diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java')
-rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java | 98 |
1 files changed, 40 insertions, 58 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java index 0badebdbb..d4e08318d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java @@ -3,10 +3,7 @@ package at.gv.egovernment.moa.id.entrypoints; import java.io.IOException; -import java.util.ConcurrentModificationException; -import java.util.HashMap; import java.util.Iterator; -import java.util.List; import java.util.Map; import java.util.Set; import java.util.concurrent.ConcurrentHashMap; @@ -16,7 +13,6 @@ import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; -import javax.swing.ListModel; import at.gv.egovernment.moa.id.advancedlogging.StatisticLogger; import at.gv.egovernment.moa.id.auth.MOAIDAuthInitializer; @@ -37,8 +33,8 @@ import at.gv.egovernment.moa.id.moduls.NoPassivAuthenticationException; import at.gv.egovernment.moa.id.moduls.RequestStorage; import at.gv.egovernment.moa.id.moduls.SSOManager; import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; +import at.gv.egovernment.moa.id.storage.DBExceptionStoreImpl; import at.gv.egovernment.moa.id.storage.ExceptionStoreImpl; -import at.gv.egovernment.moa.id.util.HTTPSessionUtils; import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; import at.gv.egovernment.moa.id.util.Random; import at.gv.egovernment.moa.id.util.legacy.LegacyHelper; @@ -86,9 +82,9 @@ public class DispatcherServlet extends AuthServlet{ String errorid = req.getParameter(ERROR_CODE_PARAM); if (errorid != null) { - Throwable throwable = ExceptionStoreImpl.getStore() + Throwable throwable = DBExceptionStoreImpl.getStore() .fetchException(errorid); - ExceptionStoreImpl.getStore().removeException(errorid); + DBExceptionStoreImpl.getStore().removeException(errorid); Object idObject = req.getParameter(PARAM_TARGET_PENDINGREQUESTID); @@ -236,35 +232,26 @@ public class DispatcherServlet extends AuthServlet{ Object idObject = req.getParameter(PARAM_TARGET_PENDINGREQUESTID); if (protocolRequests != null && - idObject != null && (idObject instanceof String)) { + idObject != null && (idObject instanceof String)) { + + protocolRequestID = (String) idObject; -// synchronized (protocolRequests) { - - protocolRequestID = (String) idObject; - - //get IRequest if it exits - if (protocolRequests.containsKey(protocolRequestID)) { - protocolRequest = protocolRequests.get(protocolRequestID); - - - - Logger.debug(DispatcherServlet.class.getName()+": Found PendingRequest with ID " + protocolRequestID); - - //RequestStorage.setPendingRequest(httpSession, protocolRequests); + //get IRequest if it exits + if (protocolRequests.containsKey(protocolRequestID)) { + protocolRequest = protocolRequests.get(protocolRequestID); + Logger.debug(DispatcherServlet.class.getName()+": Found PendingRequest with ID " + protocolRequestID); - } else { - Logger.error("No PendingRequest with ID " + protocolRequestID + " found.!"); + } else { + Logger.error("No PendingRequest with ID " + protocolRequestID + " found.!"); - Set<String> mapkeys = protocolRequests.keySet(); - for (String el : mapkeys) - Logger.debug("PendingRequest| ID=" + el + " OAIdentifier=" + protocolRequests.get(el)); - - handleErrorNoRedirect("Während des Anmeldevorgangs ist ein Fehler aufgetreten. Bitte versuchen Sie es noch einmal.", - null, req, resp); - //resp.sendError(HttpServletResponse.SC_CONFLICT); - return; - } -// } + Set<String> mapkeys = protocolRequests.keySet(); + for (String el : mapkeys) + Logger.debug("PendingRequest| ID=" + el + " OAIdentifier=" + protocolRequests.get(el)); + + handleErrorNoRedirect("Während des Anmeldevorgangs ist ein Fehler aufgetreten. Bitte versuchen Sie es noch einmal.", + null, req, resp); + return; + } } else { try { protocolRequest = info.preProcess(req, resp, action); @@ -273,26 +260,22 @@ public class DispatcherServlet extends AuthServlet{ if(protocolRequests != null) { -// synchronized (protocolRequests) { -// synchronized (protocolRequest) { - Set<String> mapkeys = protocolRequests.keySet(); - for (String el : mapkeys) { - IRequest value = protocolRequests.get(el); + Set<String> mapkeys = protocolRequests.keySet(); + for (String el : mapkeys) { + IRequest value = protocolRequests.get(el); + + if (value.getOAURL().equals(protocolRequest.getOAURL())) { - if (value.getOAURL().equals(protocolRequest.getOAURL())) { - - if(!AuthenticationSessionStoreage.deleteSessionWithPendingRequestID(el)) { - Logger.warn(DispatcherServlet.class.getName()+": NO MOASession with PendingRequestID " + el + " found. Delete all user sessions!"); - RequestStorage.removeAllPendingRequests(req.getSession()); - - } else { - RequestStorage.removePendingRequest(protocolRequests, el); - } - } + if(!AuthenticationSessionStoreage.deleteSessionWithPendingRequestID(el)) { + Logger.warn(DispatcherServlet.class.getName()+": NO MOASession with PendingRequestID " + el + " found. Delete all user sessions!"); + RequestStorage.removeAllPendingRequests(req.getSession()); + + } else { + RequestStorage.removePendingRequest(protocolRequests, el); } -// } -// } - + } + } + } else { protocolRequests = new ConcurrentHashMap<String, IRequest>(); } @@ -311,19 +294,22 @@ public class DispatcherServlet extends AuthServlet{ } } } catch (MOAIDException e) { - resp.sendError(HttpServletResponse.SC_BAD_REQUEST); Logger.error("Failed to generate a valid protocol request!"); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST); + resp.setContentType("text/html;charset=UTF-8"); + resp.getWriter().write("NO valid protocol request received!"); return; } if (protocolRequest == null) { - resp.sendError(HttpServletResponse.SC_BAD_REQUEST); Logger.error("Failed to generate a valid protocol request!"); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST); + resp.setContentType("text/html;charset=UTF-8"); + resp.getWriter().write("NO valid protocol request received!"); return; } } - RequestStorage.setPendingRequest(httpSession, protocolRequests); AuthenticationManager authmanager = AuthenticationManager.getInstance(); @@ -403,7 +389,6 @@ public class DispatcherServlet extends AuthServlet{ if ((useSSOOA || isValidSSOSession)) //TODO: SSO with mandates requires an OVS extension { - //TODO SSO Question!!!! if (useSSOOA && isValidSSOSession) { moasessionID = ssomanager.getMOASession(ssoId); @@ -433,8 +418,6 @@ public class DispatcherServlet extends AuthServlet{ } } else { -// moasessionID = HTTPSessionUtils.getHTTPSessionString(req.getSession(), -// AuthenticationManager.MOA_SESSION, null); moasessionID = (String) req.getParameter(PARAM_SESSIONID); @@ -451,7 +434,6 @@ public class DispatcherServlet extends AuthServlet{ RequestStorage.removePendingRequest(protocolRequests, protocolRequestID); if (needAuthentication) { - //boolean isSSOSession = AuthenticationSessionStoreage.isSSOSession(moasessionID); boolean isSSOSession = MiscUtil.isNotEmpty(newSSOSessionId); if ((useSSOOA || isSSOSession) //TODO: SSO with mandates requires an OVS extension |