa.ec.edelivery.smp.sml.SmlConnector;
+import eu.europa.ec.edelivery.smp.services.SMLIntegrationService;
import org.apache.commons.lang3.StringUtils;
import org.springframework.core.convert.ConversionService;
import org.springframework.stereotype.Service;
@@ -51,10 +52,13 @@ public class UIResourceService {
private final ResourceDefDao resourceDefDao;
private final DomainResourceDefDao domainResourceDefDao;
private final ConversionService conversionService;
- private final SmlConnector smlConnector;
+ private final SMLIntegrationService smlIntegrationService;
- public UIResourceService(ResourceDao resourceDao, ResourceMemberDao resourceMemberDao, ResourceDefDao resourceDefDao, DomainResourceDefDao domainResourceDefDao, UserDao userDao, GroupDao groupDao, ConversionService conversionService, SmlConnector smlConnector) {
+ public UIResourceService(ResourceDao resourceDao, ResourceMemberDao resourceMemberDao, ResourceDefDao resourceDefDao,
+ DomainResourceDefDao domainResourceDefDao, UserDao userDao, GroupDao groupDao,
+ ConversionService conversionService,
+ SMLIntegrationService smlIntegrationService) {
this.resourceDao = resourceDao;
this.resourceMemberDao = resourceMemberDao;
this.resourceDefDao = resourceDefDao;
@@ -62,7 +66,7 @@ public class UIResourceService {
this.groupDao = groupDao;
this.userDao = userDao;
this.conversionService = conversionService;
- this.smlConnector = smlConnector;
+ this.smlIntegrationService = smlIntegrationService;
}
@@ -145,6 +149,11 @@ public class UIResourceService {
if (!Objects.equals(resource.getGroup().getDomain().getId(), domainId)) {
throw new SMPRuntimeException(ErrorCode.INVALID_REQUEST, ACTION_RESOURCE_CREATE, "Group does not belong to the given domain!");
}
+ DBDomain resourceDomain = resource.getGroup().getDomain();
+ if (smlIntegrationService.isSMLIntegrationEnabled() &&
+ resourceDomain.isSmlRegistered() && resource.isSmlRegistered()) {
+ smlIntegrationService.unregisterParticipant(resource, resourceDomain);
+ }
resourceDao.remove(resource);
return conversionService.convert(resource, ResourceRO.class);
@@ -192,6 +201,13 @@ public class UIResourceService {
dbResourceMember.setResource(resource);
dbResourceMember.setUser(user);
resourceMemberDao.persist(dbResourceMember);
+ // try to register it to
+ DBDomain resourceDomain = resource.getGroup().getDomain();
+ if (smlIntegrationService.isSMLIntegrationEnabled() &&
+ resourceDomain.isSmlRegistered()) {
+ smlIntegrationService.registerParticipant(resource, resourceDomain);
+ }
+
return conversionService.convert(resource, ResourceRO.class);
}
diff --git a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/ui/UIServiceGroupSearchService.java b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/ui/UIServiceGroupSearchService.java
index 4a84c1247..2f1092e35 100644
--- a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/ui/UIServiceGroupSearchService.java
+++ b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/ui/UIServiceGroupSearchService.java
@@ -6,13 +6,14 @@ import eu.europa.ec.edelivery.smp.data.dao.ResourceDao;
import eu.europa.ec.edelivery.smp.data.dao.UserDao;
import eu.europa.ec.edelivery.smp.data.model.DBDomain;
import eu.europa.ec.edelivery.smp.data.model.doc.DBResource;
-import eu.europa.ec.edelivery.smp.data.ui.DomainRO;
+import eu.europa.ec.edelivery.smp.data.model.user.DBUser;
import eu.europa.ec.edelivery.smp.data.ui.ServiceGroupSearchRO;
import eu.europa.ec.edelivery.smp.data.ui.ServiceMetadataRO;
import eu.europa.ec.edelivery.smp.data.ui.ServiceResult;
import eu.europa.ec.edelivery.smp.logging.SMPLogger;
import eu.europa.ec.edelivery.smp.logging.SMPLoggerFactory;
import eu.europa.ec.edelivery.smp.services.ui.filters.ResourceFilter;
+import eu.europa.ec.edelivery.smp.utils.SessionSecurityUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
@@ -28,7 +29,7 @@ public class UIServiceGroupSearchService extends UIServiceBase<DBResource, Servi
DomainDao domainDao;
@Autowired
- ResourceDao serviceGroupDao;
+ ResourceDao resourceDao;
@Autowired
UserDao userDao;
@@ -36,7 +37,7 @@ public class UIServiceGroupSearchService extends UIServiceBase<DBResource, Servi
@Override
protected BaseDao<DBResource> getDatabaseDao() {
- return serviceGroupDao;
+ return resourceDao;
}
/**
@@ -57,19 +58,19 @@ public class UIServiceGroupSearchService extends UIServiceBase<DBResource, Servi
ServiceResult<ServiceGroupSearchRO> sg = new ServiceResult<>();
sg.setPage(page < 0 ? 0 : page);
sg.setPageSize(pageSize);
- long iCnt = serviceGroupDao.getServiceGroupCount(filter);
+ DBUser user = SessionSecurityUtils.getSessionUserDetails() != null ? SessionSecurityUtils.getSessionUserDetails().getUser() : null;
+
+ long iCnt = resourceDao.getPublicResourcesSearchCount(user, filter.getIdentifierSchemeLike(), filter.getIdentifierValueLike());
sg.setCount(iCnt);
if (iCnt > 0) {
- int iStartIndex = pageSize<0?-1:page * pageSize;
- if (iStartIndex >= iCnt && page > 0){
- page = page -1;
+ int iStartIndex = pageSize < 0 ? -1 : page * pageSize;
+ if (iStartIndex >= iCnt && page > 0) {
+ page = page - 1;
sg.setPage(page); // go back for a page
- iStartIndex = pageSize<0?-1:page * pageSize;
+ iStartIndex = pageSize < 0 ? -1 : page * pageSize;
}
-
-
- List<DBResource> lst = serviceGroupDao.getServiceGroupList(iStartIndex, pageSize, sortField, sortOrder, filter);
+ List<DBResource> lst = resourceDao.getPublicResourcesSearch(page, pageSize, user, filter.getIdentifierSchemeLike(), filter.getIdentifierValueLike());
List<ServiceGroupSearchRO> lstRo = new ArrayList<>();
for (DBResource resource : lst) {
ServiceGroupSearchRO serviceGroupRo = convertToRo(resource);
@@ -96,12 +97,12 @@ public class UIServiceGroupSearchService extends UIServiceBase<DBResource, Servi
DBDomain domain = resource.getDomainResourceDef().getDomain();
resource.getSubresources().forEach(subresource -> {
- ServiceMetadataRO smdro = new ServiceMetadataRO();
- smdro.setDocumentIdentifier(subresource.getIdentifierValue());
- smdro.setDocumentIdentifierScheme(subresource.getIdentifierScheme());
- smdro.setDomainCode(domain.getDomainCode());
- smdro.setSmlSubdomain(domain.getSmlSubdomain());
- serviceGroupRo.getServiceMetadata().add(smdro);
+ ServiceMetadataRO smdro = new ServiceMetadataRO();
+ smdro.setDocumentIdentifier(subresource.getIdentifierValue());
+ smdro.setDocumentIdentifierScheme(subresource.getIdentifierScheme());
+ smdro.setDomainCode(domain.getDomainCode());
+ smdro.setSmlSubdomain(domain.getSmlSubdomain());
+ serviceGroupRo.getServiceMetadata().add(smdro);
});
diff --git a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/ui/UIServiceGroupService.java b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/ui/UIServiceGroupService.java
index 52fbe52f1..b3e3c3379 100644
--- a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/ui/UIServiceGroupService.java
+++ b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/ui/UIServiceGroupService.java
@@ -182,6 +182,7 @@ public class UIServiceGroupService extends UIServiceBase<DBResource, ServiceGrou
if (!smlIntegrationService.isSMLIntegrationEnabled()) {
return;
}
+ /*
for (ParticipantSMLRecord record : lstRecords) {
if (record.getStatus() == SMLStatusEnum.REGISTER) {
boolean result = smlIntegrationService.registerParticipantToSML(record.getParticipantIdentifier(),
@@ -195,6 +196,8 @@ public class UIServiceGroupService extends UIServiceBase<DBResource, ServiceGrou
updateServiceGroupDomainStatus(result, record);
}
}
+
+ */
}
protected void updateServiceGroupDomainStatus(boolean smlActionStatus, ParticipantSMLRecord record) {
diff --git a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/ui/UISubresourceService.java b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/ui/UISubresourceService.java
index c5681ec80..2b2754f65 100644
--- a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/ui/UISubresourceService.java
+++ b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/ui/UISubresourceService.java
@@ -75,6 +75,9 @@ public class UISubresourceService {
}
resource.getSubresources().remove(subresource);
subresourceDao.remove(subresource);
+
+
+
return conversionService.convert(subresource, SubresourceRO.class);
}
@@ -106,6 +109,8 @@ public class UISubresourceService {
subresourceDao.persist(subresource);
// create first member as admin user
+
+
return conversionService.convert(subresource, SubresourceRO.class);
}
diff --git a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/sml/SmlClientFactory.java b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/sml/SmlClientFactory.java
index 5337dd3ef..6f4116ea7 100644
--- a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/sml/SmlClientFactory.java
+++ b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/sml/SmlClientFactory.java
@@ -38,12 +38,8 @@ import org.springframework.stereotype.Component;
@Component
public class SmlClientFactory {
- private static final String SERVICE_METADATA_CONTEXT = "manageservicemetadata";
- private static final String IDENTIFIER_CONTEXT = "manageparticipantidentifier";
private static final SMPLogger LOG = SMPLoggerFactory.getLogger(SmlClientFactory.class);
- private static final String CLIENT_CERT_HEADER_KEY = "Client-Cert";
-
@Autowired
ConfigurationService configurationService;
@@ -52,7 +48,7 @@ public class SmlClientFactory {
@Bean
@Scope("prototype")
- public IManageParticipantIdentifierWS create(String clientKeyAlias, String clientCertHttpHeader, boolean clientCertAuthentication) {
+ public IManageParticipantIdentifierWS create() {
LOG.info("create IManageParticipantIdentifierWS");
@@ -61,14 +57,12 @@ public class SmlClientFactory {
.setWsdlURL(ManageBusinessIdentifierService.class.getResource("/ManageBusinessIdentifierService-1.0.wsdl"));
factory.setServiceName(ManageBusinessIdentifierService.SERVICE);
factory.setEndpointName(ManageBusinessIdentifierService.ManageBusinessIdentifierServicePort);
- IManageParticipantIdentifierWS smlPort = factory.create(IManageParticipantIdentifierWS.class);
-
- return smlPort;
+ return factory.create(IManageParticipantIdentifierWS.class);
}
@Bean
@Scope("prototype")
- public IManageServiceMetadataWS createSmp(String clientKeyAlias, String clientCertHttpHeader, boolean clientCertAuthentication) {
+ public IManageServiceMetadataWS createSmp() {
LOG.info("create IManageServiceMetadataWS");
JaxWsProxyFactoryBean factory = new JaxWsProxyFactoryBean();
@@ -76,7 +70,6 @@ public class SmlClientFactory {
.setWsdlURL(ManageServiceMetadataService.class.getResource("/ManageServiceMetadataService-1.0.wsdl"));
factory.setServiceName(ManageServiceMetadataService.SERVICE);
factory.setEndpointName(ManageServiceMetadataService.ManageServiceMetadataServicePort);
- IManageServiceMetadataWS smlPort = factory.create(IManageServiceMetadataWS.class);
- return smlPort;
+ return factory.create(IManageServiceMetadataWS.class);
}
}
diff --git a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/sml/SmlConnector.java b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/sml/SmlConnector.java
index bed087e00..10b0c69cf 100644
--- a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/sml/SmlConnector.java
+++ b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/sml/SmlConnector.java
@@ -17,10 +17,10 @@ import eu.europa.ec.bdmsl.ws.soap.BadRequestFault;
import eu.europa.ec.bdmsl.ws.soap.IManageParticipantIdentifierWS;
import eu.europa.ec.bdmsl.ws.soap.IManageServiceMetadataWS;
import eu.europa.ec.bdmsl.ws.soap.NotFoundFault;
+import eu.europa.ec.edelivery.smp.config.enums.SMPPropertyEnum;
import eu.europa.ec.edelivery.smp.conversion.IdentifierService;
import eu.europa.ec.edelivery.smp.data.model.DBDomain;
import eu.europa.ec.edelivery.smp.data.ui.CertificateRO;
-import eu.europa.ec.edelivery.smp.config.enums.SMPPropertyEnum;
import eu.europa.ec.edelivery.smp.exceptions.ErrorCode;
import eu.europa.ec.edelivery.smp.exceptions.SMPRuntimeException;
import eu.europa.ec.edelivery.smp.identifiers.Identifier;
@@ -264,8 +264,7 @@ public class SmlConnector implements ApplicationContextAware {
private IManageParticipantIdentifierWS getParticipantWSClient(DBDomain domain) {
- IManageParticipantIdentifierWS iManageServiceMetadataWS = ctx.getBean(IManageParticipantIdentifierWS.class, getSmlClientKeyAliasForDomain(domain),
- domain.getSmlClientCertHeader(), domain.isSmlClientCertAuth());
+ IManageParticipantIdentifierWS iManageServiceMetadataWS = ctx.getBean(IManageParticipantIdentifierWS.class);
// configure connection
configureClient(IDENTIFIER_VALUE_CONTEXT, iManageServiceMetadataWS, domain);
@@ -275,8 +274,7 @@ public class SmlConnector implements ApplicationContextAware {
private IManageServiceMetadataWS getSMPManagerWSClient(DBDomain domain) {
- IManageServiceMetadataWS iManageServiceMetadataWS = ctx.getBean(IManageServiceMetadataWS.class,
- getSmlClientKeyAliasForDomain(domain), domain.getSmlClientCertHeader(), domain.isSmlClientCertAuth());
+ IManageServiceMetadataWS iManageServiceMetadataWS = ctx.getBean(IManageServiceMetadataWS.class);
// configure value connection
configureClient(SERVICE_METADATA_CONTEXT, iManageServiceMetadataWS, domain);
@@ -305,9 +303,7 @@ public class SmlConnector implements ApplicationContextAware {
public void configureClient(String serviceEndpoint, Object smlPort, DBDomain domain) {
String clientKeyAlias = getSmlClientKeyAliasForDomain(domain);
- String clientCertHttpHeader = domain.getSmlClientCertHeader();
boolean clientCertAuthentication = domain.isSmlClientCertAuth();
-
Client client = ClientProxy.getClient(smlPort);
URL url = configurationService.getSMLIntegrationUrl();
if (url == null) {
@@ -320,22 +316,12 @@ public class SmlConnector implements ApplicationContextAware {
} catch (MalformedURLException e) {
throw new IllegalArgumentException("Malformed SML URL: " + url, e);
}
+
boolean useTLS = urlSMPManagment.getProtocol().equalsIgnoreCase("https");
Map<String, Object> requestContext = ((BindingProvider) smlPort).getRequestContext();
requestContext.put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, urlSMPManagment.toString());
- // check if there is only one cert in keystore
- if (!clientCertAuthentication && StringUtils.isBlank(clientKeyAlias)) {
- List<CertificateRO> list = keystoreService.getKeystoreEntriesList();
- if (list.size() == 1) {
- // set the default alias
- clientKeyAlias = list.get(0).getAlias();
- } else if (list.isEmpty()) {
- throw new IllegalStateException("Empty keystore! Import Key for SML authentication to keystore!");
- } else {
- throw new IllegalStateException("More than one key in Keystore! Define alias for the domain SML authentication!");
- }
- }
+ CertificateRO certificateRO = getClientCertificate(clientKeyAlias);
if (!clientCertAuthentication && !useTLS) {
LOG.warn("SML integration is wrongly configured. Uses 2-way-SSL HTTPS but URL is not HTTPS! Url: [{}].", urlSMPManagment);
@@ -344,17 +330,33 @@ public class SmlConnector implements ApplicationContextAware {
HTTPConduit httpConduit = (HTTPConduit) client.getConduit();
configureClientAuthentication(httpConduit, requestContext,
- clientCertAuthentication ? clientCertHttpHeader : clientKeyAlias,
+ certificateRO,
clientCertAuthentication, useTLS);
configureFaultHandling(requestContext);
configureProxy(httpConduit, urlSMPManagment);
configurePayloadLogging(client);
}
+ public CertificateRO getClientCertificate(String alias) {
+ List<CertificateRO> list = keystoreService.getKeystoreEntriesList();
+ if (StringUtils.isBlank(alias)) {
+ // legacy behaviour - if only one certificate then there is no need to define it
+ if (list.size() == 1) {
+ return list.get(0);
+ }
+ throw new IllegalStateException("Invalid integration configuration. Missing Client cert configuration!");
+ }
+
+ return list.stream().filter(cert -> StringUtils.equalsIgnoreCase(alias, cert.getAlias()))
+ .findFirst().orElseThrow(() -> new IllegalStateException("Invalid integration configuration. Missing Client cert configuration!"));
+
+ }
+
+
+ public void configureClientAuthentication(HTTPConduit httpConduit, Map<String, Object> requestContext, CertificateRO certificateRO, boolean clientCertAuthentication, boolean useTLS) {
+ LOG.info("Connect to SML (smlClientAuthentication: [{}] use Client-CertHeader: [{}])", certificateRO, clientCertAuthentication);
- public void configureClientAuthentication(HTTPConduit httpConduit, Map<String, Object> requestContext, String smlClientAuthentication, boolean clientCertAuthentication, boolean useTLS) {
- LOG.info("Connect to SML (smlClientAuthentication: {} use Client-CertHeader: {})", smlClientAuthentication, clientCertAuthentication);
- if (StringUtils.isBlank(smlClientAuthentication)) {
+ if (certificateRO==null) {
throw new IllegalStateException("SML integration is wrongly configured, at least one authentication option is required: 2-way-SSL or Client-Cert header");
}
@@ -374,13 +376,13 @@ public class SmlConnector implements ApplicationContextAware {
}
if (!clientCertAuthentication) {
- LOG.debug("SML X509 certificate authentication with alias {}.", smlClientAuthentication);
- tlsParams.setCertAlias(smlClientAuthentication);
+ LOG.debug("SML X509 certificate authentication with alias [{}].", certificateRO.getAlias());
+ tlsParams.setCertAlias(certificateRO.getAlias());
tlsParams.setKeyManagers(keystoreService.getKeyManagers());
} else {
- LOG.debug("User Client cert header to authenticate to SML {}.", smlClientAuthentication);
+ LOG.debug("User Client cert header to authenticate to SML {}.", certificateRO.getClientCertHeader());
Map<String, List<String>> customHeaders = new HashMap<>();
- customHeaders.put(CLIENT_CERT_HEADER_KEY, Collections.singletonList(smlClientAuthentication));
+ customHeaders.put(CLIENT_CERT_HEADER_KEY, Collections.singletonList(certificateRO.getClientCertHeader()));
requestContext.put(MessageContext.HTTP_REQUEST_HEADERS, customHeaders);
}
if (useTLS) {
diff --git a/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/config/SmlIntegrationConfiguration.java b/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/config/SmlIntegrationConfiguration.java
index 84feda532..684d5766c 100644
--- a/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/config/SmlIntegrationConfiguration.java
+++ b/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/config/SmlIntegrationConfiguration.java
@@ -50,7 +50,6 @@ public class SmlIntegrationConfiguration {
defaultDomain.setSmlRegistered(false);
defaultDomain.setSmlClientCertAuth(false);
defaultDomain.setSmlClientKeyAlias("clientAlias");
- defaultDomain.setSmlClientCertHeader("clientCertClientHeader");
setThrowExceptionAfterParticipantCallCount(-1);
setThrowException(null);
}
diff --git a/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/data/dao/AuditIntegrationTest.java b/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/data/dao/AuditIntegrationTest.java
index 11e95d914..1f0fc7856 100644
--- a/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/data/dao/AuditIntegrationTest.java
+++ b/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/data/dao/AuditIntegrationTest.java
@@ -17,7 +17,6 @@ import eu.europa.ec.edelivery.smp.data.enums.CredentialType;
import eu.europa.ec.edelivery.smp.data.enums.VisibilityType;
import eu.europa.ec.edelivery.smp.data.model.*;
import eu.europa.ec.edelivery.smp.data.model.doc.DBResource;
-import eu.europa.ec.edelivery.smp.data.model.doc.DBServiceGroupExtension;
import eu.europa.ec.edelivery.smp.data.model.doc.DBSubresource;
import eu.europa.ec.edelivery.smp.data.model.user.DBCertificate;
import eu.europa.ec.edelivery.smp.data.model.user.DBCredential;
@@ -65,7 +64,6 @@ public class AuditIntegrationTest extends AbstractBaseDao{
assertTrue(ar.isEntityClassAudited(DBDomain.class));
assertTrue(ar.isEntityClassAudited(DBUser.class));
assertTrue(ar.isEntityClassAudited(DBCertificate.class));
- assertTrue(ar.isEntityClassAudited(DBServiceGroupExtension.class));
assertTrue(ar.isEntityClassAudited(DBAlert.class));
}
@@ -75,7 +73,6 @@ public class AuditIntegrationTest extends AbstractBaseDao{
DBDomain domain = createDBDomain();
Map<String, Object> alterVal = new HashMap<>();
alterVal.put("signatureKeyAlias", UUID.randomUUID().toString());
- alterVal.put("smlClientCertHeader", UUID.randomUUID().toString());
alterVal.put("smlClientKeyAlias", UUID.randomUUID().toString());
alterVal.put("smlSubdomain", UUID.randomUUID().toString());
diff --git a/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/data/dao/GroupMemberDaoTest.java b/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/data/dao/GroupMemberDaoTest.java
index b2b377ab9..69edc50d3 100644
--- a/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/data/dao/GroupMemberDaoTest.java
+++ b/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/data/dao/GroupMemberDaoTest.java
@@ -1,16 +1,9 @@
package eu.europa.ec.edelivery.smp.data.dao;
-import eu.europa.ec.edelivery.smp.conversion.DBGroupToGroupROConverter;
import eu.europa.ec.edelivery.smp.data.enums.MembershipRoleType;
-import eu.europa.ec.edelivery.smp.data.model.DBDomain;
import eu.europa.ec.edelivery.smp.data.model.DBGroup;
-import eu.europa.ec.edelivery.smp.data.model.doc.DBResource;
-import eu.europa.ec.edelivery.smp.data.model.user.DBDomainMember;
import eu.europa.ec.edelivery.smp.data.model.user.DBGroupMember;
-import eu.europa.ec.edelivery.smp.data.model.user.DBResourceMember;
import eu.europa.ec.edelivery.smp.data.model.user.DBUser;
-import eu.europa.ec.edelivery.smp.testutil.TestConstants;
-import eu.europa.ec.edelivery.smp.testutil.TestDBUtils;
import org.apache.commons.lang3.StringUtils;
import org.junit.Before;
import org.junit.Test;
@@ -20,11 +13,12 @@ import java.util.Collections;
import java.util.List;
import static org.junit.Assert.*;
+
/**
* @author Joze Rihtarsic
* @since 5.0
*/
-public class GroupMemberDaoTest extends AbstractBaseDao {
+public class GroupMemberDaoTest extends AbstractBaseDao {
@Autowired
GroupMemberDao testInstance;
@@ -110,7 +104,7 @@ public class GroupMemberDaoTest extends AbstractBaseDao {
member.setRole(MembershipRoleType.VIEWER);
testUtilsDao.persistFlushDetach(member);
- boolean result = testInstance.isUserAnyDomainGroupResourceMemberWithRole(user, testUtilsDao.getD1(),MembershipRoleType.VIEWER);
+ boolean result = testInstance.isUserAnyDomainGroupResourceMemberWithRole(user, testUtilsDao.getD1(), MembershipRoleType.VIEWER);
assertTrue(result);
result = testInstance.isUserAnyDomainGroupResourceMemberWithRole(user, testUtilsDao.getD1(), MembershipRoleType.ADMIN);
assertFalse(result);
diff --git a/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/data/dao/ResourceDaoSearchTest.java b/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/data/dao/ResourceDaoSearchTest.java
new file mode 100644
index 000000000..2f3da56a5
--- /dev/null
+++ b/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/data/dao/ResourceDaoSearchTest.java
@@ -0,0 +1,74 @@
+package eu.europa.ec.edelivery.smp.data.dao;
+
+
+import eu.europa.ec.edelivery.smp.data.enums.MembershipRoleType;
+import eu.europa.ec.edelivery.smp.data.model.DBDomain;
+import eu.europa.ec.edelivery.smp.data.model.DBGroup;
+import eu.europa.ec.edelivery.smp.data.model.doc.DBDocument;
+import eu.europa.ec.edelivery.smp.data.model.doc.DBResource;
+import eu.europa.ec.edelivery.smp.data.model.doc.DBResourceFilter;
+import eu.europa.ec.edelivery.smp.data.model.ext.DBResourceDef;
+import eu.europa.ec.edelivery.smp.data.model.user.DBUser;
+import eu.europa.ec.edelivery.smp.testutil.TestDBUtils;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+
+import javax.transaction.Transactional;
+import java.util.List;
+import java.util.Optional;
+
+import static eu.europa.ec.edelivery.smp.testutil.TestConstants.*;
+
+/**
+ * Purpose of class is to test all resource methods with database.
+ *
+ * @author Joze Rihtarsic
+ * @since 5.0
+ */
+
+public class ResourceDaoSearchTest extends AbstractBaseDao {
+
+ private static final Logger LOG = LoggerFactory.getLogger(ResourceDaoSearchTest.class);
+ @Autowired
+ ResourceDao testInstance;
+
+ @Before
+ public void prepareDatabase() {
+ // setup initial data!
+ testUtilsDao.clearData();
+ testUtilsDao.createResourcePrivateInternalMemberships();
+
+
+ }
+
+ @Test
+ public void getAllPublicResources() {
+ List<DBResource> result = testInstance.getPublicResourcesSearch(-1,-1,null, null, null);
+ //System.out.println(result.get(0));
+ Assert.assertEquals(2, result.size());
+
+
+ result = testInstance.getPublicResourcesSearch(-1,-1,testUtilsDao.getUser1(), null, null);
+ //System.out.println(result.get(0));
+ Assert.assertEquals(3, result.size());
+
+ }
+
+ @Test
+ public void getAllPublicResourcesCount() {
+ Long result = testInstance.getPublicResourcesSearchCount(null, null, null);
+ //System.out.println(result.get(0));
+ Assert.assertEquals(2, result.intValue());
+
+
+ result = testInstance.getPublicResourcesSearchCount(testUtilsDao.getUser1(), null, null);
+ //System.out.println(result.get(0));
+ Assert.assertEquals(3, result.intValue());
+
+ }
+
+}
diff --git a/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/data/dao/TestUtilsDao.java b/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/data/dao/TestUtilsDao.java
index dfc9e1fcb..e54128c02 100644
--- a/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/data/dao/TestUtilsDao.java
+++ b/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/data/dao/TestUtilsDao.java
@@ -1,6 +1,7 @@
package eu.europa.ec.edelivery.smp.data.dao;
import eu.europa.ec.edelivery.smp.data.enums.MembershipRoleType;
+import eu.europa.ec.edelivery.smp.data.enums.VisibilityType;
import eu.europa.ec.edelivery.smp.data.model.DBDomain;
import eu.europa.ec.edelivery.smp.data.model.DBDomainResourceDef;
import eu.europa.ec.edelivery.smp.data.model.DBGroup;
@@ -77,6 +78,8 @@ public class TestUtilsDao {
DBResourceMember resourceMemberU1R1_D2G1RD1_Admin;
DBResourceMember resourceMemberU1R2_D2G1RD1_Viewer;
+ DBResource resourcePrivateD1G1RD1;
+ // DBResource resourceInternalD1G1RD1;
DBExtension extension;
@@ -113,6 +116,9 @@ public class TestUtilsDao {
resourceMemberU1R1_D2G1RD1_Admin = null;
resourceMemberU1R2_D2G1RD1_Viewer = null;
+ resourcePrivateD1G1RD1 = null;
+ //resourceInternalD1G1RD1 = null;
+
extension = null;
}
@@ -259,6 +265,7 @@ public class TestUtilsDao {
resourceMemberU1R1_D2G1RD1_Admin = createResourceMembership(MembershipRoleType.ADMIN, user1, resourceD1G1RD1);
resourceMemberU1R2_D2G1RD1_Viewer = createResourceMembership(MembershipRoleType.VIEWER, user1, resourceD2G1RD1);
+
persistFlushDetach(resourceMemberU1R1_D2G1RD1_Admin);
persistFlushDetach(resourceMemberU1R2_D2G1RD1_Viewer);
@@ -266,6 +273,41 @@ public class TestUtilsDao {
assertNotNull(resourceMemberU1R2_D2G1RD1_Viewer.getId());
}
+ @Transactional
+ public void createResourcePrivateInternalMemberships() {
+ if (resourcePrivateD1G1RD1 != null) {
+ LOG.trace("privateInternalMemberships are already initialized!");
+ return;
+ }
+ createResourceMemberships();
+
+ resourcePrivateD1G1RD1 = TestDBUtils.createDBResource(TEST_SG_ID_1+"Private", TEST_SG_SCHEMA_1, true);
+ resourcePrivateD1G1RD1.setVisibility(VisibilityType.PRIVATE);
+ resourcePrivateD1G1RD1.setGroup(groupD1G1);
+ resourcePrivateD1G1RD1.setDomainResourceDef(domainResourceDefD1R1);
+ /*
+ resourceInternalD1G1RD1 = TestDBUtils.createDBResource(TEST_SG_ID_1+"Internal", TEST_SG_SCHEMA_1, true);
+ resourceInternalD1G1RD1.setVisibility(VisibilityType.PRIVATE);
+ resourceInternalD1G1RD1.setGroup(groupD1G1);
+ resourceInternalD1G1RD1.setDomainResourceDef(domainResourceDefD1R1);
+
+ */
+
+ //persistFlushDetach(resourceInternalD1G1RD1);
+ persistFlushDetach(resourcePrivateD1G1RD1);
+
+ //assertNotNull(resourceInternalD1G1RD1.getId());
+ assertNotNull(resourcePrivateD1G1RD1.getId());
+
+
+
+ DBResourceMember privateRM_U1R1_D1G1Admin = createResourceMembership(MembershipRoleType.ADMIN, user1, resourcePrivateD1G1RD1);
+ //DBResourceMember internalRM_U1R1_D1G1Viewer = createResourceMembership(MembershipRoleType.VIEWER, user1, resourceInternalD1G1RD1);
+
+ persistFlushDetach(privateRM_U1R1_D1G1Admin);
+ // persistFlushDetach(internalRM_U1R1_D1G1Viewer);
+ }
+
public DBDomainMember createDomainMembership(MembershipRoleType roleType, DBUser user, DBDomain domain){
DBDomainMember domainMember = new DBDomainMember();
domainMember.setRole(roleType);
diff --git a/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/services/SMLIntegrationServiceNoSMLIntegrationTest.java b/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/services/SMLIntegrationServiceNoSMLIntegrationTest.java
index fb263ff21..d4dca15ea 100644
--- a/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/services/SMLIntegrationServiceNoSMLIntegrationTest.java
+++ b/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/services/SMLIntegrationServiceNoSMLIntegrationTest.java
@@ -76,7 +76,7 @@ public class SMLIntegrationServiceNoSMLIntegrationTest extends AbstractServiceIn
testInstance.unRegisterDomain(testDomain01);
}
-
+/*
@Test
public void registerOnlyParticipantDomainToSml() {
@@ -85,6 +85,6 @@ public class SMLIntegrationServiceNoSMLIntegrationTest extends AbstractServiceIn
// when
testInstance.registerParticipant(TEST_SG_ID_1, TEST_SG_SCHEMA_1, TEST_DOMAIN_CODE_1);
}
-
+*/
}
diff --git a/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/services/SMLIntegrationServiceTest.java b/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/services/SMLIntegrationServiceTest.java
index e63bee6ff..585c3a090 100644
--- a/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/services/SMLIntegrationServiceTest.java
+++ b/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/services/SMLIntegrationServiceTest.java
@@ -126,7 +126,7 @@ public class SMLIntegrationServiceTest extends AbstractServiceIntegrationTest {
Mockito.verifyNoMoreInteractions(integrationMock.getSmpManagerClientMocks().toArray());
}
-
+/*
@Test
public void registerParticipant() throws NotFoundFault, UnauthorizedFault, InternalErrorFault, BadRequestFault {
/* given (init database - check setup)
@@ -134,7 +134,8 @@ public class SMLIntegrationServiceTest extends AbstractServiceIntegrationTest {
* Users: USERNAME_1, USER_CERT_2
* ServiceGroup1: TEST_SG_ID_1, TEST_SG_SCHEMA_1
* - Domain: TEST_DOMAIN_CODE_1
- */
+ *
+
// when
testInstance.registerParticipant(TEST_SG_ID_1, TEST_SG_SCHEMA_1, TEST_DOMAIN_CODE_1);
@@ -152,7 +153,7 @@ public class SMLIntegrationServiceTest extends AbstractServiceIntegrationTest {
* Users: USERNAME_1, USER_CERT_2
* ServiceGroup1: TEST_SG_ID_NO_SCHEME, null
* - Domain: TEST_DOMAIN_CODE_1
- */
+ *
// when
testInstance.registerParticipant(TEST_SG_ID_NO_SCHEME, null, TEST_DOMAIN_CODE_1);
@@ -170,7 +171,7 @@ public class SMLIntegrationServiceTest extends AbstractServiceIntegrationTest {
* Users: USERNAME_1, USER_CERT_2
* ServiceGroup1: TEST_SG_ID_1, TEST_SG_SCHEMA_1
* - Domain: TEST_DOMAIN_CODE_1
- */
+ *
// when
testInstance.registerParticipant(TEST_SG_ID_1, TEST_SG_SCHEMA_1, TEST_DOMAIN_CODE_1);
@@ -200,7 +201,7 @@ public class SMLIntegrationServiceTest extends AbstractServiceIntegrationTest {
testInstance.registerParticipant(TEST_SG_ID_1, TEST_SG_SCHEMA_1, TEST_DOMAIN_CODE_2);
}
-
+*/
@Test
public void registerParticipantToSML() throws NotFoundFault, UnauthorizedFault, InternalErrorFault, BadRequestFault {
DBDomain testDomain01 = domainDao.getDomainByCode(TEST_DOMAIN_CODE_1).get();
@@ -212,7 +213,7 @@ public class SMLIntegrationServiceTest extends AbstractServiceIntegrationTest {
verify(integrationMock.getParticipantManagmentClientMocks().get(0)).create(any());
Mockito.verifyNoMoreInteractions(integrationMock.getParticipantManagmentClientMocks().toArray());
}
-
+/*
@Test
public void unregisterParticipantFromSML() throws NotFoundFault, UnauthorizedFault, InternalErrorFault, BadRequestFault {
DBDomain testDomain01 = domainDao.getDomainByCode(TEST_DOMAIN_CODE_1).get();
@@ -225,4 +226,6 @@ public class SMLIntegrationServiceTest extends AbstractServiceIntegrationTest {
verify(integrationMock.getParticipantManagmentClientMocks().get(0)).delete(any());
Mockito.verifyNoMoreInteractions(integrationMock.getParticipantManagmentClientMocks().toArray());
}
+
+ */
}
diff --git a/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/services/ui/UIDomainServiceTest.java b/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/services/ui/UIDomainServiceTest.java
index 9813f4592..be69c4b1a 100644
--- a/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/services/ui/UIDomainServiceTest.java
+++ b/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/services/ui/UIDomainServiceTest.java
@@ -58,7 +58,6 @@ public class UIDomainServiceTest extends AbstractServiceTest {
domainRO.setSmlSubdomain("New SmlSubdomain");
domainRO.setSmlSmpId("NewSmlSmpId");
domainRO.setSmlClientKeyAlias("NewClientKeyAlias");
- domainRO.setSmlClientCertHeader("NewtCertHeader");
domainRO.setSmlClientCertAuth(false);
DBDomain domain = testUtilsDao.getD1();
testInstance.updateDomainSmlIntegrationData(domain.getId(), domainRO);
@@ -67,7 +66,6 @@ public class UIDomainServiceTest extends AbstractServiceTest {
assertEquals(domainRO.getSmlSubdomain(), result.getSmlSubdomain());
assertEquals(domainRO.getSmlSmpId(), result.getSmlSmpId());
assertEquals(domainRO.getSmlClientKeyAlias(), result.getSmlClientKeyAlias());
- assertEquals(domainRO.getSmlClientCertHeader(), result.getSmlClientCertHeader());
assertEquals(domainRO.isSmlClientCertAuth(), result.isSmlClientCertAuth());
}
diff --git a/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/sml/SmlClientFactoryAuthenticationByClientCertFromKeystoreTest.java b/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/sml/SmlClientFactoryAuthenticationByClientCertFromKeystoreTest.java
index f82c629c5..20b9efdc9 100644
--- a/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/sml/SmlClientFactoryAuthenticationByClientCertFromKeystoreTest.java
+++ b/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/sml/SmlClientFactoryAuthenticationByClientCertFromKeystoreTest.java
@@ -95,7 +95,7 @@ public class SmlClientFactoryAuthenticationByClientCertFromKeystoreTest extends
@Test
public void factoryProducesPreconfiguredCxfClientThatAuthenticatesItselfWithGivenCertAlias() {
//given
- IManageParticipantIdentifierWS client = smlClientFactory.create(null, null, false);
+ IManageParticipantIdentifierWS client = smlClientFactory.create();
DBDomain domain = new DBDomain();
domain.setSmlClientKeyAlias("second_domain_alias");
domain.setSmlClientCertAuth(false);
@@ -121,7 +121,7 @@ public class SmlClientFactoryAuthenticationByClientCertFromKeystoreTest extends
public void factoryProducesPreconfiguredCxfSMPClientThatAuthenticatesItselfWithGivenCertAlias() {
//given
- IManageServiceMetadataWS client = smlClientFactory.createSmp(null, null, false);
+ IManageServiceMetadataWS client = smlClientFactory.createSmp();
DBDomain domain = new DBDomain();
domain.setSmlClientKeyAlias("second_domain_alias");
domain.setSmlClientCertAuth(false);
@@ -144,7 +144,7 @@ public class SmlClientFactoryAuthenticationByClientCertFromKeystoreTest extends
@Test
public void factoryProducesClientWithAnotherCertFromKeystore() {
//given
- IManageParticipantIdentifierWS client = smlClientFactory.create(null, null, false);
+ IManageParticipantIdentifierWS client = smlClientFactory.create();
DBDomain domain = new DBDomain();
domain.setSmlClientKeyAlias("single_domain_key");
domain.setSmlClientCertAuth(false);
@@ -165,7 +165,7 @@ public class SmlClientFactoryAuthenticationByClientCertFromKeystoreTest extends
public void factoryProducesSMPClientWithAnotherCertFromKeystore() {
//given
- IManageServiceMetadataWS client = smlClientFactory.createSmp(null, null, false);
+ IManageServiceMetadataWS client = smlClientFactory.createSmp();
DBDomain domain = new DBDomain();
domain.setSmlClientKeyAlias("single_domain_key");
domain.setSmlClientCertAuth(false);
@@ -185,7 +185,7 @@ public class SmlClientFactoryAuthenticationByClientCertFromKeystoreTest extends
@Test
public void factoryProducesClientNoDefinedAlias() {
//given
- IManageParticipantIdentifierWS client = smlClientFactory.create(null, null, false);
+ IManageParticipantIdentifierWS client = smlClientFactory.create();
DBDomain domain = new DBDomain();
domain.setSmlClientKeyAlias(null);
domain.setSmlClientCertAuth(false);
@@ -203,7 +203,7 @@ public class SmlClientFactoryAuthenticationByClientCertFromKeystoreTest extends
public void factoryProducesSMPClientNoDefinedAlias() {
//given
- IManageServiceMetadataWS client = smlClientFactory.createSmp(null, null, false);
+ IManageServiceMetadataWS client = smlClientFactory.createSmp();
DBDomain domain = new DBDomain();
domain.setSmlClientKeyAlias(null);
domain.setSmlClientCertAuth(false);
@@ -225,7 +225,7 @@ public class SmlClientFactoryAuthenticationByClientCertFromKeystoreTest extends
keystoreService.refreshData();
- IManageParticipantIdentifierWS client = smlClientFactory.create(null, null, false);
+ IManageParticipantIdentifierWS client = smlClientFactory.create();
DBDomain domain = new DBDomain();
domain.setSmlClientKeyAlias(null);
domain.setSmlClientCertAuth(false);
diff --git a/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/sml/SmlClientFactoryAuthenticationByClientCertHttpHeader.java b/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/sml/SmlClientFactoryAuthenticationByClientCertHttpHeader.java
index 84510f88b..b714eccb3 100644
--- a/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/sml/SmlClientFactoryAuthenticationByClientCertHttpHeader.java
+++ b/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/sml/SmlClientFactoryAuthenticationByClientCertHttpHeader.java
@@ -71,9 +71,8 @@ public class SmlClientFactoryAuthenticationByClientCertHttpHeader extends Abstra
@Test
public void factoryProducesPreconfiguredCxfClientThatAuthenticatesItselfWithGivenCertAlias() {
//given
- IManageParticipantIdentifierWS client = smlClientFactory.create(null, null, false);
+ IManageParticipantIdentifierWS client = smlClientFactory.create();
DBDomain domain = new DBDomain();
- domain.setSmlClientCertHeader(CLIENT_CERT_HTTP_HEADER);
domain.setSmlClientCertAuth(true);
// when
testInstance.configureClient("manageparticipantidentifier", client, domain);
@@ -94,9 +93,8 @@ public class SmlClientFactoryAuthenticationByClientCertHttpHeader extends Abstra
public void factoryProducesPreconfiguredCxfSMPClientThatAuthenticatesItselfWithGivenCertAlias() {
//given
- IManageServiceMetadataWS client = smlClientFactory.createSmp(null, null, false);
+ IManageServiceMetadataWS client = smlClientFactory.createSmp();
DBDomain domain = new DBDomain();
- domain.setSmlClientCertHeader(CLIENT_CERT_HTTP_HEADER);
domain.setSmlClientCertAuth(true);
// when
testInstance.configureClient("manageservicemetadata", client, domain);
@@ -117,7 +115,7 @@ public class SmlClientFactoryAuthenticationByClientCertHttpHeader extends Abstra
public void factoryProducesSMPClientNoDefinedAlias() {
//given
- IManageServiceMetadataWS client = smlClientFactory.createSmp(null, null, false);
+ IManageServiceMetadataWS client = smlClientFactory.createSmp();
DBDomain domain = new DBDomain();
domain.setSmlClientKeyAlias(null);
domain.setSmlClientCertAuth(true);
diff --git a/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/testutil/TestDBUtils.java b/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/testutil/TestDBUtils.java
index 4bc491eeb..7efc4cf24 100644
--- a/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/testutil/TestDBUtils.java
+++ b/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/testutil/TestDBUtils.java
@@ -31,7 +31,6 @@ public class TestDBUtils {
DBDomain domain = new DBDomain();
domain.setDomainCode(domainCode);
domain.setSignatureKeyAlias(anyString());
- domain.setSmlClientCertHeader(anyString());
domain.setSmlClientKeyAlias(anyString());
domain.setSmlSubdomain(anyString());
domain.setSmlSmpId(anyString());
@@ -159,6 +158,7 @@ public class TestDBUtils {
DBResource resource = new DBResource();
resource.setIdentifierValue(id);
resource.setIdentifierScheme(sch);
+ resource.setVisibility(VisibilityType.PUBLIC);
if (withExtension) {
DBDocument document = createDBDocument();
DBDocumentVersion documentVersion = createDBDocumentVersion();
diff --git a/smp-server-library/src/test/resources/cleanup-database.sql b/smp-server-library/src/test/resources/cleanup-database.sql
index 1a7873843..db26999a5 100755
--- a/smp-server-library/src/test/resources/cleanup-database.sql
+++ b/smp-server-library/src/test/resources/cleanup-database.sql
@@ -1,7 +1,3 @@
--- delete this table once is removed
-DELETE FROM SMP_SG_EXTENSION;
-DELETE FROM SMP_SG_EXTENSION_AUD;
-
DELETE FROM SMP_ALERT;
DELETE FROM SMP_ALERT_AUD;
DELETE FROM SMP_ALERT_PROPERTY;
diff --git a/smp-soapui-tests/groovy/mysql-4.1_integration_test_data.sql b/smp-soapui-tests/groovy/mysql-4.1_integration_test_data.sql
index 6236e0929..154f57978 100644
--- a/smp-soapui-tests/groovy/mysql-4.1_integration_test_data.sql
+++ b/smp-soapui-tests/groovy/mysql-4.1_integration_test_data.sql
@@ -36,8 +36,8 @@ insert into SMP_CERTIFICATE (ID, CERTIFICATE_ID, SUBJECT, ISSUER, SERIALNUMBER,V
(14, 'CN=EHEALTH_z_ẞ_W_,O=European_z_ẞ_W_Commission,C=BE:f71ee8b11cb3b787','CN=EHEALTH_z_ẞ_W_,O=European_z_ẞ_W_Commission,C=BE','CN=EHEALTH_z_ẞ_W_,O=European_z_ẞ_W_Commission,C=BE','f71ee8b11cb3b787', date_add(NOW(),interval -1 year), date_add(NOW(),interval 1 year), NOW(), NOW());
-insert into SMP_DOMAIN (ID, DOMAIN_CODE, VISIBILITY, SML_SUBDOMAIN, SML_SMP_ID, SIGNATURE_KEY_ALIAS, SML_CLIENT_CERT_AUTH,SML_REGISTERED, CREATED_ON, LAST_UPDATED_ON) values
-(1, 'testdomain','PUBLIC', 'test-domain', 'CEF-SMP-002','sample_key',1,0, NOW(), NOW());
+insert into SMP_DOMAIN (ID, DOMAIN_CODE, VISIBILITY, SML_SUBDOMAIN, SML_SMP_ID, SIGNATURE_KEY_ALIAS, SML_CLIENT_KEY_ALIAS, SML_CLIENT_CERT_AUTH,SML_REGISTERED, CREATED_ON, LAST_UPDATED_ON) values
+(1, 'testdomain','PUBLIC', 'test-domain', 'CEF-SMP-002','sample_key','smp_domain_01',1,0, NOW(), NOW());
insert into SMP_EXTENSION ( ID, IDENTIFIER, IMPLEMENTATION_NAME, NAME, VERSION, DESCRIPTION, CREATED_ON, LAST_UPDATED_ON) values
(1, 'edelivery-oasis-smp-extension', 'OasisSMPExtension','Oasis SMP 1.0 and 2.0','1.0', 'Oasis SMP 1.0 and 2.0 extension', NOW(), NOW());
diff --git a/smp-soapui-tests/groovy/oracle-4.1_integration_test_data.sql b/smp-soapui-tests/groovy/oracle-4.1_integration_test_data.sql
index ad7006732..85be9de71 100644
--- a/smp-soapui-tests/groovy/oracle-4.1_integration_test_data.sql
+++ b/smp-soapui-tests/groovy/oracle-4.1_integration_test_data.sql
@@ -1,5 +1,3 @@
-DELETE FROM SMP_SG_EXTENSION;
-DELETE FROM SMP_SG_EXTENSION_AUD;
DELETE FROM SMP_ALERT;
DELETE FROM SMP_ALERT_AUD;
@@ -98,8 +96,8 @@ insert into SMP_CERTIFICATE (ID, CERTIFICATE_ID, SUBJECT, ISSUER, SERIALNUMBER,V
(14, 'CN=EHEALTH_z_ẞ_W_,O=European_z_ẞ_W_Commission,C=BE:f71ee8b11cb3b787','CN=EHEALTH_z_ẞ_W_,O=European_z_ẞ_W_Commission,C=BE','CN=EHEALTH_z_ẞ_W_,O=European_z_ẞ_W_Commission,C=BE','f71ee8b11cb3b787', sysdate - 365, sysdate + 365, sysdate, sysdate);
-insert into SMP_DOMAIN (ID, DOMAIN_CODE, VISIBILITY, SML_SUBDOMAIN, SML_SMP_ID, SIGNATURE_KEY_ALIAS, SML_CLIENT_CERT_AUTH,SML_REGISTERED, CREATED_ON, LAST_UPDATED_ON) values
-(1, 'testdomain','PUBLIC', 'test-domain', 'CEF-SMP-002','sample_key',1,0, sysdate, sysdate);
+insert into SMP_DOMAIN (ID, DOMAIN_CODE, VISIBILITY, SML_SUBDOMAIN, SML_SMP_ID, SIGNATURE_KEY_ALIAS,SML_CLIENT_KEY_ALIAS, SML_CLIENT_CERT_AUTH,SML_REGISTERED, CREATED_ON, LAST_UPDATED_ON) values
+(1, 'testdomain','PUBLIC', 'test-domain', 'CEF-SMP-002','sample_key','sample_key',1,0, sysdate, sysdate);
insert into SMP_GROUP (ID, FK_DOMAIN_ID, NAME, VISIBILITY, CREATED_ON, LAST_UPDATED_ON) values
(1, 1, 'Test group', 'PUBLIC', sysdate, sysdate);
diff --git a/smp-webapp/pom.xml b/smp-webapp/pom.xml
index a24778bc6..c511d272a 100644
--- a/smp-webapp/pom.xml
+++ b/smp-webapp/pom.xml
@@ -10,8 +10,6 @@
<packaging>war</packaging>
<name>smp-webapp</name>
<description>SMP REST service WEB APP</description>
-
-
<properties>
<maven.deploy.skip>false</maven.deploy.skip>
<buildtimestamp>${maven.build.timestamp}</buildtimestamp>
diff --git a/smp-webapp/src/main/java/eu/europa/ec/edelivery/smp/ui/edit/SubresourceEditController.java b/smp-webapp/src/main/java/eu/europa/ec/edelivery/smp/ui/edit/SubresourceEditController.java
index 5f0935abc..99f98db9e 100644
--- a/smp-webapp/src/main/java/eu/europa/ec/edelivery/smp/ui/edit/SubresourceEditController.java
+++ b/smp-webapp/src/main/java/eu/europa/ec/edelivery/smp/ui/edit/SubresourceEditController.java
@@ -1,20 +1,12 @@
package eu.europa.ec.edelivery.smp.ui.edit;
-import eu.europa.ec.edelivery.smp.data.enums.MembershipRoleType;
-import eu.europa.ec.edelivery.smp.data.ui.MemberRO;
-import eu.europa.ec.edelivery.smp.data.ui.ResourceRO;
-import eu.europa.ec.edelivery.smp.data.ui.ServiceResult;
import eu.europa.ec.edelivery.smp.data.ui.SubresourceRO;
-import eu.europa.ec.edelivery.smp.exceptions.ErrorCode;
-import eu.europa.ec.edelivery.smp.exceptions.SMPRuntimeException;
import eu.europa.ec.edelivery.smp.logging.SMPLogger;
import eu.europa.ec.edelivery.smp.logging.SMPLoggerFactory;
-import eu.europa.ec.edelivery.smp.services.ui.UIResourceService;
import eu.europa.ec.edelivery.smp.services.ui.UISubresourceService;
import eu.europa.ec.edelivery.smp.ui.ResourceConstants;
import eu.europa.ec.edelivery.smp.utils.SessionSecurityUtils;
-import org.apache.commons.lang3.StringUtils;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.util.MimeTypeUtils;
import org.springframework.web.bind.annotation.*;
@@ -24,7 +16,6 @@ import java.util.List;
import static eu.europa.ec.edelivery.smp.ui.ResourceConstants.*;
/**
- *
* @author Joze Rihtarsic
* @since 5.0
*/
@@ -50,7 +41,7 @@ public class SubresourceEditController {
@PreAuthorize("@smpAuthorizationService.isCurrentlyLoggedIn(#userEncId) " +
" and @smpAuthorizationService.isResourceMember(#resourceEncId) ")
public List<SubresourceRO> getSubResourcesForResource(@PathVariable(PATH_PARAM_ENC_USER_ID) String userEncId,
- @PathVariable(PATH_PARAM_ENC_RESOURCE_ID) String resourceEncId) {
+ @PathVariable(PATH_PARAM_ENC_RESOURCE_ID) String resourceEncId) {
Long resourceId = SessionSecurityUtils.decryptEntityId(resourceEncId);
logAdminAccess("getSubResourcesForResource: " + resourceId);
@@ -60,10 +51,10 @@ public class SubresourceEditController {
@DeleteMapping(path = SUB_CONTEXT_PATH_EDIT_SUBRESOURCE_DELETE, produces = MimeTypeUtils.APPLICATION_JSON_VALUE)
@PreAuthorize("@smpAuthorizationService.isCurrentlyLoggedIn(#userEncId) " +
" and @smpAuthorizationService.isResourceMember(#resourceEncId) ")
- public SubresourceRO deleteResourceFromGroup(@PathVariable(PATH_PARAM_ENC_USER_ID) String userEncId,
- @PathVariable(PATH_PARAM_ENC_RESOURCE_ID) String resourceEncId,
- @PathVariable(PATH_PARAM_ENC_SUBRESOURCE_ID) String subresourceEncId) {
- logAdminAccess("deleteResourceFromGroup");
+ public SubresourceRO deleteSubresourceFromGroup(@PathVariable(PATH_PARAM_ENC_USER_ID) String userEncId,
+ @PathVariable(PATH_PARAM_ENC_RESOURCE_ID) String resourceEncId,
+ @PathVariable(PATH_PARAM_ENC_SUBRESOURCE_ID) String subresourceEncId) {
+ logAdminAccess("deleteSubresourceFromGroup");
Long resourceId = SessionSecurityUtils.decryptEntityId(resourceEncId);
Long subresourceId = SessionSecurityUtils.decryptEntityId(subresourceEncId);
return uiSubresourceService.deleteSubresourceFromResource(subresourceId, resourceId);
@@ -73,8 +64,8 @@ public class SubresourceEditController {
@PreAuthorize("@smpAuthorizationService.isCurrentlyLoggedIn(#userEncId) " +
" and @smpAuthorizationService.isResourceMember(#resourceEncId) ")
public SubresourceRO createSubresource(@PathVariable(PATH_PARAM_ENC_USER_ID) String userEncId,
- @PathVariable(PATH_PARAM_ENC_RESOURCE_ID) String resourceEncId,
- @RequestBody SubresourceRO subresourceRO) {
+ @PathVariable(PATH_PARAM_ENC_RESOURCE_ID) String resourceEncId,
+ @RequestBody SubresourceRO subresourceRO) {
logAdminAccess("createSubresource");
Long subresourceId = SessionSecurityUtils.decryptEntityId(resourceEncId);
return uiSubresourceService.createResourceForGroup(subresourceRO, subresourceId);
diff --git a/smp-webapp/src/main/smp-setup/database-scripts/mysql5innodb-data.sql b/smp-webapp/src/main/smp-setup/database-scripts/mysql5innodb-data.sql
index 73865c521..2097540b3 100644
--- a/smp-webapp/src/main/smp-setup/database-scripts/mysql5innodb-data.sql
+++ b/smp-webapp/src/main/smp-setup/database-scripts/mysql5innodb-data.sql
@@ -7,8 +7,8 @@ insert into SMP_CREDENTIAL (ID, FK_USER_ID, CREDENTIAL_ACTIVE, CREDENTIAL_NAME,
(2, 2, 1, 'user', '$2a$06$FDmjewn/do3C219uysNm9.XG8mIn.ubHnMydAzC8lsv61HsRpOR36', 'USERNAME_PASSWORD','UI', NOW(), NOW());
-insert into SMP_DOMAIN (ID, DOMAIN_CODE, VISIBILITY, SML_SUBDOMAIN, SML_SMP_ID, SIGNATURE_KEY_ALIAS, SML_CLIENT_CERT_AUTH,SML_REGISTERED, CREATED_ON, LAST_UPDATED_ON) values
-(1, 'testdomain','PUBLIC', 'test-domain', 'DOMI-SMP-001','sample_key',1,0, NOW(), NOW());
+insert into SMP_DOMAIN (ID, DOMAIN_CODE, VISIBILITY, SML_SUBDOMAIN, SML_SMP_ID, SIGNATURE_KEY_ALIAS, SML_CLIENT_KEY_ALIAS, SML_CLIENT_CERT_AUTH,SML_REGISTERED, CREATED_ON, LAST_UPDATED_ON) values
+(1, 'testdomain','PUBLIC', 'test-domain', 'DOMI-SMP-001','sample_key','smp_domain_01',1,0, NOW(), NOW());
insert into SMP_GROUP (ID, FK_DOMAIN_ID, NAME, VISIBILITY, CREATED_ON, LAST_UPDATED_ON) values
(1, 1, 'Test group', 'PUBLIC', NOW(), NOW());
diff --git a/smp-webapp/src/main/smp-setup/database-scripts/mysql5innodb-drop.ddl b/smp-webapp/src/main/smp-setup/database-scripts/mysql5innodb-drop.ddl
index 2a844489d..d4e8af153 100644
--- a/smp-webapp/src/main/smp-setup/database-scripts/mysql5innodb-drop.ddl
+++ b/smp-webapp/src/main/smp-setup/database-scripts/mysql5innodb-drop.ddl
@@ -135,14 +135,6 @@
drop
foreign key FKknykp2wcby9fxk234yaaix1pe;
- alter table SMP_SG_EXTENSION
- drop
- foreign key FKc3joya5el7ke4ch8f76a4ad0s;
-
- alter table SMP_SG_EXTENSION_AUD
- drop
- foreign key FKmdo9v2422adwyebvl34qa3ap6;
-
alter table SMP_SUBRESOURCE
drop
foreign key FK7y1ydnq350mbs3c8yrq2fhnsk;
@@ -237,10 +229,6 @@
drop table if exists SMP_REV_INFO;
- drop table if exists SMP_SG_EXTENSION;
-
- drop table if exists SMP_SG_EXTENSION_AUD;
-
drop table if exists SMP_SUBRESOURCE;
drop table if exists SMP_SUBRESOURCE_AUD;
diff --git a/smp-webapp/src/main/smp-setup/database-scripts/mysql5innodb.ddl b/smp-webapp/src/main/smp-setup/database-scripts/mysql5innodb.ddl
index cc9eb935d..eca731eb5 100644
--- a/smp-webapp/src/main/smp-setup/database-scripts/mysql5innodb.ddl
+++ b/smp-webapp/src/main/smp-setup/database-scripts/mysql5innodb.ddl
@@ -207,7 +207,6 @@
SIGNATURE_DIGEST_METHOD varchar(256) CHARACTER SET utf8 COLLATE utf8_bin comment 'Set signature hash method. Ex.: http://www.w3.org/2001/04/xmlenc#sha256',
SIGNATURE_KEY_ALIAS varchar(256) CHARACTER SET utf8 COLLATE utf8_bin comment 'Signature key alias used for SML integration',
SML_CLIENT_CERT_AUTH bit not null comment 'Flag for SML authentication type - use ClientCert header or HTTPS ClientCertificate (key)',
- SML_CLIENT_CERT_HEADER varchar(4000) CHARACTER SET utf8 COLLATE utf8_bin comment 'Client-Cert header used behind RP - ClientCertHeader for SML integration',
SML_CLIENT_KEY_ALIAS varchar(256) CHARACTER SET utf8 COLLATE utf8_bin comment 'Client key alias used for SML integration',
SML_REGISTERED bit not null comment 'Flag for: Is domain registered in SML',
SML_SMP_ID varchar(256) CHARACTER SET utf8 COLLATE utf8_bin comment 'SMP ID used for SML integration',
@@ -228,7 +227,6 @@
SIGNATURE_DIGEST_METHOD varchar(256) CHARACTER SET utf8 COLLATE utf8_bin,
SIGNATURE_KEY_ALIAS varchar(256) CHARACTER SET utf8 COLLATE utf8_bin,
SML_CLIENT_CERT_AUTH bit,
- SML_CLIENT_CERT_HEADER varchar(4000) CHARACTER SET utf8 COLLATE utf8_bin,
SML_CLIENT_KEY_ALIAS varchar(256) CHARACTER SET utf8 COLLATE utf8_bin,
SML_REGISTERED bit,
SML_SMP_ID varchar(256) CHARACTER SET utf8 COLLATE utf8_bin,
@@ -441,24 +439,6 @@
primary key (id)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
- create table SMP_SG_EXTENSION (
- ID bigint not null,
- CREATED_ON datetime not null,
- LAST_UPDATED_ON datetime not null,
- EXTENSION longblob comment 'XML extension(s) for servicegroup ',
- primary key (ID)
- ) comment='Service group extension blob' ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
- create table SMP_SG_EXTENSION_AUD (
- ID bigint not null,
- REV bigint not null,
- REVTYPE tinyint,
- CREATED_ON datetime,
- LAST_UPDATED_ON datetime,
- EXTENSION longblob,
- primary key (ID, REV)
- ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
create table SMP_SUBRESOURCE (
ID bigint not null auto_increment comment 'Shared primary key with master table SMP_SUBRESOURCE',
CREATED_ON datetime not null,
@@ -775,16 +755,6 @@ create index SMP_SMD_DOC_SCH_IDX on SMP_SUBRESOURCE (IDENTIFIER_SCHEME);
foreign key (REV)
references SMP_REV_INFO (id);
- alter table SMP_SG_EXTENSION
- add constraint FKc3joya5el7ke4ch8f76a4ad0s
- foreign key (ID)
- references SMP_RESOURCE (ID);
-
- alter table SMP_SG_EXTENSION_AUD
- add constraint FKmdo9v2422adwyebvl34qa3ap6
- foreign key (REV)
- references SMP_REV_INFO (id);
-
alter table SMP_SUBRESOURCE
add constraint FK7y1ydnq350mbs3c8yrq2fhnsk
foreign key (FK_DOCUMENT_ID)
diff --git a/smp-webapp/src/main/smp-setup/database-scripts/oracle10g-data.sql b/smp-webapp/src/main/smp-setup/database-scripts/oracle10g-data.sql
index 3cffd4311..44abff239 100644
--- a/smp-webapp/src/main/smp-setup/database-scripts/oracle10g-data.sql
+++ b/smp-webapp/src/main/smp-setup/database-scripts/oracle10g-data.sql
@@ -4,4 +4,5 @@ insert into SMP_USER (ID, USERNAME, PASSWORD, ROLE, ACTIVE, CREATED_ON, LAST_UPD
-- insert domain
-insert into SMP_DOMAIN (ID, DOMAIN_CODE, SML_SUBDOMAIN, SIGNATURE_KEY_ALIAS,SML_BLUE_COAT_AUTH, SML_REGISTERED, CREATED_ON, LAST_UPDATED_ON) values (SMP_DOMAIN_SEQ.nextval, 'testDomain','domain','sample_key',1,0, sysdate, sysdate);
+insert into SMP_DOMAIN (ID, DOMAIN_CODE, SML_SUBDOMAIN, SIGNATURE_KEY_ALIAS, SML_CLIENT_KEY_ALIAS, SML_CLIENT_CERT_AUTH, SML_REGISTERED, CREATED_ON, LAST_UPDATED_ON) values
+(SMP_DOMAIN_SEQ.nextval, 'testDomain','domain','sample_key', 'smp_domain_01',1,0, sysdate, sysdate);
diff --git a/smp-webapp/src/main/smp-setup/database-scripts/oracle10g-drop.ddl b/smp-webapp/src/main/smp-setup/database-scripts/oracle10g-drop.ddl
index f50b3b22d..952ef7b68 100644
--- a/smp-webapp/src/main/smp-setup/database-scripts/oracle10g-drop.ddl
+++ b/smp-webapp/src/main/smp-setup/database-scripts/oracle10g-drop.ddl
@@ -69,10 +69,6 @@
drop table SMP_REV_INFO cascade constraints;
- drop table SMP_SG_EXTENSION cascade constraints;
-
- drop table SMP_SG_EXTENSION_AUD cascade constraints;
-
drop table SMP_SUBRESOURCE cascade constraints;
drop table SMP_SUBRESOURCE_AUD cascade constraints;
diff --git a/smp-webapp/src/main/smp-setup/database-scripts/oracle10g.ddl b/smp-webapp/src/main/smp-setup/database-scripts/oracle10g.ddl
index d8fb4266a..09b563d16 100644
--- a/smp-webapp/src/main/smp-setup/database-scripts/oracle10g.ddl
+++ b/smp-webapp/src/main/smp-setup/database-scripts/oracle10g.ddl
@@ -333,7 +333,6 @@ create sequence SMP_USER_SEQ start with 1 increment by 1;
SIGNATURE_DIGEST_METHOD varchar2(256 char),
SIGNATURE_KEY_ALIAS varchar2(256 char),
SML_CLIENT_CERT_AUTH number(1,0) not null,
- SML_CLIENT_CERT_HEADER varchar2(4000 char),
SML_CLIENT_KEY_ALIAS varchar2(256 char),
SML_REGISTERED number(1,0) not null,
SML_SMP_ID varchar2(256 char),
@@ -366,9 +365,6 @@ create sequence SMP_USER_SEQ start with 1 increment by 1;
comment on column SMP_DOMAIN.SML_CLIENT_CERT_AUTH is
'Flag for SML authentication type - use ClientCert header or HTTPS ClientCertificate (key)';
- comment on column SMP_DOMAIN.SML_CLIENT_CERT_HEADER is
- 'Client-Cert header used behind RP - ClientCertHeader for SML integration';
-
comment on column SMP_DOMAIN.SML_CLIENT_KEY_ALIAS is
'Client key alias used for SML integration';
@@ -396,7 +392,6 @@ create sequence SMP_USER_SEQ start with 1 increment by 1;
SIGNATURE_DIGEST_METHOD varchar2(256 char),
SIGNATURE_KEY_ALIAS varchar2(256 char),
SML_CLIENT_CERT_AUTH number(1,0),
- SML_CLIENT_CERT_HEADER varchar2(4000 char),
SML_CLIENT_KEY_ALIAS varchar2(256 char),
SML_REGISTERED number(1,0),
SML_SMP_ID varchar2(256 char),
@@ -642,30 +637,6 @@ create sequence SMP_USER_SEQ start with 1 increment by 1;
primary key (id)
);
- create table SMP_SG_EXTENSION (
- ID number(19,0) not null,
- CREATED_ON timestamp not null,
- LAST_UPDATED_ON timestamp not null,
- EXTENSION blob,
- primary key (ID)
- );
-
- comment on table SMP_SG_EXTENSION is
- 'Service group extension blob';
-
- comment on column SMP_SG_EXTENSION.EXTENSION is
- 'XML extension(s) for servicegroup ';
-
- create table SMP_SG_EXTENSION_AUD (
- ID number(19,0) not null,
- REV number(19,0) not null,
- REVTYPE number(3,0),
- CREATED_ON timestamp,
- LAST_UPDATED_ON timestamp,
- EXTENSION blob,
- primary key (ID, REV)
- );
-
create table SMP_SUBRESOURCE (
ID number(19,0) not null,
CREATED_ON timestamp not null,
@@ -1024,16 +995,6 @@ create index SMP_SMD_DOC_SCH_IDX on SMP_SUBRESOURCE (IDENTIFIER_SCHEME);
foreign key (REV)
references SMP_REV_INFO;
- alter table SMP_SG_EXTENSION
- add constraint FKc3joya5el7ke4ch8f76a4ad0s
- foreign key (ID)
- references SMP_RESOURCE;
-
- alter table SMP_SG_EXTENSION_AUD
- add constraint FKmdo9v2422adwyebvl34qa3ap6
- foreign key (REV)
- references SMP_REV_INFO;
-
alter table SMP_SUBRESOURCE
add constraint FK7y1ydnq350mbs3c8yrq2fhnsk
foreign key (FK_DOCUMENT_ID)
diff --git a/smp-webapp/src/test/resources/cleanup-database.sql b/smp-webapp/src/test/resources/cleanup-database.sql
index 1a7873843..db26999a5 100755
--- a/smp-webapp/src/test/resources/cleanup-database.sql
+++ b/smp-webapp/src/test/resources/cleanup-database.sql
@@ -1,7 +1,3 @@
--- delete this table once is removed
-DELETE FROM SMP_SG_EXTENSION;
-DELETE FROM SMP_SG_EXTENSION_AUD;
-
DELETE FROM SMP_ALERT;
DELETE FROM SMP_ALERT_AUD;
DELETE FROM SMP_ALERT_PROPERTY;
diff --git a/smp-webapp/src/test/resources/webapp_integration_test_data.sql b/smp-webapp/src/test/resources/webapp_integration_test_data.sql
index db3ddeec3..cb98cb6b1 100644
--- a/smp-webapp/src/test/resources/webapp_integration_test_data.sql
+++ b/smp-webapp/src/test/resources/webapp_integration_test_data.sql
@@ -94,9 +94,9 @@ insert into SMP_CERTIFICATE (ID, CERTIFICATE_ID, VALID_FROM, VALID_TO, CREATED_O
-- insert into SMP_CERTIFICATE (ID, CERTIFICATE_ID, VALID_FROM, VALID_TO, CREATED_ON, LAST_UPDATED_ON) values (14, 'CN=GRP:TEST_\+\,& \=eau!,O=European Commission,C=BE:0000000000001234', null,null, NOW(), NOW());
-- --------------
-- Configure domains
-insert into SMP_DOMAIN (ID, DOMAIN_CODE, SML_SUBDOMAIN, SML_SMP_ID, SIGNATURE_KEY_ALIAS,SML_REGISTERED,SML_CLIENT_CERT_AUTH,SML_CLIENT_CERT_HEADER, CREATED_ON, LAST_UPDATED_ON) values
-(1, 'domain','subdomain', 'CEF-SMP-001','single_domain_key',0,1,'SML_CLIENT_CERT_HEADER', NOW(), NOW()),
-(2, 'domainTwo','newdomain', 'CEF-SMP-002','single_domain_key',0,1,'SML_CLIENT_CERT_HEADER', NOW(), NOW());
+insert into SMP_DOMAIN (ID, VISIBILITY, DOMAIN_CODE, SML_SUBDOMAIN, SML_SMP_ID, SIGNATURE_KEY_ALIAS,SML_REGISTERED,SML_CLIENT_CERT_AUTH, CREATED_ON, LAST_UPDATED_ON) values
+(1,'PUBLIC', 'domain','subdomain', 'CEF-SMP-001','single_domain_key',0,1, NOW(), NOW()),
+(2, 'PUBLIC', 'domainTwo','newdomain', 'CEF-SMP-002','single_domain_key',0,1,NOW(), NOW());
insert into SMP_GROUP (ID, FK_DOMAIN_ID, NAME, VISIBILITY, CREATED_ON, LAST_UPDATED_ON) values
(1, 1, 'domain group', 'PUBLIC', NOW(), NOW());
--
GitLab