some more stuff

author: Thomas Lenz <tlenz@iaik.tugraz.at> 2018-06-14 13:55:39 +0200
committer: Thomas Lenz <tlenz@iaik.tugraz.at> 2018-06-14 13:55:39 +0200
commit: 3b26a365d832d4b0664777d2c348606247022564 (patch)
tree: ce9d87c9144d75afad3be5fe4af503f7c4d78b4f /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth
parent: 2a073c6727d704271e17d9b682be28410f23aae7 (diff)
download: moa-id-spss-3b26a365d832d4b0664777d2c348606247022564.tar.gz
moa-id-spss-3b26a365d832d4b0664777d2c348606247022564.tar.bz2
moa-id-spss-3b26a365d832d4b0664777d2c348606247022564.zip
6 files changed, 62 insertions, 137 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
index efe28c900..738f733a8 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
@@ -36,11 +36,6 @@ import java.util.List;
 import javax.naming.ldap.LdapName;
 import javax.naming.ldap.Rdn;
 
-import org.opensaml.saml2.core.Attribute;
-import org.opensaml.saml2.core.AttributeQuery;
-import org.opensaml.saml2.core.Response;
-import org.opensaml.ws.soap.common.SOAPException;
-import org.opensaml.xml.XMLObject;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 import org.w3c.dom.DOMException;
@@ -49,10 +44,12 @@ import org.w3c.dom.Node;
 import org.w3c.dom.NodeList;
 
 import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
 import at.gv.egiz.eaaf.core.api.idp.IAuthData;
 import at.gv.egiz.eaaf.core.api.idp.IAuthenticationDataBuilder;
 import at.gv.egiz.eaaf.core.exceptions.EAAFAuthenticationException;
 import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException;
+import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException;
 import at.gv.egiz.eaaf.core.impl.idp.AuthenticationData;
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants;
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
@@ -71,7 +68,6 @@ import at.gv.egovernment.moa.id.commons.api.data.IMISMandate;
 import at.gv.egovernment.moa.id.commons.api.data.IVerifiyXMLSignatureResponse;
 import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
 import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
-import at.gv.egovernment.moa.id.commons.api.exceptions.SessionDataStorageException;
 import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameterDecorator;
 import at.gv.egovernment.moa.id.data.AuthenticationRoleFactory;
@@ -80,17 +76,9 @@ import at.gv.egovernment.moa.id.data.MOAAuthenticationData;
 import at.gv.egovernment.moa.id.data.Pair;
 import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
 import at.gv.egovernment.moa.id.protocols.pvp2x.PVPTargetConfiguration;
-import at.gv.egovernment.moa.id.protocols.pvp2x.builder.AttributQueryBuilder;
-import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AssertionValidationExeption;
-import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AttributQueryException;
-import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider;
-import at.gv.egovernment.moa.id.protocols.pvp2x.utils.AssertionAttributeExtractor;
-import at.gv.egovernment.moa.id.protocols.pvp2x.utils.MOASAMLSOAPClient;
-import at.gv.egovernment.moa.id.protocols.pvp2x.verification.SAMLVerificationEngineSP;
-import at.gv.egovernment.moa.id.protocols.pvp2x.verification.TrustEngineFactory;
 import at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage;
 import at.gv.egovernment.moa.id.util.IdentityLinkReSigner;
-import at.gv.egovernment.moa.id.util.PVPtoSTORKMapper;
+import at.gv.egovernment.moa.id.util.LoALevelMapper;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.Base64Utils;
 import at.gv.egovernment.moa.util.Constants;
@@ -112,9 +100,6 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants implements IAu
 
 	@Autowired private IAuthenticationSessionStoreage authenticatedSessionStorage;
 	@Autowired protected AuthConfiguration authConfig;
-	@Autowired private AttributQueryBuilder attributQueryBuilder;
-	@Autowired private SAMLVerificationEngineSP samlVerificationEngine;
-	@Autowired(required=true) private MOAMetadataProvider metadataProvider;
 	
 	@Override
 	public IAuthData buildAuthenticationData(IRequest pendingReq) throws EAAFAuthenticationException {
@@ -193,82 +178,7 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants implements IAu
 		
 		return authdata;								
 	}
-	
-	/**
-	 * Get PVP authentication attributes by using a SAML2 AttributeQuery
-	 * 
-	 * @param reqQueryAttr List of PVP attributes which are requested
-	 * @param userNameID SAML2 UserNameID of the user for which attributes are requested
-	 * @param idpConfig Configuration of the IDP, which is requested 
-	 * @return 
-	 * @return PVP attribute DAO, which contains all received information
-	 * @throws MOAIDException
-	 */
-	public AssertionAttributeExtractor getAuthDataFromAttributeQuery(List<Attribute> reqQueryAttr,
-			String userNameID, IOAAuthParameters idpConfig, String spEntityID) throws MOAIDException{
-		String idpEnityID = idpConfig.getPublicURLPrefix();
-		
-		try {		
-			Logger.debug("Starting AttributeQuery process ...");
-			//collect attributes by using BackChannel communication
-			String endpoint = idpConfig.getIDPAttributQueryServiceURL();			
-			if (MiscUtil.isEmpty(endpoint)) {
-				Logger.error("No AttributeQueryURL for interfederationIDP " + idpEnityID);
-				throw new ConfigurationException("config.26", new Object[]{idpEnityID});
-				
-			}
-				
-			//build attributQuery request
-			AttributeQuery query = attributQueryBuilder.buildAttributQueryRequest(spEntityID, userNameID, endpoint, reqQueryAttr);
-			
-			//build SOAP request				
-			List<XMLObject> xmlObjects = MOASAMLSOAPClient.send(endpoint, query);
-		
-			if (xmlObjects.size() == 0) {
-				Logger.error("Receive emptry AttributeQuery response-body.");
-				throw new AttributQueryException("auth.27", 
-						new Object[]{idpEnityID, "Receive emptry AttributeQuery response-body."});
-			
-			}
-		
-			Response intfResp;
-			if (xmlObjects.get(0) instanceof Response) {
-				intfResp = (Response) xmlObjects.get(0);
-			
-				//validate PVP 2.1 response
-				try {
-					samlVerificationEngine.verifyIDPResponse(intfResp, 
-							TrustEngineFactory.getSignatureKnownKeysTrustEngine(
-									metadataProvider));
-			
-					//create assertion attribute extractor from AttributeQuery response
-					return new AssertionAttributeExtractor(intfResp);
-		
-				} catch (Exception e) {
-					Logger.warn("PVP 2.1 assertion validation FAILED.", e);
-					throw new AssertionValidationExeption("auth.27", 
-							new Object[]{idpEnityID, e.getMessage()}, e);
-				}
-											
-			} else {
-				Logger.error("Receive AttributeQuery response-body include no PVP 2.1 response");
-				throw new AttributQueryException("auth.27", 
-						new Object[]{idpEnityID, "Receive AttributeQuery response-body include no PVP 2.1 response"});
 			
-			}
-				 										
-		} catch (SOAPException e) {
-			throw new BuildException("builder.06", null, e);
-			
-		} catch (SecurityException e) {
-			throw new BuildException("builder.06", null, e);
-					
-		} catch (org.opensaml.xml.security.SecurityException e1) {
-			throw new BuildException("builder.06", null, e1);
-			
-		}
-	}
-		
 	private void buildAuthDataFormMOASession(MOAAuthenticationData authData, IAuthenticationSession session, 
 			IOAAuthParameters oaParam, IRequest protocolRequest) throws BuildException, ConfigurationException {
 
@@ -372,32 +282,43 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants implements IAu
 			//####################################################
 			//set QAA level
 			includedToGenericAuthData.remove(PVPConstants.EID_CITIZEN_QAA_LEVEL_NAME);
+			String currentLoA = null;
 			if (MiscUtil.isNotEmpty(session.getQAALevel()))
-				authData.setQAALevel(session.getQAALevel());
-			
+				currentLoA = session.getQAALevel();			
 			else {
-				String qaaLevel = session.getGenericDataFromSession(PVPConstants.EID_CITIZEN_QAA_LEVEL_NAME, String.class);
-				if (MiscUtil.isNotEmpty(qaaLevel)) {
-					Logger.debug("Find PVP-Attr '" + PVPConstants.EID_CITIZEN_QAA_LEVEL_FRIENDLY_NAME + "':" + qaaLevel
+				currentLoA = session.getGenericDataFromSession(PVPConstants.EID_CITIZEN_QAA_LEVEL_NAME, String.class);
+				if (MiscUtil.isNotEmpty(currentLoA)) {
+					Logger.debug("Find PVP-Attr '" + PVPConstants.EID_CITIZEN_QAA_LEVEL_FRIENDLY_NAME + "':" + currentLoA
 							+ " --> Parse QAA-Level from that attribute.");
-						
-					if (qaaLevel.startsWith(PVPConstants.STORK_QAA_PREFIX)) {
-						authData.setQAALevel(qaaLevel);
-						
-					} else {
-						Logger.debug("Found PVP QAA level. QAA mapping process starts ... ");				
-						String mappedQAA = PVPtoSTORKMapper.getInstance().mapToQAALevel(qaaLevel);
-						if (MiscUtil.isNotEmpty(mappedQAA))
-							authData.setQAALevel(mappedQAA);
-											
-					}
+					
 				}
 			}
+				
+			if (MiscUtil.isNotEmpty(currentLoA)) {					
+				if (currentLoA.startsWith(PVPConstants.STORK_QAA_PREFIX)) {
+					authData.setQAALevel(currentLoA);
+					authData.seteIDASLoA(LoALevelMapper.getInstance().mapSTORKQAAToeIDASQAA(currentLoA));
+
+				} else if (currentLoA.startsWith(EAAFConstants.EIDAS_QAA_PREFIX)) {
+					authData.setQAALevel(LoALevelMapper.getInstance().mapeIDASQAAToSTORKQAA(currentLoA));
+					authData.seteIDASLoA(currentLoA);
+										
+				} else {
+					Logger.debug("Found PVP QAA level. QAA mapping process starts ... ");				
+					String mappedStorkQAA = LoALevelMapper.getInstance().mapToQAALevel(currentLoA);
+					if (MiscUtil.isNotEmpty(mappedStorkQAA)) {
+						authData.setQAALevel(currentLoA);
+						authData.seteIDASLoA(LoALevelMapper.getInstance().mapSTORKQAAToeIDASQAA(currentLoA));
+						
+					}										
+				}
+			}		
 			
 			//if no QAA level is set in MOASession then set default QAA level  
 			if (MiscUtil.isEmpty(authData.getQAALevel())) {														
-				Logger.info("No QAA level found. Set to default level " + PVPConstants.STORK_QAA_PREFIX + "1");
+				Logger.info("No QAA level found. Set to default level " + EAAFConstants.EIDAS_QAA_LOW);
 				authData.setQAALevel(PVPConstants.STORK_QAA_PREFIX + "1");
+				authData.seteIDASLoA(EAAFConstants.EIDAS_QAA_LOW);
 						
 			}
 	
@@ -810,7 +731,7 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants implements IAu
 				try {
 					authData.setGenericData(elementKey, session.getGenericDataFromSession(elementKey));
 						
-				} catch (SessionDataStorageException e) {
+				} catch (EAAFStorageException e) {
 					Logger.warn("Can not add generic authData with key:" + elementKey, e);
 						
 				}				
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/DynamicOAAuthParameterBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/DynamicOAAuthParameterBuilder.java
index e9e217137..a1d31f5ae 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/DynamicOAAuthParameterBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/DynamicOAAuthParameterBuilder.java
@@ -29,7 +29,6 @@ import org.opensaml.saml2.core.Attribute;
 
 import at.gv.egiz.eaaf.core.api.IRequest;
 import at.gv.egiz.eaaf.core.api.data.PVPAttributeConstants;
-import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException;
 import at.gv.egovernment.moa.id.auth.exception.DynamicOABuildException;
 import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
 import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
@@ -89,16 +88,8 @@ public class DynamicOAAuthParameterBuilder {
 		
 		DynamicOAAuthParameters dynOAParams = new DynamicOAAuthParameters();
 		dynOAParams.setApplicationID(oaParam.getPublicURLPrefix());
-		try {
-			dynOAParams.setHasBaseIdProcessingRestriction(oaParam.hasBaseIdInternalProcessingRestriction());
-			dynOAParams.setHasBaseIdTransfergRestriction(oaParam.hasBaseIdTransferRestriction());
-			
-		} catch (EAAFConfigurationException e) {
-			Logger.warn("Can not resolve baseID restrications! Set to privacy friendly configuration", e);
-			dynOAParams.setHasBaseIdProcessingRestriction(true);
-			dynOAParams.setHasBaseIdTransfergRestriction(true);
-			
-		}
+		dynOAParams.setHasBaseIdProcessingRestriction(oaParam.hasBaseIdInternalProcessingRestriction());
+		dynOAParams.setHasBaseIdTransfergRestriction(oaParam.hasBaseIdTransferRestriction());
 		
 		Object storkRequst = null;
 		try {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
index e0d65e103..10c271b6a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
@@ -186,7 +186,7 @@ public class StartAuthentificationParameterParser extends MOAIDAuthConstants{
 	    			&& MiscUtil.isNotEmpty(templateURLList.get(0)) ) {	    	
 	    		templateURL = FileUtils.makeAbsoluteURL(
 	    				oaParam.getTemplateURL().get(0),
-	    				authConfig.getRootConfigFileDir());
+	    				authConfig.getRootConfigFileDir()); 
 	    		Logger.info("No SL-Template in request, load SL-Template from OA configuration (URL: " + templateURL + ")");
 
 	    	} else if ( (defaulTemplateURLList.size() > 0) && MiscUtil.isNotEmpty(defaulTemplateURLList.get(0))) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java
index 0e9db3964..f9aa1b83c 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java
@@ -36,12 +36,14 @@ import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.idp.auth.IAuthenticationManager;
+import at.gv.egiz.eaaf.core.api.idp.slo.ISLOInformationContainer;
+import at.gv.egiz.eaaf.core.exceptions.EAAFException;
 import at.gv.egiz.eaaf.core.exceptions.GUIBuildException;
-import at.gv.egiz.eaaf.core.impl.idp.auth.AuthenticationManager;
 import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractController;
 import at.gv.egiz.eaaf.core.impl.utils.HTTPUtils;
 import at.gv.egiz.eaaf.core.impl.utils.Random;
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.frontend.builder.DefaultGUIFormBuilderConfiguration;
 import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
 import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
@@ -50,6 +52,7 @@ import at.gv.egovernment.moa.id.commons.utils.MOAIDMessageProvider;
 import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
 import at.gv.egovernment.moa.id.data.SLOInformationContainer;
 import at.gv.egovernment.moa.id.moduls.SSOManager;
+import at.gv.egovernment.moa.id.protocols.pvp2x.PVPTargetConfiguration;
 import at.gv.egovernment.moa.id.protocols.pvp2x.builder.SingleLogOutBuilder;
 import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NOSLOServiceDescriptorException;
 import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NoMetadataInformationException;
@@ -66,7 +69,7 @@ import at.gv.egovernment.moa.util.URLEncoder;
 public class IDPSingleLogOutServlet extends AbstractController {
 	
 	@Autowired SSOManager ssoManager;
-	@Autowired AuthenticationManager authManager;
+	@Autowired IAuthenticationManager authManager;
 	@Autowired IAuthenticationSessionStoreage authenicationStorage;
 	@Autowired SingleLogOutBuilder sloBuilder;
 	
@@ -127,6 +130,9 @@ public class IDPSingleLogOutServlet extends AbstractController {
 			} catch (MOADatabaseException e) {
 				handleErrorNoRedirect(e, req, resp, false);
 				
+			} catch (EAAFException e) {
+				handleErrorNoRedirect(e, req, resp, false);
+				
 			}
 			
 			return;			
@@ -135,10 +141,13 @@ public class IDPSingleLogOutServlet extends AbstractController {
 			try {
 				if (ssoManager.isValidSSOSession(ssoid, null)) {
 				
-					AuthenticationSession authSession = authenicationStorage.getInternalMOASessionWithSSOID(ssoid);
+					String internalSSOId = authenicationStorage.getInternalSSOSessionWithSSOID(ssoid);
 					
-					if(authSession != null) {
-						authManager.performSingleLogOut(req, resp, authSession, authURL);
+					if(MiscUtil.isNotEmpty(internalSSOId)) {
+						ISLOInformationContainer sloInfoContainer = authManager.performSingleLogOut(req, resp, null, internalSSOId);
+						
+						Logger.debug("Starting technical SLO process ... ");
+						sloBuilder.toTechnicalLogout(sloInfoContainer, req, resp, authURL);						
 						return;
 							
 					}
@@ -159,11 +168,12 @@ public class IDPSingleLogOutServlet extends AbstractController {
 							sloContainer.putFailedOA("differntent OAs");
 							
 						String redirectURL = null;
-						if (sloContainer.getSloRequest() != null) {
+						IRequest sloReq = sloContainer.getSloRequest();
+						if (sloReq != null && sloReq instanceof PVPTargetConfiguration) {
 							//send SLO response to SLO request issuer
-							SingleLogoutService sloService = sloBuilder.getResponseSLODescriptor(sloContainer.getSloRequest());
-							LogoutResponse message = sloBuilder.buildSLOResponseMessage(sloService, sloContainer.getSloRequest(), sloContainer.getSloFailedOAs());
-							redirectURL = sloBuilder.getFrontChannelSLOMessageURL(sloService, message, req, resp, sloContainer.getSloRequest().getRequest().getRelayState());
+							SingleLogoutService sloService = sloBuilder.getResponseSLODescriptor((PVPTargetConfiguration)sloContainer.getSloRequest());
+							LogoutResponse message = sloBuilder.buildSLOResponseMessage(sloService, (PVPTargetConfiguration)sloContainer.getSloRequest(), sloContainer.getSloFailedOAs());
+							redirectURL = sloBuilder.getFrontChannelSLOMessageURL(sloService, message, req, resp, ((PVPTargetConfiguration)sloContainer.getSloRequest()).getRequest().getRelayState());
 															
 						} else {
 							//print SLO information directly
@@ -205,6 +215,9 @@ public class IDPSingleLogOutServlet extends AbstractController {
 					} catch (MOAIDException e) {
 						Logger.warn("Build SLO respone FAILED.", e);
 						
+					} catch (EAAFException e) {
+						Logger.warn("Build SLO respone FAILED.", e);
+						
 					}
 					
 					try {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java
index 21d329145..0285dd75b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java
@@ -98,7 +98,7 @@ public class LogOutServlet {
 				
 			}
 			
-			if (ssomanager.destroySSOSessionOnIDPOnly(req, resp))
+			if (ssomanager.destroySSOSessionOnIDPOnly(req, resp, null))
 				Logger.info("User with SSO is logged out and get redirect to "+ redirectUrl);				
 			else
 				Logger.info("No active SSO session found. User is maybe logout already and get redirect to "+ redirectUrl);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/interceptor/UniqueSessionIdentifierInterceptor.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/interceptor/UniqueSessionIdentifierInterceptor.java
index 752f54139..07b5242e0 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/interceptor/UniqueSessionIdentifierInterceptor.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/interceptor/UniqueSessionIdentifierInterceptor.java
@@ -29,9 +29,9 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.servlet.HandlerInterceptor;
 import org.springframework.web.servlet.ModelAndView;
 
+import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
 import at.gv.egiz.eaaf.core.impl.utils.Random;
 import at.gv.egiz.eaaf.core.impl.utils.TransactionIDUtils;
-import at.gv.egovernment.moa.id.commons.MOAIDConstants;
 import at.gv.egovernment.moa.id.moduls.SSOManager;
 import at.gv.egovernment.moa.util.MiscUtil;
 
@@ -56,10 +56,10 @@ public class UniqueSessionIdentifierInterceptor implements HandlerInterceptor {
 		//search for unique session identifier
 		String uniqueSessionIdentifier = ssomanager.getUniqueSessionIdentifier(ssoId);											
 		if (MiscUtil.isEmpty(uniqueSessionIdentifier))
-			uniqueSessionIdentifier = Random.nextRandom();
+			uniqueSessionIdentifier = Random.nextHexRandom16();
 		
 		TransactionIDUtils.setSessionId(uniqueSessionIdentifier);		
-		request.setAttribute(MOAIDConstants.UNIQUESESSIONIDENTIFIER, uniqueSessionIdentifier);
+		request.setAttribute(EAAFConstants.UNIQUESESSIONIDENTIFIER, uniqueSessionIdentifier);
 		
 		return true; 
 	}
author	Thomas Lenz <tlenz@iaik.tugraz.at>	2018-06-14 13:55:39 +0200
committer	Thomas Lenz <tlenz@iaik.tugraz.at>	2018-06-14 13:55:39 +0200
commit	3b26a365d832d4b0664777d2c348606247022564 (patch)
tree	ce9d87c9144d75afad3be5fe4af503f7c4d78b4f /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth
parent	2a073c6727d704271e17d9b682be28410f23aae7 (diff)
download	moa-id-spss-3b26a365d832d4b0664777d2c348606247022564.tar.gz moa-id-spss-3b26a365d832d4b0664777d2c348606247022564.tar.bz2 moa-id-spss-3b26a365d832d4b0664777d2c348606247022564.zip