aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java33
1 files changed, 21 insertions, 12 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
index 75695d2db..f39fde6be 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
@@ -43,6 +43,7 @@ import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
import at.gv.egovernment.moa.id.util.Random;
import at.gv.egovernment.moa.id.util.legacy.LegacyHelper;
import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.MiscUtil;
public class DispatcherServlet extends AuthServlet{
@@ -329,6 +330,7 @@ public class DispatcherServlet extends AuthServlet{
SSOManager ssomanager = SSOManager.getInstance();
String moasessionID = null;
+ String newSSOSessionId = null;
AuthenticationSession moasession = null;
//get SSO Cookie for Request
@@ -398,7 +400,6 @@ public class DispatcherServlet extends AuthServlet{
}
}
-
if ((useSSOOA || isValidSSOSession)) //TODO: SSO with mandates requires an OVS extension
{
@@ -416,17 +417,13 @@ public class DispatcherServlet extends AuthServlet{
}
else {
- //TODO: maybe transmit moasessionID with http GET to handle more then one PendingRequest!
moasessionID = (String) req.getParameter(PARAM_SESSIONID);
-
-// moasessionID = HTTPSessionUtils.getHTTPSessionString(req.getSession(),
-// AuthenticationManager.MOA_SESSION, null);
-
+
moasession = AuthenticationSessionStoreage.getSession(moasessionID);
}
//save SSO session usage in Database
- String newSSOSessionId = ssomanager.storeSSOSessionInformations(moasessionID, protocolRequest.getOAURL());
+ newSSOSessionId = ssomanager.createSSOSessionInformations(moasessionID, protocolRequest.getOAURL());
if (newSSOSessionId != null) {
ssomanager.setSSOSessionID(req, resp, newSSOSessionId);
@@ -449,16 +446,28 @@ public class DispatcherServlet extends AuthServlet{
}
- moduleAction.processRequest(protocolRequest, req, resp, moasession);
+ String assertionID = moduleAction.processRequest(protocolRequest, req, resp, moasession);
RequestStorage.removePendingRequest(protocolRequests, protocolRequestID);
if (needAuthentication) {
- boolean isSSOSession = AuthenticationSessionStoreage.isSSOSession(moasessionID);
-
+ //boolean isSSOSession = AuthenticationSessionStoreage.isSSOSession(moasessionID);
+ boolean isSSOSession = MiscUtil.isNotEmpty(newSSOSessionId);
+
if ((useSSOOA || isSSOSession) //TODO: SSO with mandates requires an OVS extension
- && !moasession.getUseMandate())
- {
+ && !moasession.getUseMandate()) {
+
+ try {
+ //Store OA specific SSO session information
+ AuthenticationSessionStoreage.addSSOInformation(moasessionID,
+ newSSOSessionId, assertionID, protocolRequest.getOAURL());
+
+ } catch (AuthenticationException e) {
+ Logger.warn("SSO Session information can not be stored -> SSO is not enabled!");
+
+ authmanager.logout(req, resp, moasessionID);
+ isSSOSession = false;
+ }
} else {
authmanager.logout(req, resp, moasessionID);
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-13 07:50:57 +0000