aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2013-07-26 17:06:11 +0200
committerThomas Lenz <tlenz@iaik.tugraz.at>2013-07-26 17:06:11 +0200
commitcc2e2e4ecf5bd8c4bbe16edba5a7d63fa808adcb (patch)
tree21707a6f7248c0955eee6bba34621fdaee29730e /id/server/idserverlib/src/main
parent59fd2c0ea0649c94340d67b735a2d53696065e4c (diff)
downloadmoa-id-spss-cc2e2e4ecf5bd8c4bbe16edba5a7d63fa808adcb.tar.gz
moa-id-spss-cc2e2e4ecf5bd8c4bbe16edba5a7d63fa808adcb.tar.bz2
moa-id-spss-cc2e2e4ecf5bd8c4bbe16edba5a7d63fa808adcb.zip
Bugfix:
Database Session management
Diffstat (limited to 'id/server/idserverlib/src/main')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java3
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java41
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java32
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestImpl.java6
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestStorage.java5
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java6
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java2
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/HTTPSessionUtils.java116
8 files changed, 116 insertions, 95 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
index ffcb85044..c71b6f8c7 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
@@ -387,8 +387,7 @@ public class AuthConfigurationProvider extends ConfigurationProvider {
//set TrustManagerRevocationChecking
setTrustManagerRevocationChecking();
-
-
+
} catch (Throwable t) {
throw new ConfigurationException("config.02", null, t);
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
index e7b41e3c9..f70596949 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
@@ -123,8 +123,6 @@ public class DispatcherServlet extends AuthServlet{
}
-
-
if (errorRequest != null) {
try {
@@ -240,11 +238,22 @@ public class DispatcherServlet extends AuthServlet{
if (protocolRequests.containsKey(protocolRequestID)) {
protocolRequest = protocolRequests.get(protocolRequestID);
+
+
+ Logger.debug(DispatcherServlet.class.getName()+": Found PendingRequest with ID " + protocolRequestID);
+
//RequestStorage.setPendingRequest(httpSession, protocolRequests);
} else {
- resp.sendError(HttpServletResponse.SC_CONFLICT);
- Logger.error("No PendingRequest with ID " + protocolRequestID + " found for this session!");
+ Logger.error("No PendingRequest with ID " + protocolRequestID + " found.!");
+
+ Set<String> mapkeys = protocolRequests.keySet();
+ for (String el : mapkeys)
+ Logger.debug("PendingRequest| ID=" + el + " OAIdentifier=" + protocolRequests.get(el));
+
+ handleErrorNoRedirect("Während des Anmeldevorgangs ist ein Fehler aufgetreten. Bitte versuchen Sie es noch einmal.",
+ null, req, resp);
+ //resp.sendError(HttpServletResponse.SC_CONFLICT);
return;
}
// }
@@ -265,12 +274,10 @@ public class DispatcherServlet extends AuthServlet{
if (value.getOAURL().equals(protocolRequest.getOAURL())) {
if(!AuthenticationSessionStoreage.deleteSessionWithPendingRequestID(el)) {
- Logger.warn("NO MOASession with PendingRequestID " + el + " found. Delete all user sessions!");
+ Logger.warn(DispatcherServlet.class.getName()+": NO MOASession with PendingRequestID " + el + " found. Delete all user sessions!");
RequestStorage.removeAllPendingRequests(req.getSession());
} else {
-
-
RequestStorage.removePendingRequest(protocolRequests, el);
}
}
@@ -291,6 +298,7 @@ public class DispatcherServlet extends AuthServlet{
protocolRequestID = Random.nextRandom();
protocolRequest.setRequestID(protocolRequestID);
protocolRequests.put(protocolRequestID, protocolRequest);
+ Logger.debug(DispatcherServlet.class.getName()+": Create PendingRequest with ID " + protocolRequestID + ".");
}
}
}
@@ -312,7 +320,8 @@ public class DispatcherServlet extends AuthServlet{
//load Parameters from OnlineApplicationConfiguration
OAAuthParameter oaParam = AuthConfigurationProvider.getInstance()
- .getOnlineApplicationParameter(protocolRequest.getOAURL());
+ .getOnlineApplicationParameter(protocolRequest.getOAURL());
+
if (oaParam == null) {
throw new AuthenticationException("auth.00", new Object[] { protocolRequest.getOAURL() });
}
@@ -402,8 +411,11 @@ public class DispatcherServlet extends AuthServlet{
else {
//TODO: maybe transmit moasessionID with http GET to handle more then one PendingRequest!
- moasessionID = HTTPSessionUtils.getHTTPSessionString(req.getSession(),
- AuthenticationManager.MOA_SESSION, null);
+ moasessionID = (String) req.getParameter(PARAM_SESSIONID);
+
+// moasessionID = HTTPSessionUtils.getHTTPSessionString(req.getSession(),
+// AuthenticationManager.MOA_SESSION, null);
+
moasession = AuthenticationSessionStoreage.getSession(moasessionID);
}
@@ -418,8 +430,11 @@ public class DispatcherServlet extends AuthServlet{
}
} else {
- moasessionID = HTTPSessionUtils.getHTTPSessionString(req.getSession(),
- AuthenticationManager.MOA_SESSION, null);
+// moasessionID = HTTPSessionUtils.getHTTPSessionString(req.getSession(),
+// AuthenticationManager.MOA_SESSION, null);
+
+ moasessionID = (String) req.getParameter(PARAM_SESSIONID);
+
moasession = AuthenticationSessionStoreage.getSession(moasessionID);
}
@@ -437,7 +452,7 @@ public class DispatcherServlet extends AuthServlet{
authmanager.logout(req, resp, moasessionID);
}
-// ConfigurationDBUtils.closeSession();
+ ConfigurationDBUtils.closeSession();
//authmanager.logout(req, resp);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
index b9f0b2144..be0132c14 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
@@ -48,20 +48,20 @@ public class AuthenticationManager extends AuthServlet {
}
- public AuthenticationSession getAuthenticationSession(
- HttpSession session) {
- String sessionID = HTTPSessionUtils.getHTTPSessionString(session,
- MOA_SESSION, null);
- if (sessionID != null) {
- try {
- return AuthenticationSessionStoreage.getSession(sessionID);
-
- } catch (MOADatabaseException e) {
- return null;
- }
- }
- return null;
- }
+// public AuthenticationSession getAuthenticationSession(
+// HttpSession session) {
+// String sessionID = HTTPSessionUtils.getHTTPSessionString(session,
+// MOA_SESSION, null);
+// if (sessionID != null) {
+// try {
+// return AuthenticationSessionStoreage.getSession(sessionID);
+//
+// } catch (MOADatabaseException e) {
+// return null;
+// }
+// }
+// return null;
+// }
// /**
// * Checks if the session is authenticated
@@ -134,8 +134,8 @@ public class AuthenticationManager extends AuthServlet {
AuthenticationSessionStoreage.storeSession(authSession);
- HTTPSessionUtils.setHTTPSessionString(session, MOA_SESSION,
- sessionID);
+// HTTPSessionUtils.setHTTPSessionString(session, MOA_SESSION,
+// sessionID);
return true; // got authenticated
}
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestImpl.java
index 420f11622..d47e8df05 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestImpl.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestImpl.java
@@ -1,7 +1,11 @@
package at.gv.egovernment.moa.id.moduls;
-public class RequestImpl implements IRequest {
+import java.io.Serializable;
+public class RequestImpl implements IRequest, Serializable{
+
+ private static final long serialVersionUID = 1L;
+
private String oaURL;
private boolean passiv = false;
private boolean force = false;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestStorage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestStorage.java
index 35481a0a1..d33d4693d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestStorage.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestStorage.java
@@ -41,6 +41,9 @@ public class RequestStorage {
}
public static void removeAllPendingRequests(HttpSession session) {
+
+ Logger.debug(RequestStorage.class.getName()+": Remove all PendingRequests");
+
session.setAttribute(PENDING_REQUEST, null);
}
@@ -54,7 +57,7 @@ public class RequestStorage {
if (requestmap.containsKey(requestID)) {
requestmap.remove(requestID);
- Logger.debug("Remove PendingRequest with ID " + requestID);
+ Logger.debug(RequestStorage.class.getName()+": Remove PendingRequest with ID " + requestID);
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
index 82273da83..18eeae58e 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
@@ -59,10 +59,10 @@ public class SSOManager {
return false;
}
- String moaSessionId =HTTPSessionUtils.getHTTPSessionString(httpReq.getSession(),
- AuthenticationManager.MOA_SESSION, null);
+// String moaSessionId =HTTPSessionUtils.getHTTPSessionString(httpReq.getSession(),
+// AuthenticationManager.MOA_SESSION, null);
- return AuthenticationSessionStoreage.isValidSessionWithSSOID(ssoSessionID, moaSessionId);
+ return AuthenticationSessionStoreage.isValidSessionWithSSOID(ssoSessionID, null);
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
index 1f71bf8bf..498188ffe 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
@@ -346,7 +346,7 @@ public class AuthenticationSessionStoreage {
public static boolean isValidSessionWithSSOID(String SSOId, String moaSessionId) {
- MiscUtil.assertNotNull(SSOId, "moasessionID");
+ MiscUtil.assertNotNull(SSOId, "SSOSessionID");
Logger.trace("Get authenticated session with SSOID " + SSOId + " from database.");
Session session = MOASessionDBUtils.getCurrentSession();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/HTTPSessionUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/HTTPSessionUtils.java
index 896fc6d5d..1e9cb9024 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/HTTPSessionUtils.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/HTTPSessionUtils.java
@@ -9,62 +9,62 @@ import javax.servlet.http.HttpSession;
public class HTTPSessionUtils {
- public static HashMap<String, Object> extractAllProperties(HttpSession session) {
- @SuppressWarnings("unchecked")
- Enumeration<String> keys = (Enumeration<String>)session.getAttributeNames();
- HashMap<String, Object> properties = new HashMap<String, Object>();
-
- while(keys.hasMoreElements()) {
- Object keyObject = keys.nextElement();
- String key = keyObject.toString();
- Object value = session.getAttribute(key);
- properties.put(key, value);
- }
-
- return properties;
- }
-
- public static void pushAllProperties(HttpSession session, HashMap<String, Object> properties) {
- Set<String> keys = properties.keySet();
- Iterator<String> keysIterator = keys.iterator();
- while(keysIterator.hasNext()) {
- String key = keysIterator.next();
- session.setAttribute(key, properties.get(key));
- }
- }
-
- public static boolean getHTTPSessionBoolean(HttpSession session, String name, boolean fallback) {
- Object obj = session.getAttribute(name);
- if(obj == null) {
- return fallback;
- }
-
- if(obj instanceof Boolean) {
- Boolean b = (Boolean)obj;
- if(b != null) {
- return b.booleanValue();
- }
- }
- return fallback;
- }
-
- public static void setHTTPSessionBoolean(HttpSession session, String name, boolean value) {
- session.setAttribute(name, new Boolean(value));
- }
-
- public static String getHTTPSessionString(HttpSession session, String name, String fallback) {
- Object obj = session.getAttribute(name);
- if(obj == null) {
- return fallback;
- }
-
- if(obj instanceof String) {
- return (String)obj;
- }
- return fallback;
- }
-
- public static void setHTTPSessionString(HttpSession session, String name, String value) {
- session.setAttribute(name, value);
- }
+// public static HashMap<String, Object> extractAllProperties(HttpSession session) {
+// @SuppressWarnings("unchecked")
+// Enumeration<String> keys = (Enumeration<String>)session.getAttributeNames();
+// HashMap<String, Object> properties = new HashMap<String, Object>();
+//
+// while(keys.hasMoreElements()) {
+// Object keyObject = keys.nextElement();
+// String key = keyObject.toString();
+// Object value = session.getAttribute(key);
+// properties.put(key, value);
+// }
+//
+// return properties;
+// }
+//
+// public static void pushAllProperties(HttpSession session, HashMap<String, Object> properties) {
+// Set<String> keys = properties.keySet();
+// Iterator<String> keysIterator = keys.iterator();
+// while(keysIterator.hasNext()) {
+// String key = keysIterator.next();
+// session.setAttribute(key, properties.get(key));
+// }
+// }
+//
+// public static boolean getHTTPSessionBoolean(HttpSession session, String name, boolean fallback) {
+// Object obj = session.getAttribute(name);
+// if(obj == null) {
+// return fallback;
+// }
+//
+// if(obj instanceof Boolean) {
+// Boolean b = (Boolean)obj;
+// if(b != null) {
+// return b.booleanValue();
+// }
+// }
+// return fallback;
+// }
+//
+// public static void setHTTPSessionBoolean(HttpSession session, String name, boolean value) {
+// session.setAttribute(name, new Boolean(value));
+// }
+//
+// public static String getHTTPSessionString(HttpSession session, String name, String fallback) {
+// Object obj = session.getAttribute(name);
+// if(obj == null) {
+// return fallback;
+// }
+//
+// if(obj instanceof String) {
+// return (String)obj;
+// }
+// return fallback;
+// }
+//
+// public static void setHTTPSessionString(HttpSession session, String name, String value) {
+// session.setAttribute(name, value);
+// }
}