1 files changed, 18 insertions, 36 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
index bc7dd272b..557d9af48 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
@@ -23,24 +23,21 @@
 package at.gv.egovernment.moa.id.moduls;
 
 import java.util.Date;
-import java.util.List;
 
 import javax.servlet.http.Cookie;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
-import org.hibernate.Query;
-import org.hibernate.Session;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionExtensions;
 import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
 import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
 import at.gv.egovernment.moa.id.commons.api.IRequest;
 import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
 import at.gv.egovernment.moa.id.commons.api.exceptions.SessionDataStorageException;
-import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils;
 import at.gv.egovernment.moa.id.commons.db.dao.session.AuthenticatedSessionStore;
 import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore;
 import at.gv.egovernment.moa.id.commons.db.dao.session.OldSSOSessionIDStore;
@@ -63,6 +60,7 @@ public class SSOManager {
 
 	@Autowired private IAuthenticationSessionStoreage authenticatedSessionStore;
 	@Autowired protected AuthConfiguration authConfig;
+	//@Autowired private MOASessionDBUtils moaSessionDBUtils;
 	
 	/**
 	 * Check if interfederation IDP is requested via HTTP GET parameter or if interfederation cookie exists.
@@ -159,7 +157,12 @@ public class SSOManager {
 						
 					} else {
 						Logger.warn("MOASession is marked as interfederated SSO session but no interfederated IDP is found. Switch to local authentication ...");
-						MOASessionDBUtils.delete(storedSession);
+						try {
+							authenticatedSessionStore.destroyInternalSSOSession(storedSession.getSessionid());
+							
+						} catch (MOADatabaseException e) {
+							Logger.error("Delete MOASession with ID:" + storedSession.getSessionid() + " FAILED!" , e);
+						}
 					
 					}
 				}
@@ -173,8 +176,8 @@ public class SSOManager {
 		
 	}
 	
-	public String getMOASession(String ssoSessionID) {
-		return authenticatedSessionStore.getMOASessionSSOID(ssoSessionID);
+	public AuthenticationSession getInternalMOASession(String ssoSessionID) throws MOADatabaseException {
+		return authenticatedSessionStore.getInternalMOASessionWithSSOID(ssoSessionID);
 		
 	}
 	
@@ -182,9 +185,9 @@ public class SSOManager {
 	public String getUniqueSessionIdentifier(String ssoSessionID) {
 		try {
 			if (MiscUtil.isNotEmpty(ssoSessionID)) {			
-				String moaSessionID = authenticatedSessionStore.getMOASessionSSOID(ssoSessionID);
-				if (MiscUtil.isNotEmpty(moaSessionID)) {
-					AuthenticationSessionExtensions extSessionInformation = authenticatedSessionStore.getAuthenticationSessionExtensions(moaSessionID);
+				AuthenticationSession moaSession = authenticatedSessionStore.getInternalMOASessionWithSSOID(ssoSessionID);
+				if (moaSession != null) {
+					AuthenticationSessionExtensions extSessionInformation = authenticatedSessionStore.getAuthenticationSessionExtensions(moaSession.getSessionID());
 						return extSessionInformation.getUniqueSessionId();
 			
 				}
@@ -200,31 +203,14 @@ public class SSOManager {
 	public String existsOldSSOSession(String ssoId) {
 		
 		Logger.trace("Check that the SSOID has already been used");
-		Session session = MOASessionDBUtils.getCurrentSession();
 		
-		List<OldSSOSessionIDStore> result;
+		OldSSOSessionIDStore oldSSOSession = authenticatedSessionStore.checkSSOTokenAlreadyUsed(ssoId);
 		
-		synchronized (session) {
-						
-			session.beginTransaction();
-			Query query = session.getNamedQuery("getSSOSessionWithOldSessionID");
-			query.setParameter("sessionid", ssoId);
-			result = query.list();
-			
-			// send transaction
-			
-		}
-		
-		Logger.trace("Found entries: " + result.size());
-		
-		// Assertion requires an unique artifact
-		if (result.size() == 0) {
-			session.getTransaction().commit();
+		if (oldSSOSession == null) {
+			Logger.debug("SSO session-cookie was not used in parst");
 			return null;
 		}
 		
-		OldSSOSessionIDStore oldSSOSession = result.get(0);
-		
 		AuthenticatedSessionStore correspondingMoaSession = oldSSOSession.getMoasession();
 		
 		if (correspondingMoaSession == null) {
@@ -232,11 +218,7 @@ public class SSOManager {
 			return null;
 		}
 		
-		String moasessionid = correspondingMoaSession.getSessionid();
-		
-		session.getTransaction().commit();
-		
-		return moasessionid;
+		return correspondingMoaSession.getSessionid();
 		
 	}
 	
@@ -289,7 +271,7 @@ public class SSOManager {
 				//no local SSO session exist -> request interfederated IDP
 				Logger.info("Delete interfederated IDP " + selectedIDP.getIdpurlprefix() 
 						+ " from MOASession " + storedSession.getSessionid());
-				MOASessionDBUtils.delete(selectedIDP);
+				authenticatedSessionStore.deleteIdpInformation(selectedIDP);
 				
 			} else {
 				Logger.warn("MOASession is marked as interfederated SSO session but no interfederated IDP is found. Switch to local authentication ...");