aboutsummaryrefslogtreecommitdiff
path: root/id/server
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2014-04-17 13:18:04 +0200
committerThomas Lenz <tlenz@iaik.tugraz.at>2014-04-17 13:18:04 +0200
commit5ac7c031b38bd652e984ad58285b1cb4af4c5e1f (patch)
tree129282f2e56f5c89d98881deb23e36c90c51a3f5 /id/server
parent0dedfd784b7be0e91fc4690271e8dfcde41eea02 (diff)
downloadmoa-id-spss-5ac7c031b38bd652e984ad58285b1cb4af4c5e1f.tar.gz
moa-id-spss-5ac7c031b38bd652e984ad58285b1cb4af4c5e1f.tar.bz2
moa-id-spss-5ac7c031b38bd652e984ad58285b1cb4af4c5e1f.zip
blank database elements with sensitive data before delete the entry
Diffstat (limited to 'id/server')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AssertionStorage.java21
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java34
2 files changed, 45 insertions, 10 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AssertionStorage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AssertionStorage.java
index 77cd23b60..cca13fad9 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AssertionStorage.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AssertionStorage.java
@@ -144,7 +144,7 @@ public class AssertionStorage {
if (results.size() != 0) {
for(AssertionStore result : results) {
try {
- MOASessionDBUtils.delete(result);
+ cleanDelete(result);
Logger.info("Remove sessioninformation with ID=" + result.getArtifact()
+ " after timeout.");
@@ -161,7 +161,7 @@ public class AssertionStorage {
try {
AssertionStore element = searchInDatabase(artifact);
- MOASessionDBUtils.delete(element);
+ cleanDelete(element);
Logger.info("Remove sessioninformation with ID" + artifact);
@@ -174,6 +174,23 @@ public class AssertionStorage {
}
}
+ private void cleanDelete(AssertionStore element) {
+ try {
+ element.setAssertion(new byte[]{});
+ MOASessionDBUtils.saveOrUpdate(element);
+
+ } catch (MOADatabaseException e) {
+ Logger.warn("Blank shortTime session with artifact=" + element.getArtifact() + " FAILED.", e);
+
+ } finally {
+ if (!MOASessionDBUtils.delete(element))
+ Logger.error("ShortTime session with artifact=" + element.getArtifact()
+ + " not removed! (Error during Database communication)");
+
+ }
+
+ }
+
@SuppressWarnings("rawtypes")
private AssertionStore searchInDatabase(String artifact) throws MOADatabaseException {
MiscUtil.assertNotNull(artifact, "artifact");
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
index 27f219452..ca5cb9226 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
@@ -156,7 +156,7 @@ public class AuthenticationSessionStoreage {
public static void destroySession(String moaSessionID) throws MOADatabaseException {
- Session session = MOASessionDBUtils.getCurrentSession();
+ Session session = MOASessionDBUtils.getCurrentSession();
List<AuthenticatedSessionStore> result;
@@ -176,11 +176,11 @@ public class AuthenticationSessionStoreage {
throw new MOADatabaseException("No session found with this sessionID");
}
- AuthenticatedSessionStore dbsession = (AuthenticatedSessionStore) result.get(0);
-
- //delete MOA Session
- session.delete(dbsession);
- session.getTransaction().commit();
+ AuthenticatedSessionStore dbsession = (AuthenticatedSessionStore) result.get(0);
+
+ session.getTransaction().commit();
+
+ cleanDelete(dbsession);
}
}
@@ -443,7 +443,7 @@ public class AuthenticationSessionStoreage {
return false;
} else {
- MOASessionDBUtils.delete(result.get(0));
+ cleanDelete(result.get(0));
return true;
}
@@ -521,7 +521,7 @@ public class AuthenticationSessionStoreage {
if (results.size() != 0) {
for(AuthenticatedSessionStore result : results) {
try {
- MOASessionDBUtils.delete(result);
+ cleanDelete(result);
Logger.info("Authenticated session with sessionID=" + result.getSessionid()
+ " after session timeout.");
@@ -534,6 +534,24 @@ public class AuthenticationSessionStoreage {
}
}
+ private static void cleanDelete(AuthenticatedSessionStore result) {
+ try {
+ result.setSession(new byte[] {});
+ MOASessionDBUtils.saveOrUpdate(result);
+
+ } catch (MOADatabaseException e) {
+ Logger.warn("Blank authenticated session with sessionID=" + result.getSessionid() + " FAILED.", e);
+
+ } finally {
+ if (!MOASessionDBUtils.delete(result))
+ Logger.error("Authenticated session with sessionID=" + result.getSessionid()
+ + " not removed! (Error during Database communication)");
+
+ }
+
+
+ }
+
@SuppressWarnings("rawtypes")
private static AuthenticatedSessionStore searchInDatabase(String sessionID) throws MOADatabaseException {
MiscUtil.assertNotNull(sessionID, "moasessionID");