diff options
author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2014-09-11 07:51:25 +0200 |
---|---|---|
committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2014-09-11 07:51:25 +0200 |
commit | 7008b0cb31761563c268ebcb53b13e32333fd931 (patch) | |
tree | edfed3216f91a63e184abba505b34489d113e8e2 /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java | |
parent | a860c3d448cc136e8733d0827a0e46b72cd431e7 (diff) | |
download | moa-id-spss-7008b0cb31761563c268ebcb53b13e32333fd931.tar.gz moa-id-spss-7008b0cb31761563c268ebcb53b13e32333fd931.tar.bz2 moa-id-spss-7008b0cb31761563c268ebcb53b13e32333fd931.zip |
add exact timeout validation for SSO sessions
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java')
-rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java | 16 |
1 files changed, 14 insertions, 2 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java index ca3117a79..ff294dc3d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java @@ -31,6 +31,7 @@ import java.io.InputStreamReader; import java.io.Reader; import java.io.StringWriter; import java.net.URI; +import java.util.Date; import java.util.List; import javax.servlet.http.Cookie; @@ -132,7 +133,7 @@ public class SSOManager { } - public boolean isValidSSOSession(String ssoSessionID, IRequest protocolRequest) { + public boolean isValidSSOSession(String ssoSessionID, IRequest protocolRequest) throws ConfigurationException { // search SSO Session if (ssoSessionID == null) { @@ -144,8 +145,19 @@ public class SSOManager { if (storedSession == null) return false; - + else { + + //check if session is out of lifetime + Date now = new Date(); + long maxSSOSessionTime = AuthConfigurationProvider.getInstance().getTimeOuts().getMOASessionCreated().longValue() * 1000; + Date ssoSessionValidTo = new Date(storedSession.getCreated().getTime() + maxSSOSessionTime); + if (now.after(ssoSessionValidTo)) { + Logger.info("Found outdated SSO session information. Start reauthentication process ... "); + return false; + } + + //check if request starts an interfederated SSO session if (protocolRequest != null && protocolRequest instanceof RequestImpl && storedSession.isInterfederatedSSOSession() && |