blank database elements with sensitive data before delete the entry

author: Thomas Lenz <tlenz@iaik.tugraz.at> 2014-04-17 13:18:04 +0200
committer: Thomas Lenz <tlenz@iaik.tugraz.at> 2014-04-17 13:18:04 +0200
commit: 5ac7c031b38bd652e984ad58285b1cb4af4c5e1f (patch)
tree: 129282f2e56f5c89d98881deb23e36c90c51a3f5 /id/server/idserverlib/src
parent: 0dedfd784b7be0e91fc4690271e8dfcde41eea02 (diff)
download: moa-id-spss-5ac7c031b38bd652e984ad58285b1cb4af4c5e1f.tar.gz
moa-id-spss-5ac7c031b38bd652e984ad58285b1cb4af4c5e1f.tar.bz2
moa-id-spss-5ac7c031b38bd652e984ad58285b1cb4af4c5e1f.zip
2 files changed, 45 insertions, 10 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AssertionStorage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AssertionStorage.java
index 77cd23b60..cca13fad9 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AssertionStorage.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AssertionStorage.java
@@ -144,7 +144,7 @@ public class AssertionStorage {
 		if (results.size() != 0) {
 			for(AssertionStore result : results) {
 				try { 
-					MOASessionDBUtils.delete(result);
+					cleanDelete(result);
 					Logger.info("Remove sessioninformation with ID=" + result.getArtifact() 
 							+ " after timeout.");
 				
@@ -161,7 +161,7 @@ public class AssertionStorage {
 		
 		 try {
 			AssertionStore element = searchInDatabase(artifact);
-			MOASessionDBUtils.delete(element);
+			cleanDelete(element);
 			Logger.info("Remove sessioninformation with ID" + artifact);
 			
 			
@@ -174,6 +174,23 @@ public class AssertionStorage {
 		}
 	}
 
+	private void cleanDelete(AssertionStore element) {
+		try {
+			element.setAssertion(new byte[]{});
+			MOASessionDBUtils.saveOrUpdate(element);
+			
+		} catch (MOADatabaseException e) {
+			Logger.warn("Blank shortTime session with artifact=" + element.getArtifact() + " FAILED.", e);
+			
+		} finally {
+			if (!MOASessionDBUtils.delete(element))
+				Logger.error("ShortTime session with artifact=" + element.getArtifact() 
+							+ " not removed! (Error during Database communication)");
+
+		}
+		
+	}
+	
 	@SuppressWarnings("rawtypes")
 	private AssertionStore searchInDatabase(String artifact) throws MOADatabaseException {
 		  MiscUtil.assertNotNull(artifact, "artifact");	  
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
index 27f219452..ca5cb9226 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
@@ -156,7 +156,7 @@ public class AuthenticationSessionStoreage {
 	
 	public static void destroySession(String moaSessionID) throws MOADatabaseException {
 		
-		  Session session = MOASessionDBUtils.getCurrentSession();
+		Session session = MOASessionDBUtils.getCurrentSession();
 		  
 		  List<AuthenticatedSessionStore> result;
 		  
@@ -176,11 +176,11 @@ public class AuthenticationSessionStoreage {
 			   	throw new MOADatabaseException("No session found with this sessionID");
 			  }
 			  
-			  AuthenticatedSessionStore dbsession = (AuthenticatedSessionStore) result.get(0);
-						
-				//delete MOA Session
-				session.delete(dbsession);
-				session.getTransaction().commit();
+			 AuthenticatedSessionStore dbsession = (AuthenticatedSessionStore) result.get(0);
+			 
+			 session.getTransaction().commit();
+			  
+			 cleanDelete(dbsession);			
 		  }
 				
 	}
@@ -443,7 +443,7 @@ public class AuthenticationSessionStoreage {
 			 return false;
 					 
 		  } else {
-			  MOASessionDBUtils.delete(result.get(0));
+			  cleanDelete(result.get(0));
 			  return true;
 		  }
 		
@@ -521,7 +521,7 @@ public class AuthenticationSessionStoreage {
 		if (results.size() != 0) {
 			for(AuthenticatedSessionStore result : results) {
 				try { 
-					MOASessionDBUtils.delete(result);
+					cleanDelete(result);
 					Logger.info("Authenticated session with sessionID=" + result.getSessionid() 
 							+ " after session timeout.");
 				
@@ -534,6 +534,24 @@ public class AuthenticationSessionStoreage {
 		}	
 	}
 	
+	private static void cleanDelete(AuthenticatedSessionStore result) {		
+		try {
+			result.setSession(new byte[] {});
+			MOASessionDBUtils.saveOrUpdate(result);
+			
+		} catch (MOADatabaseException e) {
+			Logger.warn("Blank authenticated session with sessionID=" + result.getSessionid() + " FAILED.", e);
+			
+		} finally {
+			if (!MOASessionDBUtils.delete(result))
+				Logger.error("Authenticated session with sessionID=" + result.getSessionid() 
+							+ " not removed! (Error during Database communication)");
+			
+		}
+		
+		
+	}
+	
 	@SuppressWarnings("rawtypes")
 	private static AuthenticatedSessionStore searchInDatabase(String sessionID) throws MOADatabaseException {
 		  MiscUtil.assertNotNull(sessionID, "moasessionID");
author	Thomas Lenz <tlenz@iaik.tugraz.at>	2014-04-17 13:18:04 +0200
committer	Thomas Lenz <tlenz@iaik.tugraz.at>	2014-04-17 13:18:04 +0200
commit	5ac7c031b38bd652e984ad58285b1cb4af4c5e1f (patch)
tree	129282f2e56f5c89d98881deb23e36c90c51a3f5 /id/server/idserverlib/src
parent	0dedfd784b7be0e91fc4690271e8dfcde41eea02 (diff)
download	moa-id-spss-5ac7c031b38bd652e984ad58285b1cb4af4c5e1f.tar.gz moa-id-spss-5ac7c031b38bd652e984ad58285b1cb4af4c5e1f.tar.bz2 moa-id-spss-5ac7c031b38bd652e984ad58285b1cb4af4c5e1f.zip