aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2016-03-22 14:43:22 +0100
committerThomas Lenz <tlenz@iaik.tugraz.at>2016-03-22 14:43:22 +0100
commitb29150526d95af2f1c30f4543c88d35c2965dfe6 (patch)
treed4b36d3fc6c7683b8646c9414ed2f11697047b51 /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls
parent99e249a0f292bda3def5e5fbb4cc641c6dbbe26f (diff)
downloadmoa-id-spss-b29150526d95af2f1c30f4543c88d35c2965dfe6.tar.gz
moa-id-spss-b29150526d95af2f1c30f4543c88d35c2965dfe6.tar.bz2
moa-id-spss-b29150526d95af2f1c30f4543c88d35c2965dfe6.zip
add revisionslog info's to eIDAS and SLO methods
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java56
1 files changed, 38 insertions, 18 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
index 1e064f24f..a1f2c6558 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
@@ -443,6 +443,8 @@ public class AuthenticationManager extends MOAIDAuthConstants {
HttpServletResponse httpResp, AuthenticationSession session, PVPTargetConfiguration pvpReq, String authURL) throws MOAIDException {
String pvpSLOIssuer = null;
String inboundRelayState = null;
+ String uniqueSessionIdentifier = "notSet";
+ String uniqueTransactionIdentifier = "notSet";
Logger.debug("Start technical Single LogOut process ... ");
@@ -451,14 +453,33 @@ public class AuthenticationManager extends MOAIDAuthConstants {
LogoutRequest logOutReq = (LogoutRequest) samlReq.getSamlRequest();
pvpSLOIssuer = logOutReq.getIssuer().getValue();
inboundRelayState = samlReq.getRelayState();
+ uniqueSessionIdentifier = pvpReq.getUniqueSessionIdentifier();
+ uniqueTransactionIdentifier = pvpReq.getUniqueTransactionIdentifier();
+ } else {
+ AuthenticationSessionExtensions sessionExt;
+ try {
+ sessionExt = authenticatedSessionStore.getAuthenticationSessionExtensions(session.getSessionID());
+ if (sessionExt != null)
+ uniqueSessionIdentifier = sessionExt.getUniqueSessionId();
+
+ } catch (MOADatabaseException e) {
+ Logger.error("Error during database communication. Can not evaluate 'uniqueSessionIdentifier'", e);
+
+ }
+ uniqueTransactionIdentifier = Random.nextLongRandom();
+ revisionsLogger.logEvent(uniqueSessionIdentifier, uniqueTransactionIdentifier, MOAIDEventConstants.AUTHPROCESS_IDP_SLO_REQUESTED);
+
}
//store active OAs to SLOContaine
List<OASessionStore> dbOAs = authenticatedSessionStore.getAllActiveOAFromMOASession(session);
List<InterfederationSessionStore> dbIDPs = authenticatedSessionStore.getAllActiveIDPsFromMOASession(session);
- SLOInformationContainer sloContainer = new SLOInformationContainer();
- sloContainer.setSloRequest(pvpReq);
+ SLOInformationContainer sloContainer = new SLOInformationContainer();
+ sloContainer.setTransactionID(uniqueTransactionIdentifier);
+ sloContainer.setSessionID(uniqueSessionIdentifier);
+ sloContainer.setSloRequest(pvpReq);
+
sloBuilder.parseActiveIDPs(sloContainer, dbIDPs, pvpSLOIssuer);
sloBuilder.parseActiveOAs(sloContainer, dbOAs, pvpSLOIssuer);
@@ -468,19 +489,10 @@ public class AuthenticationManager extends MOAIDAuthConstants {
+ " NO_SLO_Support:" + sloContainer.getSloFailedOAs().size());
//terminate MOASession
- try {
- String uniqueSessionIdentifier = "notSet";
- AuthenticationSessionExtensions sessionExt =
- authenticatedSessionStore.getAuthenticationSessionExtensions(session.getSessionID());
- if (sessionExt != null)
- uniqueSessionIdentifier = sessionExt.getUniqueSessionId();
-
+ try {
authenticatedSessionStore.destroySession(session.getSessionID());
ssoManager.deleteSSOSessionID(httpReq, httpResp);
- if (pvpReq != null)
- revisionsLogger.logEvent(MOAIDEventConstants.SESSION_DESTROYED, pvpReq.getUniqueSessionIdentifier());
- else
- revisionsLogger.logEvent(MOAIDEventConstants.SESSION_DESTROYED, uniqueSessionIdentifier);
+ revisionsLogger.logEvent(MOAIDEventConstants.SESSION_DESTROYED, uniqueSessionIdentifier);
Logger.debug("Active SSO Session on IDP is remove.");
@@ -490,8 +502,9 @@ public class AuthenticationManager extends MOAIDAuthConstants {
}
- Logger.trace("Starting Service-Provider logout process ... ");
- //start service provider back channel logout process
+ Logger.trace("Starting Service-Provider logout process ... ");
+ revisionsLogger.logEvent(uniqueSessionIdentifier, uniqueTransactionIdentifier, MOAIDEventConstants.AUTHPROCESS_SLO_STARTED);
+ //start service provider back channel logout process
Iterator<String> nextOAInterator = sloContainer.getNextBackChannelOA();
while (nextOAInterator.hasNext()) {
SLOInformationImpl sloDescr = sloContainer.getBackChannelOASessionDescripten(nextOAInterator.next());
@@ -592,13 +605,17 @@ public class AuthenticationManager extends MOAIDAuthConstants {
null);
if (sloContainer.getSloFailedOAs() == null ||
- sloContainer.getSloFailedOAs().size() == 0)
+ sloContainer.getSloFailedOAs().size() == 0) {
+ revisionsLogger.logEvent(uniqueSessionIdentifier, uniqueTransactionIdentifier, MOAIDEventConstants.AUTHPROCESS_SLO_ALL_VALID);
config.putCustomParameter("successMsg",
MOAIDMessageProvider.getInstance().getMessage("slo.00", null));
- else
+
+ } else {
+ revisionsLogger.logEvent(uniqueSessionIdentifier, uniqueTransactionIdentifier, MOAIDEventConstants.AUTHPROCESS_SLO_NOT_ALL_VALID);
config.putCustomParameter("errorMsg",
MOAIDMessageProvider.getInstance().getMessage("slo.01", null));
-
+
+ }
guiBuilder.build(httpResp, config, "Single-LogOut GUI");
}
@@ -615,6 +632,8 @@ public class AuthenticationManager extends MOAIDAuthConstants {
SingleLogoutService sloService = sloBuilder.getResponseSLODescriptor(pvpReq);
LogoutResponse message = sloBuilder.buildSLOErrorResponse(sloService, pvpReq, StatusCode.RESPONDER_URI);
sloBuilder.sendFrontChannelSLOMessage(sloService, message, httpReq, httpResp, inboundRelayState);
+
+ revisionsLogger.logEvent(uniqueSessionIdentifier, uniqueTransactionIdentifier, MOAIDEventConstants.AUTHPROCESS_SLO_NOT_ALL_VALID);
}else {
//print SLO information directly
@@ -623,6 +642,7 @@ public class AuthenticationManager extends MOAIDAuthConstants {
DefaultGUIFormBuilderConfiguration.VIEW_SINGLELOGOUT,
null);
+ revisionsLogger.logEvent(uniqueSessionIdentifier, uniqueTransactionIdentifier, MOAIDEventConstants.AUTHPROCESS_SLO_NOT_ALL_VALID);
config.putCustomParameter("errorMsg",
MOAIDMessageProvider.getInstance().getMessage("slo.01", null));