add revisionslog info's to eIDAS and SLO methods

author: Thomas Lenz <tlenz@iaik.tugraz.at> 2016-03-22 14:43:22 +0100
committer: Thomas Lenz <tlenz@iaik.tugraz.at> 2016-03-22 14:43:22 +0100
commit: b29150526d95af2f1c30f4543c88d35c2965dfe6 (patch)
tree: d4b36d3fc6c7683b8646c9414ed2f11697047b51 /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls
parent: 99e249a0f292bda3def5e5fbb4cc641c6dbbe26f (diff)
download: moa-id-spss-b29150526d95af2f1c30f4543c88d35c2965dfe6.tar.gz
moa-id-spss-b29150526d95af2f1c30f4543c88d35c2965dfe6.tar.bz2
moa-id-spss-b29150526d95af2f1c30f4543c88d35c2965dfe6.zip
1 files changed, 38 insertions, 18 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
index 1e064f24f..a1f2c6558 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
@@ -443,6 +443,8 @@ public class AuthenticationManager extends MOAIDAuthConstants {
 	HttpServletResponse httpResp, AuthenticationSession session, PVPTargetConfiguration pvpReq, String authURL) throws MOAIDException {		
 		String pvpSLOIssuer = null;
 		String inboundRelayState = null;
+		String uniqueSessionIdentifier = "notSet";
+		String uniqueTransactionIdentifier = "notSet";
 		
 		Logger.debug("Start technical Single LogOut process ... ");
 		
@@ -451,14 +453,33 @@ public class AuthenticationManager extends MOAIDAuthConstants {
 			LogoutRequest logOutReq = (LogoutRequest) samlReq.getSamlRequest();
 			pvpSLOIssuer = logOutReq.getIssuer().getValue();
 			inboundRelayState = samlReq.getRelayState();
+			uniqueSessionIdentifier = pvpReq.getUniqueSessionIdentifier();
+			uniqueTransactionIdentifier = pvpReq.getUniqueTransactionIdentifier();
 			
+		} else {			
+			AuthenticationSessionExtensions sessionExt;
+			try {
+				sessionExt = authenticatedSessionStore.getAuthenticationSessionExtensions(session.getSessionID());
+				if (sessionExt != null)
+					uniqueSessionIdentifier = sessionExt.getUniqueSessionId();
+				
+			} catch (MOADatabaseException e) {
+				Logger.error("Error during database communication. Can not evaluate 'uniqueSessionIdentifier'", e);
+				
+			}
+			uniqueTransactionIdentifier = Random.nextLongRandom();
+			revisionsLogger.logEvent(uniqueSessionIdentifier, uniqueTransactionIdentifier, MOAIDEventConstants.AUTHPROCESS_IDP_SLO_REQUESTED);
+						
 		}
 		
 		//store active OAs to SLOContaine
 		List<OASessionStore> dbOAs = authenticatedSessionStore.getAllActiveOAFromMOASession(session);
 		List<InterfederationSessionStore> dbIDPs = authenticatedSessionStore.getAllActiveIDPsFromMOASession(session);
-		SLOInformationContainer sloContainer = new SLOInformationContainer();
-		sloContainer.setSloRequest(pvpReq);		
+		SLOInformationContainer sloContainer = new SLOInformationContainer();		
+		sloContainer.setTransactionID(uniqueTransactionIdentifier);
+		sloContainer.setSessionID(uniqueSessionIdentifier);
+		sloContainer.setSloRequest(pvpReq);
+		
 		sloBuilder.parseActiveIDPs(sloContainer, dbIDPs, pvpSLOIssuer);
 		sloBuilder.parseActiveOAs(sloContainer, dbOAs, pvpSLOIssuer);
 			
@@ -468,19 +489,10 @@ public class AuthenticationManager extends MOAIDAuthConstants {
 				 + " NO_SLO_Support:" + sloContainer.getSloFailedOAs().size());
 		
 		//terminate MOASession
-		try {
-			String uniqueSessionIdentifier = "notSet";
-			AuthenticationSessionExtensions sessionExt = 
-					authenticatedSessionStore.getAuthenticationSessionExtensions(session.getSessionID());
-			if (sessionExt != null)
-				uniqueSessionIdentifier = sessionExt.getUniqueSessionId();
-			
+		try {			
 			authenticatedSessionStore.destroySession(session.getSessionID());
 			ssoManager.deleteSSOSessionID(httpReq, httpResp);
-			if (pvpReq != null)
-				revisionsLogger.logEvent(MOAIDEventConstants.SESSION_DESTROYED, pvpReq.getUniqueSessionIdentifier());			
-			else 
-				revisionsLogger.logEvent(MOAIDEventConstants.SESSION_DESTROYED, uniqueSessionIdentifier);
+			revisionsLogger.logEvent(MOAIDEventConstants.SESSION_DESTROYED, uniqueSessionIdentifier);
 
 			Logger.debug("Active SSO Session on IDP is remove.");
 						
@@ -490,8 +502,9 @@ public class AuthenticationManager extends MOAIDAuthConstants {
 			
 		}
 		
-		Logger.trace("Starting Service-Provider logout process ... ");
-		//start service provider back channel logout process
+		Logger.trace("Starting Service-Provider logout process ... ");		
+		revisionsLogger.logEvent(uniqueSessionIdentifier, uniqueTransactionIdentifier, MOAIDEventConstants.AUTHPROCESS_SLO_STARTED);		
+		//start service provider back channel logout process		
 		Iterator<String> nextOAInterator = sloContainer.getNextBackChannelOA();	
 		while (nextOAInterator.hasNext()) {
 			SLOInformationImpl sloDescr = sloContainer.getBackChannelOASessionDescripten(nextOAInterator.next());
@@ -592,13 +605,17 @@ public class AuthenticationManager extends MOAIDAuthConstants {
 							null);
 					
 			        if (sloContainer.getSloFailedOAs() == null || 
-			        		sloContainer.getSloFailedOAs().size() == 0)
+			        		sloContainer.getSloFailedOAs().size() == 0) {
+			        	revisionsLogger.logEvent(uniqueSessionIdentifier, uniqueTransactionIdentifier, MOAIDEventConstants.AUTHPROCESS_SLO_ALL_VALID);
 			        	config.putCustomParameter("successMsg", 
 			        			MOAIDMessageProvider.getInstance().getMessage("slo.00", null));
-			        else
+			        	
+			        } else {
+			        	revisionsLogger.logEvent(uniqueSessionIdentifier, uniqueTransactionIdentifier, MOAIDEventConstants.AUTHPROCESS_SLO_NOT_ALL_VALID);
 			        	config.putCustomParameter("errorMsg", 
 			        			MOAIDMessageProvider.getInstance().getMessage("slo.01", null));
-			        
+			        	
+			        }
 			        guiBuilder.build(httpResp, config, "Single-LogOut GUI");
 										
 				}
@@ -615,6 +632,8 @@ public class AuthenticationManager extends MOAIDAuthConstants {
 				SingleLogoutService sloService = sloBuilder.getResponseSLODescriptor(pvpReq);
 				LogoutResponse message = sloBuilder.buildSLOErrorResponse(sloService, pvpReq, StatusCode.RESPONDER_URI);
 				sloBuilder.sendFrontChannelSLOMessage(sloService, message, httpReq, httpResp, inboundRelayState);
+
+				revisionsLogger.logEvent(uniqueSessionIdentifier, uniqueTransactionIdentifier, MOAIDEventConstants.AUTHPROCESS_SLO_NOT_ALL_VALID);
 				
 			}else {
 				//print SLO information directly
@@ -623,6 +642,7 @@ public class AuthenticationManager extends MOAIDAuthConstants {
 						DefaultGUIFormBuilderConfiguration.VIEW_SINGLELOGOUT, 
 						null);
 				
+				revisionsLogger.logEvent(uniqueSessionIdentifier, uniqueTransactionIdentifier, MOAIDEventConstants.AUTHPROCESS_SLO_NOT_ALL_VALID);
 				config.putCustomParameter("errorMsg", 
 	        			MOAIDMessageProvider.getInstance().getMessage("slo.01", null));
author	Thomas Lenz <tlenz@iaik.tugraz.at>	2016-03-22 14:43:22 +0100
committer	Thomas Lenz <tlenz@iaik.tugraz.at>	2016-03-22 14:43:22 +0100
commit	b29150526d95af2f1c30f4543c88d35c2965dfe6 (patch)
tree	d4b36d3fc6c7683b8646c9414ed2f11697047b51 /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls
parent	99e249a0f292bda3def5e5fbb4cc641c6dbbe26f (diff)
download	moa-id-spss-b29150526d95af2f1c30f4543c88d35c2965dfe6.tar.gz moa-id-spss-b29150526d95af2f1c30f4543c88d35c2965dfe6.tar.bz2 moa-id-spss-b29150526d95af2f1c30f4543c88d35c2965dfe6.zip