aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBojan Suzic <bojan.suzic@iaik.tugraz.at>2014-06-12 14:12:55 +0200
committerBojan Suzic <bojan.suzic@iaik.tugraz.at>2014-06-12 14:12:55 +0200
commit1a7c5fa9e31919215731e1c9e7c2e5f6feeca290 (patch)
tree82a69eb420a722856d3724886a82e56ac26976cf
parent67946391a3b22689ad667d55720f8f105381c735 (diff)
parent7cc4df3996d4725e4390dc5282a7200260d9dfe2 (diff)
downloadmoa-id-spss-1a7c5fa9e31919215731e1c9e7c2e5f6feeca290.tar.gz
moa-id-spss-1a7c5fa9e31919215731e1c9e7c2e5f6feeca290.tar.bz2
moa-id-spss-1a7c5fa9e31919215731e1c9e7c2e5f6feeca290.zip
Merge branch 'moa-2.1-Snapshot' of gitlab.iaik.tugraz.at:afitzek/moa-idspss into moa-2.1-Snapshot
Diffstat
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java1
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java22
-rw-r--r--id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/AuthenticatedSessionStore.java8
3 files changed, 21 insertions, 10 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index 4709f8c68..e7abf0f9a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -1877,6 +1877,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
Template template = velocityEngine.getTemplate("/resources/templates/saml2-post-binding-moa.vm");
VelocityContext context = new VelocityContext();
context.put("SAMLRequest", PEPSUtil.encodeSAMLToken(authnRequest.getTokenSaml()));
+ context.put("RelayState", moasession.getSessionID());
context.put("action", destination);
StringWriter writer = new StringWriter();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
index 024944c72..25749c8bc 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
@@ -114,18 +114,28 @@ public class PEPSConnectorServlet extends AuthServlet {
//check if https or only http
super.checkIfHTTPisAllowed(request.getRequestURL().toString());
- Logger.debug("Trying to find MOA Session-ID");
+ Logger.debug("Trying to find MOA Session-ID ...");
String moaSessionID = request.getParameter(PARAM_SESSIONID);
// escape parameter strings
moaSessionID= StringEscapeUtils.escapeHtml(moaSessionID);
if (StringUtils.isEmpty(moaSessionID)) {
- //No authentication session has been started before
- Logger.error("MOA-SessionID was not found, no previous AuthnRequest had been started");
- Logger.debug("PEPSConnectorURL was: " + request.getRequestURL());
- throw new AuthenticationException("auth.02", new Object[] { moaSessionID });
- }
+ //check if SAML2 relaystate includes a MOA sessionID
+ moaSessionID = request.getParameter("RelayState");
+ moaSessionID= StringEscapeUtils.escapeHtml(moaSessionID);
+
+ if (StringUtils.isEmpty(moaSessionID)) {
+ //No authentication session has been started before
+ Logger.error("MOA-SessionID was not found, no previous AuthnRequest had been started");
+ Logger.debug("PEPSConnectorURL was: " + request.getRequestURL());
+ throw new AuthenticationException("auth.02", new Object[] { moaSessionID });
+
+ } else
+ Logger.trace("MOA SessionID " + moaSessionID + " is found in SAML2 relayState.");
+
+ } else
+ Logger.trace("MOA SessionID " + moaSessionID + " is found in http GET parameter.");
if (!ParamValidatorUtils.isValidSessionID(moaSessionID))
throw new WrongParametersException("VerifyAuthenticationBlock", PARAM_SESSIONID, "auth.12");
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/AuthenticatedSessionStore.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/AuthenticatedSessionStore.java
index 8bad43431..182995786 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/AuthenticatedSessionStore.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/AuthenticatedSessionStore.java
@@ -78,8 +78,8 @@ public class AuthenticatedSessionStore implements Serializable{
@Column(name = "SSOsessionid")
private String SSOsessionid;
- @Column(name = "session", nullable=false)
- @Lob private byte [] session;
+ @Column(name = "authSession", nullable=false)
+ @Lob private byte [] authSession;
@Column(name = "iv", nullable=true)
@Lob private byte [] iv;
@@ -148,11 +148,11 @@ public class AuthenticatedSessionStore implements Serializable{
}
public byte[] getSession() {
- return session;
+ return authSession;
}
public void setSession(byte[] session) {
- this.session = session;
+ this.authSession = session;
}
public boolean isAuthenticated() {
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-07 12:20:30 +0000