aboutsummaryrefslogtreecommitdiff
path: root/id
diff options
context:
space:
mode:
authorAndreas Fitzek <afitzek@iaik.tugraz.at>2013-04-04 17:00:58 +0200
committerAndreas Fitzek <afitzek@iaik.tugraz.at>2013-04-04 17:00:58 +0200
commitb871ae183d5a045fc4f8bf5b89a484aad4b2b39c (patch)
treec259527c973feac2a0a2f75fce1174f5f50ced73 /id
parent44b9f57e478cd16ea28137d2aee60de7629f9f4d (diff)
downloadmoa-id-spss-b871ae183d5a045fc4f8bf5b89a484aad4b2b39c.tar.gz
moa-id-spss-b871ae183d5a045fc4f8bf5b89a484aad4b2b39c.tar.bz2
moa-id-spss-b871ae183d5a045fc4f8bf5b89a484aad4b2b39c.zip
Authentication data saved in Authentication Session
Diffstat (limited to 'id')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java56
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java2
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java13
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java39
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/StartAuthenticationServlet.java8
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java7
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/AuthDispatcherServlet.java4
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java4
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java6
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationSessionStore.java7
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/ModulUtils.java22
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java2
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java2
-rw-r--r--id/server/idserverlib/src/main/resources/resources/templates/loginForm.html4
14 files changed, 153 insertions, 23 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index d783c74d9..afe0bd1d6 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -117,6 +117,7 @@ import at.gv.egovernment.moa.id.config.auth.VerifyInfoboxParameters;
import at.gv.egovernment.moa.id.config.stork.CPEPS;
import at.gv.egovernment.moa.id.config.stork.STORKConfig;
import at.gv.egovernment.moa.id.data.AuthenticationData;
+import at.gv.egovernment.moa.id.moduls.AuthenticationSessionStore;
import at.gv.egovernment.moa.id.util.HTTPUtils;
import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
import at.gv.egovernment.moa.id.util.Random;
@@ -385,7 +386,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
public String startAuthentication(String authURL, String target,
String targetFriendlyName, String oaURL, String templateURL,
String bkuURL, String useMandate, String sessionID, String scheme,
- String sourceID) throws WrongParametersException,
+ String sourceID, String modul, String action) throws WrongParametersException,
AuthenticationException, ConfigurationException, BuildException {
String useMandateString = null;
@@ -455,6 +456,8 @@ public class AuthenticationServer implements MOAIDAuthConstants {
session.setAuthURL(authURL);
session.setTemplateURL(templateURL);
session.setBusinessService(oaParam.getBusinessService());
+ session.setModul(modul);
+ session.setAction(action);
if (sourceID != null)
session.setSourceID(sourceID);
}
@@ -1941,6 +1944,14 @@ public class AuthenticationServer implements MOAIDAuthConstants {
return null;
} else {
+ session.setAuthData(authData);
+
+ String newMOASessionID = AuthenticationSessionStore.changeSessionID(session);
+ Logger.info("Changed MOASession " + sessionID + " to Session " + newMOASessionID);
+ Logger.info("Daten angelegt zu MOASession " + newMOASessionID);
+
+ return newMOASessionID;
+ /*
String samlAssertion = new AuthenticationDataAssertionBuilder()
.build(authData, session.getAssertionPrPerson(), session
.getAssertionAuthBlock(), session
@@ -1973,7 +1984,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
Logger.info("Anmeldedaten zu MOASession " + sessionID
+ " angelegt, SAML Artifakt " + samlArtifact);
return samlArtifact;
-
+ */
}
}
@@ -2132,6 +2143,15 @@ public class AuthenticationServer implements MOAIDAuthConstants {
new Object[] { GET_MIS_SESSIONID });
}
+ session.setAuthData(authData);
+ session.setMandateData(mandateData);
+
+ String newMOASessionID = AuthenticationSessionStore.changeSessionID(session);
+ Logger.info("Changed MOASession " + sessionID + " to Session " + newMOASessionID);
+ Logger.info("Daten angelegt zu MOASession " + newMOASessionID);
+ return newMOASessionID;
+
+ /*
String samlAssertion = new AuthenticationDataAssertionBuilder()
.buildMandate(authData, session.getAssertionPrPerson(),
mandateData, session.getAssertionAuthBlock(), session
@@ -2164,7 +2184,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
sessionStore.remove(sessionID);
Logger.info("Anmeldedaten zu MOASession " + sessionID
+ " angelegt, SAML Artifakt " + samlArtifact);
- return samlArtifact;
+ return samlArtifact;*/
}
@@ -2287,7 +2307,15 @@ public class AuthenticationServer implements MOAIDAuthConstants {
int conditionLength = oaParam.getConditionLength();
AuthenticationData authData = buildAuthenticationData(session, vsresp,
useUTC, true);
-
+
+ session.setAuthData(authData);
+
+ String newMOASessionID = AuthenticationSessionStore.changeSessionID(session);
+ Logger.info("Changed MOASession " + sessionID + " to Session " + newMOASessionID);
+ Logger.info("Daten angelegt zu MOASession " + newMOASessionID);
+ return newMOASessionID;
+ //TODO: regenerate MOASession ID!
+ /*
String samlAssertion = new AuthenticationDataAssertionBuilder().build(
authData, session.getAssertionPrPerson(), session
.getAssertionAuthBlock(), session
@@ -2319,7 +2347,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
Logger.info("Anmeldedaten zu MOASession " + sessionID
+ " angelegt, SAML Artifakt " + samlArtifact);
- return samlArtifact;
+ return samlArtifact;*/
}
/**
@@ -2550,6 +2578,10 @@ public class AuthenticationServer implements MOAIDAuthConstants {
*/
private static AuthenticationSession newSession()
throws AuthenticationException {
+
+ return AuthenticationSessionStore.createSession();
+
+ /*
String sessionID = Random.nextRandom();
AuthenticationSession newSession = new AuthenticationSession(sessionID);
synchronized (sessionStore) {
@@ -2560,7 +2592,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
new Object[] { sessionID });
sessionStore.put(sessionID, newSession);
}
- return newSession;
+ return newSession;*/
}
/**
@@ -2573,8 +2605,10 @@ public class AuthenticationServer implements MOAIDAuthConstants {
*/
public static AuthenticationSession getSession(String id)
throws AuthenticationException {
- AuthenticationSession session = (AuthenticationSession) sessionStore
- .get(id);
+
+ AuthenticationSession session = AuthenticationSessionStore.getSession(id);
+ /*(AuthenticationSession) sessionStore
+ .get(id);*/
if (session == null)
throw new AuthenticationException("auth.02", new Object[] { id });
return session;
@@ -2781,7 +2815,9 @@ public class AuthenticationServer implements MOAIDAuthConstants {
String target,
String targetFriendlyName,
String authURL,
- String sourceID) throws MOAIDException, AuthenticationException, WrongParametersException, ConfigurationException {
+ String sourceID,
+ String modul,
+ String action) throws MOAIDException, AuthenticationException, WrongParametersException, ConfigurationException {
//read configuration paramters of OA
OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(oaURL);
@@ -2805,6 +2841,8 @@ public class AuthenticationServer implements MOAIDAuthConstants {
moaSession.setAuthURL(authURL);
moaSession.setBusinessService(oaParam.getBusinessService());
moaSession.setDomainIdentifier(oaParam.getIdentityLinkDomainIdentifier());
+ moaSession.setAction(action);
+ moaSession.setModul(modul);
if (sourceID != null)
moaSession.setSourceID(sourceID);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java
index 7d5835f20..01c875533 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java
@@ -43,6 +43,8 @@ public interface MOAIDAuthConstants {
public static final String PARAM_OA = "OA";
/** servlet parameter &quot;bkuURI&quot; */
public static final String PARAM_BKU = "bkuURI";
+ public static final String PARAM_MODUL = "MODUL";
+ public static final String PARAM_ACTION = "ACTION";
/** servlet parameter &quot;sourceID&quot; */
public static final String PARAM_SOURCEID = "sourceID";
/** servlet parameter &quot;BKUSelectionTemplate&quot; */
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java
index 6816c854e..5191a2f81 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java
@@ -5,6 +5,7 @@ import java.io.StringWriter;
import org.apache.commons.io.IOUtils;
+import at.gv.egovernment.moa.id.protocols.saml1.SAML1Protocol;
import at.gv.egovernment.moa.logging.Logger;
public class LoginFormBuilder {
@@ -12,6 +13,8 @@ public class LoginFormBuilder {
private static String AUTH_URL = "#AUTH_URL#";
private static String OA_URL = "#OA_URL#";
private static String RED_URL = "#RED_URL#";
+ private static String MODUL = "#MODUL#";
+ private static String ACTION = "#ACTION#";
private static String template;
@@ -35,11 +38,19 @@ public class LoginFormBuilder {
return template;
}
- public static String buildLoginForm(String oaURL) {
+ public static String buildLoginForm(String oaURL, String modul, String action) {
String value = getTemplate();
if(value != null) {
value = value.replace(OA_URL, oaURL);
+ if(modul == null) {
+ modul = SAML1Protocol.PATH;
+ }
+ if(action == null) {
+ action = SAML1Protocol.GETARTIFACT;
+ }
+ value = value.replace(MODUL, modul);
+ value = value.replace(ACTION, action);
}
return value;
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java
index 41a7547a0..6a69a8002 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java
@@ -212,6 +212,45 @@ public class AuthenticationSession {
*/
private STORKAuthnRequest storkAuthnRequest;
+ private AuthenticationData authData;
+
+ private String mandateData;
+
+ private String modul;
+ public String getModul() {
+ return modul;
+ }
+
+ public void setModul(String modul) {
+ this.modul = modul;
+ }
+
+ public String getAction() {
+ return action;
+ }
+
+ public void setAction(String action) {
+ this.action = action;
+ }
+
+ private String action;
+
+ public String getMandateData() {
+ return mandateData;
+ }
+
+ public void setMandateData(String mandateData) {
+ this.mandateData = mandateData;
+ }
+
+ public AuthenticationData getAuthData() {
+ return authData;
+ }
+
+ public void setAuthData(AuthenticationData authData) {
+ this.authData = authData;
+ }
+
private CreateXMLSignatureResponse XMLCreateSignatureResponse;
private VerifyXMLSignatureResponse XMLVerifySignatureResponse;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/StartAuthenticationServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/StartAuthenticationServlet.java
index 012ed4c14..5ff5b6f63 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/StartAuthenticationServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/StartAuthenticationServlet.java
@@ -104,6 +104,8 @@ public class StartAuthenticationServlet extends AuthServlet {
String sessionID = req.getParameter(PARAM_SESSIONID);
String useMandate = req.getParameter(PARAM_USEMANDATE);
String ccc = req.getParameter(PARAM_CCC);
+ String modul = req.getParameter(PARAM_MODUL);
+ String action = req.getParameter(PARAM_ACTION);
// escape parameter strings
target = StringEscapeUtils.escapeHtml(target);
@@ -114,6 +116,8 @@ public class StartAuthenticationServlet extends AuthServlet {
sessionID = StringEscapeUtils.escapeHtml(sessionID);
useMandate = StringEscapeUtils.escapeHtml(useMandate);
ccc = StringEscapeUtils.escapeHtml(ccc);
+ modul = StringEscapeUtils.escapeHtml(modul);
+ action = StringEscapeUtils.escapeHtml(action);
setNoCachingHeadersInHttpRespone(req, resp);
@@ -169,13 +173,13 @@ public class StartAuthenticationServlet extends AuthServlet {
Logger.trace("Found C-PEPS configuration for citizen of country: " + ccc);
Logger.debug("Starting STORK authentication");
- AuthenticationServer.startSTORKAuthentication(req, resp, ccc, oaURL, target, targetFriendlyName, authURL, sourceID);
+ AuthenticationServer.startSTORKAuthentication(req, resp, ccc, oaURL, target, targetFriendlyName, authURL, sourceID, modul, action);
} else {
//normal MOA-ID authentication
Logger.debug("Starting normal MOA-ID authentication");
- String getIdentityLinkForm = AuthenticationServer.getInstance().startAuthentication(authURL, target, targetFriendlyName, oaURL, templateURL, bkuURL, useMandate, sessionID, req.getScheme(), sourceID);
+ String getIdentityLinkForm = AuthenticationServer.getInstance().startAuthentication(authURL, target, targetFriendlyName, oaURL, templateURL, bkuURL, useMandate, sessionID, req.getScheme(), sourceID, modul, action);
resp.setContentType("text/html;charset=UTF-8");
PrintWriter out = new PrintWriter(resp.getOutputStream());
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java
index fbf700365..f62428ea5 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java
@@ -51,6 +51,7 @@ import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
import at.gv.egovernment.moa.id.config.ConnectionParameter;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+import at.gv.egovernment.moa.id.moduls.ModulUtils;
import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
import at.gv.egovernment.moa.id.util.SSLUtils;
import at.gv.egovernment.moa.id.util.client.mis.simple.MISSessionId;
@@ -220,13 +221,15 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet {
else {
if (!samlArtifactBase64.equals("Redirect to Input Processor")) {
- redirectURL = session.getOAURLRequested();
+ /*redirectURL = session.getOAURLRequested();
if (!session.getBusinessService()) {
redirectURL = addURLParameter(redirectURL, PARAM_TARGET, URLEncoder.encode(session.getTarget(), "UTF-8"));
}
redirectURL = addURLParameter(redirectURL, PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64, "UTF-8"));
- redirectURL = resp.encodeRedirectURL(redirectURL);
+ redirectURL = resp.encodeRedirectURL(redirectURL);*/
+ redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(),
+ ModulUtils.buildAuthURL(session.getModul(), session.getAction()), samlArtifactBase64);
} else {
redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(), AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, session.getSessionID());
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/AuthDispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/AuthDispatcherServlet.java
index e78d9345c..ae0717a6d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/AuthDispatcherServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/AuthDispatcherServlet.java
@@ -133,7 +133,7 @@ public class AuthDispatcherServlet extends HttpServlet {
protected void processRequest(HttpServletRequest req,
HttpServletResponse resp) throws ServletException, IOException {
try {
- Object pathObject = req.getAttribute(PARAM_TARGET_PATH);
+ Object pathObject = req.getParameter(PARAM_TARGET_PATH);
String path = null;
HttpSession session = req.getSession();
@@ -146,7 +146,7 @@ public class AuthDispatcherServlet extends HttpServlet {
path = (String) session.getAttribute(PARAM_TARGET_PATH);
}
- Object protocolObject = req.getAttribute(PARAM_TARGET_PROTOCOL);
+ Object protocolObject = req.getParameter(PARAM_TARGET_PROTOCOL);
String protocol = null;
if (protocolObject != null && (protocolObject instanceof String)) {
protocol = (String) protocolObject;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
index ccc0f1ccc..48f44f97b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
@@ -129,7 +129,7 @@ public class DispatcherServlet extends HttpServlet {
protected void processRequest(HttpServletRequest req,
HttpServletResponse resp) throws ServletException, IOException {
- Object pathObject = req.getAttribute(PARAM_TARGET_PATH);
+ Object pathObject = req.getParameter(PARAM_TARGET_PATH);
String path = null;
if (pathObject != null && (pathObject instanceof String)) {
path = (String) pathObject;
@@ -139,7 +139,7 @@ public class DispatcherServlet extends HttpServlet {
path = (String) req.getAttribute(PARAM_TARGET_PATH);
}
- Object protocolObject = req.getAttribute(PARAM_TARGET_PROTOCOL);
+ Object protocolObject = req.getParameter(PARAM_TARGET_PROTOCOL);
String protocol = null;
if (protocolObject != null && (protocolObject instanceof String)) {
protocol = (String) protocolObject;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
index e631523a2..eeb16fcf9 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
@@ -11,6 +11,7 @@ import javax.servlet.http.HttpSession;
import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.auth.builder.LoginFormBuilder;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.entrypoints.AuthDispatcherServlet;
import at.gv.egovernment.moa.id.util.HTTPSessionUtils;
import at.gv.egovernment.moa.logging.Logger;
@@ -60,7 +61,10 @@ public class AuthenticationManager implements MOAIDAuthConstants {
throws ServletException, IOException {
HttpSession session = request.getSession();
Logger.info("Starting authentication ...");
- String loginForm = LoginFormBuilder.buildLoginForm(target.getOAURL());
+ String modul = (String)session.getAttribute(AuthDispatcherServlet.PARAM_TARGET_PATH);
+ String protocol = (String)session.getAttribute(AuthDispatcherServlet.PARAM_TARGET_PROTOCOL);
+
+ String loginForm = LoginFormBuilder.buildLoginForm(target.getOAURL(), modul, protocol);
response.setContentType("text/html;charset=UTF-8");
PrintWriter out = new PrintWriter(response.getOutputStream());
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationSessionStore.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationSessionStore.java
index c0bf29844..3096341e0 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationSessionStore.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationSessionStore.java
@@ -4,6 +4,7 @@ import java.util.HashMap;
import java.util.Iterator;
import java.util.Set;
+import at.gv.egovernment.moa.id.AuthenticationException;
import at.gv.egovernment.moa.id.MOAIDException;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
import at.gv.egovernment.moa.id.util.Random;
@@ -44,13 +45,13 @@ public class AuthenticationSessionStore {
}
public static String changeSessionID(AuthenticationSession session)
- throws MOAIDException {
+ throws AuthenticationException {
synchronized (sessionStore) {
if (sessionStore.containsKey(session.getSessionID())) {
AuthenticationSession theSession = sessionStore.get(session
.getSessionID());
if (theSession != session) {
- throw new MOAIDException("TODO!", null);
+ throw new AuthenticationException("TODO!", null);
}
sessionStore.remove(session.getSessionID());
@@ -60,7 +61,7 @@ public class AuthenticationSessionStore {
return id;
}
}
- throw new MOAIDException("TODO!", null);
+ throw new AuthenticationException("TODO!", null);
}
public static AuthenticationSession getSession(String sessionID) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/ModulUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/ModulUtils.java
new file mode 100644
index 000000000..918201dd4
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/ModulUtils.java
@@ -0,0 +1,22 @@
+package at.gv.egovernment.moa.id.moduls;
+
+import at.gv.egovernment.moa.id.entrypoints.DispatcherServlet;
+
+
+public class ModulUtils {
+
+ public static final String UNAUTHDISPATCHER = "UnauthDispatcher";
+ public static final String AUTHDISPATCHER = "AuthDispatcher";
+
+ public static String buildUnauthURL(String modul, String action) {
+ return UNAUTHDISPATCHER + "?" +
+ DispatcherServlet.PARAM_TARGET_PATH + "=" + modul + "&" +
+ DispatcherServlet.PARAM_TARGET_PROTOCOL + "=" + action;
+ }
+
+ public static String buildAuthURL(String modul, String action) {
+ return AUTHDISPATCHER +
+ "?" + DispatcherServlet.PARAM_TARGET_PATH + "=" + modul + "&" +
+ DispatcherServlet.PARAM_TARGET_PROTOCOL + "=" + action;
+ }
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
index 56d02b557..7e4313087 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
@@ -212,6 +212,8 @@ public class SAML1AuthenticationServer extends AuthenticationServer {
public static String BuildSAMLArtifact(AuthenticationSession session) throws ConfigurationException, BuildException, AuthenticationException {
+ // TODO: Support Mandate MODE!
+
OAAuthParameter oaParam = AuthConfigurationProvider.getInstance()
.getOnlineApplicationParameter(session.getPublicOAURLPrefix());
boolean useUTC = oaParam.getUseUTC();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
index 601425a9c..fd6c2dadb 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
@@ -59,7 +59,7 @@ public class SAML1Protocol implements IModulInfo, MOAIDAuthConstants {
public ITargetConfiguration preProcess(HttpServletRequest request,
HttpServletResponse response) throws MOAIDException {
TargetConfigurationImpl config = new TargetConfigurationImpl();
- String oaURL = (String) request.getAttribute(PARAM_OA);
+ String oaURL = (String) request.getParameter(PARAM_OA);
oaURL = StringEscapeUtils.escapeHtml(oaURL);
if (!ParamValidatorUtils.isValidOA(oaURL))
throw new WrongParametersException("StartAuthentication", PARAM_OA,
diff --git a/id/server/idserverlib/src/main/resources/resources/templates/loginForm.html b/id/server/idserverlib/src/main/resources/resources/templates/loginForm.html
index 90deb3b04..576683dc7 100644
--- a/id/server/idserverlib/src/main/resources/resources/templates/loginForm.html
+++ b/id/server/idserverlib/src/main/resources/resources/templates/loginForm.html
@@ -8,6 +8,8 @@
<form action="#AUTH_URL#" method="get" id="fcard">
<input type="hidden" name="bkuURI" value="https://127.0.0.1:3496/https-security-layer-request">
<input type="hidden" name="OA" value="#OA_URL#">
+ <input type="hidden" name="MODUL" value="#MODUL#">
+ <input type="hidden" name="ACTION" value="#ACTION#">
<input type="checkbox" id="mandateCheckBox" name="useMandate" value="true">
<label for="mandateCheckBox">in Vertretung anmelden</label>
<div
@@ -34,6 +36,8 @@
action="#AUTH_URL#">
<input type="hidden" name="bkuURI" value="https://127.0.0.1:3496/https-security-layer-request">
<input type="hidden" name="OA" value="#OA_URL#">
+ <input type="hidden" name="MODULE" value="#MODULE#">
+ <input type="hidden" name="ACTION" value="#ACTION#">
<select name="CCC" size="1" style="width: 120px">
<option value="BE">Belgiƫ/Belgique</option>
<option value="EE">Eesti</option>