diff options
author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2016-10-25 16:23:23 +0200 |
---|---|---|
committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2016-10-25 16:23:23 +0200 |
commit | f10fb18bac8e4b98460d100a4af42a943ddb75df (patch) | |
tree | d53343fb928cb0186f6fa88ef2684bbea490b413 /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage | |
parent | 83a92eead9d389060ec43e9459c5a1367aefc29a (diff) | |
download | moa-id-spss-f10fb18bac8e4b98460d100a4af42a943ddb75df.tar.gz moa-id-spss-f10fb18bac8e4b98460d100a4af42a943ddb75df.tar.bz2 moa-id-spss-f10fb18bac8e4b98460d100a4af42a943ddb75df.zip |
fix another problem in session database
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage')
2 files changed, 71 insertions, 130 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java index 7dd6d15cd..ad200e400 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java @@ -46,6 +46,7 @@ import at.gv.egovernment.moa.id.auth.exception.BuildException; import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession; import at.gv.egovernment.moa.id.commons.db.dao.session.AuthenticatedSessionStore; import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore; import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore; @@ -75,12 +76,12 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt //@Autowired MOASessionDBUtils moaSessionDBUtils; @Override - public boolean isAuthenticated(String moaSessionID) { + public boolean isAuthenticated(String internalSsoSessionID) { AuthenticatedSessionStore session; try { - session = searchInDatabase(moaSessionID); + session = searchInDatabase(internalSsoSessionID); return session.isAuthenticated(); } catch (MOADatabaseException e) { @@ -89,8 +90,8 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt } @Override - public AuthenticationSession createSession(IRequest target) throws MOADatabaseException, BuildException { - String id = Random.nextRandom(); + public AuthenticationSession createInternalSSOSession(IRequest target) throws MOADatabaseException, BuildException { + String id = Random.nextLongRandom(); try { AuthenticatedSessionStore dbsession = new AuthenticatedSessionStore(); dbsession.setSessionid(id); @@ -106,12 +107,12 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt sessionExt.setUniqueSessionId(target.getUniqueSessionIdentifier()); dbsession.setAdditionalInformation(mapper.serialize(sessionExt)); - AuthenticationSession session = new AuthenticationSession(id, now); + AuthenticationSession session = new AuthenticationSession(id, now, target.getMOASession()); encryptSession(session, dbsession); //store AssertionStore element to Database entityManager.persist(dbsession); - Logger.info("Create MOASession with sessionID: " + id); + Logger.info("Create MOA SSO-Session with internal sessionID: " + id); return session; @@ -128,7 +129,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt } @Override - public AuthenticationSession getSession(String sessionID) throws MOADatabaseException { + public AuthenticationSession getInternalSSOSession(String sessionID) throws MOADatabaseException { if (MiscUtil.isEmpty(sessionID)) return null; @@ -189,30 +190,10 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt } @Override - public void storeSession(AuthenticationSession session) throws MOADatabaseException, BuildException { - try { - AuthenticatedSessionStore dbsession = searchInDatabase(session.getSessionID()); - - encryptSession(session, dbsession); - - //set Timestamp in this state, because automated timestamp generation is buggy in Hibernate 4.2.1 - dbsession.setAuthenticated(session.isAuthenticated()); - dbsession.setUpdated(new Date()); - - entityManager.merge(dbsession); - Logger.debug("MOASession with sessionID=" + session.getSessionID() + " is stored in Database"); - - } catch (MOADatabaseException e) { - Logger.warn("MOASession could not be stored."); - throw new MOADatabaseException(e); - } - } - - @Override - public void destroySession(String moaSessionID) throws MOADatabaseException { + public void destroyInternalSSOSession(String internalSsoSessionID) throws MOADatabaseException { Query query = entityManager.createNamedQuery("getSessionWithID"); - query.setParameter("sessionid", moaSessionID); + query.setParameter("sessionid", internalSsoSessionID); List<AuthenticatedSessionStore> results = query.getResultList(); Logger.trace("Found entries: " + results.size()); @@ -230,39 +211,6 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt } @Override - public String changeSessionID(AuthenticationSession session, String newSessionID) throws BuildException, MOADatabaseException { - - AuthenticatedSessionStore dbsession = searchInDatabase(session.getSessionID()); - - Logger.debug("Change SessionID from " + session.getSessionID() - + "to " + newSessionID); - - session.setSessionID(newSessionID); - encryptSession(session, dbsession); - - dbsession.setSessionid(newSessionID); - dbsession.setAuthenticated(session.isAuthenticated()); - - //set Timestamp in this state, because automated timestamp generation is buggy in Hibernate 4.2.1 - dbsession.setUpdated(new Date()); - - entityManager.merge(dbsession); - - Logger.trace("Change SessionID complete."); - - return newSessionID; - - } - - @Override - public String changeSessionID(AuthenticationSession session) - throws BuildException, MOADatabaseException { - String id = Random.nextRandom(); - return changeSessionID(session, id); - - } - - @Override public void setAuthenticated(String moaSessionID, boolean isAuthenticated) { AuthenticatedSessionStore session; @@ -279,7 +227,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt } @Override - public String getMOASessionSSOID(String SSOSessionID) { + public AuthenticationSession getInternalMOASessionWithSSOID(String SSOSessionID) throws MOADatabaseException { MiscUtil.assertNotNull(SSOSessionID, "SSOsessionID"); Logger.trace("Get authenticated session with SSOID " + SSOSessionID + " from database."); @@ -295,7 +243,13 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt return null; } else - return results.get(0).getSessionid(); + try { + return decryptSession(results.get(0)); + + } catch (Throwable e) { + Logger.warn("MOASession deserialization-exception by using internal MOASessionID=" + results.get(0).getSessionid(), e); + throw new MOADatabaseException("MOASession deserialization-exception"); + } } @@ -413,7 +367,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt } @Override - public List<OASessionStore> getAllActiveOAFromMOASession(AuthenticationSession moaSession) { + public List<OASessionStore> getAllActiveOAFromMOASession(IAuthenticationSession moaSession) { MiscUtil.assertNotNull(moaSession, "MOASession"); Logger.trace("Get OAs for moaSession " + moaSession.getSessionID() + " from database."); @@ -429,7 +383,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt } @Override - public List<InterfederationSessionStore> getAllActiveIDPsFromMOASession(AuthenticationSession moaSession) { + public List<InterfederationSessionStore> getAllActiveIDPsFromMOASession(IAuthenticationSession moaSession) { MiscUtil.assertNotNull(moaSession, "MOASession"); Logger.trace("Get active IDPs for moaSession " + moaSession.getSessionID() + " from database."); @@ -444,7 +398,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt } @Override - public AuthenticationSession searchMOASessionWithNameIDandOAID(String oaID, String userNameID) { + public IAuthenticationSession searchMOASessionWithNameIDandOAID(String oaID, String userNameID) { MiscUtil.assertNotNull(oaID, "OnlineApplicationIdentifier"); MiscUtil.assertNotNull(userNameID, "userNameID"); Logger.trace("Get moaSession for userNameID " + userNameID + " and OA " @@ -475,7 +429,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt } @Override - public OASessionStore searchActiveOASSOSession(AuthenticationSession moaSession, String oaID, String protocolType) { + public OASessionStore searchActiveOASSOSession(IAuthenticationSession moaSession, String oaID, String protocolType) { MiscUtil.assertNotNull(moaSession, "MOASession"); MiscUtil.assertNotNull(oaID, "OnlineApplicationIdentifier"); MiscUtil.assertNotNull(protocolType, "usedProtocol"); @@ -505,7 +459,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt * @see at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage#markOAWithAttributeQueryUsedFlag(at.gv.egovernment.moa.id.auth.data.AuthenticationSession, java.lang.String, java.lang.String) */ @Override - public void markOAWithAttributeQueryUsedFlag(AuthenticationSession session, String oaurl, String requestedModule) { + public void markOAWithAttributeQueryUsedFlag(IAuthenticationSession session, String oaurl, String requestedModule) { OASessionStore activeOA = searchActiveOASSOSession(session, oaurl, requestedModule); if (activeOA != null) { activeOA.setAttributeQueryUsed(true); @@ -516,7 +470,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt } @Override - public AuthenticationSession getSessionWithUserNameID(String nameID) { + public IAuthenticationSession getSessionWithUserNameID(String nameID) { MiscUtil.assertNotNull(nameID, "nameID"); Logger.trace("Get authenticated session with pedingRequestID " + nameID + " from database."); @@ -592,20 +546,35 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt @Override public void addFederatedSessionInformation(IRequest req, String idpEntityID, AssertionAttributeExtractor extractor) throws MOADatabaseException, AssertionAttributeExtractorExeption, BuildException { AuthenticatedSessionStore dbsession = null; + AuthenticationSession moaSession = null; Date now = new Date(); //search for active session - String moaSession = getMOASessionSSOID(req.getMOASessionIdentifier()); - if (MiscUtil.isNotEmpty(moaSession)) { + if (MiscUtil.isNotEmpty(req.getInternalSSOSessionIdentifier())) { + Logger.debug("Internal SSO-Session object: " + req.getInternalSSOSessionIdentifier() + " used for federated SSO"); + moaSession = getInternalMOASessionWithSSOID(req.getInternalSSOSessionIdentifier()); + + } else { + Logger.debug("No internal SSO-Session object exists for federated SSO --> create new session object"); + moaSession = createInternalSSOSession(req); + + } + + if (moaSession != null) { try { - dbsession = searchInDatabase(moaSession); + dbsession = searchInDatabase(moaSession.getSessionID()); }catch (MOADatabaseException e) { Logger.error("NO MOASession found but MOASession MUST already exist!"); throw e; - } - } - + } + + } else { + Logger.error("NO MOASession found but MOASession MUST already exist!"); + throw new MOADatabaseException("NO MOASession found but MOASession MUST already exist!"); + + } + dbsession.setUpdated(now); //decrypt MOASession diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/IAuthenticationSessionStoreage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/IAuthenticationSessionStoreage.java index 934b7ca65..c8d09e17e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/IAuthenticationSessionStoreage.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/IAuthenticationSessionStoreage.java @@ -30,6 +30,7 @@ import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionExtensions; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.BuildException; import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession; import at.gv.egovernment.moa.id.commons.db.dao.session.AuthenticatedSessionStore; import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore; import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore; @@ -48,103 +49,74 @@ public interface IAuthenticationSessionStoreage { /** * Check if the stored MOASession is already authenticated * - * @param moaSessionID MOASession identifier + * @param internalSsoSessionID Internal MOA SSO-Session identifier * @return true if the MOASession is authenticated, otherwise false */ - public boolean isAuthenticated(String moaSessionID); + public boolean isAuthenticated(String internalSsoSessionID); /** - * Create a new MOASession + * Create a new MOA SSO-Session object in database + * The SSO session object get populated with eID information from pending request * * @param target Pending Request which is associated with this MOASession * @return MOASession object * @throws MOADatabaseException MOASession storage operation FAILED * @throws BuildException MOASession encryption FAILED */ - public AuthenticationSession createSession(IRequest target) throws MOADatabaseException, BuildException; + public AuthenticationSession createInternalSSOSession(IRequest target) throws MOADatabaseException, BuildException; /** * Get a MOASession with sessionID * - * @param sessionID SessionID which corresponds to a MOASession + * @param internalSsoSessionID Internal MOA SSO-Session identifier * @return MOASession, or null if no session exists with this ID * @throws MOADatabaseException MOASession load operation FAILED */ - public AuthenticationSession getSession(String sessionID) throws MOADatabaseException; + public AuthenticationSession getInternalSSOSession(String internalSsoSessionID) throws MOADatabaseException; /** * Get the session-data extension-object for a MOASession * - * @param sessionID SessionID which corresponds to a MOASession + * @param internalSsoSessionID Internal MOA SSO-Session identifier * @return AuthenticationSessionExtensions, or null if no session exists with this ID or extensionobject is null * @throws MOADatabaseException MOASession load operation FAILED */ - public AuthenticationSessionExtensions getAuthenticationSessionExtensions(String sessionID) throws MOADatabaseException; + public AuthenticationSessionExtensions getAuthenticationSessionExtensions(String internalSsoSessionID) throws MOADatabaseException; /** * Store a session-data extension-object to MOASession * - * @param sessionID SessionID which corresponds to a MOASession + * @param internalSsoSessionID Internal MOA SSO-Session identifier * @param sessionExtensions AuthenticationSessionExtensions object * @throws MOADatabaseException MOASession storage operation FAILED */ - public void setAuthenticationSessionExtensions(String sessionID, AuthenticationSessionExtensions sessionExtensions) throws MOADatabaseException; + public void setAuthenticationSessionExtensions(String internalSsoSessionID, AuthenticationSessionExtensions sessionExtensions) throws MOADatabaseException; /** - * Store a MOASession - * - * @param session MOASession which should be stored - * @throws MOADatabaseException MOASession storage operation FAILED - * @throws BuildException MOASession encryption FAILED - */ - public void storeSession(AuthenticationSession session) throws MOADatabaseException, BuildException; - - /** * Delete a MOASession * - * @param moaSessionID SessionID which corresponds to a MOASession + * @param internalSsoSessionID Internal MOA SSO-Session identifier * @throws MOADatabaseException MOASession delete operation FAILED */ - public void destroySession(String moaSessionID) throws MOADatabaseException; - - - /** - * Change the sessionID of a MOASession - * - * @param session MOASession for which the sessionID should be changed - * @param newSessionID new MOASessionID which should be used - * @return new MOASessionID - * @throws MOADatabaseException MOASession storage operation FAILED - * @throws BuildException MOASession encryption/decryption FAILED - */ - public String changeSessionID(AuthenticationSession session, String newSessionID) throws BuildException, MOADatabaseException; - - /** - * Change the sessionID of a MOASession - * - * @param session MOASession for which the sessionID should be changed - * @return new MOASessionID - * @throws MOADatabaseException MOASession storage operation FAILED - * @throws BuildException MOASession encryption/decryption FAILED - */ - public String changeSessionID(AuthenticationSession session) throws BuildException, MOADatabaseException; - + public void destroyInternalSSOSession(String internalSsoSessionID) throws MOADatabaseException; + /** * Set the isAuthenticated flag to MOASession * - * @param moaSessionID SessionID which corresponds to a MOASession + * @param internalSsoSessionID Internal MOA SSO-Session identifier * @param isAuthenticated Is authenticated flag (true/false) */ - public void setAuthenticated(String moaSessionID, boolean isAuthenticated); + public void setAuthenticated(String internalSsoSessionID, boolean isAuthenticated); /** * Find the MOASessionId of an active Single Sign-On session * * @param SSOSessionID Single Sign-On sessionID - * @return MOASessionID of the associated MOASession + * @return internal MOA SSO-Session of the associated SSO-Session Id + * @throws MOADatabaseException */ - public String getMOASessionSSOID(String SSOSessionID); + public AuthenticationSession getInternalMOASessionWithSSOID(String SSOSessionID) throws MOADatabaseException; /** * Check if a MOASession is an active Single Sign-On session @@ -182,7 +154,7 @@ public interface IAuthenticationSessionStoreage { * @param moaSession MOASession data object * @return List of Service-Provider information */ - public List<OASessionStore> getAllActiveOAFromMOASession(AuthenticationSession moaSession); + public List<OASessionStore> getAllActiveOAFromMOASession(IAuthenticationSession moaSession); /** @@ -191,7 +163,7 @@ public interface IAuthenticationSessionStoreage { * @param moaSession MOASession data object * @return List of Interfederation-IDP information */ - public List<InterfederationSessionStore> getAllActiveIDPsFromMOASession(AuthenticationSession moaSession); + public List<InterfederationSessionStore> getAllActiveIDPsFromMOASession(IAuthenticationSession moaSession); /** * Search a MOASession by using already transfered authentication information @@ -200,7 +172,7 @@ public interface IAuthenticationSessionStoreage { * @param userNameID UserId (bPK), which was send to this Service-Provider * @return MOASession, or null if no corresponding MOASession is found */ - public AuthenticationSession searchMOASessionWithNameIDandOAID(String oaID, String userNameID); + public IAuthenticationSession searchMOASessionWithNameIDandOAID(String oaID, String userNameID); /** * Search a active Single Sign-On session for a specific Service-Provider @@ -210,7 +182,7 @@ public interface IAuthenticationSessionStoreage { * @param protocolType Authentication protocol, which was used for SSO from this Service-Provider * @return Internal Single Sign-On information for this Service-Provider */ - public OASessionStore searchActiveOASSOSession(AuthenticationSession moaSession, String oaID, String protocolType); + public OASessionStore searchActiveOASSOSession(IAuthenticationSession moaSession, String oaID, String protocolType); /** @@ -219,7 +191,7 @@ public interface IAuthenticationSessionStoreage { * @param nameID UserID (bPK) * @return MOASession, or null if no corresponding MOASession is found */ - public AuthenticationSession getSessionWithUserNameID(String nameID); + public IAuthenticationSession getSessionWithUserNameID(String nameID); /** * Search an active federation IDP which could be used for federated Single Sign-On @@ -283,7 +255,7 @@ public interface IAuthenticationSessionStoreage { * @param oaurl * @param requestedModule */ - public void markOAWithAttributeQueryUsedFlag(AuthenticationSession session, String oaurl, String requestedModule); + public void markOAWithAttributeQueryUsedFlag(IAuthenticationSession session, String oaurl, String requestedModule); /** * @param nextIDPInformation |