aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2016-06-07 13:19:13 +0200
committerThomas Lenz <tlenz@iaik.tugraz.at>2016-06-07 13:19:13 +0200
commitf660735c26170c05396e0feeac53e7dcf3c5b5df (patch)
tree2ae4bbc58f060c54150830cacdecb03dddd1123a /id/server/idserverlib/src/main/java/at
parent81f86fc319e98469cc4ae65f8c4a3c8a4636ac00 (diff)
parent0cf75d5ee50f3c285a772ce96411f7bf98fe2a72 (diff)
downloadmoa-id-spss-f660735c26170c05396e0feeac53e7dcf3c5b5df.tar.gz
moa-id-spss-f660735c26170c05396e0feeac53e7dcf3c5b5df.tar.bz2
moa-id-spss-f660735c26170c05396e0feeac53e7dcf3c5b5df.zip
Merge remote-tracking branch 'remotes/origin/moapid-3.2-opb-redis' into eIDAS_node_implementation
Conflicts: id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java
Diffstat (limited to 'id/server/idserverlib/src/main/java/at')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationSessionCleaner.java29
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java11
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractController.java4
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java2
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProviderImpl.java6
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java2
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestStorage.java3
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java7
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/process/dao/ProcessInstanceStoreDAOImpl.java2
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AttributQueryAction.java7
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java2
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPAssertionStorage.java2
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java289
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java180
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBTransactionStorage.java104
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/ITransactionStorage.java20
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/RedisTransactionStorage.java377
17 files changed, 715 insertions, 332 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationSessionCleaner.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationSessionCleaner.java
index e0552c337..bbb322a4f 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationSessionCleaner.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationSessionCleaner.java
@@ -8,6 +8,8 @@ import java.util.List;
import org.hibernate.HibernateException;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.scheduling.annotation.EnableScheduling;
+import org.springframework.scheduling.annotation.Scheduled;
import org.springframework.stereotype.Service;
import at.gv.egovernment.moa.id.advancedlogging.TransactionIDUtils;
@@ -29,6 +31,7 @@ import at.gv.egovernment.moa.util.MiscUtil;
* @version $Id$
*/
@Service("AuthenticationSessionCleaner")
+@EnableScheduling
public class AuthenticationSessionCleaner implements Runnable {
@Autowired private IAuthenticationSessionStoreage authenticationSessionStorage;
@@ -36,7 +39,7 @@ public class AuthenticationSessionCleaner implements Runnable {
@Autowired protected AuthConfiguration authConfig;
/** interval the <code>AuthenticationSessionCleaner</code> is run in */
- private static final long SESSION_CLEANUP_INTERVAL = 5 * 60; // 5 min
+ private static final long SESSION_CLEANUP_INTERVAL = 5 * 60 *1000 ; // 5 min
/**
* Runs the thread. Cleans the <code>AuthenticationServer</code> session store
@@ -45,8 +48,8 @@ public class AuthenticationSessionCleaner implements Runnable {
* Cleans up expired session and authentication data stores.
*
*/
+ @Scheduled(fixedRate = SESSION_CLEANUP_INTERVAL)
public void run() {
- while (true) {
try {
Logger.debug("AuthenticationSessionCleaner run");
Date now = new Date();
@@ -66,7 +69,7 @@ public class AuthenticationSessionCleaner implements Runnable {
try {
try {
Object entry = transactionStorage.get(entryKey);
- //if entry is an exception --> log it because is could be unhandled
+ //if entry is an exception --> log it because it could be unhandled
if (entry != null && entry instanceof ExceptionContainer) {
ExceptionContainer exContainer = (ExceptionContainer) entry;
@@ -115,12 +118,6 @@ public class AuthenticationSessionCleaner implements Runnable {
} catch (Exception e) {
Logger.error(MOAIDMessageProvider.getInstance().getMessage("cleaner.01", null), e);
}
- try {
- Thread.sleep(SESSION_CLEANUP_INTERVAL * 1000);
- }
- catch (InterruptedException e) {
- }
- }
}
/**
@@ -143,18 +140,4 @@ public class AuthenticationSessionCleaner implements Runnable {
}
}
}
-
- /**
- * start the sessionCleaner
- */
- public static void start(Runnable clazz) {
- // start the session cleanup thread
- Thread sessionCleaner =
- new Thread(clazz, "AuthenticationSessionCleaner");
- sessionCleaner.setName("SessionCleaner");
- sessionCleaner.setDaemon(true);
- sessionCleaner.setPriority(Thread.MIN_PRIORITY);
- sessionCleaner.start();
- }
-
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
index 90aa5d3ac..8de283c9a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
@@ -109,12 +109,6 @@ public class MOAIDAuthInitializer {
// Initializes SSLSocketFactory store
SSLUtils.initialize();
- // Initializes Namespace Map
- Constants.nSMap.put(Constants.SAML_PREFIX, Constants.SAML_NS_URI);
- Constants.nSMap.put(Constants.ECDSA_PREFIX,
- "http://www.w3.org/2001/04/xmldsig-more#");
- Constants.nSMap.put(Constants.DSIG_PREFIX, Constants.DSIG_NS_URI);
-
//seed the random number generator
Random.seedRandom();
Logger.debug("Random-number generator is seeded.");
@@ -162,11 +156,6 @@ public class MOAIDAuthInitializer {
}
-
- // Starts the session cleaner thread to remove unpicked authentication data
- AuthenticationSessionCleaner sessioncleaner = rootContext.getBean("AuthenticationSessionCleaner", AuthenticationSessionCleaner.class);
- AuthenticationSessionCleaner.start(sessioncleaner);
-
MOAGarbageCollector.start();
}
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractController.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractController.java
index e3efdeac0..09e9edb7b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractController.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractController.java
@@ -141,12 +141,12 @@ public abstract class AbstractController extends MOAIDAuthConstants {
revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.TRANSACTION_ERROR);
transactionStorage.put(key,
new ExceptionContainer(pendingReq.getUniqueSessionIdentifier(),
- pendingReq.getUniqueTransactionIdentifier(), loggedException));
+ pendingReq.getUniqueTransactionIdentifier(), loggedException),-1);
} else {
transactionStorage.put(key,
new ExceptionContainer(null,
- null, loggedException));
+ null, loggedException),-1);
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java
index 66e8757ad..5e09380ae 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java
@@ -179,7 +179,7 @@ public class IDPSingleLogOutServlet extends AbstractController {
else
statusCode = MOAIDAuthConstants.SLOSTATUS_ERROR;
- transactionStorage.put(artifact, statusCode);
+ transactionStorage.put(artifact, statusCode, -1);
redirectURL = HTTPUtils.addURLParameter(redirectURL, MOAIDAuthConstants.PARAM_SLOSTATUS, artifact);
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProviderImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProviderImpl.java
index 5c2f86732..a07099a93 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProviderImpl.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProviderImpl.java
@@ -185,6 +185,10 @@ public abstract class ConfigurationProviderImpl implements ConfigurationProvider
String propertyName = key.toString().substring(propPrefix.length());
moaSessionProp.put(propertyName, props.get(key.toString()));
}
+ if (key.toString().startsWith(propPrefix+"dbcp")) {
+ String propertyName = "hibernate."+(key.toString().substring(propPrefix.length()));
+ moaSessionProp.put(propertyName, props.get(key.toString()));
+ }
}
// read Config Hibernate properties
@@ -222,7 +226,7 @@ public abstract class ConfigurationProviderImpl implements ConfigurationProvider
config.addAnnotatedClass(InterfederationSessionStore.class);
//config.addAnnotatedClass(ProcessInstanceStore.class);
config.addProperties(moaSessionProp);
- MOASessionDBUtils.initHibernate(config, moaSessionProp);
+ //MOASessionDBUtils.initHibernate(config, moaSessionProp);
//initial advanced logging
if (Boolean.valueOf(props.getProperty("configuration.advancedlogging.active", "false"))) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
index a1f2c6558..3c6042b51 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
@@ -569,7 +569,7 @@ public class AuthenticationManager extends MOAIDAuthConstants {
}
//put SLO process-information into transaction storage
- transactionStorage.put(relayState, sloContainer);
+ transactionStorage.put(relayState, sloContainer, -1);
if (MiscUtil.isEmpty(authURL))
authURL = pvpReq.getAuthURL();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestStorage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestStorage.java
index 1b550881e..eec48e0f3 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestStorage.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestStorage.java
@@ -68,7 +68,7 @@ public class RequestStorage implements IRequestStorage{
public void storePendingRequest(IRequest pendingRequest) throws MOAIDException {
try {
if (pendingRequest instanceof IRequest) {
- transactionStorage.put(((IRequest)pendingRequest).getRequestID(), pendingRequest);
+ transactionStorage.put(((IRequest)pendingRequest).getRequestID(), pendingRequest, -1);
} else {
throw new MOAIDException("auth.20", null);
@@ -123,6 +123,7 @@ public class RequestStorage implements IRequestStorage{
((RequestImpl)pendingRequest).setRequestID(newRequestID);
transactionStorage.changeKey(oldRequestID, newRequestID, pendingRequest);
+ //only delete oldRequestID, no change.
return newRequestID;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
index bc7dd272b..0799760ce 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
@@ -63,6 +63,7 @@ public class SSOManager {
@Autowired private IAuthenticationSessionStoreage authenticatedSessionStore;
@Autowired protected AuthConfiguration authConfig;
+ @Autowired private MOASessionDBUtils moaSessionDBUtils;
/**
* Check if interfederation IDP is requested via HTTP GET parameter or if interfederation cookie exists.
@@ -159,7 +160,7 @@ public class SSOManager {
} else {
Logger.warn("MOASession is marked as interfederated SSO session but no interfederated IDP is found. Switch to local authentication ...");
- MOASessionDBUtils.delete(storedSession);
+ moaSessionDBUtils.delete(storedSession);
}
}
@@ -200,7 +201,7 @@ public class SSOManager {
public String existsOldSSOSession(String ssoId) {
Logger.trace("Check that the SSOID has already been used");
- Session session = MOASessionDBUtils.getCurrentSession();
+ Session session = moaSessionDBUtils.getCurrentSession();
List<OldSSOSessionIDStore> result;
@@ -289,7 +290,7 @@ public class SSOManager {
//no local SSO session exist -> request interfederated IDP
Logger.info("Delete interfederated IDP " + selectedIDP.getIdpurlprefix()
+ " from MOASession " + storedSession.getSessionid());
- MOASessionDBUtils.delete(selectedIDP);
+ moaSessionDBUtils.delete(selectedIDP);
} else {
Logger.warn("MOASession is marked as interfederated SSO session but no interfederated IDP is found. Switch to local authentication ...");
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/process/dao/ProcessInstanceStoreDAOImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/process/dao/ProcessInstanceStoreDAOImpl.java
index a9a9322ad..428931b5e 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/process/dao/ProcessInstanceStoreDAOImpl.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/process/dao/ProcessInstanceStoreDAOImpl.java
@@ -22,7 +22,7 @@ public class ProcessInstanceStoreDAOImpl implements ProcessInstanceStoreDAO {
@Override
public void saveOrUpdate(ProcessInstanceStore pIStore) throws MOADatabaseException {
try {
- transactionStorage.put(pIStore.getProcessInstanceId(), pIStore);
+ transactionStorage.put(pIStore.getProcessInstanceId(), pIStore, -1);
// MOASessionDBUtils.saveOrUpdate(pIStore);
log.debug("Store process instance with='{}' in the database.", pIStore.getProcessInstanceId());
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AttributQueryAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AttributQueryAction.java
index 2168316ab..98c6632f1 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AttributQueryAction.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AttributQueryAction.java
@@ -80,6 +80,7 @@ public class AttributQueryAction implements IAction {
@Autowired private AuthenticationDataBuilder authDataBuilder;
@Autowired private IDPCredentialProvider pvpCredentials;
@Autowired private AuthConfiguration authConfig;
+ @Autowired private MOASessionDBUtils moaSessionDBUtils;
private final static List<String> DEFAULTSTORKATTRIBUTES = Arrays.asList(
new String[]{PVPConstants.EID_STORK_TOKEN_NAME});
@@ -198,7 +199,7 @@ public class AttributQueryAction implements IAction {
((PVPTargetConfiguration) pendingReq).getRequest().getInboundMessage() instanceof AttributeQuery) {
try {
activeOA.setAttributeQueryUsed(true);
- MOASessionDBUtils.saveOrUpdate(activeOA);
+ moaSessionDBUtils.saveOrUpdate(activeOA);
} catch (MOADatabaseException e) {
Logger.error("MOASession interfederation information can not stored to database.", e);
@@ -251,11 +252,11 @@ public class AttributQueryAction implements IAction {
//mark attribute request as used
if (nextIDPInformation.isStoreSSOInformation()) {
nextIDPInformation.setAttributesRequested(true);
- MOASessionDBUtils.saveOrUpdate(nextIDPInformation);
+ moaSessionDBUtils.saveOrUpdate(nextIDPInformation);
//delete federated IDP from Session
} else {
- MOASessionDBUtils.delete(nextIDPInformation);
+ moaSessionDBUtils.delete(nextIDPInformation);
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
index bca080ba6..82e46b6ce 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
@@ -525,7 +525,7 @@ public class PVP2XProtocol extends AbstractAuthProtocolModulController {
boolean isAllowedDestination = false;
for (String prefix : allowedPublicURLPrefix) {
- if (!resp.getDestination().startsWith(
+ if (resp.getDestination().startsWith(
prefix)) {
isAllowedDestination = true;
break;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPAssertionStorage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPAssertionStorage.java
index 0dd309154..62105abda 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPAssertionStorage.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPAssertionStorage.java
@@ -49,7 +49,7 @@ public class PVPAssertionStorage implements SAMLArtifactMap {
samlMessage);
try {
- transactionStorage.put(artifact, assertion);
+ transactionStorage.put(artifact, assertion, -1);
} catch (MOADatabaseException e) {
// TODO Insert Error Handling, if Assertion could not be stored
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java
index 52bf16247..c762e2505 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java
@@ -24,17 +24,11 @@ package at.gv.egovernment.moa.id.protocols.pvp2x;
import java.io.Serializable;
import java.io.UnsupportedEncodingException;
-import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.SerializationUtils;
-import org.hibernate.HibernateException;
-import org.hibernate.Query;
-import org.hibernate.Session;
-import org.hibernate.Transaction;
-import org.hibernate.resource.transaction.spi.TransactionStatus;
import org.opensaml.saml2.core.LogoutRequest;
import org.opensaml.saml2.core.LogoutResponse;
import org.opensaml.saml2.metadata.SingleLogoutService;
@@ -49,7 +43,6 @@ import at.gv.egovernment.moa.id.auth.servlet.RedirectServlet;
import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.commons.api.IRequest;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
-import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils;
import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.data.IAuthData;
@@ -83,8 +76,8 @@ public class SingleLogOutAction implements IAction {
@Autowired private ITransactionStorage transactionStorage;
@Autowired private SingleLogOutBuilder sloBuilder;
@Autowired private MOAReversionLogger revisionsLogger;
-
-
+
+
/* (non-Javadoc)
* @see at.gv.egovernment.moa.id.moduls.IAction#processRequest(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.data.IAuthData)
*/
@@ -94,142 +87,148 @@ public class SingleLogOutAction implements IAction {
IAuthData authData) throws MOAIDException {
PVPTargetConfiguration pvpReq = (PVPTargetConfiguration) req;
-
+
if (pvpReq.getRequest() instanceof MOARequest &&
((MOARequest)pvpReq.getRequest()).getSamlRequest() instanceof LogoutRequest) {
Logger.debug("Process Single LogOut request");
MOARequest samlReq = (MOARequest) pvpReq.getRequest();
LogoutRequest logOutReq = (LogoutRequest) samlReq.getSamlRequest();
-
+
AuthenticationSession session =
authenticationSessionStorage.searchMOASessionWithNameIDandOAID(
logOutReq.getIssuer().getValue(),
logOutReq.getNameID().getValue());
-
- if (session == null) {
- Logger.warn("Can not find active SSO session with nameID "
- + logOutReq.getNameID().getValue() + " and OA "
- + logOutReq.getIssuer().getValue());
- Logger.info("Search active SSO session with SSO session cookie");
- String ssoID = ssomanager.getSSOSessionID(httpReq);
- if (MiscUtil.isEmpty(ssoID)) {
+
+ if (session == null) {
+ Logger.warn("Can not find active SSO session with nameID "
+ + logOutReq.getNameID().getValue() + " and OA "
+ + logOutReq.getIssuer().getValue());
+ Logger.info("Search active SSO session with SSO session cookie");
+ String ssoID = ssomanager.getSSOSessionID(httpReq);
+ if (MiscUtil.isEmpty(ssoID)) {
+ Logger.info("Can not find active Session. Single LogOut not possible!");
+ SingleLogoutService sloService = sloBuilder.getResponseSLODescriptor(pvpReq);
+ //LogoutResponse message = sloBuilder.buildSLOErrorResponse(sloService, pvpReq, StatusCode.RESPONDER_URI);
+ LogoutResponse message = sloBuilder.buildSLOResponseMessage(sloService, pvpReq, null);
+ Logger.info("Sending SLO success message to requester ...");
+ sloBuilder.sendFrontChannelSLOMessage(sloService, message, httpReq, httpResp, samlReq.getRelayState());
+ return null;
+
+ } else {
+ String moasession = ssomanager.getMOASession(ssoID);
+ try {
+ session = authenticationSessionStorage.getSession(moasession);
+
+ if (session == null)
+ throw new MOADatabaseException();
+
+ } catch (MOADatabaseException e) {
Logger.info("Can not find active Session. Single LogOut not possible!");
SingleLogoutService sloService = sloBuilder.getResponseSLODescriptor(pvpReq);
//LogoutResponse message = sloBuilder.buildSLOErrorResponse(sloService, pvpReq, StatusCode.RESPONDER_URI);
LogoutResponse message = sloBuilder.buildSLOResponseMessage(sloService, pvpReq, null);
Logger.info("Sending SLO success message to requester ...");
- sloBuilder.sendFrontChannelSLOMessage(sloService, message, httpReq, httpResp, samlReq.getRelayState());
+ sloBuilder.sendFrontChannelSLOMessage(sloService, message, httpReq, httpResp, samlReq.getRelayState());
return null;
-
- } else {
- String moasession = ssomanager.getMOASession(ssoID);
- try {
- session = authenticationSessionStorage.getSession(moasession);
-
- if (session == null)
- throw new MOADatabaseException();
-
- } catch (MOADatabaseException e) {
- Logger.info("Can not find active Session. Single LogOut not possible!");
- SingleLogoutService sloService = sloBuilder.getResponseSLODescriptor(pvpReq);
- //LogoutResponse message = sloBuilder.buildSLOErrorResponse(sloService, pvpReq, StatusCode.RESPONDER_URI);
- LogoutResponse message = sloBuilder.buildSLOResponseMessage(sloService, pvpReq, null);
- Logger.info("Sending SLO success message to requester ...");
- sloBuilder.sendFrontChannelSLOMessage(sloService, message, httpReq, httpResp, samlReq.getRelayState());
- return null;
-
- }
- }
+
+ }
+ }
+ }
+
+ authManager.performSingleLogOut(httpReq, httpResp, session, pvpReq);
+
+ } else if (pvpReq.getRequest() instanceof MOAResponse &&
+ ((MOAResponse)pvpReq.getRequest()).getResponse() instanceof LogoutResponse) {
+ Logger.debug("Process Single LogOut response");
+ LogoutResponse logOutResp = (LogoutResponse) ((MOAResponse)pvpReq.getRequest()).getResponse();
+
+ //Transaction tx = null;
+
+ try {
+ String relayState = pvpReq.getRequest().getRelayState();
+ if (MiscUtil.isEmpty(relayState)) {
+ Logger.warn("SLO Response from " + logOutResp.getIssuer().getValue()
+ + " has no SAML2 RelayState.");
+ throw new SLOException("pvp2.19", null);
+
}
-
- authManager.performSingleLogOut(httpReq, httpResp, session, pvpReq);
-
- } else if (pvpReq.getRequest() instanceof MOAResponse &&
- ((MOAResponse)pvpReq.getRequest()).getResponse() instanceof LogoutResponse) {
- Logger.debug("Process Single LogOut response");
- LogoutResponse logOutResp = (LogoutResponse) ((MOAResponse)pvpReq.getRequest()).getResponse();
-
- Transaction tx = null;
-
- try {
- String relayState = pvpReq.getRequest().getRelayState();
- if (MiscUtil.isEmpty(relayState)) {
- Logger.warn("SLO Response from " + logOutResp.getIssuer().getValue()
- + " has no SAML2 RelayState.");
- throw new SLOException("pvp2.19", null);
-
- }
-
- Session session = MOASessionDBUtils.getCurrentSession();
- boolean storageSuccess = false;
- int counter = 0;
-
- //TODO: add counter to prevent deadlock
-
+
+ //Session session = MOASessionDBUtils.getCurrentSession();
+ boolean storageSuccess = false;
+ int counter = 0;
+
+ //TODO: add counter to prevent deadlock
+ synchronized(this){
while (!storageSuccess) {
- tx = session.beginTransaction();
-
- List result;
- Query query = session.getNamedQuery("getAssertionWithArtifact");
- query.setParameter("artifact", relayState);
- result = query.list();
- Logger.trace("Found entries: " + result.size());
-
- //Assertion requires an unique artifact
- if (result.size() != 1) {
+ // tx = session.beginTransaction();
+ //
+ // List result;
+ // Query query = session.getNamedQuery("getAssertionWithArtifact");
+ // query.setParameter("artifact", relayState);
+ // result = query.list();
+ //
+ //
+ // Logger.trace("Found entries: " + result.size());
+ //
+ // //Assertion requires an unique artifact
+ // if (result.size() != 1) {
+ // Logger.trace("No entries found.");
+ // throw new MOADatabaseException("No sessioninformation found with this ID");
+ // }
+ //
+ // AssertionStore element = (AssertionStore) result.get(0);
+ // Object data = SerializationUtils.deserialize(element.getAssertion());
+ Logger.debug("Current Thread getAssertionStore: "+Thread.currentThread().getId());
+ Object o = transactionStorage.getAssertionStore(relayState);
+ if(o==null){
Logger.trace("No entries found.");
- throw new MOADatabaseException("No sessioninformation found with this ID");
+ throw new MOADatabaseException("No sessioninformation found with this ID");
}
-
- AssertionStore element = (AssertionStore) result.get(0);
- Object data = SerializationUtils.deserialize(element.getAssertion());
-
+ AssertionStore element = (AssertionStore) o;
+ Object data = SerializationUtils.deserialize(element.getAssertion());
+
if (data instanceof SLOInformationContainer) {
ISLOInformationContainer sloContainer = (ISLOInformationContainer) data;
-
+
//check status
sloBuilder.checkStatusCode(sloContainer, logOutResp);
-
+
if (sloContainer.hasFrontChannelOA()) {
try {
//some response are open
byte[] serializedSLOContainer = SerializationUtils.serialize((Serializable) sloContainer);
element.setAssertion(serializedSLOContainer);
element.setType(sloContainer.getClass().getName());
-
- session.saveOrUpdate(element);
- tx.commit();
-
+
+ // session.saveOrUpdate(element);
+ // tx.commit();
+ Logger.debug("Current Thread putAssertionStore: "+Thread.currentThread().getId());
+ transactionStorage.putAssertionStore(element);
+
//sloContainer could be stored to database
storageSuccess = true;
-
- } catch(HibernateException e) {
- tx.rollback();
+
+ } catch(MOADatabaseException e) {
+ //tx.rollback();
counter++;
Logger.debug("SLOContainter could not stored to database. Wait some time and restart storage process ... ");
java.util.Random rand = new java.util.Random();
-
+
try {
Thread.sleep(rand.nextInt(20)*10);
-
+
} catch (InterruptedException e1) {
Logger.warn("Thread could not stopped. ReStart storage process immediately", e1);
}
}
-
+
} else {
- //last response received.
- try {
- session.delete(element);
- tx.commit();
-
- } catch(HibernateException e) {
- tx.rollback();
- Logger.error("SLOContainter could not deleted from database. ");
-
- }
-
+ Logger.debug("Current Thread removeElement by Artifact: "+Thread.currentThread().getId());
+ transactionStorage.remove(element.getArtifact());
+ // session.delete(element);
+ // tx.commit();
+
storageSuccess = true;
String redirectURL = null;
if (sloContainer.getSloRequest() != null) {
@@ -237,70 +236,72 @@ public class SingleLogOutAction implements IAction {
SingleLogoutService sloService = sloBuilder.getResponseSLODescriptor(sloContainer.getSloRequest());
LogoutResponse message = sloBuilder.buildSLOResponseMessage(sloService, sloContainer.getSloRequest(), sloContainer.getSloFailedOAs());
redirectURL = sloBuilder.getFrontChannelSLOMessageURL(sloService, message, httpReq, httpResp, sloContainer.getSloRequest().getRequest().getRelayState());
-
+
} else {
//print SLO information directly
redirectURL = req.getAuthURL() + "/idpSingleLogout";
-
+
String artifact = Random.nextRandom();
-
- String statusCode = null;
+
+ String statusCode = null;
if (sloContainer.getSloFailedOAs() == null ||
- sloContainer.getSloFailedOAs().size() == 0) {
- statusCode = MOAIDAuthConstants.SLOSTATUS_SUCCESS;
- revisionsLogger.logEvent(sloContainer.getSessionID(), sloContainer.getTransactionID(),
- MOAIDEventConstants.AUTHPROCESS_SLO_ALL_VALID);
-
+ sloContainer.getSloFailedOAs().size() == 0) {
+ statusCode = MOAIDAuthConstants.SLOSTATUS_SUCCESS;
+ revisionsLogger.logEvent(sloContainer.getSessionID(), sloContainer.getTransactionID(),
+ MOAIDEventConstants.AUTHPROCESS_SLO_ALL_VALID);
+
} else {
revisionsLogger.logEvent(sloContainer.getSessionID(), sloContainer.getTransactionID(),
MOAIDEventConstants.AUTHPROCESS_SLO_NOT_ALL_VALID);
- statusCode = MOAIDAuthConstants.SLOSTATUS_ERROR;
-
+ statusCode = MOAIDAuthConstants.SLOSTATUS_ERROR;
+
}
- transactionStorage.put(artifact, statusCode);
- redirectURL = addURLParameter(redirectURL, MOAIDAuthConstants.PARAM_SLOSTATUS, artifact);
-
+ transactionStorage.put(artifact, statusCode, -1);
+ redirectURL = addURLParameter(redirectURL, MOAIDAuthConstants.PARAM_SLOSTATUS, artifact);
+
}
//redirect to Redirect Servlet
String url = req.getAuthURL() + "/RedirectServlet";
url = addURLParameter(url, RedirectServlet.REDIRCT_PARAM_URL, URLEncoder.encode(redirectURL, "UTF-8"));
url = httpResp.encodeRedirectURL(url);
-
+
httpResp.setContentType("text/html");
httpResp.setStatus(302);
httpResp.addHeader("Location", url);
-
+
}
} else {
Logger.warn("Sessioninformation Cast-Exception by using Artifact=" + relayState);
throw new MOADatabaseException("Sessioninformation Cast-Exception");
-
+
}
}
-
- } catch (MOADatabaseException e) {
- Logger.error("MOA AssertionDatabase ERROR", e);
- throw new SLOException("pvp2.19", null);
-
- } catch (UnsupportedEncodingException e) {
- Logger.error("Finale SLO redirct not possible.", e);
- throw new AuthenticationException("pvp2.13", new Object[]{});
-
- } finally {
- if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED)) {
- tx.commit();
-
- }
}
-
-
-
- } else {
- Logger.error("Process SingleLogOutAction but request is NOT of type LogoutRequest or LogoutResponse.");
- throw new MOAIDException("pvp2.13", null);
-
- }
-
+ } catch (MOADatabaseException e) {
+ Logger.error("MOA AssertionDatabase ERROR", e);
+ throw new SLOException("pvp2.19", null);
+
+ } catch (UnsupportedEncodingException e) {
+ Logger.error("Finale SLO redirct not possible.", e);
+ throw new AuthenticationException("pvp2.13", new Object[]{});
+
+ }
+
+ // finally {
+ // if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED)) {
+ // tx.commit();
+ //
+ // }
+ // }
+
+
+
+ } else {
+ Logger.error("Process SingleLogOutAction but request is NOT of type LogoutRequest or LogoutResponse.");
+ throw new MOAIDException("pvp2.13", null);
+
+ }
+
return null;
}
@@ -320,7 +321,7 @@ public class SingleLogOutAction implements IAction {
public String getDefaultActionName() {
return PVP2XProtocol.SINGLELOGOUT;
}
-
+
protected static String addURLParameter(String url, String paramname,
String paramvalue) {
String param = paramname + "=" + paramvalue;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java
index 094e25040..4d7936f25 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java
@@ -35,6 +35,7 @@ import org.hibernate.Transaction;
import org.hibernate.resource.transaction.spi.TransactionStatus;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
import com.fasterxml.jackson.core.JsonProcessingException;
@@ -65,7 +66,7 @@ import at.gv.egovernment.moa.util.MiscUtil;
public class DBAuthenticationSessionStoreage implements IAuthenticationSessionStoreage{
@Autowired AuthConfiguration authConfig;
-
+ @Autowired MOASessionDBUtils moaSessionDBUtils;
private static JsonMapper mapper = new JsonMapper();
@Override
@@ -74,7 +75,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
AuthenticatedSessionStore session;
try {
- session = searchInDatabase(moaSessionID, true);
+ session = searchInDatabase(moaSessionID);
return session.isAuthenticated();
} catch (MOADatabaseException e) {
@@ -104,7 +105,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
encryptSession(session, dbsession);
//store AssertionStore element to Database
- MOASessionDBUtils.saveOrUpdate(dbsession);
+ moaSessionDBUtils.saveOrUpdate(dbsession);
Logger.info("Create MOASession with sessionID: " + id);
return session;
@@ -128,7 +129,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
return null;
try {
- AuthenticatedSessionStore dbsession = searchInDatabase(sessionID, true);
+ AuthenticatedSessionStore dbsession = searchInDatabase(sessionID);
return decryptSession(dbsession);
} catch (MOADatabaseException e) {
@@ -143,7 +144,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
@Override
public AuthenticationSessionExtensions getAuthenticationSessionExtensions(String sessionID) throws MOADatabaseException {
- AuthenticatedSessionStore dbsession = searchInDatabase(sessionID, true);
+ AuthenticatedSessionStore dbsession = searchInDatabase(sessionID);
if (MiscUtil.isNotEmpty(dbsession.getAdditionalInformation())) {
try {
@@ -161,12 +162,12 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
@Override
public void setAuthenticationSessionExtensions(String sessionID, AuthenticationSessionExtensions sessionExtensions) throws MOADatabaseException {
try {
- AuthenticatedSessionStore dbsession = searchInDatabase(sessionID, true);
+ AuthenticatedSessionStore dbsession = searchInDatabase(sessionID);
dbsession.setAdditionalInformation(
mapper.serialize(sessionExtensions));
- MOASessionDBUtils.saveOrUpdate(dbsession);
+ moaSessionDBUtils.saveOrUpdate(dbsession);
Logger.debug("MOASession with sessionID=" + sessionID + " is stored in Database");
@@ -185,7 +186,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
@Override
public void storeSession(AuthenticationSession session) throws MOADatabaseException, BuildException {
try {
- AuthenticatedSessionStore dbsession = searchInDatabase(session.getSessionID(), true);
+ AuthenticatedSessionStore dbsession = searchInDatabase(session.getSessionID());
encryptSession(session, dbsession);
@@ -193,7 +194,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
dbsession.setAuthenticated(session.isAuthenticated());
dbsession.setUpdated(new Date());
- MOASessionDBUtils.saveOrUpdate(dbsession);
+ moaSessionDBUtils.saveOrUpdate(dbsession);
Logger.debug("MOASession with sessionID=" + session.getSessionID() + " is stored in Database");
} catch (MOADatabaseException e) {
@@ -205,7 +206,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
@Override
public void destroySession(String moaSessionID) throws MOADatabaseException {
- Session session = MOASessionDBUtils.getCurrentSession();
+ Session session = moaSessionDBUtils.getCurrentSession();
List<AuthenticatedSessionStore> result;
Transaction tx = null;
@@ -216,6 +217,8 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
Query query = session.getNamedQuery("getSessionWithID");
query.setParameter("sessionid", moaSessionID);
result = query.list();
+
+
Logger.trace("Found entries: " + result.size());
@@ -243,7 +246,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
@Override
public String changeSessionID(AuthenticationSession session, String newSessionID) throws BuildException, MOADatabaseException {
- AuthenticatedSessionStore dbsession = searchInDatabase(session.getSessionID(), true);
+ AuthenticatedSessionStore dbsession = searchInDatabase(session.getSessionID());
Logger.debug("Change SessionID from " + session.getSessionID()
+ "to " + newSessionID);
@@ -257,7 +260,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
//set Timestamp in this state, because automated timestamp generation is buggy in Hibernate 4.2.1
dbsession.setUpdated(new Date());
- MOASessionDBUtils.saveOrUpdate(dbsession);
+ moaSessionDBUtils.saveOrUpdate(dbsession);
Logger.trace("Change SessionID complete.");
@@ -279,9 +282,9 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
AuthenticatedSessionStore session;
try {
- session = searchInDatabase(moaSessionID, true);
+ session = searchInDatabase(moaSessionID);
session.setAuthenticated(isAuthenticated);
- MOASessionDBUtils.saveOrUpdate(session);
+ moaSessionDBUtils.saveOrUpdate(session);
} catch (MOADatabaseException e) {
@@ -293,7 +296,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
public String getMOASessionSSOID(String SSOSessionID) {
MiscUtil.assertNotNull(SSOSessionID, "SSOsessionID");
Logger.trace("Get authenticated session with SSOID " + SSOSessionID + " from database.");
- Session session = MOASessionDBUtils.getCurrentSession();
+ Session session = moaSessionDBUtils.getCurrentSession();
List<AuthenticatedSessionStore> result;
Transaction tx = null;
@@ -331,7 +334,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
@Override
public boolean isSSOSession(String sessionID) throws MOADatabaseException {
try {
- AuthenticatedSessionStore dbsession = searchInDatabase(sessionID, true);
+ AuthenticatedSessionStore dbsession = searchInDatabase(sessionID);
return dbsession.isSSOSession();
} catch (MOADatabaseException e) {
@@ -346,7 +349,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
//TODO: is this method really needed??
MiscUtil.assertNotNull(SSOId, "SSOSessionID");
Logger.trace("Get authenticated session with SSOID " + SSOId + " from database.");
- Session session = MOASessionDBUtils.getCurrentSession();
+ Session session = moaSessionDBUtils.getCurrentSession();
List<AuthenticatedSessionStore> result;
Transaction tx = null;
@@ -387,7 +390,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
try {
- Session session = MOASessionDBUtils.getCurrentSession();
+ Session session = moaSessionDBUtils.getCurrentSession();
List<AuthenticatedSessionStore> result;
Logger.trace("Add SSO information to session " + moaSessionID);
@@ -487,63 +490,63 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
@Override
public List<OASessionStore> getAllActiveOAFromMOASession(AuthenticationSession moaSession) {
MiscUtil.assertNotNull(moaSession, "MOASession");
- Session session = null;
-
- try {
- List<OASessionStore> oas = new ArrayList<OASessionStore>();
-
- AuthenticatedSessionStore dbsession = searchInDatabase(moaSession.getSessionID(), false);
- oas.addAll(dbsession.getActiveOAsessions());
-
- session = MOASessionDBUtils.getCurrentSession();
- session.getTransaction().commit();
-
- return oas;
-
- } catch (MOADatabaseException e) {
- Logger.warn("NO session information found for sessionID " + moaSession.getSessionID(), e);
-
- } catch (Exception e) {
- if (session != null && session.getTransaction() != null
- && !session.getTransaction().getStatus().equals(TransactionStatus.COMMITTED)) {
- session.getTransaction().rollback();
- throw e;
-
- }
-
- }
-
- return null;
+
+ Logger.trace("Get OAs for moaSession " + moaSession.getSessionID() + " from database.");
+ Session session = moaSessionDBUtils.getCurrentSession();
+
+ List<OASessionStore> result;
+ Transaction tx = null;
+ try {
+ synchronized (session) {
+ tx = session.beginTransaction();
+ Query query = session.getNamedQuery("getAllActiveOAsForSessionID");
+ query.setParameter("sessionID", moaSession.getSessionID());
+ result = query.list();
+
+ //send transaction
+ tx.commit();
+ }
+
+ Logger.trace("Found entries: " + result.size());
+
+ return result;
+
+ } catch (Exception e) {
+ if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED))
+ tx.rollback();
+ throw e;
+ }
}
@Override
public List<InterfederationSessionStore> getAllActiveIDPsFromMOASession(AuthenticationSession moaSession) {
MiscUtil.assertNotNull(moaSession, "MOASession");
- Session session = null;
- try {
- List<InterfederationSessionStore> idps = new ArrayList<InterfederationSessionStore>();
- AuthenticatedSessionStore dbsession = searchInDatabase(moaSession.getSessionID(), false);
- idps.addAll(dbsession.getInderfederation());
-
- session = MOASessionDBUtils.getCurrentSession();
- session.getTransaction().commit();
-
- return idps;
-
- } catch (MOADatabaseException e) {
- Logger.warn("NO session information found for sessionID " + moaSession.getSessionID(), e);
-
- } catch (Exception e) {
- if (session != null && session.getTransaction() != null
- && !session.getTransaction().getStatus().equals(TransactionStatus.COMMITTED)) {
- session.getTransaction().rollback();
- throw e;
-
- }
-
- }
-
- return null;
+
+ Logger.trace("Get active IDPs for moaSession " + moaSession.getSessionID() + " from database.");
+ Session session = moaSessionDBUtils.getCurrentSession();
+
+ List<InterfederationSessionStore> result;
+ Transaction tx = null;
+ try {
+ synchronized (session) {
+ tx = session.beginTransaction();
+ Query query = session.getNamedQuery("getAllActiveIDPsForSessionID");
+ query.setParameter("sessionID", moaSession.getSessionID());
+ result = query.list();
+
+ //send transaction
+ tx.commit();
+ }
+
+ Logger.trace("Found entries: " + result.size());
+
+ return result;
+
+ } catch (Exception e) {
+ if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED))
+ tx.rollback();
+ throw e;
+ }
}
@Override
@@ -552,7 +555,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
MiscUtil.assertNotNull(userNameID, "userNameID");
Logger.trace("Get moaSession for userNameID " + userNameID + " and OA "
+ oaID + " from database.");
- Session session = MOASessionDBUtils.getCurrentSession();
+ Session session = moaSessionDBUtils.getCurrentSession();
Transaction tx = null;
List<AuthenticatedSessionStore> result = null;;
@@ -598,7 +601,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
MiscUtil.assertNotNull(protocolType, "usedProtocol");
Logger.trace("Get active OnlineApplication for sessionID " + moaSession.getSessionID() + " with OAID "
+ oaID + " from database.");
- Session session = MOASessionDBUtils.getCurrentSession();
+ Session session = moaSessionDBUtils.getCurrentSession();
List<AuthenticatedSessionStore> result;
Transaction tx = null;
@@ -640,7 +643,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
try {
MiscUtil.assertNotNull(nameID, "nameID");
Logger.trace("Get authenticated session with pedingRequestID " + nameID + " from database.");
- Session session = MOASessionDBUtils.getCurrentSession();
+ Session session = moaSessionDBUtils.getCurrentSession();
List<AuthenticatedSessionStore> result;
@@ -677,7 +680,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
public InterfederationSessionStore searchInterfederatedIDPFORSSOWithMOASession(String sessionID) {
MiscUtil.assertNotNull(sessionID, "MOASession");
Logger.trace("Get interfederated IDP for SSO with sessionID " + sessionID + " from database.");
- Session session = MOASessionDBUtils.getCurrentSession();
+ Session session = moaSessionDBUtils.getCurrentSession();
List<AuthenticatedSessionStore> result;
Transaction tx = null;
@@ -714,7 +717,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
MiscUtil.assertNotNull(sessionID, "MOASession");
MiscUtil.assertNotNull(idpID, "Interfederated IDP ID");
Logger.trace("Get interfederated IDP "+ idpID + " for SSO with sessionID " + sessionID + " from database.");
- Session session = MOASessionDBUtils.getCurrentSession();
+ Session session = moaSessionDBUtils.getCurrentSession();
List<AuthenticatedSessionStore> result;
Transaction tx = null;
@@ -756,7 +759,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
String moaSession = getMOASessionSSOID(req.getMOASessionIdentifier());
if (MiscUtil.isNotEmpty(moaSession)) {
try {
- dbsession = searchInDatabase(moaSession, true);
+ dbsession = searchInDatabase(moaSession);
}catch (MOADatabaseException e) {
Logger.error("NO MOASession found but MOASession MUST already exist!");
@@ -818,7 +821,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
//store AssertionStore element to Database
try {
- MOASessionDBUtils.saveOrUpdate(dbsession);
+ moaSessionDBUtils.saveOrUpdate(dbsession);
} catch (MOADatabaseException e) {
Logger.warn("MOASession could not be created.");
@@ -831,7 +834,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
public InterfederationSessionStore searchInterfederatedIDPFORAttributeQueryWithSessionID(String moaSessionID) {
MiscUtil.assertNotNull(moaSessionID, "MOASessionID");
Logger.trace("Get interfederated IDP for AttributeQuery with sessionID " + moaSessionID + " from database.");
- Session session = MOASessionDBUtils.getCurrentSession();
+ Session session = moaSessionDBUtils.getCurrentSession();
List<AuthenticatedSessionStore> result;
Transaction tx = null;
@@ -872,7 +875,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
MiscUtil.assertNotNull(pedingRequestID, "pedingRequestID");
Logger.trace("Get authenticated session with pedingRequestID " + pedingRequestID + " from database.");
- Session session = MOASessionDBUtils.getCurrentSession();
+ Session session = moaSessionDBUtils.getCurrentSession();
List<AuthenticatedSessionStore> result;
@@ -907,7 +910,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
}
}
- MOASessionDBUtils.saveOrUpdate(authsession);
+ moaSessionDBUtils.saveOrUpdate(authsession);
return true;
} catch (Throwable e) {
@@ -922,7 +925,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
Date expioredateupdate = new Date(now.getTime() - authDataTimeOutUpdated);
List<AuthenticatedSessionStore> results;
- Session session = MOASessionDBUtils.getCurrentSession();
+ Session session = moaSessionDBUtils.getCurrentSession();
Transaction tx = null;
try {
synchronized (session) {
@@ -972,26 +975,26 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
}
- private static void cleanDelete(AuthenticatedSessionStore result) {
+ private void cleanDelete(AuthenticatedSessionStore result) {
try {
result.setSession("blank".getBytes());
- MOASessionDBUtils.saveOrUpdate(result);
+ moaSessionDBUtils.saveOrUpdate(result);
} catch (MOADatabaseException e) {
Logger.warn("Blank authenticated session with sessionID=" + result.getSessionid() + " FAILED.", e);
} finally {
- if (!MOASessionDBUtils.delete(result))
+ if (!moaSessionDBUtils.delete(result))
Logger.error("Authenticated session with sessionID=" + result.getSessionid() + " not removed! (Error during Database communication)");
}
}
@SuppressWarnings("rawtypes")
- private static AuthenticatedSessionStore searchInDatabase(String sessionID, boolean commit) throws MOADatabaseException {
+ private AuthenticatedSessionStore searchInDatabase(String sessionID) throws MOADatabaseException {
MiscUtil.assertNotNull(sessionID, "moasessionID");
Logger.trace("Get authenticated session with sessionID " + sessionID + " from database.");
- Session session = MOASessionDBUtils.getCurrentSession();
+ Session session = moaSessionDBUtils.getCurrentSession();
List result;
Transaction tx = null;
@@ -1003,8 +1006,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
result = query.list();
//send transaction
- if (commit)
- tx.commit();
+ tx.commit();
}
Logger.trace("Found entries: " + result.size());
@@ -1019,7 +1021,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
return (AuthenticatedSessionStore) result.get(0);
} catch (Exception e) {
- if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED) && commit)
+ if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED))
tx.rollback();
throw e;
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBTransactionStorage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBTransactionStorage.java
index c2b3b0fc5..fa8ca8547 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBTransactionStorage.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBTransactionStorage.java
@@ -27,24 +27,31 @@ import java.util.ArrayList;
import java.util.Date;
import java.util.List;
+import javax.persistence.EntityManager;
+import javax.persistence.PersistenceContext;
+import javax.persistence.PersistenceException;
+import javax.persistence.Query;
+
import org.apache.commons.lang.SerializationUtils;
import org.hibernate.HibernateException;
-import org.hibernate.Query;
-import org.hibernate.Session;
-import org.springframework.stereotype.Service;
+import org.springframework.stereotype.Repository;
+import org.springframework.transaction.annotation.Transactional;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
-import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils;
import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.MiscUtil;
-@Service("TransactionStorage")
+@Repository
+@Transactional("sessionTransactionManager")
public class DBTransactionStorage implements ITransactionStorage {
-
+
+ @PersistenceContext(unitName="session")
+ private EntityManager entityManager;
+
public boolean containsKey(String key) {
- try {
+ try {
searchInDatabase(key);
return true;
@@ -73,7 +80,7 @@ public class DBTransactionStorage implements ITransactionStorage {
}
- public void put(String key, Object value) throws MOADatabaseException {
+ public void put(String key, Object value, int timeout_ms) throws MOADatabaseException {
//search if key already exists
AssertionStore element = searchInDatabase(key);
@@ -97,7 +104,11 @@ public class DBTransactionStorage implements ITransactionStorage {
Logger.error("This exeption should not occur!!!!", e);
return null;
- }
+ }
+ }
+
+ public Object getAssertionStore(String key) throws MOADatabaseException{
+ return searchInDatabase(key);
}
public Object get(String key) throws MOADatabaseException {
@@ -151,16 +162,12 @@ public class DBTransactionStorage implements ITransactionStorage {
List<AssertionStore> results;
List<String> returnValues = new ArrayList<String>();;
- Session session = MOASessionDBUtils.getCurrentSession();
- synchronized (session) {
- session.beginTransaction();
- Query query = session.getNamedQuery("getAssertionWithTimeOut");
- query.setTimestamp("timeout", expioredate);
- results = query.list();
- session.getTransaction().commit();
- }
+ Query query = entityManager.createNamedQuery("getAssertionWithTimeOut");
+ query.setParameter("timeout", expioredate);
+ results = query.getResultList();
+
if (results != null) {
for (AssertionStore el : results)
returnValues.add(el.getArtifact());
@@ -187,24 +194,21 @@ public class DBTransactionStorage implements ITransactionStorage {
Logger.info("Sessioninformation not removed! (Message:"+ e.getMessage() + ")");
} catch (HibernateException e) {
- Logger.warn("Sessioninformation not removed! (Error during Database communication)", e);
+ Logger.warn("Sessioninformation not removed! (Erreor during Database communication)", e);
}
}
private void cleanDelete(AssertionStore element) {
- try {
- element.setAssertion("blank".getBytes());
- MOASessionDBUtils.saveOrUpdate(element);
-
- } catch (MOADatabaseException e) {
- Logger.warn("Blank shortTime session with artifact=" + element.getArtifact() + " FAILED.", e);
+
- } finally {
- if (!MOASessionDBUtils.delete(element))
+ try{
+ element.setAssertion("blank".getBytes());
+ entityManager.merge(element);
+ entityManager.remove(element);
+ }catch(PersistenceException e){
Logger.error("ShortTime session with artifact=" + element.getArtifact()
+ " not removed! (Error during Database communication)");
-
- }
+ }
}
@@ -212,29 +216,23 @@ public class DBTransactionStorage implements ITransactionStorage {
private AssertionStore searchInDatabase(String artifact) throws MOADatabaseException {
MiscUtil.assertNotNull(artifact, "artifact");
Logger.trace("Getting sessioninformation with ID " + artifact + " from database.");
- Session session = MOASessionDBUtils.getCurrentSession();
- List result;
+ List<AssertionStore> results;
- synchronized (session) {
- session.beginTransaction();
- Query query = session.getNamedQuery("getAssertionWithArtifact");
- query.setParameter("artifact", artifact);
- result = query.list();
+ Query query = entityManager.createNamedQuery("getAssertionWithArtifact");
+ query.setParameter("artifact", artifact);
- //send transaction
- session.getTransaction().commit();
- }
+ results = query.getResultList();
- Logger.trace("Found entries: " + result.size());
+ Logger.trace("Found entries: " + results.size());
//Assertion requires an unique artifact
- if (result.size() != 1) {
+ if (results.size() != 1) {
Logger.debug("No transaction information with ID:" + artifact + " found.");
return null;
}
- return (AssertionStore) result.get(0);
+ return results.get(0);
}
private void put(AssertionStore element, String key, Object value) throws MOADatabaseException {
@@ -253,15 +251,23 @@ public class DBTransactionStorage implements ITransactionStorage {
element.setAssertion(data);
//store AssertionStore element to Database
- try {
- MOASessionDBUtils.saveOrUpdate(element);
+ //try {
+ entityManager.merge(element);
+ //MOASessionDBUtils.saveOrUpdate(element);
Logger.debug(value.getClass().getName() + " with ID: " + key + " is stored in Database");
-
- } catch (MOADatabaseException e) {
- Logger.warn("Sessioninformation could not be stored.");
- throw new MOADatabaseException(e);
-
- }
+//
+// } catch (MOADatabaseException e) {
+// Logger.warn("Sessioninformation could not be stored.");
+// throw new MOADatabaseException(e);
+//
+// }
+
+ }
+
+ @Override
+ public void putAssertionStore(Object element) throws MOADatabaseException{
+ // TODO Auto-generated method stub
+ entityManager.merge(element);
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/ITransactionStorage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/ITransactionStorage.java
index 493f24ee8..53a7f4f5e 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/ITransactionStorage.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/ITransactionStorage.java
@@ -48,9 +48,10 @@ public interface ITransactionStorage {
* @param key Id which identifiers the data object
* @param value Data object which should be stored.
* This data must implement the <code>java.io.Serializable</code> interface
+ * @param timeout_ms Defines the period of time a data object is kept within the storage
* @throws MOADatabaseException In case of store operation failed
*/
- public void put(String key, Object value) throws MOADatabaseException;
+ public void put(String key, Object value, int timeout_ms) throws MOADatabaseException;
/**
* Get a data object from transaction storage
@@ -110,4 +111,21 @@ public interface ITransactionStorage {
*/
public List<String> clean(Date now, long dataTimeOut);
+
+ /**
+ * Get whole AssertionStoreObject, required for SLO
+ *
+ * @param key key Id which identifiers the data object
+ * @return The transaction-data object, or null
+ * @throws MOADatabaseException In case of load operation failed
+ */
+ public Object getAssertionStore(String key) throws MOADatabaseException;
+
+ /**
+ * Put whole AssertionStoreObject to db, required for SLO
+ *
+ * @param element assertion store object
+ */
+ public void putAssertionStore(Object element) throws MOADatabaseException;
+
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/RedisTransactionStorage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/RedisTransactionStorage.java
new file mode 100644
index 000000000..c17bff358
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/RedisTransactionStorage.java
@@ -0,0 +1,377 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.storage;
+
+import java.io.Serializable;
+import java.util.ArrayList;
+import java.util.Date;
+import java.util.List;
+import java.util.Random;
+import java.util.concurrent.TimeUnit;
+
+import org.apache.commons.lang.SerializationUtils;
+import org.hibernate.HibernateException;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.dao.DataAccessException;
+import org.springframework.data.redis.core.RedisOperations;
+import org.springframework.data.redis.core.RedisTemplate;
+import org.springframework.data.redis.core.SessionCallback;
+import org.springframework.data.redis.serializer.JacksonJsonRedisSerializer;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+
+import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
+import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
+import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils;
+import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore;
+import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
+import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+@Service("TransactionStorage")
+public class RedisTransactionStorage implements ITransactionStorage {
+
+ @Autowired
+ private RedisTemplate<String, Object> redisTemplate;
+
+ @Autowired
+ protected AuthConfiguration authConfig;
+
+ @Autowired
+ private JacksonJsonRedisSerializer assertionStoreSerializer;
+
+ public RedisTemplate<String, Object> getTemplate(){
+ return this.redisTemplate;
+ }
+
+ public void setTemplate(RedisTemplate<String, Object> t){
+ this.redisTemplate = t;
+ }
+
+ public boolean containsKey(String key) {
+ try {
+ searchInDatabase(key);
+ return true;
+
+ } catch (MOADatabaseException e) {
+ return false;
+ }
+
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.storage.ITransactionStorage#changeKey(java.lang.String, java.lang.String, java.lang.Object)
+ */
+ @Override
+ public void changeKey(String oldKey, String newKey, Object value) throws MOADatabaseException {
+
+ //search if key already exists
+ final int expTime = redisTemplate.getExpire(oldKey, TimeUnit.MILLISECONDS).intValue();
+ //AssertionStore element = searchInDatabase(oldKey);
+ if (expTime < 0) {
+ Logger.info("No transaction-data with oldKey:" + oldKey
+ + " found. Process gets stopped.");
+ throw new MOADatabaseException("No transaction-data with oldKey:" + oldKey
+ + " found. Process gets stopped.");
+
+ }
+
+ //Important: Rename not working here, because the new ID also has to be put into the
+ //value object.
+ //redisTemplate.rename(oldKey, newKey);
+
+ final String old_key = oldKey;
+
+ //redisTemplate.delete(oldKey);
+ //put(null, newKey, value, expTime);
+ final AssertionStore assertion = prepareAssertion(null, newKey, value);
+ List<Object> txResults = redisTemplate.execute(new SessionCallback<List<Object>>() {
+ public List<Object> execute(RedisOperations operations) throws DataAccessException {
+ operations.multi();
+ operations.delete(old_key);
+ operations.opsForValue().set(assertion.getArtifact(), new String(assertionStoreSerializer.serialize(assertion)),expTime,TimeUnit.MILLISECONDS);
+ // This will contain the results of all ops in the transaction
+ return operations.exec();
+ }
+ });
+
+ int a= txResults.size();
+ }
+
+ public void put(String key, Object value, int timeoutms) throws MOADatabaseException {
+
+ //search if key already exists
+ AssertionStore element = searchInDatabase(key);
+
+ //create a new entry if key does not exists already
+ if (element == null) {
+ element = new AssertionStore();
+
+ }
+
+ put(element, key, value, timeoutms);
+ }
+
+ public <T> T get(String key,
+ final Class<T> clazz) throws MOADatabaseException {
+
+ try {
+ return get(key, clazz, -1);
+
+ } catch (AuthenticationException e) {
+ //this execption only occurs if an additional timeOut is used
+ Logger.error("This exeption should not occur!!!!", e);
+ return null;
+
+ }
+ }
+
+ public Object get(String key) throws MOADatabaseException {
+ AssertionStore element = searchInDatabase(key);
+
+ if (element == null)
+ return null;
+
+ return SerializationUtils.deserialize(element.getAssertion());
+
+
+ }
+
+ public <T> T get(String key, final Class<T> clazz, long dataTimeOut) throws MOADatabaseException, AuthenticationException {
+
+ AssertionStore element = searchInDatabase(key);
+
+ if (element == null)
+ return null;
+
+// dataTimeOut = -1;
+// if (dataTimeOut > -1) {
+// //check timeout
+// long now = new Date().getTime();
+//
+// if (now - element.getDatatime().getTime() > dataTimeOut) {
+// Logger.info("Transaction-Data with key: " + key + " is out of time.");
+// throw new AuthenticationException("1207", new Object[] { key });
+//
+// }
+// }
+
+
+ //Deserialize Assertion
+ Object data = SerializationUtils.deserialize(element.getAssertion());
+
+ //check if assertion has the correct class type
+ try {
+ @SuppressWarnings("unchecked")
+ T test = (T) Class.forName(element.getType()).cast(data);
+ return test;
+
+ } catch (Exception e) {
+ Logger.warn("Sessioninformation Cast-Exception by using Artifact=" + key);
+ throw new MOADatabaseException("Sessioninformation Cast-Exception");
+
+ }
+ }
+
+ //NOT USED with REDIS
+ public List<String> clean(Date now, long dataTimeOut) {
+
+ //redis enables to set TTL when creating new values, so we don't need this function anymore
+
+// Date expioredate = new Date(now.getTime() - dataTimeOut);
+//
+// List<AssertionStore> results;
+ List<String> returnValues = new ArrayList<String>();
+// Session session = MOASessionDBUtils.getCurrentSession();
+//
+// synchronized (session) {
+// session.beginTransaction();
+// Query query = session.getNamedQuery("getAssertionWithTimeOut");
+// query.setTimestamp("timeout", expioredate);
+// results = query.list();
+// session.getTransaction().commit();
+// }
+//
+// if (results != null) {
+// for (AssertionStore el : results)
+// returnValues.add(el.getArtifact());
+//
+// }
+ return returnValues;
+ }
+
+ public void remove(String key) {
+
+ try {
+
+ AssertionStore element = searchInDatabase(key);
+ if (element == null) {
+ Logger.debug("Sessioninformation not removed! (Sessioninformation with ID=" + key
+ + "not found)");
+ return;
+ }
+
+ redisTemplate.delete(key);
+ //cleanDelete(element);
+ Logger.debug("Removed stored information with ID: " + key);
+
+
+ } catch (MOADatabaseException e) {
+ Logger.info("Sessioninformation not removed! (Message:"+ e.getMessage() + ")");
+
+ } catch (HibernateException e) {
+ Logger.warn("Sessioninformation not removed! (Error during Database communication)", e);
+ }
+ }
+
+ //Not used within REDIS store
+ private void cleanDelete(AssertionStore element) {
+// try {
+// element.setAssertion("blank".getBytes());
+// MOASessionDBUtils.saveOrUpdate(element);
+//
+// } catch (MOADatabaseException e) {
+// Logger.warn("Blank shortTime session with artifact=" + element.getArtifact() + " FAILED.", e);
+//
+// } finally {
+// if (!MOASessionDBUtils.delete(element))
+// Logger.error("ShortTime session with artifact=" + element.getArtifact()
+// + " not removed! (Error during Database communication)");
+//
+// }
+
+ }
+
+ //name="getAssertionWithArtifact", query = "select assertionstore from AssertionStore assertionstore where assertionstore.artifact = :artifact"),
+ //@NamedQuery(name="getAssertionWithTimeOut", query = "select assertionstore from AssertionStore assertionstore where assertionstore.timestamp < :timeout")
+
+ @SuppressWarnings("rawtypes")
+ private AssertionStore searchInDatabase(String artifact) throws MOADatabaseException {
+ MiscUtil.assertNotNull(artifact, "artifact");
+ Logger.trace("Getting sessioninformation with ID " + artifact + " from database.");
+
+
+// Session session = MOASessionDBUtils.getCurrentSession();
+// List result;
+//
+// synchronized (session) {
+// session.beginTransaction();
+// Query query = session.getNamedQuery("getAssertionWithArtifact");
+// query.setParameter("artifact", artifact);
+// result = query.list();
+//
+// //send transaction
+// session.getTransaction().commit();
+// }
+ //String id = (String) redisTemplate.opsForSet().pop(artifact);
+ String assertion = (String) redisTemplate.opsForValue().get(artifact);
+ //String id = (String) redisTemplate.opsForValue().get(artifact);
+ if(assertion == null){
+ Logger.debug("No transaction information with ID:" + artifact + " found.");
+ return null;
+ }
+
+ AssertionStore as = (AssertionStore) assertionStoreSerializer.deserialize(assertion.getBytes());
+ //delete the timestamp entry
+// String ts = as.getDatatime().toString();
+// redisTemplate.opsForSet().pop(ts);
+
+ if(as == null){
+ Logger.debug("No transaction information with ID:" + artifact + " found.");
+ return null;
+ }
+ return as;
+
+ //Assertion requires an unique artifact
+// if (result.size() != 1) {
+// Logger.debug("No transaction information with ID:" + artifact + " found.");
+//
+//
+// }
+//
+// return (AssertionStore) result.get(0);
+ }
+
+ private void put(AssertionStore element, String key, Object value, int timeoutms) throws MOADatabaseException {
+
+ element = prepareAssertion(element, key, value);
+
+ int authDataTimeOut = authConfig.getTransactionTimeOut() * 1000;
+
+ if(timeoutms != -1){
+ authDataTimeOut = timeoutms;
+ }
+ redisTemplate.opsForValue().set(element.getArtifact(), new String(assertionStoreSerializer.serialize(element)),authDataTimeOut,TimeUnit.MILLISECONDS);
+ //MOASessionDBUtils.saveOrUpdate(element);
+ Logger.debug(value.getClass().getName() + " with ID: " + key + " is stored in Database");
+
+ }
+
+private AssertionStore prepareAssertion(AssertionStore element, String key, Object value) throws MOADatabaseException {
+
+ if(element == null)
+ element = new AssertionStore();
+
+ element.setArtifact(key);
+ element.setType(value.getClass().getName());
+ element.setDatatime(new Date());
+
+ if (!Serializable.class.isInstance(value)) {
+ Logger.warn("Transaction-Storage can only store objects which implements the 'Seralizable' interface");
+ throw new MOADatabaseException("Transaction-Storage can only store objects which implements the 'Seralizable' interface", null);
+ }
+
+ //serialize the Assertion for Database storage
+ byte[] data = SerializationUtils.serialize((Serializable) value);
+ element.setAssertion(data);
+
+ long id = new Random().nextLong();
+ element.setId(id);
+
+ return element;
+
+ }
+
+@Override
+public Object getAssertionStore(String key) throws MOADatabaseException {
+ return searchInDatabase(key);
+}
+
+@Override
+public void putAssertionStore(Object element) throws MOADatabaseException {
+ // TODO Auto-generated method stub
+ AssertionStore as = (AssertionStore)element;
+ final int expTime = redisTemplate.getExpire(as.getArtifact(), TimeUnit.MILLISECONDS).intValue();
+ //AssertionStore element = searchInDatabase(oldKey);
+ if (expTime < 0) {
+ Logger.info("No transaction-data with oldKey:" + as.getArtifact()
+ + " found. Process gets stopped.");
+ throw new MOADatabaseException("No transaction-data with oldKey:" + as.getArtifact()
+ + " found. Process gets stopped.");
+
+ }
+ redisTemplate.opsForValue().set(as.getArtifact(), new String(assertionStoreSerializer.serialize(element)),expTime,TimeUnit.MILLISECONDS);
+
+}
+
+}