change some piece of code

6 files changed, 18 insertions, 11 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
index d587092eb..d4d01d3d1 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
@@ -435,6 +435,7 @@ public class DispatcherServlet extends AuthServlet{
 						moasessionID = (String) req.getParameter(PARAM_SESSIONID);
 						
 						moasession = AuthenticationSessionStoreage.getSession(moasessionID);
+						AuthenticationSessionStoreage.changeSessionID(moasession);
 					}
 
 					
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
index be0132c14..7dba67174 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
@@ -133,7 +133,7 @@ public class AuthenticationManager extends AuthServlet {
 						authSession.setAuthenticatedUsed(true);
 					
 						AuthenticationSessionStoreage.storeSession(authSession);
-					
+						
 //						HTTPSessionUtils.setHTTPSessionString(session, MOA_SESSION,
 //								sessionID);
 						return true; // got authenticated
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
index 76757e28e..a65edffd0 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
@@ -33,6 +33,7 @@ import at.gv.egovernment.moa.id.data.AuthenticationData;
 import at.gv.egovernment.moa.id.moduls.IRequest;
 import at.gv.egovernment.moa.id.storage.AssertionStorage;
 import at.gv.egovernment.moa.id.util.IdentityLinkReSigner;
+import at.gv.egovernment.moa.id.util.Random;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.Base64Utils;
 import at.gv.egovernment.moa.util.Constants;
@@ -117,9 +118,7 @@ public class SAML1AuthenticationServer extends AuthenticationServer {
 				throw new AuthenticationException("1206", new Object[] { samlArtifact });
 			}		
 		}
-		
-		boolean keepAssertion = false;
-		
+				
 		//removed from MOA-ID 2.0 config
 //		try {
 //			String boolStr = AuthConfigurationProvider.getInstance()
@@ -132,9 +131,8 @@ public class SAML1AuthenticationServer extends AuthenticationServer {
 //			throw new AuthenticationException("1205", new Object[] {
 //					samlArtifact, ex.toString() });
 //		}
-		if (!keepAssertion) {
-			authenticationDataStore.remove(samlArtifact);
-		}
+
+		authenticationDataStore.remove(samlArtifact);
 		
 		long now = new Date().getTime();
 		
@@ -319,9 +317,14 @@ public class SAML1AuthenticationServer extends AuthenticationServer {
 			
 			authData.setSamlAssertion(samlAssertion);
 				
+//			String samlArtifact = new SAMLArtifactBuilder().build(
+//					session.getAuthURL(), session.getSessionID(),
+//					saml1parameter.getSourceID());
+
+			//TODO: check if it correct
 			String samlArtifact = new SAMLArtifactBuilder().build(
-					session.getAuthURL(), session.getSessionID(),
-					saml1parameter.getSourceID());
+			session.getAuthURL(), Random.nextRandom(),
+			saml1parameter.getSourceID());
 			
 			storeAuthenticationData(samlArtifact, authData);
 	
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AssertionStorage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AssertionStorage.java
index ba4f65571..e5a633d5d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AssertionStorage.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AssertionStorage.java
@@ -114,7 +114,9 @@ public class AssertionStorage {
 		 try {
 			AssertionStore element = searchInDatabase(artifact);
 			MOASessionDBUtils.delete(element);
-				
+			Logger.info("Remove Assertion with Artifact" + artifact);
+			
+			
 		} catch (MOADatabaseException e) {
 			Logger.info("Assertion not removed! (Assertion with Artifact=" + artifact 
 					+ "not found)");
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
index 5da3dd8f6..89ed369f8 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
@@ -257,7 +257,7 @@ public class AuthenticationSessionStoreage {
 					dbsession.setSSOsessionid(SSOSessionID);
 					dbsession.setAuthenticated(false);
 					dbsession.setPendingRequestID("");
-					
+
 					//Store MOASession
 					session.saveOrUpdate(dbsession);
 					
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/IdentityLinkReSigner.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/IdentityLinkReSigner.java
index da44a3905..8905b96c1 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/IdentityLinkReSigner.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/IdentityLinkReSigner.java
@@ -136,6 +136,7 @@ public class IdentityLinkReSigner {
 				    	 throw new MOAIDException("builder.05", new Object[]{});
 				    	 
 				     } else {
+				    	 Logger.debug("MOA-SS Signature createn successfull");
 				    	 return ser.getSignatureEnvironment();
 				     }