diff options
| author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2013-07-24 17:13:31 +0200 |
|---|---|---|
| committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2013-07-24 17:13:31 +0200 |
| commit | cfb70f755c45a2cad582e8030b1542add9949efb (patch) | |
| tree | 039123854ab630f81dd2387d0f7636056e9e304a /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java | |
| parent | 71da4a9bc7e2ff79b2fb4cf8903d15fd75372859 (diff) | |
| download | moa-id-spss-cfb70f755c45a2cad582e8030b1542add9949efb.tar.gz moa-id-spss-cfb70f755c45a2cad582e8030b1542add9949efb.tar.bz2 moa-id-spss-cfb70f755c45a2cad582e8030b1542add9949efb.zip | |
- SSO finalized
- SSO Session is not closed if a new single authentication operation is started
- PVP2 Configuration from Database (but without Metadata) --> TODO: change MetaDataProvider
- Add additional UserFrame in case of SSO
- MOASession encryption
TODO: MetaDataProvider, IdentityLink resign, SSO with Mandates, Legacy Template generation
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java')
| -rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java | 24 |
1 files changed, 10 insertions, 14 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java index 84817ba7a..82273da83 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java @@ -61,10 +61,15 @@ public class SSOManager { String moaSessionId =HTTPSessionUtils.getHTTPSessionString(httpReq.getSession(), AuthenticationManager.MOA_SESSION, null); + return AuthenticationSessionStoreage.isValidSessionWithSSOID(ssoSessionID, moaSessionId); } + public String getMOASession(String ssoSessionID) { + return AuthenticationSessionStoreage.getMOASessionID(ssoSessionID); + } + public String existsOldSSOSession(String ssoId) { Logger.trace("Check that the SSOID has already been used"); @@ -136,23 +141,14 @@ public class SSOManager { Cookie[] cookies = httpReq.getCookies(); if (cookies != null) { - for (Cookie cookie : cookies) { - if (cookie.getName().equals(SSOCOOKIE)) { - cookie.setValue(ssoId); - cookie.setMaxAge(sso_timeout); - cookie.setSecure(true); - httpResp.addCookie(cookie); - return; - } - } - + deleteSSOSessionID(httpReq, httpResp); } + Cookie cookie = new Cookie(SSOCOOKIE, ssoId); cookie.setMaxAge(sso_timeout); cookie.setSecure(true); - httpResp.addCookie(cookie); - return; - + cookie.setPath(httpReq.getContextPath()); + httpResp.addCookie(cookie); } @@ -165,7 +161,7 @@ public class SSOManager { //TODO: funktioniert nicht, da Cookie seltsamerweise immer unsecure übertragen wird (firefox) //if (cookie.getName().equals(SSOCOOKIE) && cookie.getSecure()) { - + if (cookie.getName().equals(SSOCOOKIE)) { return cookie.getValue(); } |