implement configuration tool single logout

author: Thomas Lenz <tlenz@iaik.tugraz.at> 2014-06-03 17:10:11 +0200
committer: Thomas Lenz <tlenz@iaik.tugraz.at> 2014-06-03 17:10:11 +0200
commit: 78c78fc0045580d3456fcb9563209223cf425eb6 (patch)
tree: 740c5808173030046856879571ec721c241d72da /id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java
parent: cc20e4171331f78a1bb188f2b885c9754da58a28 (diff)
download: moa-id-spss-78c78fc0045580d3456fcb9563209223cf425eb6.tar.gz
moa-id-spss-78c78fc0045580d3456fcb9563209223cf425eb6.tar.bz2
moa-id-spss-78c78fc0045580d3456fcb9563209223cf425eb6.zip
1 files changed, 44 insertions, 51 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java
index e019b70bb..980bb1e59 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java
@@ -85,6 +85,8 @@ import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
 import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
 import at.gv.egovernment.moa.id.configuration.Constants;
 import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
+import at.gv.egovernment.moa.id.configuration.auth.AuthenticationManager;
+import at.gv.egovernment.moa.id.configuration.auth.pvp2.PVP2Utils;
 import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider;
 import at.gv.egovernment.moa.id.configuration.data.UserDatabaseFrom;
 import at.gv.egovernment.moa.id.configuration.exception.BasicActionException;
@@ -216,8 +218,14 @@ public class IndexAction extends BasicAction {
 			AuthenticatedUser authuser = new AuthenticatedUser(dbuser, 
 					true, 
 					ismandateuser,
-					false);
+					false,
+					dbuser.getHjid()+"dbID",
+					"username/password");
 			
+			//store user as authenticated user
+			AuthenticationManager authManager = AuthenticationManager.getInstance();
+			authManager.setActiveUser(authUser);
+
 			Date date = DateTimeHelper.parseDateTime(dbuser.getLastLogin());
 			if (date != null)
 				authuser.setLastLogin(date);;
@@ -308,31 +316,10 @@ public class IndexAction extends BasicAction {
 					addActionError(LanguageHelper.getErrorString("error.login", request));
 					return Constants.STRUTS_ERROR;
 				}
-				
-				//Validate Signature
-				SAMLSignatureProfileValidator profileValidator = new SAMLSignatureProfileValidator();
-				profileValidator.validate(sign);
-				
-				//Verify Signature
-				List<KeyInfoProvider> keyInfoProvider = new ArrayList<KeyInfoProvider>();
-				keyInfoProvider.add(new DSAKeyValueProvider());
-				keyInfoProvider.add(new RSAKeyValueProvider());
-				keyInfoProvider.add(new InlineX509DataProvider());
 
-				KeyInfoCredentialResolver keyInfoResolver = new BasicProviderKeyInfoCredentialResolver(
-						keyInfoProvider);
-				
-				MetadataCredentialResolverFactory credentialResolverFactory = MetadataCredentialResolverFactory.getFactory();    
-				MetadataCredentialResolver credentialResolver = credentialResolverFactory.getInstance(configuration.getMetaDataProvier());  
-				  
-				CriteriaSet criteriaSet = new CriteriaSet();  
-				criteriaSet.add(new MetadataCriteria(IDPSSODescriptor.DEFAULT_ELEMENT_NAME, SAMLConstants.SAML20P_NS));  
-				criteriaSet.add(new EntityIDCriteria(configuration.getPVP2IDPMetadataEntityName()));
-				criteriaSet.add(new UsageCriteria(UsageType.SIGNING));
-				  				
-				ExplicitKeySignatureTrustEngine trustEngine = new ExplicitKeySignatureTrustEngine(credentialResolver, keyInfoResolver);
-				trustEngine.validate(sign, criteriaSet);
-				
+				//validate signature
+				PVP2Utils.validateSignature(samlResponse, configuration);
+
 				log.info("PVP2 Assertion is valid");
 				
 				if (samlResponse.getStatus().getStatusCode().getValue().equals(StatusCode.SUCCESS_URI)) {
@@ -444,7 +431,14 @@ public class IndexAction extends BasicAction {
 								}
 							}
 							
-							authUser = AuthenticatedUser.generateUserRequestUser(user);
+							//create AuthUser data element
+							authUser = AuthenticatedUser.generateUserRequestUser(user,
+									nameID.getValue(), 
+									nameID.getFormat());
+							
+							//store user as authenticated user
+							AuthenticationManager authManager = AuthenticationManager.getInstance();
+							authManager.setActiveUser(authUser);
 							
 							//set Random value
 							formID = Random.nextRandom();
@@ -468,7 +462,14 @@ public class IndexAction extends BasicAction {
 									authUser = new AuthenticatedUser(dbuser, 
 											false, 
 											dbuser.isIsMandateUser(),
-											true);
+											true,
+											nameID.getValue(),
+											nameID.getFormat());
+									
+									//store user as authenticated user
+									AuthenticationManager authManager = AuthenticationManager.getInstance();
+									authManager.setActiveUser(authUser);
+									
 									session.setAttribute(Constants.SESSION_FORM, user);
 									session.setAttribute(Constants.SESSION_AUTH, authUser);
 									
@@ -488,7 +489,13 @@ public class IndexAction extends BasicAction {
 							
 							authUser = new AuthenticatedUser(dbuser, true,
 									ismandateuser,
-									true);
+									true,
+									nameID.getValue(),
+									nameID.getFormat());
+							
+							//store user as authenticated user
+							AuthenticationManager authManager = AuthenticationManager.getInstance();
+							authManager.setActiveUser(authUser);
 							
 							Date date = DateTimeHelper.parseDateTime(dbuser.getLastLogin());
 							if (date != null)
@@ -507,7 +514,7 @@ public class IndexAction extends BasicAction {
 							finally {
 								ConfigurationDBUtils.closeSession();
 							}
-							
+														
 							HttpSession newsession = generateNewJSession(request);
 							newsession.setAttribute(Constants.SESSION_AUTH, authUser);
 							return Constants.STRUTS_SUCCESS;
@@ -785,33 +792,19 @@ public class IndexAction extends BasicAction {
 	}
 	
 	public String logout() {
-
-		try {
-			populateBasicInformations();
+		HttpSession session = request.getSession(false);
+		
+		if (session != null) {
+			if (MiscUtil.isNotEmpty((String)session.getAttribute(Constants.SESSION_SLOSUCCESS)))
+				addActionMessage((String)session.getAttribute(Constants.SESSION_SLOSUCCESS));
 			
-		} catch (BasicActionException e) {
-			return Constants.STRUTS_ERROR;
+			if (MiscUtil.isNotEmpty((String)session.getAttribute(Constants.SESSION_SLOERROR)))
+				addActionError((String)session.getAttribute(Constants.SESSION_SLOERROR));
 			
-		}
-		
-		if (session != null)
 			session.invalidate();
-		
-		try {
-			ConfigurationProvider config = ConfigurationProvider.getInstance();
-			String ssologout = config.getSSOLogOutURL();
 			
-			if (MiscUtil.isNotEmpty(ssologout) && authUser != null && authUser.isPVP2Login()) {
-				ssologouturl = ssologout + config.getPublicUrlPreFix(request) + "/index.action";
-				return Constants.STRUTS_SSOLOGOUT;
+		} 
 				
-			}
-			
-		} catch (ConfigurationException e) {
-			log.warn("Configuration can not be loaded.", e);
-			
-		}
-		
 		return Constants.STRUTS_SUCCESS;
 	}
author	Thomas Lenz <tlenz@iaik.tugraz.at>	2014-06-03 17:10:11 +0200
committer	Thomas Lenz <tlenz@iaik.tugraz.at>	2014-06-03 17:10:11 +0200
commit	78c78fc0045580d3456fcb9563209223cf425eb6 (patch)
tree	740c5808173030046856879571ec721c241d72da /id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java
parent	cc20e4171331f78a1bb188f2b885c9754da58a28 (diff)
download	moa-id-spss-78c78fc0045580d3456fcb9563209223cf425eb6.tar.gz moa-id-spss-78c78fc0045580d3456fcb9563209223cf425eb6.tar.bz2 moa-id-spss-78c78fc0045580d3456fcb9563209223cf425eb6.zip