aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2014-03-19 13:16:51 +0100
committerThomas Lenz <tlenz@iaik.tugraz.at>2014-03-19 13:16:51 +0100
commit1f53ee51d6f6f4be0e12732b7495e036636eb536 (patch)
tree365fbe8f00380126a5b504ab6e5f581882c05af5 /id/server/idserverlib
parentc3be24f091fb555ee67a7c6a1db3c5e70643585c (diff)
downloadmoa-id-spss-1f53ee51d6f6f4be0e12732b7495e036636eb536.tar.gz
moa-id-spss-1f53ee51d6f6f4be0e12732b7495e036636eb536.tar.bz2
moa-id-spss-1f53ee51d6f6f4be0e12732b7495e036636eb536.zip
change MOASessionID in every servlet request processing
Diffstat (limited to 'id/server/idserverlib')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java3
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java3
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java6
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java2
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java4
5 files changed, 15 insertions, 3 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java
index dd40534be..5ad937b2a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java
@@ -170,7 +170,8 @@ public class GetForeignIDServlet extends AuthServlet {
session = AuthenticationServer.getSession(sessionID);
-
+ //change MOASessionID
+ sessionID = AuthenticationSessionStoreage.changeSessionID(session);
Logger.debug(xmlCreateXMLSignatureResponse);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java
index 8bf437cca..5733cee85 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java
@@ -174,6 +174,9 @@ public class GetMISSessionIDServlet extends AuthServlet {
session = AuthenticationServer.getSession(sessionID);
+ //change MOASessionID
+ sessionID = AuthenticationSessionStoreage.changeSessionID(session);
+
String misSessionID = session.getMISSessionID();
AuthConfigurationProvider authConf = AuthConfigurationProvider
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java
index 7a4bc03f8..2b46c8ff2 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java
@@ -175,9 +175,8 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet {
// escape parameter strings
sessionID = StringEscapeUtils.escapeHtml(sessionID);
-
pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID);
-
+
String redirectURL = null;
try {
// check parameter
@@ -188,6 +187,9 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet {
AuthenticationSession session = AuthenticationServer.getSession(sessionID);
+ //change MOASessionID
+ sessionID = AuthenticationSessionStoreage.changeSessionID(session);
+
String samlArtifactBase64 = AuthenticationServer.getInstance().verifyAuthenticationBlock(session, createXMLSignatureResponse);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java
index 80b1547c9..fddd0d6b9 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java
@@ -157,6 +157,8 @@ public class VerifyCertificateServlet extends AuthServlet {
session = AuthenticationServer.getSession(sessionID);
+ //change MOASessionID
+ sessionID = AuthenticationSessionStoreage.changeSessionID(session);
X509Certificate cert = AuthenticationServer.getInstance().getCertificate(sessionID, parameters);
if (cert == null) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java
index 72b479112..10a41c487 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java
@@ -66,6 +66,7 @@ import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
import at.gv.egovernment.moa.id.auth.exception.ParseException;
import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
+import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
@@ -166,6 +167,9 @@ public class VerifyIdentityLinkServlet extends AuthServlet {
AuthenticationSession session = AuthenticationServer.getSession(sessionID);
+
+ //change MOASessionID
+ sessionID = AuthenticationSessionStoreage.changeSessionID(session);
String createXMLSignatureRequestOrRedirect = AuthenticationServer.getInstance().verifyIdentityLink(session, parameters);