aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java103
1 files changed, 29 insertions, 74 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
index be0132c14..655c507be 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
package at.gv.egovernment.moa.id.moduls;
import java.io.IOException;
@@ -7,24 +29,20 @@ import java.util.List;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
-import at.gv.egovernment.moa.id.AuthenticationException;
-import at.gv.egovernment.moa.id.BuildException;
-import at.gv.egovernment.moa.id.MOAIDException;
-import at.gv.egovernment.moa.id.auth.WrongParametersException;
import at.gv.egovernment.moa.id.auth.builder.LoginFormBuilder;
import at.gv.egovernment.moa.id.auth.builder.SendAssertionFormBuilder;
import at.gv.egovernment.moa.id.auth.builder.StartAuthenticationBuilder;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
+import at.gv.egovernment.moa.id.auth.exception.BuildException;
+import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
import at.gv.egovernment.moa.id.auth.parser.StartAuthentificationParameterParser;
import at.gv.egovernment.moa.id.auth.servlet.AuthServlet;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
-import at.gv.egovernment.moa.id.config.OAParameter;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
-import at.gv.egovernment.moa.id.util.HTTPSessionUtils;
import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.StringUtils;
@@ -48,61 +66,6 @@ public class AuthenticationManager extends AuthServlet {
}
-// public AuthenticationSession getAuthenticationSession(
-// HttpSession session) {
-// String sessionID = HTTPSessionUtils.getHTTPSessionString(session,
-// MOA_SESSION, null);
-// if (sessionID != null) {
-// try {
-// return AuthenticationSessionStoreage.getSession(sessionID);
-//
-// } catch (MOADatabaseException e) {
-// return null;
-// }
-// }
-// return null;
-// }
-
-// /**
-// * Checks if the session is authenticated
-// *
-// * @param request
-// * @param response
-// * @return
-// */
-// public boolean isAuthenticated(HttpServletRequest request,
-// HttpServletResponse response) {
-// Logger.info("Checking authentication");
-//
-// HttpSession session = request.getSession();
-//
-// String moaSessionID = HTTPSessionUtils.getHTTPSessionString(session, MOA_SESSION, null);
-//
-// if(moaSessionID == null) {
-// Logger.info("NO MOA Session to logout");
-// return false;
-// }
-//
-//// AuthenticationSession authSession;
-//// try {
-//// authSession = AuthenticationSessionStoreage
-//// .getSession(moaSessionID);
-////
-//// } catch (MOADatabaseException e) {
-//// Logger.info("NO MOA Authentication data for ID " + moaSessionID);
-//// return false;
-//// }
-////
-//// if(authSession == null) {
-//// Logger.info("NO MOA Authentication data for ID " + moaSessionID);
-//// return false;
-//// }
-////
-//// return authSession.isAuthenticated();
-//
-// return AuthenticationSessionStoreage.isAuthenticated(moaSessionID);
-// }
-
/**
* Checks if this request can authenticate a MOA Session
*
@@ -112,9 +75,7 @@ public class AuthenticationManager extends AuthServlet {
*/
public boolean tryPerformAuthentication(HttpServletRequest request,
HttpServletResponse response) {
-
- HttpSession session = request.getSession();
-
+
String sessionID = (String) request.getParameter(PARAM_SESSIONID);
if (sessionID != null) {
Logger.info("got MOASession: " + sessionID);
@@ -133,9 +94,7 @@ public class AuthenticationManager extends AuthServlet {
authSession.setAuthenticatedUsed(true);
AuthenticationSessionStoreage.storeSession(authSession);
-
-// HTTPSessionUtils.setHTTPSessionString(session, MOA_SESSION,
-// sessionID);
+
return true; // got authenticated
}
}
@@ -153,10 +112,6 @@ public class AuthenticationManager extends AuthServlet {
HttpServletResponse response, String moaSessionID) {
Logger.info("Logout");
- HttpSession session = request.getSession();
-
- //String moaSessionID = HTTPSessionUtils.getHTTPSessionString(session, MOA_SESSION, null);
-
if(moaSessionID == null) {
moaSessionID = (String) request.getParameter(PARAM_SESSIONID);
}
@@ -284,7 +239,7 @@ public class AuthenticationManager extends AuthServlet {
String loginForm = LoginFormBuilder.buildLoginForm(target.requestedModule(),
- target.requestedAction(), oaParam.getFriendlyName(), request.getContextPath(), oaParam.useIFrame(), moasession.getSessionID());
+ target.requestedAction(), oaParam, request.getContextPath(), moasession.getSessionID());
//store MOASession
try {
@@ -310,7 +265,7 @@ public class AuthenticationManager extends AuthServlet {
throws ServletException, IOException, MOAIDException {
String form = SendAssertionFormBuilder.buildForm(target.requestedModule(),
- target.requestedAction(), target.getRequestID(), oaParam.getFriendlyName(), request.getContextPath(), oaParam.useIFrame());
+ target.requestedAction(), target.getRequestID(), oaParam, request.getContextPath());
response.setContentType("text/html;charset=UTF-8");
PrintWriter out = new PrintWriter(response.getOutputStream());
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-06 16:45:39 +0000