diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java')
| -rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java | 56 |
1 files changed, 40 insertions, 16 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java index fa564d046..6893a794a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java @@ -30,6 +30,8 @@ import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; +import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger; import at.gv.egovernment.moa.id.advancedlogging.StatisticLogger; import at.gv.egovernment.moa.id.advancedlogging.TransactionIDUtils; import at.gv.egovernment.moa.id.auth.MOAIDAuthInitializer; @@ -130,7 +132,8 @@ public class DispatcherServlet extends AuthServlet{ } if (errorRequest != null) { - RequestStorage.removePendingRequest(pendingRequestID); + RequestStorage.removePendingRequest(pendingRequestID); + MOAReversionLogger.getInstance().logEvent(errorRequest, MOAIDEventConstants.TRANSACTION_ERROR); try { IModulInfo handlingModule = ModulStorage @@ -271,18 +274,22 @@ public class DispatcherServlet extends AuthServlet{ return; } } else { - try { - //set transactionID to Logger - protocolRequestID = Random.nextRandom(); - + try { //load unique session identifier with SSO-sessionID uniqueSessionIdentifier = ssomanager.getUniqueSessionIdentifier(ssoId); if (MiscUtil.isEmpty(uniqueSessionIdentifier)) uniqueSessionIdentifier = Random.nextRandom(); - - TransactionIDUtils.setTransactionId(protocolRequestID); TransactionIDUtils.setSessionId(uniqueSessionIdentifier); - + + //set transactionID to Logger + protocolRequestID = Random.nextRandom(); + TransactionIDUtils.setTransactionId(protocolRequestID); + + //log information for security and process reversion + MOAReversionLogger.getInstance().logEvent(MOAIDEventConstants.SESSION_CREATED, uniqueSessionIdentifier); + MOAReversionLogger.getInstance().logEvent(MOAIDEventConstants.TRANSACTION_CREATED, protocolRequestID); + MOAReversionLogger.getInstance().logEvent(uniqueSessionIdentifier, protocolRequestID, MOAIDEventConstants.SESSION_IP, req.getRemoteAddr()); + protocolRequest = info.preProcess(req, resp, action); //request is a valid interfederation response @@ -396,8 +403,7 @@ public class DispatcherServlet extends AuthServlet{ boolean needAuthentication = moduleAction.needAuthentication(protocolRequest, req, resp); - if (needAuthentication) { - + if (needAuthentication) { //check if interfederation IDP is requested ssomanager.checkInterfederationIsRequested(req, resp, protocolRequest); @@ -409,6 +415,9 @@ public class DispatcherServlet extends AuthServlet{ Logger.warn("Request sends an old SSO Session ID("+ssoId+")! " + "Invalidate the corresponding MOASession with ID="+ correspondingMOASession); + MOAReversionLogger.getInstance().logEvent(protocolRequest.getOnlineApplicationConfiguration(), + protocolRequest, MOAIDEventConstants.AUTHPROCESS_SSO_INVALID); + AuthenticationSessionStoreage.destroySession(correspondingMOASession); ssomanager.deleteSSOSessionID(req, resp); } @@ -439,6 +448,10 @@ public class DispatcherServlet extends AuthServlet{ boolean tryperform = authmanager.tryPerformAuthentication( req, resp); + if (tryperform) + MOAReversionLogger.getInstance().logEvent(protocolRequest.getOnlineApplicationConfiguration(), + protocolRequest, MOAIDEventConstants.AUTHPROCESS_FINISHED); + if (protocolRequest.forceAuth()) { if (!tryperform) { authmanager.doAuthentication(req, resp, @@ -448,12 +461,15 @@ public class DispatcherServlet extends AuthServlet{ } else if (protocolRequest.isPassiv()) { if (tryperform || (isValidSSOSession && useSSOOA && !isUseMandateRequested) ) { // Passive authentication ok! + // Is authenticated .. proceed + } else { throw new NoPassivAuthenticationException(); } } else { if (tryperform || (isValidSSOSession && useSSOOA && !isUseMandateRequested) ) { - // Is authenticated .. proceed + // Is authenticated .. proceed + } else { // Start authentication! authmanager.doAuthentication(req, resp, @@ -463,10 +479,12 @@ public class DispatcherServlet extends AuthServlet{ } if ((useSSOOA || isValidSSOSession)) //TODO: SSO with mandates requires an OVS extension - { - + { if (useSSOOA && isValidSSOSession) { - + + MOAReversionLogger.getInstance().logEvent(protocolRequest.getOnlineApplicationConfiguration(), + protocolRequest, MOAIDEventConstants.AUTHPROCESS_SSO); + moasessionID = ssomanager.getMOASession(ssoId); moasession = AuthenticationSessionStoreage.getSession(moasessionID); @@ -531,6 +549,7 @@ public class DispatcherServlet extends AuthServlet{ } else { authmanager.performOnlyIDPLogOut(req, resp, moasessionID); + } //Advanced statistic logging @@ -550,6 +569,10 @@ public class DispatcherServlet extends AuthServlet{ } + //log transaction_destroy to reversionslog + MOAReversionLogger.getInstance().logEvent(MOAIDEventConstants.TRANSACTION_DESTROYED, protocolRequestID); + + } catch (WrongParametersException ex) { handleWrongParameters(ex, req, resp); @@ -560,13 +583,14 @@ public class DispatcherServlet extends AuthServlet{ handleErrorNoRedirect(e.getMessage(), e, req, resp); } - + finally { ConfigurationDBUtils.closeSession(); Logger.trace("Clossing Dispatcher processing loop"); TransactionIDUtils.removeTransactionId(); - TransactionIDUtils.removeSessionId(); + TransactionIDUtils.removeSessionId(); + } } |