diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java')
-rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java | 17 |
1 files changed, 13 insertions, 4 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java index 75197943f..e23e2bb78 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java @@ -1061,9 +1061,9 @@ public class AuthenticationServer implements MOAIDAuthConstants { session.getExtendedSAMLAttributesOA()); authData.setSamlAssertion(samlAssertion); - - //ParepUtils.saveStringToFile(samlAssertion, new File("c:/saml_assertion.xml")); - + String assertionFile = AuthConfigurationProvider.getInstance().getGenericConfigurationParameter("AuthenticationServer.WritAssertionToFile"); + if (!ParepUtils.isEmpty(assertionFile)) ParepUtils.saveStringToFile(samlAssertion, new File(assertionFile)); //Ex: "c:/saml_assertion.xml" + return authData; } catch (Throwable ex) { throw new BuildException( @@ -1093,7 +1093,16 @@ public class AuthenticationServer implements MOAIDAuthConstants { Logger.error("Assertion not found for SAML Artifact: " + samlArtifact); throw new AuthenticationException("1206", new Object[] { samlArtifact }); } - authenticationDataStore.remove(assertionHandle); + boolean keepAssertion = false; + try { + String boolStr = AuthConfigurationProvider.getInstance().getGenericConfigurationParameter("AuthenticationServer.KeepAssertion"); + if ((null!=boolStr && boolStr.equalsIgnoreCase("true"))) keepAssertion = true;//Only allowed for debug purposes!!! + } catch (ConfigurationException ex) { + throw new AuthenticationException("1205", new Object[] { samlArtifact, ex.toString()}); + } + if (!keepAssertion) { + authenticationDataStore.remove(assertionHandle); + } } long now = new Date().getTime(); if (now - authData.getTimestamp().getTime() > authDataTimeOut) |