aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java126
1 files changed, 84 insertions, 42 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
index 480deb867..a3827ab73 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
@@ -25,20 +25,18 @@ package at.gv.egovernment.moa.id.entrypoints;
import java.io.IOException;
import java.util.Iterator;
-import java.util.Map;
-import java.util.Set;
-import java.util.concurrent.ConcurrentHashMap;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
import at.gv.egovernment.moa.id.advancedlogging.StatisticLogger;
import at.gv.egovernment.moa.id.auth.MOAIDAuthInitializer;
+import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataBuilder;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
+import at.gv.egovernment.moa.id.auth.exception.InvalidProtocolRequestException;
import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
import at.gv.egovernment.moa.id.auth.exception.ProtocolNotActiveException;
import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
@@ -46,6 +44,8 @@ import at.gv.egovernment.moa.id.auth.servlet.AuthServlet;
import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+import at.gv.egovernment.moa.id.data.IAuthData;
+import at.gv.egovernment.moa.id.data.SLOInformationInterface;
import at.gv.egovernment.moa.id.moduls.AuthenticationManager;
import at.gv.egovernment.moa.id.moduls.IAction;
import at.gv.egovernment.moa.id.moduls.IModulInfo;
@@ -57,6 +57,7 @@ import at.gv.egovernment.moa.id.moduls.SSOManager;
import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AuthnRequestValidatorException;
import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
import at.gv.egovernment.moa.id.storage.DBExceptionStoreImpl;
+import at.gv.egovernment.moa.id.util.ErrorResponseUtils;
import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
import at.gv.egovernment.moa.id.util.Random;
import at.gv.egovernment.moa.id.util.legacy.LegacyHelper;
@@ -223,8 +224,10 @@ public class DispatcherServlet extends AuthServlet{
}
}
- //HttpSession httpSession = req.getSession();
- //Map<String, IRequest> protocolRequests = null;
+ //get SSO Cookie for Request
+ SSOManager ssomanager = SSOManager.getInstance();
+ String ssoId = ssomanager.getSSOSessionID(req);
+
IRequest protocolRequest = null;
try {
@@ -249,18 +252,47 @@ public class DispatcherServlet extends AuthServlet{
try {
protocolRequest = info.preProcess(req, resp, action);
- if (protocolRequest != null) {
-
+ //request is a valid interfederation response
+ if (protocolRequest != null &&
+ protocolRequest.getInterfederationResponse() != null ) {
+ Logger.debug("Create new interfederated MOA-Session and add to HTTPRequest");
+
+ //reload SP protocol implementation
+ info = ModulStorage.getModuleByPath(protocolRequest.requestedModule());
+ moduleAction = info.getAction(protocolRequest.requestedAction());
+
+ //create interfederated mOASession
+ String sessionID =
+ AuthenticationSessionStoreage.createInterfederatedSession(protocolRequest, true, ssoId);
+ req.getParameterMap().put(PARAM_SESSIONID, sessionID);
+
+ Logger.info("PreProcessing of SSO interfederation response complete. ");
+
+ //request is a not valid interfederation response -> Restart local authentication
+ } else if (protocolRequest != null &&
+ MiscUtil.isNotEmpty(protocolRequest.getRequestID())) {
+ Logger.info("Restart authentication with stored " + protocolRequest.requestedModule()
+ + " AuthnRequest for OnlineApplication " + protocolRequest.getOAURL());
+
+ //request is a new authentication request
+ } else if (protocolRequest != null &&
+ MiscUtil.isEmpty(protocolRequest.getRequestID())) {
//Start new Authentication
- protocolRequest.setAction(action);
protocolRequest.setModule(module);
- protocolRequestID = Random.nextRandom();
- protocolRequest.setRequestID(protocolRequestID);
- RequestStorage.setPendingRequest(protocolRequest);
+ //if preProcessing has not set a specific action from decoded request
+ // then set the default action
+ if (MiscUtil.isEmpty(protocolRequest.requestedAction()))
+ protocolRequest.setAction(action);
+ else
+ moduleAction = info.getAction(protocolRequest.requestedAction());
+ protocolRequestID = Random.nextRandom();
+ protocolRequest.setRequestID(protocolRequestID);
+ RequestStorage.setPendingRequest(protocolRequest);
Logger.debug(DispatcherServlet.class.getName()+": Create PendingRequest with ID " + protocolRequestID + ".");
-
+
+
} else {
Logger.error("Failed to generate a valid protocol request!");
resp.setContentType("text/html;charset=UTF-8");
@@ -280,30 +312,42 @@ public class DispatcherServlet extends AuthServlet{
StatisticLogger logger = StatisticLogger.getInstance();
logger.logErrorOperation(e, e.getErrorRequest());
return;
-
- } catch (MOAIDException e) {
+
+ }catch (InvalidProtocolRequestException e) {
+ ErrorResponseUtils utils = ErrorResponseUtils.getInstance();
+ String code = utils.mapInternalErrorToExternalError(e.getMessageId());
+ String descr = e.getMessage();
+ Logger.error("Protocol validation FAILED!");
+ resp.setContentType("text/html;charset=UTF-8");
+ resp.sendError(HttpServletResponse.SC_BAD_REQUEST, "Protocol validation FAILED!" +
+ "(Errorcode=" + code +
+ " | Description=" + descr + ")");
+ return;
+ } catch (MOAIDException e) {
Logger.error("Failed to generate a valid protocol request!");
resp.setContentType("text/html;charset=UTF-8");
- resp.sendError(HttpServletResponse.SC_BAD_REQUEST, "NO valid protocol request received!");
+ resp.sendError(HttpServletResponse.SC_BAD_REQUEST, "NO valid protocol request received!" +
+ "(Errorcode=6000"
+ +" | Description=Das Authentifizierungsprotokoll wurde nicht erkannt oder wird nicht unterst\u00FCzt" + ")");
return;
}
}
AuthenticationManager authmanager = AuthenticationManager.getInstance();
- SSOManager ssomanager = SSOManager.getInstance();
String moasessionID = null;
String newSSOSessionId = null;
AuthenticationSession moasession = null;
-
- //get SSO Cookie for Request
- String ssoId = ssomanager.getSSOSessionID(req);
-
- boolean needAuthentication = moduleAction.needAuthentication(protocolRequest, req, resp);
+ IAuthData authData = null;
+
+ boolean needAuthentication = moduleAction.needAuthentication(protocolRequest, req, resp);
if (needAuthentication) {
-
+
+ //check if interfederation IDP is requested
+ ssomanager.checkInterfederationIsRequested(req, resp, protocolRequest);
+
//check SSO session
if (ssoId != null) {
String correspondingMOASession = ssomanager.existsOldSSOSession(ssoId);
@@ -326,8 +370,8 @@ public class DispatcherServlet extends AuthServlet{
}
- isValidSSOSession = ssomanager.isValidSSOSession(ssoId, req);
- useSSOOA = oaParam.useSSO();
+ isValidSSOSession = ssomanager.isValidSSOSession(ssoId, protocolRequest);
+ useSSOOA = oaParam.useSSO() || oaParam.isInderfederationIDP();
//if a legacy request is used SSO should not be allowed, actually
@@ -377,38 +421,36 @@ public class DispatcherServlet extends AuthServlet{
if (oaParam.useSSOQuestion() && !AuthenticationSessionStoreage.isAuthenticated(moasessionID)) {
authmanager.sendTransmitAssertionQuestion(req, resp, protocolRequest, oaParam);
return;
- }
- }
- else {
+ }
- moasessionID = (String) req.getParameter(PARAM_SESSIONID);
-
+ } else {
+ moasessionID = (String) req.getParameter(PARAM_SESSIONID);
moasession = AuthenticationSessionStoreage.getSession(moasessionID);
- }
-
+
+ }
//save SSO session usage in Database
newSSOSessionId = ssomanager.createSSOSessionInformations(moasessionID, protocolRequest.getOAURL());
- if (newSSOSessionId != null) {
+ if (MiscUtil.isNotEmpty(newSSOSessionId)) {
ssomanager.setSSOSessionID(req, resp, newSSOSessionId);
} else {
ssomanager.deleteSSOSessionID(req, resp);
+
}
- } else {
-
- moasessionID = (String) req.getParameter(PARAM_SESSIONID);
-
+ } else {
+ moasessionID = (String) req.getParameter(PARAM_SESSIONID);
moasession = AuthenticationSessionStoreage.getSession(moasessionID);
moasessionID = AuthenticationSessionStoreage.changeSessionID(moasession);
+
}
-
-
+ //build authenticationdata from session information and OA configuration
+ authData = AuthenticationDataBuilder.buildAuthenticationData(protocolRequest, moasession);
}
-
- String assertionID = moduleAction.processRequest(protocolRequest, req, resp, moasession);
+
+ SLOInformationInterface assertionID = moduleAction.processRequest(protocolRequest, req, resp, authData);
RequestStorage.removePendingRequest(protocolRequestID);
@@ -436,7 +478,7 @@ public class DispatcherServlet extends AuthServlet{
//Advanced statistic logging
StatisticLogger logger = StatisticLogger.getInstance();
- logger.logSuccessOperation(protocolRequest, moasession, isSSOSession);
+ logger.logSuccessOperation(protocolRequest, authData, isSSOSession);
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-06 15:34:28 +0000