diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java')
| -rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java | 63 |
1 files changed, 33 insertions, 30 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java index 87bd4ffea..14bb53eb7 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java @@ -1891,37 +1891,35 @@ public class AuthenticationServer implements MOAIDAuthConstants { } } - OAAuthParameter oaParam = AuthConfigurationProvider.getInstance() - .getOnlineApplicationParameter(session.getPublicOAURLPrefix()); - boolean useUTC = oaParam.getUseUTC(); - boolean useCondition = oaParam.getUseCondition(); - int conditionLength = oaParam.getConditionLength(); - - // builds authentication data and stores it together with a SAML - // artifact - AuthenticationData authData = buildAuthenticationData(session, vsresp, - useUTC, false); +// OAAuthParameter oaParam = AuthConfigurationProvider.getInstance() +// .getOnlineApplicationParameter(session.getPublicOAURLPrefix()); +// boolean useUTC = oaParam.getUseUTC(); +// boolean useCondition = oaParam.getUseCondition(); +// int conditionLength = oaParam.getConditionLength(); - //set Authblock - session.setAuthData(authData); - //set signer certificate + //TL: moved to Authentification Data generation +// AuthenticationData authData = buildAuthenticationData(session, vsresp, +// useUTC, false); +// +// //set Authblock +// session.setAuthData(authData); + + + session.setXMLVerifySignatureResponse(vsresp); session.setSignerCertificate(vsresp.getX509certificate()); + vsresp.setX509certificate(null); + session.setForeigner(false); if (session.getUseMandate()) { // mandate mode - - // session.setAssertionAuthBlock(assertionAuthBlock) return null; + } else { - - + session.setAuthenticatedUsed(false); session.setAuthenticated(true); - - //TODO: check if this element is needed!!! - //session.setXMLVerifySignatureResponse(vsresp); - + String oldsessionID = session.getSessionID(); //Session is implicte stored in changeSessionID!!! @@ -2325,22 +2323,27 @@ public class AuthenticationServer implements MOAIDAuthConstants { X509Certificate cert = session.getSignerCertificate(); vsresp.setX509certificate(cert); - OAAuthParameter oaParam = AuthConfigurationProvider.getInstance() - .getOnlineApplicationParameter(session.getPublicOAURLPrefix()); - boolean useUTC = oaParam.getUseUTC(); +// OAAuthParameter oaParam = AuthConfigurationProvider.getInstance() +// .getOnlineApplicationParameter(session.getPublicOAURLPrefix()); +// boolean useUTC = oaParam.getUseUTC(); // boolean useCondition = oaParam.getUseCondition(); // int conditionLength = oaParam.getConditionLength(); - AuthenticationData authData = buildAuthenticationData(session, vsresp, - useUTC, true); + //TL: moved to Assertion generation. +// AuthenticationData authData = buildAuthenticationData(session, vsresp, +// useUTC, true); +// +// session.setAuthData(authData); - session.setAuthData(authData); session.setAuthenticatedUsed(false); session.setAuthenticated(true); - //TODO: check, if it element is in use!!!! - //session.setXMLVerifySignatureResponse(vsresp); + + session.setXMLVerifySignatureResponse(vsresp); + session.setSignerCertificate(vsresp.getX509certificate()); + vsresp.setX509certificate(null); + session.setForeigner(true); //session is implicit stored in changeSessionID!!!! String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(session); @@ -2402,7 +2405,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { * @throws BuildException * while building the <code><saml:Assertion></code> */ - protected static AuthenticationData buildAuthenticationData( + public static AuthenticationData buildAuthenticationData( AuthenticationSession session, VerifyXMLSignatureResponse verifyXMLSigResp, boolean useUTC, boolean isForeigner) throws ConfigurationException, BuildException { |