fix some interfederation problems

1 files changed, 39 insertions, 19 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
index 74a5e01ad..26922a13b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
@@ -215,7 +215,7 @@ public class AuthenticationSessionStoreage {
 	}
 	
 	public static String getMOASessionSSOID(String SSOSessionID) {
-		  MiscUtil.assertNotNull(SSOSessionID, "moasessionID");	  
+		  MiscUtil.assertNotNull(SSOSessionID, "SSOsessionID");	  
 		  Logger.trace("Get authenticated session with SSOID " + SSOSessionID + " from database.");
 		  Session session = MOASessionDBUtils.getCurrentSession();
 		  
@@ -643,22 +643,44 @@ public class AuthenticationSessionStoreage {
 		  return result.get(0).getInderfederation().get(0);
 	}
 	
-	public static String createInterfederatedSession(IRequest req, boolean isAuthenticated) throws MOADatabaseException, AssertionAttributeExtractorExeption {
-		String id = Random.nextRandom();
-		AuthenticationSession session = new AuthenticationSession(id);
-		session.setAuthenticated(true);
-		session.setAuthenticatedUsed(false);
-		
-		AuthenticatedSessionStore dbsession = new AuthenticatedSessionStore();
-		dbsession.setSessionid(id);
-		dbsession.setAuthenticated(isAuthenticated);
-		dbsession.setInterfederatedSSOSession(true);
+	public static String createInterfederatedSession(IRequest req, boolean isAuthenticated, String ssoID) throws MOADatabaseException, AssertionAttributeExtractorExeption {		
+		AuthenticatedSessionStore dbsession = null;
+		
+		//search for active SSO session
+		if (MiscUtil.isNotEmpty(ssoID)) {
+			String moaSession = getMOASessionSSOID(ssoID);		
+			if (MiscUtil.isNotEmpty(moaSession)) {
+				try {
+					dbsession = searchInDatabase(moaSession);
+				
+				}catch (MOADatabaseException e) {
+				
+				}			
+			} 	
+		}
 		
-		//set Timestamp in this state, because automated timestamp generation is buggy in Hibernate 4.2.1
+		String id = null;
 		Date now = new Date();
-		dbsession.setCreated(now);
+		
+		//create new MOASession if any exists
+		if (dbsession == null) {
+			id = Random.nextRandom();
+			dbsession = new AuthenticatedSessionStore();
+			dbsession.setSessionid(id);
+			dbsession.setCreated(now);
+			
+		} else {
+			id = dbsession.getSessionid();
+			
+		}
+				
+		dbsession.setInterfederatedSSOSession(true);
+		dbsession.setAuthenticated(isAuthenticated);
 		dbsession.setUpdated(now);
 		
+		AuthenticationSession session = new AuthenticationSession(id);
+		session.setAuthenticated(true);
+		session.setAuthenticatedUsed(false);
 		dbsession.setSession(SerializationUtils.serialize(session));
 		
 		//add interfederation information
@@ -682,18 +704,16 @@ public class AuthenticationSessionStoreage {
 			idp = new InterfederationSessionStore();
 			idp.setCreated(now);
 			idp.setIdpurlprefix(req.getInterfederationResponse().getEntityID());
-			
+			idp.setMoasession(dbsession);
+			idpList.add(idp);
+						
 		}
-		
 		AssertionAttributeExtractor extract = new AssertionAttributeExtractor(req.getInterfederationResponse().getResponse());		
 		idp.setSessionIndex(extract.getSessionIndex());
 		idp.setUserNameID(extract.getNameID());
 		idp.setAttributesRequested(false);
 		idp.setQAALevel(extract.getQAALevel());
-		idp.setMoasession(dbsession);
-		idpList.add(idp);
-		
-		
+
 		//store AssertionStore element to Database
 		try {
 			MOASessionDBUtils.saveOrUpdate(dbsession);