diff options
author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2014-03-07 11:45:58 +0100 |
---|---|---|
committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2014-03-07 11:45:58 +0100 |
commit | 8d0c3d8aa27084b4c1e195cf06601d0d920d176f (patch) | |
tree | c7eaf07e5edfe5c56eac5c7216094c0d7f06400f | |
parent | fc15ed904e615e7768c4081940482c5377a6d6a3 (diff) | |
download | moa-id-spss-8d0c3d8aa27084b4c1e195cf06601d0d920d176f.tar.gz moa-id-spss-8d0c3d8aa27084b4c1e195cf06601d0d920d176f.tar.bz2 moa-id-spss-8d0c3d8aa27084b4c1e195cf06601d0d920d176f.zip |
if an error occurs remove MOASession
4 files changed, 18 insertions, 7 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java index d58b7b267..31c6f43c5 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java @@ -157,6 +157,10 @@ public class DispatcherServlet extends AuthServlet{ StatisticLogger logger = StatisticLogger.getInstance(); logger.logErrorOperation(throwable, errorRequest); + //remove MOASession + AuthenticationSession moaSession = AuthenticationSessionStoreage.getSessionWithPendingRequestID(pendingRequestID); + AuthenticationManager.getInstance().logout(req, resp, moaSession.getSessionID()); + return; } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java index 804688de5..1d85f29bf 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java @@ -278,23 +278,23 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants { StatusMessage statusMessage = SAML2Utils.createSAMLObject(StatusMessage.class); if(e instanceof NoPassivAuthenticationException) { statusCode.setValue(StatusCode.NO_PASSIVE_URI); - statusMessage.setMessage(e.getLocalizedMessage()); + statusMessage.setMessage(StringEscapeUtils.escapeXml(e.getLocalizedMessage())); } else if (e instanceof NameIDFormatNotSupportedException) { statusCode.setValue(StatusCode.INVALID_NAMEID_POLICY_URI); - statusMessage.setMessage(e.getLocalizedMessage()); + statusMessage.setMessage(StringEscapeUtils.escapeXml(e.getLocalizedMessage())); } else if(e instanceof PVP2Exception) { PVP2Exception ex = (PVP2Exception) e; statusCode.setValue(ex.getStatusCodeValue()); String statusMessageValue = ex.getStatusMessageValue(); if(statusMessageValue != null) { - statusMessage.setMessage(statusMessageValue); + statusMessage.setMessage(StringEscapeUtils.escapeXml(statusMessageValue)); } } else { statusCode.setValue(StatusCode.RESPONDER_URI); - statusMessage.setMessage(e.getLocalizedMessage()); + statusMessage.setMessage(StringEscapeUtils.escapeXml(e.getLocalizedMessage())); } status.setStatusCode(statusCode); @@ -302,7 +302,9 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants { status.setStatusMessage(statusMessage); } samlResponse.setStatus(status); - + String remoteSessionID = SAML2Utils.getSecureIdentifier(); + samlResponse.setID(remoteSessionID); + IEncoder encoder = null; if(pvpRequest.getBinding().equals(SAMLConstants.SAML2_REDIRECT_BINDING_URI)) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java index 7f5e2420e..51f3cf4a7 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java @@ -324,7 +324,7 @@ public class PVP2AssertionBuilder implements PVPConstants { } else if (NameID.TRANSIENT.equals(el.getFormat()) || NameID.UNSPECIFIED.equals(el.getFormat())) break; - + } } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java index 229158778..4d143058b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java @@ -102,6 +102,10 @@ public class AuthnRequestHandler implements IRequestHandler, PVPConstants { authResponse.setIssuer(nissuer); authResponse.setInResponseTo(authnRequest.getID()); + //set responseID + String remoteSessionID = SAML2Utils.getSecureIdentifier(); + authResponse.setID(remoteSessionID); + //SAML2 response required IssueInstant authResponse.setIssueInstant(date); @@ -150,7 +154,8 @@ public class AuthnRequestHandler implements IRequestHandler, PVPConstants { } - if (encryptionCredentials != null) { + //TODO: insert!!!!!! + if (encryptionCredentials != null && false) { //encrypt SAML2 assertion try { |