aboutsummaryrefslogtreecommitdiff
path: root/id/server
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2014-11-04 12:12:11 +0100
committerThomas Lenz <tlenz@iaik.tugraz.at>2014-11-04 12:12:11 +0100
commit0acb196f1a070ae31ca9cdb888dbf966460441c6 (patch)
treefd4001e8fc7fdf7fcd4f156e32ef613477bfba04 /id/server
parentb8ce6db7bdc9576ae8daef6ea2b1a8da45a2a735 (diff)
downloadmoa-id-spss-0acb196f1a070ae31ca9cdb888dbf966460441c6.tar.gz
moa-id-spss-0acb196f1a070ae31ca9cdb888dbf966460441c6.tar.bz2
moa-id-spss-0acb196f1a070ae31ca9cdb888dbf966460441c6.zip
fix sessionTimeOut extraction from interfederated session
Diffstat (limited to 'id/server')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java21
1 files changed, 17 insertions, 4 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
index 7aa4cd1f7..d5a6a1b70 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
@@ -43,6 +43,7 @@ import javax.xml.bind.Marshaller;
import org.opensaml.saml2.core.Attribute;
import org.opensaml.saml2.core.AttributeQuery;
+import org.opensaml.saml2.core.AuthnStatement;
import org.opensaml.saml2.core.Response;
import org.opensaml.ws.soap.common.SOAPException;
import org.opensaml.xml.XMLObject;
@@ -271,12 +272,13 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants {
AssertionAttributeExtractor extractor =
new AssertionAttributeExtractor(intfResp);
- if (!extractor.containsAllRequiredAttributes()) {
+ if (!extractor.containsAllRequiredAttributes()) {
+ Logger.info("Received assertion does no contain a minimum set of attributes. Starting AttributeQuery process ...");
//collect attributes by using BackChannel communication
String endpoint = idp.getIDPAttributQueryServiceURL();
if (MiscUtil.isEmpty(endpoint)) {
- Logger.error("No AttributeQueryURL for interfederationIDP " + oaParam.getPublicURLPrefix());
- throw new ConfigurationException("No AttributeQueryURL for interfederationIDP " + oaParam.getPublicURLPrefix(), null);
+ Logger.error("No AttributeQueryURL for interfederationIDP " + idp.getPublicURLPrefix());
+ throw new ConfigurationException("No AttributeQueryURL for interfederationIDP " + idp.getPublicURLPrefix(), null);
}
//build attributQuery request
@@ -761,8 +763,19 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants {
authData.setSsoSession(true);
authData.setInterfederatedSSOSession(true);
- if (extractor.getFullAssertion().getConditions() != null && extractor.getFullAssertion().getConditions().getNotOnOrAfter() != null)
+ if (extractor.getFullAssertion().getAuthnStatements() != null
+ && extractor.getFullAssertion().getAuthnStatements().size() > 0) {
+ for (AuthnStatement el : extractor.getFullAssertion().getAuthnStatements()) {
+ if (el.getSessionNotOnOrAfter() != null) {
+ authData.setSsoSessionValidTo(el.getSessionNotOnOrAfter().toDate());
+ break;
+ }
+ }
+
+ } else {
authData.setSsoSessionValidTo(extractor.getFullAssertion().getConditions().getNotOnOrAfter().toDate());
+
+ }
//only for SAML1
if (PVPConstants.STORK_QAA_1_4.equals(authData.getQAALevel()))