diff options
author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2013-06-13 13:19:38 +0200 |
---|---|---|
committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2013-06-13 13:19:38 +0200 |
commit | bba86def6a69726671838ebdacb918d3ede5de16 (patch) | |
tree | 719f555d6a32a1e4a99c5603c134fb77119b733e /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java | |
parent | f9e919720beb463aad4483f1779be12d990f6951 (diff) | |
download | moa-id-spss-bba86def6a69726671838ebdacb918d3ede5de16.tar.gz moa-id-spss-bba86def6a69726671838ebdacb918d3ede5de16.tar.bz2 moa-id-spss-bba86def6a69726671838ebdacb918d3ede5de16.zip |
+ cleanup MOAIDSession class
+ update authentication process to use new MOAIDSession class
+ move MOAIDSession to Hibernate Database
+ activate Mandates for SAML1
!!Stork authentication not tested!!
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java')
-rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java | 41 |
1 files changed, 24 insertions, 17 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java index 04fbc0588..a74635232 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java @@ -50,6 +50,7 @@ import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.config.ConnectionParameter; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.moduls.ModulUtils; import at.gv.egovernment.moa.id.util.ParamValidatorUtils; import at.gv.egovernment.moa.id.util.SSLUtils; import at.gv.egovernment.moa.id.util.client.mis.simple.MISMandate; @@ -164,7 +165,7 @@ public class GetMISSessionIDServlet extends AuthServlet { // verify mandate signature
- AuthenticationServer.getInstance().verifyMandate(sessionID, mandate);
+ AuthenticationServer.getInstance().verifyMandate(session, mandate);
byte[] byteMandate = mandate.getMandate(); String stringMandate = new String(byteMandate); @@ -176,26 +177,32 @@ public class GetMISSessionIDServlet extends AuthServlet { String redirectURL = null; String samlArtifactBase64 = - AuthenticationServer.getInstance().verifyAuthenticationBlockMandate(sessionID, mandateDoc); + AuthenticationServer.getInstance().verifyAuthenticationBlockMandate(session, mandateDoc); if (!samlArtifactBase64.equals("Redirect to Input Processor")) { - redirectURL = session.getOAURLRequested(); - if (!session.getBusinessService()) { - redirectURL = addURLParameter(redirectURL, PARAM_TARGET, URLEncoder.encode(session.getTarget(), "UTF-8")); - } - redirectURL = addURLParameter(redirectURL, PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64, "UTF-8")); - redirectURL = resp.encodeRedirectURL(redirectURL); - } else { - redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(), AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, session.getSessionID()); - } - resp.setContentType("text/html"); - resp.setStatus(302); +// redirectURL = session.getOAURLRequested(); +// +// if (!session.getBusinessService()) { +// redirectURL = addURLParameter(redirectURL, PARAM_TARGET, URLEncoder.encode(session.getTarget(), "UTF-8")); +// } +// +// redirectURL = addURLParameter(redirectURL, PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64, "UTF-8")); +// redirectURL = resp.encodeRedirectURL(redirectURL); + + redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(), + ModulUtils.buildAuthURL(session.getModul(), session.getAction()), samlArtifactBase64); - resp.addHeader("Location", redirectURL); - Logger.debug("REDIRECT TO: " + redirectURL); -
-
+ } else { + redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(), AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, session.getSessionID()); + + } + resp.setContentType("text/html"); + resp.setStatus(302); + + resp.addHeader("Location", redirectURL); + Logger.debug("REDIRECT TO: " + redirectURL); +
}
catch (MOAIDException ex) {
handleError(null, ex, req, resp);
|