diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java')
| -rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java | 139 |
1 files changed, 86 insertions, 53 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java index 4ec734c41..b6742fb9e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java @@ -10,14 +10,17 @@ import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import at.gv.egovernment.moa.id.AuthenticationException; +import at.gv.egovernment.moa.id.BuildException; import at.gv.egovernment.moa.id.MOAIDException; import at.gv.egovernment.moa.id.auth.WrongParametersException; import at.gv.egovernment.moa.id.auth.builder.LoginFormBuilder; +import at.gv.egovernment.moa.id.auth.builder.SendAssertionFormBuilder; import at.gv.egovernment.moa.id.auth.builder.StartAuthenticationBuilder; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.parser.StartAuthentificationParameterParser; import at.gv.egovernment.moa.id.auth.servlet.AuthServlet; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.id.config.OAParameter; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; @@ -119,33 +122,40 @@ public class AuthenticationManager extends AuthServlet { try { authSession = AuthenticationSessionStoreage.getSession(sessionID); - } catch (MOADatabaseException e) { - return false; - } + - if (authSession != null) { - Logger.info("MOASession found! A: " - + authSession.isAuthenticated() + ", AU " - + authSession.isAuthenticatedUsed()); - if (authSession.isAuthenticated() - && !authSession.isAuthenticatedUsed()) { - authSession.setAuthenticatedUsed(true); - HTTPSessionUtils.setHTTPSessionString(session, MOA_SESSION, - sessionID); - return true; // got authenticated + if (authSession != null) { + Logger.info("MOASession found! A: " + + authSession.isAuthenticated() + ", AU " + + authSession.isAuthenticatedUsed()); + if (authSession.isAuthenticated() + && !authSession.isAuthenticatedUsed()) { + authSession.setAuthenticatedUsed(true); + + AuthenticationSessionStoreage.storeSession(authSession); + + HTTPSessionUtils.setHTTPSessionString(session, MOA_SESSION, + sessionID); + return true; // got authenticated + } } + + } catch (MOADatabaseException e) { + return false; + } catch (BuildException e) { + return false; } } return false; } public void logout(HttpServletRequest request, - HttpServletResponse response) { + HttpServletResponse response, String moaSessionID) { Logger.info("Logout"); HttpSession session = request.getSession(); - String moaSessionID = HTTPSessionUtils.getHTTPSessionString(session, MOA_SESSION, null); + //String moaSessionID = HTTPSessionUtils.getHTTPSessionString(session, MOA_SESSION, null); if(moaSessionID == null) { moaSessionID = (String) request.getParameter(PARAM_SESSIONID); @@ -171,7 +181,7 @@ public class AuthenticationManager extends AuthServlet { AuthenticationSessionStoreage.destroySession(moaSessionID); - session.invalidate(); + //session.invalidate(); } catch (MOADatabaseException e) { Logger.info("NO MOA Authentication data for ID " + moaSessionID); @@ -185,14 +195,14 @@ public class AuthenticationManager extends AuthServlet { throws ServletException, IOException, MOAIDException { Logger.info("Starting authentication ..."); - if (!ParamValidatorUtils.isValidOA(target.getOAURL())) - throw new WrongParametersException("StartAuthentication", PARAM_OA, - "auth.12"); - - if (target.getOAURL() == null) { - throw new WrongParametersException("StartAuthentication", PARAM_OA, - "auth.12"); - } +// if (!ParamValidatorUtils.isValidOA(target.getOAURL())) +// throw new WrongParametersException("StartAuthentication", PARAM_OA, +// "auth.12"); +// +// if (target.getOAURL() == null) { +// throw new WrongParametersException("StartAuthentication", PARAM_OA, +// "auth.12"); +// } setNoCachingHeadersInHttpRespone(request, response); @@ -205,12 +215,19 @@ public class AuthenticationManager extends AuthServlet { boolean legacyparamavail = ParamValidatorUtils.areAllLegacyParametersAvailable(request); AuthenticationSession moasession; + try { + //check if an MOASession exists and if not create an new MOASession + //moasession = getORCreateMOASession(request); + moasession = AuthenticationSessionStoreage.createSession(); + + } catch (MOADatabaseException e1) { + Logger.error("Database Error! MOASession can not be created!"); + throw new MOAIDException("init.04", new Object[] {}); + } + if (legacyallowed && legacyparamavail) { - //check if an MOASession exists and if not create an new MOASession - moasession = getORCreateMOASession(request); - //parse request parameter into MOASession StartAuthentificationParameterParser.parse(request, response, moasession); @@ -255,7 +272,7 @@ public class AuthenticationManager extends AuthServlet { else { //check if an MOASession exists and if not create an new MOASession - moasession = getORCreateMOASession(request); + //moasession = getORCreateMOASession(request); //set OnlineApplication configuration in Session moasession.setOAURLRequested(target.getOAURL()); @@ -264,8 +281,10 @@ public class AuthenticationManager extends AuthServlet { } //Build authentication form + + String loginForm = LoginFormBuilder.buildLoginForm(target.requestedModule(), - target.requestedAction(), oaParam.getFriendlyName(), request.getContextPath()); + target.requestedAction(), oaParam.getFriendlyName(), request.getContextPath(), oaParam.useIFrame()); //store MOASession try { @@ -286,29 +305,43 @@ public class AuthenticationManager extends AuthServlet { } } - private AuthenticationSession getORCreateMOASession(HttpServletRequest request) throws MOAIDException { + public void sendTransmitAssertionQuestion(HttpServletRequest request, + HttpServletResponse response, IRequest target, OAAuthParameter oaParam) + throws ServletException, IOException, MOAIDException { - //String sessionID = request.getParameter(PARAM_SESSIONID); - String sessionID = (String) request.getSession().getAttribute(MOA_SESSION); - AuthenticationSession moasession; - - try { - moasession = AuthenticationSessionStoreage.getSession(sessionID); - Logger.info("Found existing MOASession with sessionID=" + sessionID - + ". This session is used for reauthentification."); - - } catch (MOADatabaseException e) { - try { - moasession = AuthenticationSessionStoreage.createSession(); - Logger.info("Create a new MOASession with sessionID=" + moasession.getSessionID() + "."); - - } catch (MOADatabaseException e1) { - Logger.error("Database Error! MOASession are not created."); - throw new MOAIDException("init.04", new Object[] { - "0"}); - } - } - - return moasession; - } + String form = SendAssertionFormBuilder.buildForm(target.requestedModule(), + target.requestedAction(), oaParam.getFriendlyName(), request.getContextPath(), oaParam.useIFrame()); + + response.setContentType("text/html;charset=UTF-8"); + PrintWriter out = new PrintWriter(response.getOutputStream()); + out.print(form); + out.flush(); + } + + +// private AuthenticationSession getORCreateMOASession(HttpServletRequest request) throws MOAIDException { +// +// //String sessionID = request.getParameter(PARAM_SESSIONID); +// String sessionID = (String) request.getSession().getAttribute(MOA_SESSION); +// AuthenticationSession moasession; +// +// try { +// moasession = AuthenticationSessionStoreage.getSession(sessionID); +// Logger.info("Found existing MOASession with sessionID=" + sessionID +// + ". This session is used for reauthentification."); +// +// } catch (MOADatabaseException e) { +// try { +// moasession = AuthenticationSessionStoreage.createSession(); +// Logger.info("Create a new MOASession with sessionID=" + moasession.getSessionID() + "."); +// +// } catch (MOADatabaseException e1) { +// Logger.error("Database Error! MOASession are not created."); +// throw new MOAIDException("init.04", new Object[] { +// "0"}); +// } +// } +// +// return moasession; +// } } |