diff options
| author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2013-09-26 11:32:21 +0200 | 
|---|---|---|
| committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2013-09-26 11:32:21 +0200 | 
| commit | 1dbab6b07a8996a7f291e0ddc4b02c0d3e15a64d (patch) | |
| tree | 476d55cadbb56b56d52d0ca56bb5291b3eb06ec1 /id/server/idserverlib/src | |
| parent | 2c82d41a98e2617088cdcf3db72b40d9747ae292 (diff) | |
| download | moa-id-spss-1dbab6b07a8996a7f291e0ddc4b02c0d3e15a64d.tar.gz moa-id-spss-1dbab6b07a8996a7f291e0ddc4b02c0d3e15a64d.tar.bz2 moa-id-spss-1dbab6b07a8996a7f291e0ddc4b02c0d3e15a64d.zip | |
-- add AssertionID to Single LogOut session information
-- split hibernate configuration into two files (moasession and statistic)
Diffstat (limited to 'id/server/idserverlib/src')
12 files changed, 55 insertions, 59 deletions
| diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java index 75695d2db..f39fde6be 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java @@ -43,6 +43,7 @@ import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;  import at.gv.egovernment.moa.id.util.Random;  import at.gv.egovernment.moa.id.util.legacy.LegacyHelper;  import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil;  public class DispatcherServlet extends AuthServlet{ @@ -329,6 +330,7 @@ public class DispatcherServlet extends AuthServlet{  				SSOManager ssomanager = SSOManager.getInstance();  				String moasessionID = null; +				String newSSOSessionId = null;  				AuthenticationSession moasession = null;	  				//get SSO Cookie for Request @@ -398,7 +400,6 @@ public class DispatcherServlet extends AuthServlet{  						}  					} -									  					if ((useSSOOA || isValidSSOSession)) //TODO: SSO with mandates requires an OVS extension    					{ @@ -416,17 +417,13 @@ public class DispatcherServlet extends AuthServlet{  						}  						else { -							//TODO: maybe transmit moasessionID with http GET to handle more then one PendingRequest!  							moasessionID = (String) req.getParameter(PARAM_SESSIONID); -							 -//							moasessionID = HTTPSessionUtils.getHTTPSessionString(req.getSession(), -//												AuthenticationManager.MOA_SESSION, null); -							 +														  							moasession = AuthenticationSessionStoreage.getSession(moasessionID);  						}  						//save SSO session usage in Database				 -						String newSSOSessionId = ssomanager.storeSSOSessionInformations(moasessionID, protocolRequest.getOAURL()); +						newSSOSessionId = ssomanager.createSSOSessionInformations(moasessionID, protocolRequest.getOAURL());  						if (newSSOSessionId != null) {  							ssomanager.setSSOSessionID(req, resp, newSSOSessionId); @@ -449,16 +446,28 @@ public class DispatcherServlet extends AuthServlet{  				} -				moduleAction.processRequest(protocolRequest, req, resp, moasession); +				String assertionID = moduleAction.processRequest(protocolRequest, req, resp, moasession);  				RequestStorage.removePendingRequest(protocolRequests, protocolRequestID);  				if (needAuthentication) { -					boolean isSSOSession = AuthenticationSessionStoreage.isSSOSession(moasessionID); -				 +					//boolean isSSOSession = AuthenticationSessionStoreage.isSSOSession(moasessionID); +					boolean isSSOSession = MiscUtil.isNotEmpty(newSSOSessionId); +					  					if ((useSSOOA || isSSOSession) //TODO: SSO with mandates requires an OVS extension  -						&& !moasession.getUseMandate())  -					{ +						&& !moasession.getUseMandate()) {  +					 +						try { +							//Store OA specific SSO session information  +							AuthenticationSessionStoreage.addSSOInformation(moasessionID,  +									newSSOSessionId, assertionID, protocolRequest.getOAURL()); +														 +						} catch (AuthenticationException e) { +							Logger.warn("SSO Session information can not be stored  -> SSO is not enabled!"); +							 +							authmanager.logout(req, resp, moasessionID); +							isSSOSession = false; +						}  					} else {  						authmanager.logout(req, resp, moasessionID); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IAction.java index aa8a8d9a9..8a5462cc9 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IAction.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IAction.java @@ -8,7 +8,7 @@ import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;  import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;  public interface IAction extends MOAIDAuthConstants { -	public void processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession)  +	public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession)   			throws MOAIDException;  	public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java index e8639a162..78140afc4 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java @@ -112,7 +112,7 @@ public class SSOManager {  	} -	public String storeSSOSessionInformations(String moaSessionID, String OAUrl) { +	public String createSSOSessionInformations(String moaSessionID, String OAUrl) {  		String newSSOId = Random.nextRandom(); @@ -123,15 +123,8 @@ public class SSOManager {  			return null;  		} -		try { -			AuthenticationSessionStoreage.addSSOInformation(moaSessionID, newSSOId, OAUrl); -			 -			return newSSOId;			 -			 -		} catch (AuthenticationException e) { -			Logger.warn("SSO Session information can not be stored  -> SSO is not enabled!"); -			return null; -		} +		return newSSOId; +		  	} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AuthenticationAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AuthenticationAction.java index 59a5158bd..0fa5e3e8d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AuthenticationAction.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AuthenticationAction.java @@ -11,12 +11,12 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.requestHandler.RequestManager;  public class AuthenticationAction implements IAction { -	public void processRequest(IRequest req, HttpServletRequest httpReq, +	public String processRequest(IRequest req, HttpServletRequest httpReq,  			HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException {  		System.out.println("Process PVP2 auth request!");  		PVPTargetConfiguration pvpRequest = (PVPTargetConfiguration) req; -		RequestManager.getInstance().handle(pvpRequest.request, httpReq, httpResp, moasession); +		return RequestManager.getInstance().handle(pvpRequest.request, httpReq, httpResp, moasession);  	}  	public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java index 3d0fd80bd..beae42992 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java @@ -44,7 +44,7 @@ import at.gv.egovernment.moa.logging.Logger;  public class MetadataAction implements IAction { -	public void processRequest(IRequest req, HttpServletRequest httpReq, +	public String processRequest(IRequest req, HttpServletRequest httpReq,  			HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException {  		try { @@ -191,6 +191,8 @@ public class MetadataAction implements IAction {  			httpResp.getOutputStream().close(); +			return null; +			  		} catch (Exception e) {  			Logger.error("Failed to generate metadata", e);  			throw new MOAIDException("pvp2.13", null); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/MOARequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/MOARequest.java index 946f62066..313d323a3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/MOARequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/MOARequest.java @@ -1,9 +1,14 @@  package at.gv.egovernment.moa.id.protocols.pvp2x.binding; +import java.io.Serializable; +  import org.opensaml.saml2.core.RequestAbstractType;  import org.opensaml.saml2.metadata.EntityDescriptor; -public class MOARequest { +public class MOARequest implements Serializable{ + +	private static final long serialVersionUID = 2395131650841669663L; +	  	private RequestAbstractType samlRequest;  	private EntityDescriptor entityMetadata;   	private boolean verified = false; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/ArtifactResolution.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/ArtifactResolution.java index d479de2d7..89c273da6 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/ArtifactResolution.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/ArtifactResolution.java @@ -23,7 +23,7 @@ public class ArtifactResolution implements IRequestHandler {  		return (obj.getSamlRequest() instanceof ArtifactResolve);  	} -	public void process(MOARequest obj, HttpServletRequest req, +	public String process(MOARequest obj, HttpServletRequest req,  			HttpServletResponse resp, AuthenticationSession moasession) throws MOAIDException {  		if (!handleObject(obj)) {  			throw new MOAIDException("pvp2.13", null); @@ -50,7 +50,8 @@ public class ArtifactResolution implements IRequestHandler {  				Logger.error("Failed to resolve artifact", e);  			}  		} - +		 +		return null;  	}  } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java index 1444cdecf..ed56dbaaa 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java @@ -39,7 +39,7 @@ public class AuthnRequestHandler implements IRequestHandler, PVPConstants {  		return (obj.getSamlRequest() instanceof AuthnRequest);  	} -	public void process(MOARequest obj, HttpServletRequest req, +	public String process(MOARequest obj, HttpServletRequest req,  			HttpServletResponse resp, AuthenticationSession authSession) throws MOAIDException {  		if (!handleObject(obj)) {  			throw new MOAIDException("pvp2.13", null); @@ -113,6 +113,8 @@ public class AuthnRequestHandler implements IRequestHandler, PVPConstants {  			binding.encodeRespone(req, resp, authResponse, oaURL);  			// TODO add remoteSessionID to AuthSession ExternalPVPSessionStore +			return assertion.getID(); +			  		} catch (MessageEncodingException e) {  			Logger.error("Message Encoding exception", e);  			throw new MOAIDException("pvp2.01", null, e); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/IRequestHandler.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/IRequestHandler.java index 458316c6d..c8a56e537 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/IRequestHandler.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/IRequestHandler.java @@ -10,6 +10,6 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.binding.MOARequest;  public interface IRequestHandler {  	public boolean handleObject(MOARequest obj); -	public void process(MOARequest obj, HttpServletRequest req, +	public String process(MOARequest obj, HttpServletRequest req,  			HttpServletResponse resp, AuthenticationSession moasession) throws MOAIDException;  } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/RequestManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/RequestManager.java index a043bfde5..50176b6dd 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/RequestManager.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/RequestManager.java @@ -31,14 +31,13 @@ public class RequestManager {  		handler.add(new ArtifactResolution());  	} -	public void handle(MOARequest obj, HttpServletRequest req, HttpServletResponse resp, AuthenticationSession moasession)  +	public String handle(MOARequest obj, HttpServletRequest req, HttpServletResponse resp, AuthenticationSession moasession)   			throws SAMLRequestNotSupported, MOAIDException {  		Iterator<IRequestHandler> it = handler.iterator();  		while(it.hasNext()) {  			IRequestHandler handler = it.next();  			if(handler.handleObject(obj)) { -				handler.process(obj, req, resp, moasession); -				return; +				return handler.process(obj, req, resp, moasession);  			}  		} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java index 75825d92d..8dac55922 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java @@ -32,7 +32,7 @@ import at.gv.egovernment.moa.util.URLEncoder;  public class GetArtifactAction implements IAction { -	public void processRequest(IRequest req, HttpServletRequest httpReq, +	public String processRequest(IRequest req, HttpServletRequest httpReq,  			HttpServletResponse httpResp, AuthenticationSession session) throws AuthenticationException {  //		HttpSession httpSession = httpReq.getSession(); @@ -117,30 +117,9 @@ public class GetArtifactAction implements IAction {  				httpResp.addHeader("Location", redirectURL);  				Logger.debug("REDIRECT TO: " + redirectURL);  			} -			// CONFIRMATION FOR SSO! -			/* -			 * OAAuthParameter oaParam = -			 * AuthConfigurationProvider.getInstance(). -			 * getOnlineApplicationParameter(oaURL); -			 *  -			 * String friendlyName = oaParam.getFriendlyName(); if(friendlyName -			 * == null) { friendlyName = oaURL; } -			 *  -			 *  -			 * LoginConfirmationBuilder builder = new -			 * LoginConfirmationBuilder(); -			 * builder.addParameter(PARAM_SAMLARTIFACT, samlArtifactBase64); -			 * String form = builder.finish(oaURL, session.getIdentityLink() -			 * .getName(), friendlyName); -			 */ - -			/* -			 * resp.setContentType("text/html"); -			 *  -			 * OutputStream out = resp.getOutputStream(); -			 * out.write(form.getBytes("UTF-8")); out.flush(); out.close(); -			 */ +			return authData.getAssertionID(); +			  		} catch (WrongParametersException ex) {  			// handleWrongParameters(ex, req, httpResp);  			ex.printStackTrace(); @@ -163,6 +142,8 @@ public class GetArtifactAction implements IAction {  			// TODO Auto-generated catch block  			e.printStackTrace();  		} +		 +		return null;  	}  	protected static String addURLParameter(String url, String paramname, diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java index 89ed369f8..1089113b1 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java @@ -204,7 +204,7 @@ public class AuthenticationSessionStoreage {  	}  	public static void addSSOInformation(String moaSessionID, String SSOSessionID,  -			String OAUrl) throws AuthenticationException { +			String assertionID, String OAUrl) throws AuthenticationException {  		AuthenticatedSessionStore dbsession;  		Transaction tx =  null; @@ -237,6 +237,7 @@ public class AuthenticationSessionStoreage {  				  activeOA.setOaurlprefix(OAUrl);  				  activeOA.setMoasession(dbsession);  				  activeOA.setCreated(new Date()); +				  activeOA.setAssertionSessionID(assertionID);  				  List<OASessionStore> activeOAs = dbsession.getActiveOAsessions();				    				  activeOAs.add(activeOA); @@ -263,6 +264,9 @@ public class AuthenticationSessionStoreage {  					//send transaction  					tx.commit(); +					 +					Logger.debug("Add SSO-Session login information for OA: " + OAUrl  +							+ " and AssertionID: " + assertionID);  			}  		} catch (MOADatabaseException e) { | 
