diff options
9 files changed, 207 insertions, 36 deletions
| diff --git a/id/server/auth-final/pom.xml b/id/server/auth-final/pom.xml index 776ec00d3..61eba7f22 100644 --- a/id/server/auth-final/pom.xml +++ b/id/server/auth-final/pom.xml @@ -165,7 +165,7 @@  <!-- 		<dependency>  			<groupId>MOA.id.server.modules</groupId> -			<artifactId>moa-id-module-pvp2</artifactId> +			<artifactId>moa-id-module-eIDAS</artifactId>  		</dependency> -->   		<dependency> diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationSessionCleaner.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationSessionCleaner.java index 94138e0fc..e0552c337 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationSessionCleaner.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationSessionCleaner.java @@ -4,15 +4,22 @@  package at.gv.egovernment.moa.id.auth;  import java.util.Date; +import java.util.List; +import org.hibernate.HibernateException;  import org.springframework.beans.factory.annotation.Autowired;  import org.springframework.stereotype.Service; +import at.gv.egovernment.moa.id.advancedlogging.TransactionIDUtils;  import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;  import at.gv.egovernment.moa.id.commons.utils.MOAIDMessageProvider; +import at.gv.egovernment.moa.id.data.ExceptionContainer; +import at.gv.egovernment.moa.id.process.ProcessExecutionException;  import at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage;  import at.gv.egovernment.moa.id.storage.ITransactionStorage;  import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil;  /**   * Thread cleaning the <code>AuthenticationServer</code> session store @@ -53,11 +60,55 @@ public class AuthenticationSessionCleaner implements Runnable {      			authenticationSessionStorage.clean(now, sessionTimeOutCreated, sessionTimeOutUpdated);      			//clean TransactionStorage -    			transactionStorage.clean(now, authDataTimeOut); +    			List<String> entryKeysToClean = transactionStorage.clean(now, authDataTimeOut); +    			if (entryKeysToClean != null && entryKeysToClean.size() != 0) { +    				for(String entryKey : entryKeysToClean) { +    					try { +    						try { +    							Object entry = transactionStorage.get(entryKey); +    							//if entry is an exception --> log it because is could be unhandled +    							if (entry != null && entry instanceof ExceptionContainer) {    								 +    								ExceptionContainer exContainer = (ExceptionContainer) entry;    								 +    								 +    								if (exContainer.getExceptionThrown() != null) { +    									//add session and transaction ID to log if exists +    									if (MiscUtil.isNotEmpty(exContainer.getUniqueTransactionID())) +    										TransactionIDUtils.setTransactionId(exContainer.getUniqueTransactionID()); +									 +    									if (MiscUtil.isNotEmpty(exContainer.getUniqueSessionID())) +    										TransactionIDUtils.setSessionId(exContainer.getUniqueSessionID()); +  +    									//log exception to technical log +    									logExceptionToTechnicalLog(exContainer.getExceptionThrown()); +    									 +    									//remove session and transaction ID from thread +    									TransactionIDUtils.removeSessionId(); +    									TransactionIDUtils.removeTransactionId(); +    								}    								 +    							} +    							 +    						} catch (Exception e) { +    							Logger.info("Transaction info is not loadable. " +    									+ "Key:" + entryKey +    									+ " ErrorMsg:" + e.getMessage()); +    							 +    						} +    						 +    						transactionStorage.remove(entryKey); +    						Logger.info("Remove stored information with ID: " + entryKey  +    								+ " after timeout."); +    					 +    					} catch (HibernateException e){ +    						Logger.warn("Transaction information with ID=" + entryKey  +    								+ " not removed after timeout! (Error during Database communication)", e); +    					} +    	 +    				}	 +    			}      		} catch (Exception e) { -    			Logger.error("Session cleanUp FAILED!" , e); +    			Logger.error("Session/Transaction cleanUp FAILED!" , e);      		} @@ -72,6 +123,27 @@ public class AuthenticationSessionCleaner implements Runnable {      }    } +	/** +	 * Write a Exception to the MOA-ID-Auth internal technical log +	 *  +	 * @param loggedException Exception to log +	 */	 +	protected void logExceptionToTechnicalLog(Throwable loggedException) { +		if (!( loggedException instanceof MOAIDException  +				 || loggedException instanceof ProcessExecutionException )) { +			Logger.error("Receive an internal error: Message=" + loggedException.getMessage(), loggedException); +	 +		} else { +			if (Logger.isDebugEnabled() || Logger.isTraceEnabled()) { +				Logger.warn(loggedException.getMessage(), loggedException); +	 +			} else { +				Logger.info(loggedException.getMessage()); +	 +			}			 +		}		 +	} +      /**     * start the sessionCleaner     */ diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractController.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractController.java index e51f3e6c9..fd2e03afa 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractController.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractController.java @@ -32,6 +32,7 @@ import javax.servlet.http.HttpServletResponse;  import org.springframework.beans.factory.annotation.Autowired;  import org.springframework.web.bind.annotation.ExceptionHandler; +import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;  import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;  import at.gv.egovernment.moa.id.advancedlogging.StatisticLogger;  import at.gv.egovernment.moa.id.auth.exception.InvalidProtocolRequestException; @@ -42,10 +43,12 @@ import at.gv.egovernment.moa.id.auth.frontend.exception.GUIBuildException;  import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;  import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;  import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +import at.gv.egovernment.moa.id.commons.api.IRequest;  import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;  import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;  import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;  import at.gv.egovernment.moa.id.commons.utils.MOAIDMessageProvider; +import at.gv.egovernment.moa.id.data.ExceptionContainer;  import at.gv.egovernment.moa.id.moduls.IRequestStorage;  import at.gv.egovernment.moa.id.process.ProcessExecutionException;  import at.gv.egovernment.moa.id.protocols.AbstractAuthProtocolModulController; @@ -101,8 +104,12 @@ public abstract class AbstractController extends MOAIDAuthConstants {  	}  	protected void handleError(String errorMessage, Throwable exceptionThrown, -			HttpServletRequest req, HttpServletResponse resp, String pendingRequestID) throws IOException { +			HttpServletRequest req, HttpServletResponse resp, IRequest pendingReq) throws IOException { +		String pendingRequestID = null; +		if (pendingReq != null) +			pendingRequestID = pendingReq.getRequestID(); +		  		Throwable loggedException = null;  		Throwable extractedException = extractOriginalExceptionFromProcessException(exceptionThrown); @@ -127,8 +134,19 @@ public abstract class AbstractController extends MOAIDAuthConstants {  			//switch to protocol-finalize method to generate a protocol-specific error message  			//put exception into transaction store for redirect -			String key = Random.nextRandom();			 -			transactionStorage.put(key, loggedException); +			String key = Random.nextLongRandom(); +			if (pendingReq != null) { +				revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.TRANSACTION_ERROR); +				transactionStorage.put(key,  +						new ExceptionContainer(pendingReq.getUniqueSessionIdentifier(),  +								pendingReq.getUniqueTransactionIdentifier(), loggedException)); +			 +			} else { +				transactionStorage.put(key,  +						new ExceptionContainer(null,  +								null, loggedException)); +				 +			}  			//build up redirect URL  			String redirectURL = null; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractProcessEngineSignalController.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractProcessEngineSignalController.java index 7a4ee35fa..0ce7b0050 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractProcessEngineSignalController.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractProcessEngineSignalController.java @@ -28,14 +28,14 @@ public abstract class AbstractProcessEngineSignalController extends AbstractCont  	protected void signalProcessManagement(HttpServletRequest req, HttpServletResponse resp) throws IOException {
  		String pendingRequestID = StringEscapeUtils.escapeHtml(getPendingRequestId(req));
 -		
 +		IRequest pendingReq = null;
  		try {	
  			if (pendingRequestID == null) {
  				throw new MOAIllegalStateException("process.03", new Object[]{"Unable to determine MOA pending-request id."});
  			}
 -			IRequest pendingReq = requestStorage.getPendingRequest(pendingRequestID);
 +			pendingReq = requestStorage.getPendingRequest(pendingRequestID);
  			if (pendingReq == null) {
  				Logger.info("No PendingRequest with Id: " + pendingRequestID + " Maybe, a transaction timeout occure.");
  				throw new MOAIDException("auth.28", new Object[]{pendingRequestID});
 @@ -60,7 +60,7 @@ public abstract class AbstractProcessEngineSignalController extends AbstractCont  			processEngine.signal(pendingReq);
  		} catch (Exception ex) {
 -			handleError(null, ex, req, resp, pendingRequestID);
 +			handleError(null, ex, req, resp, pendingReq);
  		} finally {
  			//MOASessionDBUtils.closeSession();
 diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/ExceptionContainer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/ExceptionContainer.java new file mode 100644 index 000000000..5e3fb5df6 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/ExceptionContainer.java @@ -0,0 +1,65 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.data; + +/** + * @author tlenz + * + */ +public class ExceptionContainer { + +	private Throwable exceptionThrown = null; +	private String uniqueSessionID = null; +	private String uniqueTransactionID = null; +	 +	/** +	 *  +	 */ +	public ExceptionContainer(String uniqueSessionID, String uniqueTransactionID, Throwable exception) { +		this.uniqueSessionID = uniqueSessionID; +		this.uniqueTransactionID = uniqueTransactionID; +		this.exceptionThrown = exception;		 +	} +	 +	/** +	 * @return the exceptionThrown +	 */ +	public Throwable getExceptionThrown() { +		return exceptionThrown; +	} +	/** +	 * @return the uniqueSessionID +	 */ +	public String getUniqueSessionID() { +		return uniqueSessionID; +	} +	/** +	 * @return the uniqueTransactionID +	 */ +	public String getUniqueTransactionID() { +		return uniqueTransactionID; +	} +	 +	 +	 +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/ProtocolFinalizationController.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/ProtocolFinalizationController.java index 991c6a881..0da43d818 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/ProtocolFinalizationController.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/ProtocolFinalizationController.java @@ -38,6 +38,7 @@ import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;  import at.gv.egovernment.moa.id.commons.api.IRequest;  import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;  import at.gv.egovernment.moa.id.commons.utils.MOAIDMessageProvider; +import at.gv.egovernment.moa.id.data.ExceptionContainer;  import at.gv.egovernment.moa.id.util.ParamValidatorUtils;  import at.gv.egovernment.moa.logging.Logger; @@ -66,15 +67,14 @@ public class ProtocolFinalizationController extends AbstractAuthProtocolModulCon  		if (errorid != null) {  			try {				  				//load stored exception from database -				Throwable throwable = transactionStorage.get(errorid, Throwable.class); -				 -				if (throwable != null) {					 +				ExceptionContainer container = transactionStorage.get(errorid, ExceptionContainer.class);								 +				if (container != null) {					  					//remove exception if it was found  					transactionStorage.remove(errorid); -					if (pendingReq != null) {						 -						revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.TRANSACTION_ERROR); -	 +					Throwable throwable = container.getExceptionThrown(); +					 +					if (pendingReq != null) {													  						//build protocol-specific error message if possible  						buildProtocolSpecificErrorResponse(throwable, req, resp, pendingReq); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBTransactionStorage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBTransactionStorage.java index ff631a720..6778dc32e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBTransactionStorage.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBTransactionStorage.java @@ -23,6 +23,7 @@  package at.gv.egovernment.moa.id.storage;  import java.io.Serializable; +import java.util.ArrayList;  import java.util.Date;  import java.util.List; @@ -99,6 +100,17 @@ public class DBTransactionStorage implements ITransactionStorage {  		}  	} +	public Object get(String key) throws MOADatabaseException { +		  AssertionStore element = searchInDatabase(key); +		   +		  if (element == null) +			  return null; +		   +		  return SerializationUtils.deserialize(element.getAssertion()); +		 +		 +	} +	  	public <T> T get(String key, final Class<T> clazz, long dataTimeOut) throws MOADatabaseException, AuthenticationException {  	  AssertionStore element = searchInDatabase(key); @@ -134,10 +146,11 @@ public class DBTransactionStorage implements ITransactionStorage {  	  }  	} -	public void clean(Date now, long dataTimeOut) { +	public List<String> clean(Date now, long dataTimeOut) {  		Date expioredate = new Date(now.getTime() - dataTimeOut);		  		List<AssertionStore> results; +		List<String> returnValues = new ArrayList<String>();;  		Session session = MOASessionDBUtils.getCurrentSession();  		synchronized (session) {			 @@ -146,22 +159,14 @@ public class DBTransactionStorage implements ITransactionStorage {  			query.setTimestamp("timeout", expioredate);		  			results = query.list();  			session.getTransaction().commit(); -				 -			if (results.size() != 0) { -				for(AssertionStore result : results) { -					try {  -						cleanDelete(result); -						Logger.info("Remove stored information with ID: " + result.getArtifact()  -								+ " after timeout."); -					 -					} catch (HibernateException e){ -						Logger.warn("Sessioninformation with ID=" + result.getArtifact()  -								+ " not removed after timeout! (Error during Database communication)", e); -					} -	 -				}	 -			}  		} +		 +		if (results != null) { +			for (AssertionStore el : results) +				returnValues.add(el.getArtifact()); +							 +		} +		return returnValues;  	}  	public void remove(String key) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/ITransactionStorage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/ITransactionStorage.java index 48283d2b6..fe959c39d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/ITransactionStorage.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/ITransactionStorage.java @@ -23,6 +23,7 @@  package at.gv.egovernment.moa.id.storage;  import java.util.Date; +import java.util.List;  import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;  import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; @@ -53,6 +54,15 @@ public interface ITransactionStorage {  	/**  	 * Get a data object from transaction storage  	 *  +	 * @param key key Id which identifiers the data object +	 * @return The transaction-data object, or null +	 * @throws MOADatabaseException In case of load operation failed +	 */ +	public Object get(String key) throws MOADatabaseException; +	 +	/** +	 * Get a data object from transaction storage +	 *   	 * @param key Id which identifiers the data object  	 * @param clazz The class type which is stored with this key  	 * @return The transaction-data object from type class, or null @@ -91,11 +101,12 @@ public interface ITransactionStorage {  	public void remove(String key);  	/** -	 * Clean-up the transaction storage +	 * Get all entries for Clean-up the transaction storage  	 *   	 * @param now Current time  	 * @param dataTimeOut Data-object timeout in [ms] +	 * @return List of entry-keys which as a timeout  	 */ -	public void clean(Date now, long dataTimeOut); +	public List<String> clean(Date now, long dataTimeOut);  } diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferSignalServlet.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferSignalServlet.java index cd18afb71..e92925dfb 100644 --- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferSignalServlet.java +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferSignalServlet.java @@ -61,13 +61,13 @@ public class SSOTransferSignalServlet extends AbstractProcessEngineSignalControl  	@Override  	protected void signalProcessManagement(HttpServletRequest req, HttpServletResponse resp) throws IOException {  		String pendingRequestID = StringEscapeUtils.escapeHtml(getPendingRequestId(req)); -		 +		IRequest pendingReq = null;  		try {	  			if (pendingRequestID == null) {  				throw new IllegalStateException("Unable to determine MOA pending-request id.");  			} -			IRequest pendingReq = requestStorage.getPendingRequest(pendingRequestID); +			pendingReq = requestStorage.getPendingRequest(pendingRequestID);  			if (pendingReq == null) {  				Logger.info("No PendingRequest with Id: " + pendingRequestID + " Maybe, a transaction timeout occure.");  				throw new MOAIDException("auth.28", new Object[]{pendingRequestID}); @@ -87,7 +87,7 @@ public class SSOTransferSignalServlet extends AbstractProcessEngineSignalControl  			processEngine.signal(pendingReq);  		} catch (Exception ex) { -			handleError(null, ex, req, resp, pendingRequestID); +			handleError(null, ex, req, resp, pendingReq);  		} finally {  			//MOASessionDBUtils.closeSession(); | 
