diff -cNr uApprove-2.1.3.org/common/src/main/java/ch/SWITCH/aai/uApprove/components/Attribute.java uApprove-2.1.3/common/src/main/java/ch/SWITCH/aai/uApprove/components/Attribute.java *** uApprove-2.1.3.org/common/src/main/java/ch/SWITCH/aai/uApprove/components/Attribute.java 2010-08-23 12:21:27.000000000 +0900 --- uApprove-2.1.3/common/src/main/java/ch/SWITCH/aai/uApprove/components/Attribute.java 2010-08-23 12:23:14.000000000 +0900 *************** *** 7,18 **** import java.util.Iterator; import java.util.Map; import java.util.StringTokenizer; import org.json.simple.JSONArray; import org.json.simple.JSONObject; import org.json.simple.JSONValue; ! public class Attribute implements Serializable { --- 7,19 ---- import java.util.Iterator; import java.util.Map; import java.util.StringTokenizer; + import java.security.MessageDigest; import org.json.simple.JSONArray; import org.json.simple.JSONObject; import org.json.simple.JSONValue; ! import ch.SWITCH.aai.uApprove.components.ConfigurationManager; public class Attribute implements Serializable { *************** *** 23,29 **** public Map attributeNames; public Map attributeDescriptions; public Collection attributeValues; ! // This function extracts all the attribute names, is the the storage format. // Keep this function for backwards compatibility and all use it for all --- 24,30 ---- public Map attributeNames; public Map attributeDescriptions; public Collection attributeValues; ! public String attributeFriendlyName; // This function extracts all the attribute names, is the the storage format. // Keep this function for backwards compatibility and all use it for all *************** *** 42,60 **** return result; } public static boolean compareAttributeRelease(String approved, String current) { StringTokenizer tokenizer = new StringTokenizer( current,ATTR_DELIMITER ); while (tokenizer.hasMoreElements()) { String attr = (String) tokenizer.nextElement(); ! if (approved.indexOf(ATTR_DELIMITER+attr+ATTR_DELIMITER) == -1) ! return false; } return true; } - - public static String serializeAttributes(Collection attributes) { JSONArray result = new JSONArray(); --- 43,116 ---- return result; } + // This function extracts all the attribute names and values, is the the storage format. + // Keep this function for backwards compatibility and all use it for all + // interaction + // with the storage: store, load, comparing + // Format: ":attr1=values1:attr2=values2:attr3=values3:" || "" + public static String serializeAttributeValues(Collection attributes) { + String result = ""; + for (Iterator iterator = attributes.iterator(); iterator + .hasNext();) { + Attribute attribute = iterator.next(); + String id = attribute.attributeID; + String valuesDigest = ""; + Collection values = attribute.attributeValues; + if ( values != null && !values.isEmpty() ) { + String attrValues = ""; + for (String value : values) + attrValues += value + ";"; + valuesDigest = digest(attrValues); + } + result += ATTR_DELIMITER + id + "=" + valuesDigest; + } + if (!result.equals("")) + result += ATTR_DELIMITER; + return result; + } + + public static String digest(String value) + { + String digestValue = ""; + if (value != null && value.length() > 0) { + try { + String salt = ConfigurationManager.getParam(ConfigurationManager.COMMON_SHARED_SECRET); + MessageDigest md = MessageDigest.getInstance("SHA-1"); + md.update(value.getBytes()); + md.update(salt.getBytes()); + byte[] digest = md.digest(); + + for (int i = 0; i < digest.length; i++) { + int d = digest[i]; + if (d < 0) { + d += 256; + } + if (d < 16) { + digestValue += "0"; + } + digestValue += Integer.toString(d, 16); + } + } catch (Exception e) { + return value; + } + } + + return digestValue; + } public static boolean compareAttributeRelease(String approved, String current) { StringTokenizer tokenizer = new StringTokenizer( current,ATTR_DELIMITER ); while (tokenizer.hasMoreElements()) { String attr = (String) tokenizer.nextElement(); ! if (approved.indexOf(ATTR_DELIMITER+attr+ATTR_DELIMITER) == -1) { ! attr = attr.replaceFirst("=.*$", ""); ! if (approved.indexOf(ATTR_DELIMITER+attr+ATTR_DELIMITER) == -1) ! return false; ! } } return true; } public static String serializeAttributes(Collection attributes) { JSONArray result = new JSONArray(); *************** *** 83,88 **** --- 139,145 ---- attribute.put("attributeNames", names); attribute.put("attributeDescriptions", descs); attribute.put("attributeValues", values); + attribute.put("attributeFriendlyName", attr.attributeFriendlyName); result.add(attribute); } *************** *** 120,125 **** --- 177,183 ---- a.attributeNames = attributeNames; a.attributeDescriptions = attributeDescriptions; a.attributeValues = attributeValues; + a.attributeFriendlyName = (String)attribute.get("attributeFriendlyName"); result.add(a); } diff -cNr uApprove-2.1.3.org/common/src/main/java/ch/SWITCH/aai/uApprove/components/ConfigurationManager.java uApprove-2.1.3/common/src/main/java/ch/SWITCH/aai/uApprove/components/ConfigurationManager.java *** uApprove-2.1.3.org/common/src/main/java/ch/SWITCH/aai/uApprove/components/ConfigurationManager.java 2010-08-23 12:21:27.000000000 +0900 --- uApprove-2.1.3/common/src/main/java/ch/SWITCH/aai/uApprove/components/ConfigurationManager.java 2010-08-23 12:23:33.000000000 +0900 *************** *** 49,55 **** public static final String HTTP_PARAM_PROVIDERID = "providerid"; public static final String HTTP_PARAM_ATTRIBUTES = "attributes"; public static final String HTTP_PARAM_PRINCIPAL = "principal"; ! private static Logger LOG = LoggerFactory.getLogger( ConfigurationManager.class ); private static ConfigurationManager configurationManager = null; private static Properties properties = null; --- 49,57 ---- public static final String HTTP_PARAM_PROVIDERID = "providerid"; public static final String HTTP_PARAM_ATTRIBUTES = "attributes"; public static final String HTTP_PARAM_PRINCIPAL = "principal"; ! public static final String HTTP_PARAM_MANDATORY_ATTRIBUTES = "mandatoryattributes"; ! public static final String HTTP_PARAM_SELECTED_ATTRIBUTES = "selectedattributes"; ! private static Logger LOG = LoggerFactory.getLogger( ConfigurationManager.class ); private static ConfigurationManager configurationManager = null; private static Properties properties = null; *************** *** 107,113 **** if (value == null || value.trim().equals("")) return "/uApprove/Controller"; } ! LOG.debug("{} => {}", new Object[] {configKey, value}); return (value != null) ? value.trim() : null; } --- 109,115 ---- if (value == null || value.trim().equals("")) return "/uApprove/Controller"; } ! LOG.debug("{} => {}", new Object[] {configKey, value}); return (value != null) ? value.trim() : null; } *************** *** 141,144 **** return true; return false; } ! } \ ファイル末尾に改行がありません --- 143,146 ---- return true; return false; } ! } diff -cNr uApprove-2.1.3.org/common/src/main/java/ch/SWITCH/aai/uApprove/components/Metadata.java uApprove-2.1.3/common/src/main/java/ch/SWITCH/aai/uApprove/components/Metadata.java *** uApprove-2.1.3.org/common/src/main/java/ch/SWITCH/aai/uApprove/components/Metadata.java 1970-01-01 09:00:00.000000000 +0900 --- uApprove-2.1.3/common/src/main/java/ch/SWITCH/aai/uApprove/components/Metadata.java 2010-08-23 12:48:08.000000000 +0900 *************** *** 0 **** --- 1,58 ---- + package ch.SWITCH.aai.uApprove.components; + + import javax.xml.namespace.QName; + import org.opensaml.xml.XMLObject; + import org.opensaml.xml.AttributeExtensibleXMLObject; + import org.opensaml.xml.util.AttributeMap; + import org.opensaml.common.xml.SAMLConstants; + import org.opensaml.saml2.metadata.EntityDescriptor; + import org.opensaml.saml2.metadata.SPSSODescriptor; + import org.opensaml.saml2.metadata.AttributeConsumingService; + import org.opensaml.saml2.metadata.RequestedAttribute; + + public class Metadata { + + public static final QName MD_QNAME = new QName("urn:mace:uapprove:metadata:1.0", "UserApproval"); + private static final String ATTR_DELIMITER = ":"; + + /** + * + * @param entity + */ + public static AttributeConsumingService getAttributeConsumingService(EntityDescriptor entity) { + SPSSODescriptor spsso = entity.getSPSSODescriptor(SAMLConstants.SAML20P_NS); + if (spsso != null) { + AttributeConsumingService defacs = spsso.getDefaultAttributeConsumingService(); + if (defacs != null) { + return defacs; + } + + for (AttributeConsumingService acs: spsso.getAttributeConsumingServices()) { + return acs; + } + } + + return null; + } + + public static String getMandatoryAttributes(EntityDescriptor entity) { + String mandatoryAttrs = ""; + + AttributeConsumingService acs = getAttributeConsumingService(entity); + if (acs == null) { + return mandatoryAttrs; + } + + for (RequestedAttribute attribute: acs.getRequestAttributes()) { + if (attribute.isRequired()) { + if (mandatoryAttrs.equals("")) { + mandatoryAttrs = ATTR_DELIMITER + attribute.getFriendlyName() + ATTR_DELIMITER; + } else { + mandatoryAttrs += attribute.getFriendlyName() + ATTR_DELIMITER; + } + } + } + + return mandatoryAttrs; + } + } diff -cNr uApprove-2.1.3.org/common/src/main/java/ch/SWITCH/aai/uApprove/storage/LogInfo.java uApprove-2.1.3/common/src/main/java/ch/SWITCH/aai/uApprove/storage/LogInfo.java *** uApprove-2.1.3.org/common/src/main/java/ch/SWITCH/aai/uApprove/storage/LogInfo.java 2010-08-23 12:21:27.000000000 +0900 --- uApprove-2.1.3/common/src/main/java/ch/SWITCH/aai/uApprove/storage/LogInfo.java 2010-08-23 12:32:44.000000000 +0900 *************** *** 62,67 **** --- 62,72 ---- abstract public void update(UserLogInfo theUserData, String theProviderId) throws UApproveException; + // Gets released atttributes + abstract public String getUserReleaseAttrs(String theUsername, + String theProvider, boolean bGlobal) throws UApproveException; + + // / Updates the provider independent part of the UserLogInfo public void update(UserLogInfo theUserData) throws UApproveException { update(theUserData, null); diff -cNr uApprove-2.1.3.org/common/src/main/java/ch/SWITCH/aai/uApprove/storage/LogInfoFile.java uApprove-2.1.3/common/src/main/java/ch/SWITCH/aai/uApprove/storage/LogInfoFile.java *** uApprove-2.1.3.org/common/src/main/java/ch/SWITCH/aai/uApprove/storage/LogInfoFile.java 2010-08-23 12:21:27.000000000 +0900 --- uApprove-2.1.3/common/src/main/java/ch/SWITCH/aai/uApprove/storage/LogInfoFile.java 2010-09-17 13:21:17.000000000 +0900 *************** *** 106,112 **** } catch (Exception e) { throw new UApproveException( "LogInfoFile:initialize: An exception occurred trying to read the file [" ! + filename + "]"); } logInfo.readFromXmlDocument(userSettingDoc); } --- 106,112 ---- } catch (Exception e) { throw new UApproveException( "LogInfoFile:initialize: An exception occurred trying to read the file [" ! + filename + "](" + e.getMessage() +")"); } logInfo.readFromXmlDocument(userSettingDoc); } *************** *** 313,316 **** --- 313,332 ---- return; } + public synchronized String getUserReleaseAttrs(String theUsername, + String theProvider, boolean bGlobal) throws UApproveException { + UserLogInfo userInfo = logInfo.data.get(theUsername); + + String global; + if (bGlobal) { + global = "yes"; + } else { + global = "no"; + } + if (userInfo != null && userInfo.getGlobal().equals(global)) { + return userInfo.getAttributesForProviderId(theProvider); + } else { + return null; + } + } } diff -cNr uApprove-2.1.3.org/common/src/main/java/ch/SWITCH/aai/uApprove/storage/LogInfoJdbc.java uApprove-2.1.3/common/src/main/java/ch/SWITCH/aai/uApprove/storage/LogInfoJdbc.java *** uApprove-2.1.3.org/common/src/main/java/ch/SWITCH/aai/uApprove/storage/LogInfoJdbc.java 2010-08-23 12:21:27.000000000 +0900 --- uApprove-2.1.3/common/src/main/java/ch/SWITCH/aai/uApprove/storage/LogInfoJdbc.java 2010-08-23 12:41:01.000000000 +0900 *************** *** 73,78 **** --- 73,80 ---- public static final String selIdxAttrApproval = "selIdxAttrApproval"; + public static final String selReleaseAttrs = "selReleaseAttrs"; + public static final String selIdxAttrApprovalGlobal = "selIdxAttrApprovalGlobal"; public static final String insProviderAccess = "insProviderAccess"; *************** *** 808,811 **** --- 810,842 ---- } + public synchronized String getUserReleaseAttrs(String theUsername, + String theProvider, boolean bGlobal) throws UApproveException { + + LOG.debug("LogInfoJdbc.getUserReleaseAttrs: get released attributes for user " + + theUsername + " provider = " + theProvider + " with global access " + bGlobal); + + try { + String theSQL = (String) theSqlCmds.getProperty(keySqlCmd.selReleaseAttrs); + theSQL = theSQL.replaceFirst("\\?", theUsername); + + if (bGlobal == false) + theSQL = theSQL.replaceFirst("\\?", theProvider); + + ResultSet rs = theDB.execSqlFT(theSQL, true); + + String attributesReleased = null; + + if (rs != null && rs.next()) { + attributesReleased = rs.getString(1); + } + + return attributesReleased; + } catch (SQLException ex) { + LOG.error("LogInfoJdbc.getUserReleaseAttrs:" + + "cannot find released attributes for user "+theUsername+", provider = {} with with global access {}", + theProvider, bGlobal); + throw new UApproveException(ex); + } + } } diff -cNr uApprove-2.1.3.org/idp-plugin/src/main/java/ch/SWITCH/aai/uApprove/idpplugin/AttributeDumper.java uApprove-2.1.3/idp-plugin/src/main/java/ch/SWITCH/aai/uApprove/idpplugin/AttributeDumper.java *** uApprove-2.1.3.org/idp-plugin/src/main/java/ch/SWITCH/aai/uApprove/idpplugin/AttributeDumper.java 2010-08-23 12:21:27.000000000 +0900 --- uApprove-2.1.3/idp-plugin/src/main/java/ch/SWITCH/aai/uApprove/idpplugin/AttributeDumper.java 2010-08-23 12:43:31.000000000 +0900 *************** *** 5,13 **** --- 5,15 ---- import java.util.HashMap; import java.util.Iterator; import java.util.Map; + import java.util.List; import java.util.Locale; + import org.opensaml.saml2.core.NameID; import org.opensaml.saml2.metadata.provider.MetadataProvider; import org.opensaml.saml2.metadata.provider.MetadataProviderException; import org.slf4j.Logger; *************** *** 21,26 **** --- 23,30 ---- import edu.internet2.middleware.shibboleth.common.profile.provider.BaseSAMLProfileRequestContext; import edu.internet2.middleware.shibboleth.common.relyingparty.RelyingPartyConfiguration; import edu.internet2.middleware.shibboleth.common.relyingparty.provider.SAMLMDRelyingPartyConfigurationManager; + import edu.internet2.middleware.shibboleth.common.attribute.encoding.AttributeEncoder; + import edu.internet2.middleware.shibboleth.common.attribute.encoding.SAML2AttributeEncoder; public class AttributeDumper { private static Logger LOG = LoggerFactory.getLogger(AttributeDumper.class); *************** *** 72,78 **** throw new UApproveException(e); } requestCtx.setMetadataProvider(metadataProvider); ! Map attributes; try { attributes = saml2AA.getAttributes(requestCtx); --- 76,82 ---- throw new UApproveException(e); } requestCtx.setMetadataProvider(metadataProvider); ! Map attributes; try { attributes = saml2AA.getAttributes(requestCtx); *************** *** 91,101 **** Object valueObj = iter.next(); //String value = valueObj instanceof String ? (String)valueObj : "Non-string attribute value"; if (valueObj != null && !valueObj.toString().trim().equals("")) { ! LOG.trace(valueObj.toString()); ! attributeValues.add(valueObj.toString()); } } ! LOG.debug("Attribute '{}' has {} value(s)", attr.getId(), attributeValues.size()); if (attributeValues.size() == 0) --- 95,110 ---- Object valueObj = iter.next(); //String value = valueObj instanceof String ? (String)valueObj : "Non-string attribute value"; if (valueObj != null && !valueObj.toString().trim().equals("")) { ! if (valueObj instanceof NameID) { ! LOG.trace(((NameID)valueObj).getNameQualifier() + "!" + ((NameID)valueObj).getSPNameQualifier() + "!" + ((NameID)valueObj).getValue()); ! attributeValues.add(((NameID)valueObj).getNameQualifier() + "!" + ((NameID)valueObj).getSPNameQualifier() + "!" + ((NameID)valueObj).getValue()); ! } else { ! LOG.trace(valueObj.toString()); ! attributeValues.add(valueObj.toString()); ! } } } ! LOG.debug("Attribute '{}' has {} value(s)", attr.getId(), attributeValues.size()); if (attributeValues.size() == 0) *************** *** 115,126 **** attributeDescriptions.put(key.getLanguage(), (String) attr.getDisplayDescriptions().get(key)); } Attribute a = new Attribute(); a.attributeID = attr.getId(); a.attributeNames = attributeNames; a.attributeDescriptions = attributeDescriptions; a.attributeValues = attributeValues; ! result.add(a); } --- 124,147 ---- attributeDescriptions.put(key.getLanguage(), (String) attr.getDisplayDescriptions().get(key)); } + String attributeFriendlyName = null; + List encoders = attr.getEncoders(); + for (int i = 0; i < encoders.size(); i++) { + if (encoders.get(i) instanceof SAML2AttributeEncoder) { + attributeFriendlyName = ((SAML2AttributeEncoder) encoders.get(i)).getFriendlyName(); + } + } + if (attributeFriendlyName == null) { + attributeFriendlyName = attr.getId(); + } + Attribute a = new Attribute(); a.attributeID = attr.getId(); a.attributeNames = attributeNames; a.attributeDescriptions = attributeDescriptions; a.attributeValues = attributeValues; ! a.attributeFriendlyName = attributeFriendlyName; ! result.add(a); } diff -cNr uApprove-2.1.3.org/idp-plugin/src/main/java/ch/SWITCH/aai/uApprove/idpplugin/Plugin.java uApprove-2.1.3/idp-plugin/src/main/java/ch/SWITCH/aai/uApprove/idpplugin/Plugin.java *** uApprove-2.1.3.org/idp-plugin/src/main/java/ch/SWITCH/aai/uApprove/idpplugin/Plugin.java 2010-08-23 12:21:27.000000000 +0900 --- uApprove-2.1.3/idp-plugin/src/main/java/ch/SWITCH/aai/uApprove/idpplugin/Plugin.java 2010-08-23 12:43:54.000000000 +0900 *************** *** 17,26 **** --- 17,29 ---- import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; + import org.opensaml.saml2.metadata.provider.MetadataProvider; + import org.opensaml.saml2.metadata.provider.MetadataProviderException; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import ch.SWITCH.aai.uApprove.components.Attribute; + import ch.SWITCH.aai.uApprove.components.Metadata; import ch.SWITCH.aai.uApprove.components.ConfigurationManager; import ch.SWITCH.aai.uApprove.components.TermsOfUseManager; import ch.SWITCH.aai.uApprove.components.UApproveException; *************** *** 38,43 **** --- 41,55 ---- import edu.vt.middleware.crypt.symmetric.SymmetricAlgorithm; import edu.vt.middleware.crypt.util.Base64Converter; + + + import ch.SWITCH.aai.uApprove.components.Attribute; + import edu.internet2.middleware.shibboleth.common.attribute.AttributeRequestException; + import edu.internet2.middleware.shibboleth.common.attribute.BaseAttribute; + import edu.internet2.middleware.shibboleth.common.attribute.provider.SAML2AttributeAuthority; + import edu.internet2.middleware.shibboleth.common.profile.provider.BaseSAMLProfileRequestContext; + import edu.internet2.middleware.shibboleth.common.relyingparty.RelyingPartyConfiguration; + import edu.internet2.middleware.shibboleth.common.relyingparty.provider.SAMLMDRelyingPartyConfigurationManager; /** * Class Plugin: * *************** *** 88,93 **** --- 100,106 ---- boolean globalARA, boolean approvalGiven) throws UApproveException { LOG.info("continue2Idp, reason: " + reason); + // create user hack if (userInfo == null) { userInfo = storage.addUserLogInfoData(username, "1.0", new Date() *************** *** 117,127 **** // method to continue to the uApprove web application (leave IdP) private String post2Viewer(String reason, boolean resetConsent, String returnURL, String principal, String entityId, ! Collection attributesReleased, HttpServletRequest request, LoginContext loginCtx) throws UApproveException, PassiveAuthenticationException { LOG.info("Continue to uApprove viewer, reason: " + reason); LOG.debug(" returnURL=" + returnURL); ! boolean isPassive = loginCtx.isPassiveAuthRequired(); boolean isPassiveSupported = ConfigurationManager.makeBoolean(ConfigurationManager.getParam(ConfigurationManager.PLUGIN_ISPASSIVE_SUPPORT)); LOG.debug("isPassive={}, isPassiveSupport={}", isPassive, isPassiveSupported); --- 130,141 ---- // method to continue to the uApprove web application (leave IdP) private String post2Viewer(String reason, boolean resetConsent, String returnURL, String principal, String entityId, ! Collection attributesReleased, String mandatoryAttributes, ! HttpServletRequest request, LoginContext loginCtx) throws UApproveException, PassiveAuthenticationException { LOG.info("Continue to uApprove viewer, reason: " + reason); LOG.debug(" returnURL=" + returnURL); ! boolean isPassive = loginCtx.isPassiveAuthRequired(); boolean isPassiveSupported = ConfigurationManager.makeBoolean(ConfigurationManager.getParam(ConfigurationManager.PLUGIN_ISPASSIVE_SUPPORT)); LOG.debug("isPassive={}, isPassiveSupport={}", isPassive, isPassiveSupported); *************** *** 145,150 **** --- 159,170 ---- : ""; LOG.debug(" action=" + action); + String attributesSelected = ""; + if (reason.equals(CONTV_REASON_ATTRCHANGED)) { + attributesSelected = Attribute.serializeAttributeIDs(attributesReleased); + } + LOG.debug("attributesSelected=" + attributesSelected); + String postForm = "" + " " + "

" + " <input type=\"submit\" value=\"Continue\"/>" + "

" + " " + " " + " "; LOG.trace("continue2Viewer: mode=Viewer postForm={}", postForm); - return postForm; } private void transferLoginContext2IdP(LoginContext loginCtx, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) { ! HttpServletHelper.unbindLoginContext(HttpServletHelper.getStorageService(servletContext), servletContext, httpServletRequest, httpServletResponse); HttpServletHelper.bindLoginContext(loginCtx, httpServletRequest); } private void transferLoginContext2uApprove(LoginContext loginCtx, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) { ! HttpServletHelper.bindLoginContext(loginCtx, HttpServletHelper.getStorageService(servletContext), servletContext, httpServletRequest, httpServletResponse); } private LoginContext retrieveLoginContext(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) { --- 190,219 ---- + encrypt(Attribute .serializeAttributes(attributesReleased)) + "\"/>" + + " " + + " " + " " + " " + " " + " "; LOG.trace("continue2Viewer: mode=Viewer postForm={}", postForm); return postForm; } private void transferLoginContext2IdP(LoginContext loginCtx, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) { ! HttpServletHelper.unbindLoginContext(HttpServletHelper.getStorageService(servletContext), servletContext, httpServletRequest, httpServletResponse); HttpServletHelper.bindLoginContext(loginCtx, httpServletRequest); } private void transferLoginContext2uApprove(LoginContext loginCtx, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) { ! HttpServletHelper.bindLoginContext(loginCtx, HttpServletHelper.getStorageService(servletContext), servletContext, httpServletRequest, httpServletResponse); } private LoginContext retrieveLoginContext(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) { *************** *** 193,199 **** public void init(FilterConfig filterConfig) { try { - // get servlet context servletContext = filterConfig.getServletContext(); if (servletContext == null) { --- 222,227 ---- *************** *** 267,273 **** public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws ServletException, IOException { try { - LOG.trace("IdP plugin entry on path {}",((HttpServletRequest) servletRequest).getServletPath()); // only work on HTTPRequests / responses --- 295,300 ---- *************** *** 341,346 **** --- 368,382 ---- Collection attributesReleased = AttributeDumper.getAttributes( principal, entityId); + // get the mandatory attributes + String mandatoryAttributes; + try { + MetadataProvider metadataProvider = relyingPartyConfigurationManager.getMetadataProvider(); + mandatoryAttributes = Metadata.getMandatoryAttributes(metadataProvider.getEntityDescriptor(entityId)); + } catch (MetadataProviderException e) { + throw new UApproveException(e); + } + // get referer String referer = httpServletRequest.getRequestURL() .toString(); *************** *** 352,358 **** LogInfo.initialize(storeType); LogInfo storage = LogInfo.getInstance(); LOG.debug("LogInfo (storage) initialized with mode=" + storeType); ! // getUserInfo UserLogInfo userInfo = storage.getData(principal); LOG.debug("userInfo=" + userInfo); --- 388,394 ---- LogInfo.initialize(storeType); LogInfo storage = LogInfo.getInstance(); LOG.debug("LogInfo (storage) initialized with mode=" + storeType); ! // getUserInfo UserLogInfo userInfo = storage.getData(principal); LOG.debug("userInfo=" + userInfo); *************** *** 372,377 **** --- 408,414 ---- // check monitoring mode only if (ConfigurationManager.makeBoolean(ConfigurationManager .getParam(ConfigurationManager.PLUGIN_MONITORING_ONLY))) { + continue2IdP(CONTIDP_REASON_MONITORING_ONLY, storage, userInfo, principal, entityId, globalConsentGiven, false); *************** *** 393,407 **** transferLoginContext2uApprove(loginCtx, httpServletRequest, httpServletResponse); httpServletResponse.getWriter().write( post2Viewer(CONTV_REASON_FIRSTVISIT, resetConsent, referer, ! principal, entityId, attributesReleased, httpServletRequest, loginCtx)); return; } // check if the user wants to reset the settings if (resetConsent) { transferLoginContext2uApprove(loginCtx, httpServletRequest, httpServletResponse); httpServletResponse.getWriter().write( post2Viewer(CONTV_REASON_RESETCONSENT, resetConsent, referer, ! principal, entityId, attributesReleased, httpServletRequest, loginCtx)); return; } --- 430,445 ---- transferLoginContext2uApprove(loginCtx, httpServletRequest, httpServletResponse); httpServletResponse.getWriter().write( post2Viewer(CONTV_REASON_FIRSTVISIT, resetConsent, referer, ! principal, entityId, attributesReleased, mandatoryAttributes, httpServletRequest, loginCtx)); return; } // check if the user wants to reset the settings if (resetConsent) { + LOG.info("test Plugin.java: reset Consent"); transferLoginContext2uApprove(loginCtx, httpServletRequest, httpServletResponse); httpServletResponse.getWriter().write( post2Viewer(CONTV_REASON_RESETCONSENT, resetConsent, referer, ! principal, entityId, attributesReleased, mandatoryAttributes, httpServletRequest, loginCtx)); return; } *************** *** 417,423 **** transferLoginContext2uApprove(loginCtx, httpServletRequest, httpServletResponse); httpServletResponse.getWriter().write( post2Viewer(CONTV_REASON_TERMSCHANGED, resetConsent, referer, ! principal, entityId, attributesReleased, httpServletRequest, loginCtx)); return; } } --- 455,461 ---- transferLoginContext2uApprove(loginCtx, httpServletRequest, httpServletResponse); httpServletResponse.getWriter().write( post2Viewer(CONTV_REASON_TERMSCHANGED, resetConsent, referer, ! principal, entityId, attributesReleased, mandatoryAttributes, httpServletRequest, loginCtx)); return; } } *************** *** 435,441 **** // get attributes which will be released String attributes = Attribute ! .serializeAttributeIDs(attributesReleased); LOG.debug("doFilter: attributes to be released=" + attributes); // check if there are any attributes --- 473,479 ---- // get attributes which will be released String attributes = Attribute ! .serializeAttributeValues(attributesReleased); LOG.debug("doFilter: attributes to be released=" + attributes); // check if there are any attributes *************** *** 455,461 **** transferLoginContext2uApprove(loginCtx, httpServletRequest, httpServletResponse); httpServletResponse.getWriter().write( post2Viewer(CONTV_REASON_NEWPROVIDER, resetConsent, referer, ! principal, entityId, attributesReleased, httpServletRequest, loginCtx)); return; } --- 493,499 ---- transferLoginContext2uApprove(loginCtx, httpServletRequest, httpServletResponse); httpServletResponse.getWriter().write( post2Viewer(CONTV_REASON_NEWPROVIDER, resetConsent, referer, ! principal, entityId, attributesReleased, mandatoryAttributes, httpServletRequest, loginCtx)); return; } *************** *** 469,481 **** transferLoginContext2uApprove(loginCtx, httpServletRequest, httpServletResponse); httpServletResponse.getWriter().write( post2Viewer(CONTV_REASON_ATTRCHANGED, resetConsent, referer, ! principal, entityId, attributesReleased, httpServletRequest, loginCtx)); return; } - // the user has already given attribute release approval to this provider continue2IdP(CONTIDP_REASON_PROVIDER_APPROVAL, storage, userInfo, principal, entityId, globalConsentGiven, true); transferLoginContext2IdP(loginCtx, httpServletRequest, httpServletResponse); filterChain.doFilter(servletRequest, servletResponse); return; --- 507,520 ---- transferLoginContext2uApprove(loginCtx, httpServletRequest, httpServletResponse); httpServletResponse.getWriter().write( post2Viewer(CONTV_REASON_ATTRCHANGED, resetConsent, referer, ! principal, entityId, attributesReleased, mandatoryAttributes, httpServletRequest, loginCtx)); return; } continue2IdP(CONTIDP_REASON_PROVIDER_APPROVAL, storage, userInfo, principal, entityId, globalConsentGiven, true); + + transferLoginContext2IdP(loginCtx, httpServletRequest, httpServletResponse); filterChain.doFilter(servletRequest, servletResponse); return; *************** *** 491,501 **** filterChain.doFilter(servletRequest, servletResponse); return; } - } private void doError(HttpServletResponse response, UApproveException e) throws IOException { ! LOG.error("uApprove error",e); response.setContentType("text/html"); String htmlErrorMessage = "uApprove error

"; --- 530,539 ---- filterChain.doFilter(servletRequest, servletResponse); return; } } private void doError(HttpServletResponse response, UApproveException e) throws IOException { ! LOG.error("uApprove error",e); response.setContentType("text/html"); String htmlErrorMessage = "uApprove error

"; *************** *** 507,510 **** } ! } \ ファイル末尾に改行がありません --- 545,548 ---- } ! } diff -cNr uApprove-2.1.3.org/idp-plugin/src/main/resources/conf/mysql.commands uApprove-2.1.3/idp-plugin/src/main/resources/conf/mysql.commands *** uApprove-2.1.3.org/idp-plugin/src/main/resources/conf/mysql.commands 2010-08-23 12:21:27.000000000 +0900 --- uApprove-2.1.3/idp-plugin/src/main/resources/conf/mysql.commands 2010-08-23 12:52:15.000000000 +0900 *************** *** 72,77 **** --- 72,79 ---- insAttrApproval1 = insert into AttrReleaseApproval (araIdxArpUser, araIdxShibProvider, araTermsVersion, araAttributes ) values ( ?, ?, '?', '?' ) + selReleaseAttrs = select araAttributes from ArpUser, AttrReleaseApproval, ShibProvider where auUserName='?' and idxArpUser=araIdxArpUser and spProviderName = '?' and araIdxShibProvider = idxShibProvider order by araTimeStamp desc + # # delete an entry from the table AttrReleaseApproval # diff -cNr uApprove-2.1.3.org/viewer/src/main/java/ch/SWITCH/aai/uApprove/viewer/Controller.java uApprove-2.1.3/viewer/src/main/java/ch/SWITCH/aai/uApprove/viewer/Controller.java *** uApprove-2.1.3.org/viewer/src/main/java/ch/SWITCH/aai/uApprove/viewer/Controller.java 2010-08-23 12:21:27.000000000 +0900 --- uApprove-2.1.3/viewer/src/main/java/ch/SWITCH/aai/uApprove/viewer/Controller.java 2010-08-23 12:47:25.000000000 +0900 *************** *** 1,5 **** --- 1,6 ---- package ch.SWITCH.aai.uApprove.viewer; + import java.io.IOException; import java.util.Collection; import java.util.Date; *************** *** 30,35 **** --- 31,38 ---- import edu.vt.middleware.crypt.symmetric.SymmetricAlgorithm; import edu.vt.middleware.crypt.util.Base64Converter; + + /** * uApprove Controller Servlet * *************** *** 61,66 **** --- 64,70 ---- public static final String GETPAR_ATTRIBUTES_GLOBAL_CONSENT = "attributes-global-consent"; public static final String GETPAR_ATTRIBUTES_DECLINE = "attributes-decline"; public static final String GETPAR_ATTRIBUTES_DECLINE_BACK = "attributes-decline-back"; + public static final String GETPAR_RELEASED_ATTRIBUTES = "approved-attributes[]"; public static final String GETPAR_STANDALONE = "standalone-next-url"; public static final String GETPAR_RESET_CANCEL = "reset-cancel"; *************** *** 79,84 **** --- 83,90 ---- public static final String SESKEY_GLOBAL_CONSENT_POSSIBLE = "globalConsentPossible"; public static final String SESKEY_LOCALE = "locale"; public static final String SESKEY_ERROR = "error"; + public static final String SESKEY_MANDATORY_ATTRIBUTES = "mandatoryAttributes"; + public static final String SESKEY_SELECTED_ATTRIBUTES = "selectedAttributes"; private static Logger LOG = LoggerFactory.getLogger(Controller.class); *************** *** 165,172 **** protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { try { - LOG.info("POST received"); - // initialization HttpSession session = request.getSession(); LogInfo storage = LogInfo.getInstance(); --- 171,176 ---- *************** *** 220,240 **** LOG.debug("locale=" + locale); session.setAttribute(SESKEY_LOCALE, locale); // getUserInfo UserLogInfo userInfo = storage.getData(principal); LOG.debug("userInfo=" + userInfo); if (userInfo == null) { if (useTerms) { LOG.debug("first visit of the user, redirect to terms page"); ! getServletContext().getRequestDispatcher(PAGE_TERMS).forward(request,response); } else { LOG.debug("first visit of the user, redirect to attributes page"); ! getServletContext().getRequestDispatcher(PAGE_ATTRIBUTES).forward(request,response); } ! return; ! } ! // has user agreed to the current terms version if (useTerms && !userInfo.getTermsVersion().equals(TermsOfUseManager.getVersion())) { LOG.debug("current terms version are not agreed by user, redirect to the terms page"); --- 224,263 ---- LOG.debug("locale=" + locale); session.setAttribute(SESKEY_LOCALE, locale); + // get mandatory attributes + String mandatoryAttributes = decrypt(request + .getParameter(ConfigurationManager.HTTP_PARAM_MANDATORY_ATTRIBUTES)); + LOG.debug("mandatoryAttributes=" + + mandatoryAttributes); + session.setAttribute(SESKEY_MANDATORY_ATTRIBUTES, mandatoryAttributes); + + // get selected attributes + String attributesSelected = decrypt(request + .getParameter(ConfigurationManager.HTTP_PARAM_SELECTED_ATTRIBUTES)); + LOG.debug("attributesSelected=" + + attributesSelected); + session.setAttribute(SESKEY_SELECTED_ATTRIBUTES, attributesSelected); + // getUserInfo UserLogInfo userInfo = storage.getData(principal); + LOG.debug("userInfo=" + userInfo); + LOG.info("userInfo=" + userInfo); + // Terms of use + /* show ToU only first time that the user enconter shibboleth */ if (userInfo == null) { if (useTerms) { LOG.debug("first visit of the user, redirect to terms page"); ! getServletContext().getRequestDispatcher(PAGE_TERMS).forward(request,response); } else { LOG.debug("first visit of the user, redirect to attributes page"); ! getServletContext().getRequestDispatcher(PAGE_ATTRIBUTES).forward(request,response); } ! return; ! } ! ! // has user agreed to the current terms version if (useTerms && !userInfo.getTermsVersion().equals(TermsOfUseManager.getVersion())) { LOG.debug("current terms version are not agreed by user, redirect to the terms page"); *************** *** 318,331 **** if (isGetParSet(request, GETPAR_ATTRIBUTES_CONFIRM)) { LOG.debug("user gave attribute release consent, store, redirect to returnURL=" + response.encodeRedirectURL(returnURL)); ! String termsVersion = useTerms ? TermsOfUseManager.getVersion() : ""; - String attributes = Attribute.serializeAttributeIDs(attributesReleased); LOG.debug("store: principal=" + principal + " entityId=" + entityId + " attributes=" + attributes + " terms=" + termsVersion + " globalConsent=" + isGetParSet(request, GETPAR_ATTRIBUTES_GLOBAL_CONSENT)); storeUser(userInfo, principal, termsVersion, entityId, attributes, isGetParSet(request, GETPAR_ATTRIBUTES_GLOBAL_CONSENT)); response.sendRedirect(response.encodeRedirectURL(returnURL)); return; } --- 341,358 ---- if (isGetParSet(request, GETPAR_ATTRIBUTES_CONFIRM)) { LOG.debug("user gave attribute release consent, store, redirect to returnURL=" + response.encodeRedirectURL(returnURL)); ! ! // Add released attributes and values ! String attributes = getAttributesReleased(entityId, request.getParameterValues(GETPAR_RELEASED_ATTRIBUTES)); ! LOG.debug("yauserapprovedattr=" + attributes); ! String termsVersion = useTerms ? TermsOfUseManager.getVersion() : ""; LOG.debug("store: principal=" + principal + " entityId=" + entityId + " attributes=" + attributes + " terms=" + termsVersion + " globalConsent=" + isGetParSet(request, GETPAR_ATTRIBUTES_GLOBAL_CONSENT)); storeUser(userInfo, principal, termsVersion, entityId, attributes, isGetParSet(request, GETPAR_ATTRIBUTES_GLOBAL_CONSENT)); + response.sendRedirect(response.encodeRedirectURL(returnURL)); return; } *************** *** 452,455 **** --- 479,502 ---- request, response); } + public static String getAttributesReleased(String entityId, String[] attributes) throws UApproveException { + LOG.debug("attributes: " + attributes); + LogInfo storage = LogInfo.getInstance(); + + String attributesReleased = ""; + + if (attributes != null) { + for (String attribute: attributes) { + LOG.debug("relased attribute: " + attribute); + attributesReleased = attributesReleased + ":" + attribute; + } + attributesReleased += ":"; + } + + LOG.info("yadoubletest userapprovedattr is " + attributesReleased); + + return attributesReleased; + } } + + diff -cNr uApprove-2.1.3.org/viewer/src/main/resources/conf/mysql.commands uApprove-2.1.3/viewer/src/main/resources/conf/mysql.commands *** uApprove-2.1.3.org/viewer/src/main/resources/conf/mysql.commands 2010-08-23 12:21:27.000000000 +0900 --- uApprove-2.1.3/viewer/src/main/resources/conf/mysql.commands 2010-08-23 12:46:05.000000000 +0900 *************** *** 72,77 **** --- 72,79 ---- insAttrApproval1 = insert into AttrReleaseApproval (araIdxArpUser, araIdxShibProvider, araTermsVersion, araAttributes ) values ( ?, ?, '?', '?' ) + selReleaseAttrs = select araAttributes from ArpUser, AttrReleaseApproval, ShibProvider where auUserName='?' and idxArpUser=araIdxArpUser and spProviderName = '?' and araIdxShibProvider = idxShibProvider order by araTimeStamp desc + # # delete an entry from the table AttrReleaseApproval # diff -cNr uApprove-2.1.3.org/viewer/src/main/webapp/attributes.jsp uApprove-2.1.3/viewer/src/main/webapp/attributes.jsp *** uApprove-2.1.3.org/viewer/src/main/webapp/attributes.jsp 2010-08-23 12:21:27.000000000 +0900 --- uApprove-2.1.3/viewer/src/main/webapp/attributes.jsp 2010-08-23 12:45:07.000000000 +0900 *************** *** 1,186 **** ! <%@ page import=" ! ch.SWITCH.aai.uApprove.viewer.Controller, ! ch.SWITCH.aai.uApprove.components.Attribute, ! ch.SWITCH.aai.uApprove.viewer.AttributeList, ! java.util.Map, ! java.util.List, ! java.util.Set, ! java.util.ArrayList, ! java.util.Collection, ! java.util.Iterator, ! java.util.Locale, ! java.util.ResourceBundle" ! %> ! ! ! <%@ include file="header.jsp" %> ! ! ! <% ! /* ! *------------------------------------------------------------------------------------ ! * ! * attributes.jsp: ! * ---------- ! * ! * Copyright (c) 2005-2006 SWITCH - The Swiss Education & Research Network ! * ! * ! * Purpose: Webpage to show the user which attributes will be transfered to a resource. ! * The user can accept or deny. In the latter case, he/she cannot of course ! * access the resource. ! * ! * ! * Usage: This page is invoked from the servlet Controller of the package ! * ch.SWITCH.aai.uApprove.viewer. ! * ! * Note: ! * This JSP page uses the classes AttributeDumper and AttributeDescription to display the ! * attributes. ! * ! * Author: C.Witzig ! * Date: 2.3.2006 ! * ! * ! * ! * Modifications: ! *--------------- ! * 1. fixed bug in extracting resource host if there is no second '/'. Dec 22, 2006 ! * 2. changed replace with replaceAll in convertAttributeValue such that it compiles with 1.4.2 ! * (courtesy of Jon Warwick, University of Cambridge) ! * ChW June 18, 2007 ! * ! * ! *-------------------------------------------------------------------------------------- ! */ ! %> ! ! ! <% ! String entityId = (String) session.getAttribute(Controller.SESKEY_ENTITYID); ! boolean globalConsentPosibble = (Boolean) session.getAttribute(Controller.SESKEY_GLOBAL_CONSENT_POSSIBLE); ! Collection attributes = (Collection) session.getAttribute(Controller.SESKEY_ATTRIBUTES); ! Locale locale = (Locale) session.getAttribute(Controller.SESKEY_LOCALE); ! ! ! ! ! ! ResourceBundle rb = ResourceBundle.getBundle( Controller.RB_ATTRIBUTES, locale); ! out.println( "

" + (String) rb.getString("title") + "

" ); ! ! ! ! // --------------------- Attribute Release table ------------------- ! ! String sTxtExpl = (String) rb.getString( "txt_explanation" ); ! sTxtExpl = sTxtExpl.replaceFirst( "\\?", "" + Controller.getResourceHost(entityId) + "" ); ! out.println("

" + sTxtExpl + "

" ); ! %> ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! !

! ! ! ! ! ! <% ! // iterate over the attributes ! int i = 0; ! List drawed = new ArrayList(); ! for (String attrId : AttributeList.getWhiteList()) { ! for (Attribute attribute: attributes) { ! if (attribute.attributeID.equals(attrId)) { ! Collection values = attribute.attributeValues; ! if ( values == null || values.isEmpty() ) ! continue; ! String valuesHtml = ""; ! for (String value : values) ! valuesHtml += value + "
"; ! %> ! " > ! ! ! ! <% ! drawed.add(attribute.attributeID); ! } ! } ! } ! for (Attribute attribute: attributes) { ! if (AttributeList.isBlackListed(attribute.attributeID) || drawed.contains(attribute.attributeID)) ! continue; ! ! Collection values = attribute.attributeValues; ! if ( values == null || values.isEmpty() ) ! continue; ! String valuesHtml = ""; ! for (String value : values) ! valuesHtml += value + "
"; ! %> ! " > ! ! ! ! <% ! } ! ! %> !

Digital ID Card
<%=Controller.resolveDisplayName(attribute, locale)%>	<%= valuesHtml.replace("$"," ") %>
<%=Controller.resolveDisplayName(attribute, locale)%>	<%= valuesHtml.replace("$"," ") %>

! ! ! ! ! ! <% ! out.println("

" + (String) rb.getString( "txt_cross_boxes" ) + "

" ); ! %> ! ! ! !
! <%= rb.getString( "txt_comment" ) %> ! ! <% ! ! ! %> ! ! ! <%@ include file="footer.jsp" %> --- 1,248 ---- ! <%@ page import=" ! ch.SWITCH.aai.uApprove.viewer.Controller, ! ch.SWITCH.aai.uApprove.components.Attribute, ! ch.SWITCH.aai.uApprove.viewer.AttributeList, ! ch.SWITCH.aai.uApprove.storage.LogInfo, ! ch.SWITCH.aai.uApprove.storage.UserLogInfo, ! java.util.StringTokenizer, ! java.util.Map, ! java.util.List, ! java.util.Set, ! java.util.ArrayList, ! java.util.Collection, ! java.util.Iterator, ! java.util.Locale, ! java.util.ResourceBundle" ! %> ! ! ! <%@ include file="header.jsp" %> ! ! ! <% ! /* ! *------------------------------------------------------------------------------------ ! * ! * attributes.jsp: ! * ---------- ! * ! * Copyright (c) 2005-2006 SWITCH - The Swiss Education & Research Network ! * ! * ! * Purpose: Webpage to show the user which attributes will be transfered to a resource. ! * The user can accept or deny. In the latter case, he/she cannot of course ! * access the resource. ! * ! * ! * Usage: This page is invoked from the servlet Controller of the package ! * ch.SWITCH.aai.uApprove.viewer. ! * ! * Note: ! * This JSP page uses the classes AttributeDumper and AttributeDescription to display the ! * attributes. ! * ! * Author: C.Witzig ! * Date: 2.3.2006 ! * ! * ! * ! * Modifications: ! *--------------- ! * 1. fixed bug in extracting resource host if there is no second '/'. Dec 22, 2006 ! * 2. changed replace with replaceAll in convertAttributeValue such that it compiles with 1.4.2 ! * (courtesy of Jon Warwick, University of Cambridge) ! * ChW June 18, 2007 ! * ! * ! *-------------------------------------------------------------------------------------- ! */ ! %> ! ! ! <% ! String entityId = (String) session.getAttribute(Controller.SESKEY_ENTITYID); ! boolean globalConsentPosibble = (Boolean) session.getAttribute(Controller.SESKEY_GLOBAL_CONSENT_POSSIBLE); ! Collection attributes = (Collection) session.getAttribute(Controller.SESKEY_ATTRIBUTES); ! Locale locale = (Locale) session.getAttribute(Controller.SESKEY_LOCALE); ! ! ! ResourceBundle rb = ResourceBundle.getBundle( Controller.RB_ATTRIBUTES, locale); ! out.println( "

" + (String) rb.getString("title") + "

" + sTxtExpl + "

" ); ! %> ! ! ! ! ! ! ! <% ! // iterate over the attributes ! List drawed = new ArrayList(); ! List attrIds = new ArrayList(); ! List attrValues = new ArrayList(); ! List attrNames = new ArrayList(); ! for (String attrId : AttributeList.getWhiteList()) { ! for (Attribute attribute: attributes) { ! if (attribute.attributeID.equals(attrId)) { ! Collection values = attribute.attributeValues; ! if ( values == null || values.isEmpty() ) ! continue; ! String valuesHtml = ""; ! for (String value : values) ! valuesHtml += value + "
"; ! ! drawed.add(attribute.attributeID); ! attrIds.add(Controller.resolveDisplayName(attribute, locale)); ! attrValues.add(valuesHtml); ! attrNames.add(attribute.attributeFriendlyName); ! } ! } ! } ! ! for (Attribute attribute: attributes) { ! if (drawed.contains(attribute.attributeID)) ! continue; ! ! Collection values = attribute.attributeValues; ! if ( values == null || values.isEmpty() ) ! continue; ! String valuesHtml = ""; ! for (String value : values) ! valuesHtml += value + "
"; ! ! drawed.add(attribute.attributeID); ! attrIds.add(Controller.resolveDisplayName(attribute, locale)); ! attrValues.add(valuesHtml); ! attrNames.add(attribute.attributeFriendlyName); ! } ! ! String mandatoryAttrs = (String) session.getAttribute(Controller.SESKEY_MANDATORY_ATTRIBUTES); ! String[] mandatoryAttrIds = mandatoryAttrs.split(":"); ! ! String selectedAttrs = (String) session.getAttribute(Controller.SESKEY_SELECTED_ATTRIBUTES); ! %> !

! ! ! ! ! ! ! ! ! ! !

! ! ! ! ! ! ! ! ! <% ! int i = 0; ! for(int j = 0; j < attrIds.size(); j++) { ! for(int k = 0; k < mandatoryAttrIds.length; k++) { ! if (!attrNames.get(j).equals(mandatoryAttrIds[k])) ! continue; ! ! String attrId = attrIds.get(j); ! String attrValue = attrValues.get(j); ! %> ! " > ! ! ! ! <% ! break; ! } ! } ! %> ! ! ! ! ! <% ! i = 0; ! for(int j = 0; j < attrIds.size(); j++){ ! boolean mandatoryFlag = false; ! for(int k = 0; k < mandatoryAttrIds.length; k++){ ! if(attrNames.get(j).equals(mandatoryAttrIds[k])) { ! mandatoryFlag = true; ! break; ! } ! } ! ! if (mandatoryFlag == false) { ! String attrId = attrIds.get(j); ! String attrValue = attrValues.get(j); ! ! if (AttributeList.isBlackListed(drawed.get(j))) { ! %> ! ! <% ! } else { ! %> ! ! " > ! ! ! <% ! } ! } ! } ! %> !

電子IDカード
サービスを利用するための必須情報
", ";"))%>"><%=attrId%> !	<%= attrValue.replace("$", " ") %> !
! サービスを利用するためのオプション情報 ! （送信してもよい情報にチェックして下さい） !
", ";"))%>" <%if (Attribute.compareAttributeRelease(selectedAttrs, drawed.get(j))) out.print("checked");%>> ! <%=attrId%>	<%= attrValue.replace("$", " ") %>

! ! ! ! ! <% ! out.println("" + (String) rb.getString( "txt_cross_boxes" ) + "

" ); ! %> ! ! ! !

!
! <%= rb.getString( "txt_comment" ) %> ! ! <% ! ! ! %> ! ! ! <%@ include file="footer.jsp" %> !