aboutsummaryrefslogtreecommitdiff
path: root/id
diff options
context:
space:
mode:
authorChristian Maierhofer <cmaierhofer@iaik.tugraz.at>2016-04-21 08:30:09 +0200
committerChristian Maierhofer <cmaierhofer@iaik.tugraz.at>2016-04-21 08:30:09 +0200
commitfa7f69cffc2c9b8d89ecc63f2dce72fffe1b671a (patch)
treebc4e9011f0200194a2db97bc067557e5a4b7e4a3 /id
parent3acbee93bd61ffba7b192282f534dc614d1cc280 (diff)
downloadmoa-id-spss-fa7f69cffc2c9b8d89ecc63f2dce72fffe1b671a.tar.gz
moa-id-spss-fa7f69cffc2c9b8d89ecc63f2dce72fffe1b671a.tar.bz2
moa-id-spss-fa7f69cffc2c9b8d89ecc63f2dce72fffe1b671a.zip
Added RedisTransaction storage
Diffstat (limited to 'id')
-rw-r--r--id/oa/src/main/webapp/WEB-INF/web.xml10
-rw-r--r--id/server/idserverlib/pom.xml30
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractController.java4
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java2
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java2
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestStorage.java3
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/process/dao/ProcessInstanceStoreDAOImpl.java2
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPAssertionStorage.java2
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java2
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBTransactionStorage.java2
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/ITransactionStorage.java3
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/RedisTransactionStorage.java355
-rw-r--r--id/server/idserverlib/src/main/resources/moaid.authentication.beans.xml28
-rw-r--r--id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/AssertionStore.java15
-rw-r--r--id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java2
-rw-r--r--id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java2
-rw-r--r--id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java6
17 files changed, 445 insertions, 25 deletions
diff --git a/id/oa/src/main/webapp/WEB-INF/web.xml b/id/oa/src/main/webapp/WEB-INF/web.xml
index a42985c95..89553915a 100644
--- a/id/oa/src/main/webapp/WEB-INF/web.xml
+++ b/id/oa/src/main/webapp/WEB-INF/web.xml
@@ -5,8 +5,8 @@
<description>MOA PVP2.1 Sample OA</description>
<servlet>
+ <display-name>PVP 2.1 Authentication request builder</display-name>
<servlet-name>pvp2login</servlet-name>
- <display-name>PVP 2.1 Authentication request builder</display-name>
<servlet-class>at.gv.egovernment.moa.id.demoOA.servlet.pvp2.Authenticate</servlet-class>
</servlet>
@@ -16,8 +16,8 @@
</servlet-mapping>
<servlet>
- <servlet-name>pvp2slo</servlet-name>
<display-name>PVP 2.1 Single Log-Out request builder</display-name>
+ <servlet-name>pvp2slo</servlet-name>
<servlet-class>at.gv.egovernment.moa.id.demoOA.servlet.pvp2.SingleLogOut</servlet-class>
</servlet>
@@ -27,8 +27,8 @@
</servlet-mapping>
<servlet>
+ <display-name>Metadata</display-name>
<servlet-name>pvp2metadata</servlet-name>
- <display-name>Metadata</display-name>
<servlet-class>at.gv.egovernment.moa.id.demoOA.servlet.pvp2.BuildMetadata</servlet-class>
</servlet>
@@ -38,8 +38,8 @@
</servlet-mapping>
<servlet>
+ <display-name>Secure area</display-name>
<servlet-name>pvp2demooa</servlet-name>
- <display-name>Secure area</display-name>
<servlet-class>at.gv.egovernment.moa.id.demoOA.servlet.pvp2.DemoApplication</servlet-class>
</servlet>
@@ -49,8 +49,8 @@
</servlet-mapping>
<servlet>
+ <display-name>Mainpage</display-name>
<servlet-name>index</servlet-name>
- <display-name>Mainpage</display-name>
<servlet-class>at.gv.egovernment.moa.id.demoOA.servlet.pvp2.Index</servlet-class>
</servlet>
diff --git a/id/server/idserverlib/pom.xml b/id/server/idserverlib/pom.xml
index c1533eeb7..127e7deec 100644
--- a/id/server/idserverlib/pom.xml
+++ b/id/server/idserverlib/pom.xml
@@ -385,7 +385,35 @@
<artifactId>spring-test</artifactId>
<scope>test</scope>
</dependency>
-
+
+ <!-- Redis -->
+ <dependency>
+ <groupId>org.springframework.data</groupId>
+ <artifactId>spring-data-redis</artifactId>
+ <version>1.6.4.RELEASE</version>
+ </dependency>
+
+ <dependency>
+ <groupId>org.apache.commons</groupId>
+ <artifactId>commons-pool2</artifactId>
+ <version>2.4.2</version>
+ </dependency>
+ <dependency>
+ <groupId>redis.clients</groupId>
+ <artifactId>jedis</artifactId>
+ <version>2.8.1</version>
+ </dependency>
+
+ <dependency>
+ <groupId>org.codehaus.jackson</groupId>
+ <artifactId>jackson-core-asl</artifactId>
+ <version>1.9.13</version>
+ </dependency>
+ <dependency>
+ <groupId>org.codehaus.jackson</groupId>
+ <artifactId>jackson-mapper-asl</artifactId>
+ <version>1.9.13</version>
+ </dependency>
</dependencies>
<build>
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractController.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractController.java
index fd2e03afa..9e0eb2ed2 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractController.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractController.java
@@ -139,12 +139,12 @@ public abstract class AbstractController extends MOAIDAuthConstants {
revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.TRANSACTION_ERROR);
transactionStorage.put(key,
new ExceptionContainer(pendingReq.getUniqueSessionIdentifier(),
- pendingReq.getUniqueTransactionIdentifier(), loggedException));
+ pendingReq.getUniqueTransactionIdentifier(), loggedException),-1);
} else {
transactionStorage.put(key,
new ExceptionContainer(null,
- null, loggedException));
+ null, loggedException),-1);
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java
index 66e8757ad..5e09380ae 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java
@@ -179,7 +179,7 @@ public class IDPSingleLogOutServlet extends AbstractController {
else
statusCode = MOAIDAuthConstants.SLOSTATUS_ERROR;
- transactionStorage.put(artifact, statusCode);
+ transactionStorage.put(artifact, statusCode, -1);
redirectURL = HTTPUtils.addURLParameter(redirectURL, MOAIDAuthConstants.PARAM_SLOSTATUS, artifact);
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
index a1f2c6558..3c6042b51 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
@@ -569,7 +569,7 @@ public class AuthenticationManager extends MOAIDAuthConstants {
}
//put SLO process-information into transaction storage
- transactionStorage.put(relayState, sloContainer);
+ transactionStorage.put(relayState, sloContainer, -1);
if (MiscUtil.isEmpty(authURL))
authURL = pvpReq.getAuthURL();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestStorage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestStorage.java
index 1b550881e..eec48e0f3 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestStorage.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestStorage.java
@@ -68,7 +68,7 @@ public class RequestStorage implements IRequestStorage{
public void storePendingRequest(IRequest pendingRequest) throws MOAIDException {
try {
if (pendingRequest instanceof IRequest) {
- transactionStorage.put(((IRequest)pendingRequest).getRequestID(), pendingRequest);
+ transactionStorage.put(((IRequest)pendingRequest).getRequestID(), pendingRequest, -1);
} else {
throw new MOAIDException("auth.20", null);
@@ -123,6 +123,7 @@ public class RequestStorage implements IRequestStorage{
((RequestImpl)pendingRequest).setRequestID(newRequestID);
transactionStorage.changeKey(oldRequestID, newRequestID, pendingRequest);
+ //only delete oldRequestID, no change.
return newRequestID;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/process/dao/ProcessInstanceStoreDAOImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/process/dao/ProcessInstanceStoreDAOImpl.java
index a9a9322ad..428931b5e 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/process/dao/ProcessInstanceStoreDAOImpl.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/process/dao/ProcessInstanceStoreDAOImpl.java
@@ -22,7 +22,7 @@ public class ProcessInstanceStoreDAOImpl implements ProcessInstanceStoreDAO {
@Override
public void saveOrUpdate(ProcessInstanceStore pIStore) throws MOADatabaseException {
try {
- transactionStorage.put(pIStore.getProcessInstanceId(), pIStore);
+ transactionStorage.put(pIStore.getProcessInstanceId(), pIStore, -1);
// MOASessionDBUtils.saveOrUpdate(pIStore);
log.debug("Store process instance with='{}' in the database.", pIStore.getProcessInstanceId());
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPAssertionStorage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPAssertionStorage.java
index 0dd309154..62105abda 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPAssertionStorage.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPAssertionStorage.java
@@ -49,7 +49,7 @@ public class PVPAssertionStorage implements SAMLArtifactMap {
samlMessage);
try {
- transactionStorage.put(artifact, assertion);
+ transactionStorage.put(artifact, assertion, -1);
} catch (MOADatabaseException e) {
// TODO Insert Error Handling, if Assertion could not be stored
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java
index af6c79140..d7adab4e6 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java
@@ -254,7 +254,7 @@ public class SingleLogOutAction implements IAction {
statusCode = MOAIDAuthConstants.SLOSTATUS_ERROR;
}
- transactionStorage.put(artifact, statusCode);
+ transactionStorage.put(artifact, statusCode, -1);
redirectURL = addURLParameter(redirectURL, MOAIDAuthConstants.PARAM_SLOSTATUS, artifact);
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBTransactionStorage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBTransactionStorage.java
index c2b3b0fc5..4699ad09c 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBTransactionStorage.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBTransactionStorage.java
@@ -73,7 +73,7 @@ public class DBTransactionStorage implements ITransactionStorage {
}
- public void put(String key, Object value) throws MOADatabaseException {
+ public void put(String key, Object value, int timeout_ms) throws MOADatabaseException {
//search if key already exists
AssertionStore element = searchInDatabase(key);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/ITransactionStorage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/ITransactionStorage.java
index 493f24ee8..4651566fc 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/ITransactionStorage.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/ITransactionStorage.java
@@ -48,9 +48,10 @@ public interface ITransactionStorage {
* @param key Id which identifiers the data object
* @param value Data object which should be stored.
* This data must implement the <code>java.io.Serializable</code> interface
+ * @param timeout_ms Defines the period of time a data object is kept within the storage
* @throws MOADatabaseException In case of store operation failed
*/
- public void put(String key, Object value) throws MOADatabaseException;
+ public void put(String key, Object value, int timeout_ms) throws MOADatabaseException;
/**
* Get a data object from transaction storage
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/RedisTransactionStorage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/RedisTransactionStorage.java
new file mode 100644
index 000000000..a8294fe88
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/RedisTransactionStorage.java
@@ -0,0 +1,355 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.storage;
+
+import java.io.Serializable;
+import java.util.ArrayList;
+import java.util.Date;
+import java.util.List;
+import java.util.Random;
+import java.util.concurrent.TimeUnit;
+
+import org.apache.commons.lang.SerializationUtils;
+import org.hibernate.HibernateException;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.dao.DataAccessException;
+import org.springframework.data.redis.core.RedisOperations;
+import org.springframework.data.redis.core.RedisTemplate;
+import org.springframework.data.redis.core.SessionCallback;
+import org.springframework.data.redis.serializer.JacksonJsonRedisSerializer;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+
+import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
+import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
+import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils;
+import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore;
+import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
+import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+@Service("TransactionStorage")
+public class RedisTransactionStorage implements ITransactionStorage {
+
+ @Autowired
+ private RedisTemplate<String, Object> redisTemplate;
+
+ @Autowired
+ protected AuthConfiguration authConfig;
+
+ @Autowired
+ private JacksonJsonRedisSerializer assertionStoreSerializer;
+
+ public RedisTemplate<String, Object> getTemplate(){
+ return this.redisTemplate;
+ }
+
+ public void setTemplate(RedisTemplate<String, Object> t){
+ this.redisTemplate = t;
+ }
+
+ public boolean containsKey(String key) {
+ try {
+ searchInDatabase(key);
+ return true;
+
+ } catch (MOADatabaseException e) {
+ return false;
+ }
+
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.storage.ITransactionStorage#changeKey(java.lang.String, java.lang.String, java.lang.Object)
+ */
+ @Override
+ public void changeKey(String oldKey, String newKey, Object value) throws MOADatabaseException {
+
+ //search if key already exists
+ final int expTime = redisTemplate.getExpire(oldKey, TimeUnit.MILLISECONDS).intValue();
+ //AssertionStore element = searchInDatabase(oldKey);
+ if (expTime < 0) {
+ Logger.info("No transaction-data with oldKey:" + oldKey
+ + " found. Process gets stopped.");
+ throw new MOADatabaseException("No transaction-data with oldKey:" + oldKey
+ + " found. Process gets stopped.");
+
+ }
+
+ //Important: Rename not working here, because the new ID also has to be put into the
+ //value object.
+ //redisTemplate.rename(oldKey, newKey);
+
+ final String old_key = oldKey;
+
+ //redisTemplate.delete(oldKey);
+ //put(null, newKey, value, expTime);
+ final AssertionStore assertion = prepareAssertion(null, newKey, value);
+ List<Object> txResults = redisTemplate.execute(new SessionCallback<List<Object>>() {
+ public List<Object> execute(RedisOperations operations) throws DataAccessException {
+ operations.multi();
+ operations.delete(old_key);
+ operations.opsForValue().set(assertion.getArtifact(), new String(assertionStoreSerializer.serialize(assertion)),expTime,TimeUnit.MILLISECONDS);
+ // This will contain the results of all ops in the transaction
+ return operations.exec();
+ }
+ });
+
+ int a= txResults.size();
+ }
+
+ public void put(String key, Object value, int timeoutms) throws MOADatabaseException {
+
+ //search if key already exists
+ AssertionStore element = searchInDatabase(key);
+
+ //create a new entry if key does not exists already
+ if (element == null) {
+ element = new AssertionStore();
+
+ }
+
+ put(element, key, value, timeoutms);
+ }
+
+ public <T> T get(String key,
+ final Class<T> clazz) throws MOADatabaseException {
+
+ try {
+ return get(key, clazz, -1);
+
+ } catch (AuthenticationException e) {
+ //this execption only occurs if an additional timeOut is used
+ Logger.error("This exeption should not occur!!!!", e);
+ return null;
+
+ }
+ }
+
+ public Object get(String key) throws MOADatabaseException {
+ AssertionStore element = searchInDatabase(key);
+
+ if (element == null)
+ return null;
+
+ return SerializationUtils.deserialize(element.getAssertion());
+
+
+ }
+
+ public <T> T get(String key, final Class<T> clazz, long dataTimeOut) throws MOADatabaseException, AuthenticationException {
+
+ AssertionStore element = searchInDatabase(key);
+
+ if (element == null)
+ return null;
+
+// dataTimeOut = -1;
+// if (dataTimeOut > -1) {
+// //check timeout
+// long now = new Date().getTime();
+//
+// if (now - element.getDatatime().getTime() > dataTimeOut) {
+// Logger.info("Transaction-Data with key: " + key + " is out of time.");
+// throw new AuthenticationException("1207", new Object[] { key });
+//
+// }
+// }
+
+
+ //Deserialize Assertion
+ Object data = SerializationUtils.deserialize(element.getAssertion());
+
+ //check if assertion has the correct class type
+ try {
+ @SuppressWarnings("unchecked")
+ T test = (T) Class.forName(element.getType()).cast(data);
+ return test;
+
+ } catch (Exception e) {
+ Logger.warn("Sessioninformation Cast-Exception by using Artifact=" + key);
+ throw new MOADatabaseException("Sessioninformation Cast-Exception");
+
+ }
+ }
+
+ //NOT USED with REDIS
+ public List<String> clean(Date now, long dataTimeOut) {
+
+ //redis enables to set TTL when creating new values, so we don't need this function anymore
+
+// Date expioredate = new Date(now.getTime() - dataTimeOut);
+//
+// List<AssertionStore> results;
+ List<String> returnValues = new ArrayList<String>();
+// Session session = MOASessionDBUtils.getCurrentSession();
+//
+// synchronized (session) {
+// session.beginTransaction();
+// Query query = session.getNamedQuery("getAssertionWithTimeOut");
+// query.setTimestamp("timeout", expioredate);
+// results = query.list();
+// session.getTransaction().commit();
+// }
+//
+// if (results != null) {
+// for (AssertionStore el : results)
+// returnValues.add(el.getArtifact());
+//
+// }
+ return returnValues;
+ }
+
+ public void remove(String key) {
+
+ try {
+
+ AssertionStore element = searchInDatabase(key);
+ if (element == null) {
+ Logger.debug("Sessioninformation not removed! (Sessioninformation with ID=" + key
+ + "not found)");
+ return;
+ }
+
+ redisTemplate.delete(key);
+ //cleanDelete(element);
+ Logger.debug("Removed stored information with ID: " + key);
+
+
+ } catch (MOADatabaseException e) {
+ Logger.info("Sessioninformation not removed! (Message:"+ e.getMessage() + ")");
+
+ } catch (HibernateException e) {
+ Logger.warn("Sessioninformation not removed! (Error during Database communication)", e);
+ }
+ }
+
+ //Not used within REDIS store
+ private void cleanDelete(AssertionStore element) {
+ try {
+ element.setAssertion("blank".getBytes());
+ MOASessionDBUtils.saveOrUpdate(element);
+
+ } catch (MOADatabaseException e) {
+ Logger.warn("Blank shortTime session with artifact=" + element.getArtifact() + " FAILED.", e);
+
+ } finally {
+ if (!MOASessionDBUtils.delete(element))
+ Logger.error("ShortTime session with artifact=" + element.getArtifact()
+ + " not removed! (Error during Database communication)");
+
+ }
+
+ }
+
+ //name="getAssertionWithArtifact", query = "select assertionstore from AssertionStore assertionstore where assertionstore.artifact = :artifact"),
+ //@NamedQuery(name="getAssertionWithTimeOut", query = "select assertionstore from AssertionStore assertionstore where assertionstore.timestamp < :timeout")
+
+ @SuppressWarnings("rawtypes")
+ private AssertionStore searchInDatabase(String artifact) throws MOADatabaseException {
+ MiscUtil.assertNotNull(artifact, "artifact");
+ Logger.trace("Getting sessioninformation with ID " + artifact + " from database.");
+
+
+// Session session = MOASessionDBUtils.getCurrentSession();
+// List result;
+//
+// synchronized (session) {
+// session.beginTransaction();
+// Query query = session.getNamedQuery("getAssertionWithArtifact");
+// query.setParameter("artifact", artifact);
+// result = query.list();
+//
+// //send transaction
+// session.getTransaction().commit();
+// }
+ //String id = (String) redisTemplate.opsForSet().pop(artifact);
+ String assertion = (String) redisTemplate.opsForValue().get(artifact);
+ //String id = (String) redisTemplate.opsForValue().get(artifact);
+ if(assertion == null){
+ Logger.debug("No transaction information with ID:" + artifact + " found.");
+ return null;
+ }
+
+ AssertionStore as = (AssertionStore) assertionStoreSerializer.deserialize(assertion.getBytes());
+ //delete the timestamp entry
+// String ts = as.getDatatime().toString();
+// redisTemplate.opsForSet().pop(ts);
+
+ if(as == null){
+ Logger.debug("No transaction information with ID:" + artifact + " found.");
+ return null;
+ }
+ return as;
+
+ //Assertion requires an unique artifact
+// if (result.size() != 1) {
+// Logger.debug("No transaction information with ID:" + artifact + " found.");
+//
+//
+// }
+//
+// return (AssertionStore) result.get(0);
+ }
+
+ private void put(AssertionStore element, String key, Object value, int timeoutms) throws MOADatabaseException {
+
+ element = prepareAssertion(element, key, value);
+
+ int authDataTimeOut = authConfig.getTransactionTimeOut() * 1000;
+
+ if(timeoutms != -1){
+ authDataTimeOut = timeoutms;
+ }
+ redisTemplate.opsForValue().set(element.getArtifact(), new String(assertionStoreSerializer.serialize(element)),authDataTimeOut,TimeUnit.MILLISECONDS);
+ //MOASessionDBUtils.saveOrUpdate(element);
+ Logger.debug(value.getClass().getName() + " with ID: " + key + " is stored in Database");
+
+ }
+
+private AssertionStore prepareAssertion(AssertionStore element, String key, Object value) throws MOADatabaseException {
+
+ if(element == null)
+ element = new AssertionStore();
+
+ element.setArtifact(key);
+ element.setType(value.getClass().getName());
+ element.setDatatime(new Date());
+
+ if (!Serializable.class.isInstance(value)) {
+ Logger.warn("Transaction-Storage can only store objects which implements the 'Seralizable' interface");
+ throw new MOADatabaseException("Transaction-Storage can only store objects which implements the 'Seralizable' interface", null);
+ }
+
+ //serialize the Assertion for Database storage
+ byte[] data = SerializationUtils.serialize((Serializable) value);
+ element.setAssertion(data);
+
+ long id = new Random().nextLong();
+ element.setId(id);
+
+ return element;
+
+ }
+
+}
diff --git a/id/server/idserverlib/src/main/resources/moaid.authentication.beans.xml b/id/server/idserverlib/src/main/resources/moaid.authentication.beans.xml
index 11d92cea3..42192d6a0 100644
--- a/id/server/idserverlib/src/main/resources/moaid.authentication.beans.xml
+++ b/id/server/idserverlib/src/main/resources/moaid.authentication.beans.xml
@@ -4,6 +4,7 @@
xmlns:context="http://www.springframework.org/schema/context"
xmlns:tx="http://www.springframework.org/schema/tx"
xmlns:aop="http://www.springframework.org/schema/aop"
+ xmlns:p="http://www.springframework.org/schema/p"
xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
@@ -35,8 +36,7 @@
<bean id="MOAID_SSOManager"
class="at.gv.egovernment.moa.id.moduls.SSOManager"/>
- <bean id="TransactionStorage"
- class="at.gv.egovernment.moa.id.storage.DBTransactionStorage"/>
+
<bean id="AuthenticationSessionStoreage"
class="at.gv.egovernment.moa.id.storage.DBAuthenticationSessionStoreage"/>
@@ -79,6 +79,28 @@
<bean id="EvaluateSSOConsentsTaskImpl"
class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.EvaluateSSOConsentsTaskImpl"
- scope="prototype"/>
+ scope="prototype"/>
+
+ <!-- bean id="TransactionStorage"
+ class="at.gv.egovernment.moa.id.storage.DBTransactionStorage"/ -->
+ <bean id="TransactionStorage"
+ class="at.gv.egovernment.moa.id.storage.RedisTransactionStorage"/>
+
+ <!-- Redis Beans -->
+ <bean id="jedisConnFactory"
+ class="org.springframework.data.redis.connection.jedis.JedisConnectionFactory"
+ p:use-pool="true"/>
+
+ <bean id="RedisStringSerializer" class="org.springframework.data.redis.serializer.StringRedisSerializer" />
+ <bean id="assertionStoreSerializer" class="org.springframework.data.redis.serializer.JacksonJsonRedisSerializer">
+ <constructor-arg type="java.lang.Class" value="at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore"/>
+ </bean>
+
+ <bean id="redisTemplate"
+ class="org.springframework.data.redis.core.RedisTemplate"
+ p:connection-factory-ref="jedisConnFactory"
+ p:value-serializer-ref="RedisStringSerializer"
+ p:key-serializer-ref="RedisStringSerializer"/>
+
</beans> \ No newline at end of file
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/AssertionStore.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/AssertionStore.java
index c2f5ec962..d3c7abd1b 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/AssertionStore.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/AssertionStore.java
@@ -35,6 +35,8 @@ import javax.persistence.Table;
import org.hibernate.annotations.DynamicUpdate;
+import com.fasterxml.jackson.annotation.JsonCreator;
+
@Entity
@@ -46,8 +48,19 @@ import org.hibernate.annotations.DynamicUpdate;
})
public class AssertionStore implements Serializable{
+ /**
+ *
+ */
+ private static final long serialVersionUID = 2804964892915004185L;
+
+
+
+ @JsonCreator
+ public AssertionStore(){
+
+ }
+
- private static final long serialVersionUID = 1L;
@Id
//@GeneratedValue(strategy = GenerationType.AUTO)
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java
index 803ae388f..b9bed7a22 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java
@@ -93,7 +93,7 @@ class OAuth20AuthAction implements IAction {
// store data in oath session
- transactionStorage.put(code, o);
+ transactionStorage.put(code, o, -1);
Logger.debug("Saved OAuth20SessionObject in session with id: " + code);
diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java
index b18425839..70b2ebbe9 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java
+++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java
@@ -535,7 +535,7 @@ public class SSOTransferServlet{
container.setDhParams(dhKeyIDP);
//store container
- transactionStorage.put(token, container);
+ transactionStorage.put(token, container,(int)transmisionTimeOut);
//build QR code
String containerURL = authURL
diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
index 0ec0d95a2..113fb943f 100644
--- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
+++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
@@ -95,7 +95,7 @@ public class SAML1AuthenticationServer extends AuthenticationServer {
* time out in milliseconds used by {@link cleanup} for authentication data
* store
*/
- private static final long authDataTimeOut = 2 * 60 * 1000; // default 2 minutes
+ private static final int authDataTimeOut = 2 * 60 * 1000; // default 2 minutes
public Throwable getErrorResponse(String samlArtifact) throws AuthenticationException {
@@ -210,7 +210,7 @@ public class SAML1AuthenticationServer extends AuthenticationServer {
protocolRequest.getOAURL(), protocolRequest.getRequestID(),
null);
- authenticationDataStore.put(samlArtifact, error);
+ authenticationDataStore.put(samlArtifact, error, authDataTimeOut);
return samlArtifact;
}
@@ -721,7 +721,7 @@ public class SAML1AuthenticationServer extends AuthenticationServer {
//synchronized (authenticationDataStore) {
Logger.debug("Assertion stored for SAML Artifact: "
+ samlArtifact);
- authenticationDataStore.put(samlArtifact, samlAssertion);
+ authenticationDataStore.put(samlArtifact, samlAssertion,authDataTimeOut);
//}
} catch (AuthenticationException ex) {