aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java19
1 files changed, 14 insertions, 5 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
index a453010da..22f4a00ad 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
@@ -17,6 +17,7 @@ import at.gv.egovernment.moa.id.auth.MOAIDAuthInitializer;
import at.gv.egovernment.moa.id.auth.WrongParametersException;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
import at.gv.egovernment.moa.id.auth.servlet.AuthServlet;
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
import at.gv.egovernment.moa.id.moduls.AuthenticationManager;
@@ -273,11 +274,17 @@ public class DispatcherServlet extends AuthServlet{
RequestStorage.removePendingRequest(httpSession);
- if (useSSOOA || isValidSSOSession) {
+ String moasessionID = HTTPSessionUtils.getHTTPSessionString(req.getSession(),
+ AuthenticationManager.MOA_SESSION, null);
+
+ AuthenticationSession moasession = AuthenticationSessionStoreage.getSession(moasessionID);
+
+ if ((useSSOOA || isValidSSOSession)
+ && moasession.isSsoRequested()
+ && !moasession.getUseMandate()) //TODO: SSO with mandates requires an OVS extension
+ {
+
//save SSO session usage in Database
- String moasessionID = HTTPSessionUtils.getHTTPSessionString(req.getSession(),
- AuthenticationManager.MOA_SESSION, null);
-
String newSSOSessionId = ssomanager.storeSSOSessionInformations(moasessionID, protocolRequest.getOAURL());
if (newSSOSessionId != null) {
@@ -290,7 +297,9 @@ public class DispatcherServlet extends AuthServlet{
} else {
authmanager.logout(req, resp);
}
-
+
+ ConfigurationDBUtils.closeSession();
+
//authmanager.logout(req, resp);
} catch (Throwable e) {
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-26 07:45:39 +0000