diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java')
-rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java | 54 |
1 files changed, 18 insertions, 36 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java index bc7dd272b..557d9af48 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java @@ -23,24 +23,21 @@ package at.gv.egovernment.moa.id.moduls; import java.util.Date; -import java.util.List; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import org.hibernate.Query; -import org.hibernate.Session; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionExtensions; import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; import at.gv.egovernment.moa.id.commons.api.IRequest; import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.id.commons.api.exceptions.SessionDataStorageException; -import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils; import at.gv.egovernment.moa.id.commons.db.dao.session.AuthenticatedSessionStore; import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore; import at.gv.egovernment.moa.id.commons.db.dao.session.OldSSOSessionIDStore; @@ -63,6 +60,7 @@ public class SSOManager { @Autowired private IAuthenticationSessionStoreage authenticatedSessionStore; @Autowired protected AuthConfiguration authConfig; + //@Autowired private MOASessionDBUtils moaSessionDBUtils; /** * Check if interfederation IDP is requested via HTTP GET parameter or if interfederation cookie exists. @@ -159,7 +157,12 @@ public class SSOManager { } else { Logger.warn("MOASession is marked as interfederated SSO session but no interfederated IDP is found. Switch to local authentication ..."); - MOASessionDBUtils.delete(storedSession); + try { + authenticatedSessionStore.destroyInternalSSOSession(storedSession.getSessionid()); + + } catch (MOADatabaseException e) { + Logger.error("Delete MOASession with ID:" + storedSession.getSessionid() + " FAILED!" , e); + } } } @@ -173,8 +176,8 @@ public class SSOManager { } - public String getMOASession(String ssoSessionID) { - return authenticatedSessionStore.getMOASessionSSOID(ssoSessionID); + public AuthenticationSession getInternalMOASession(String ssoSessionID) throws MOADatabaseException { + return authenticatedSessionStore.getInternalMOASessionWithSSOID(ssoSessionID); } @@ -182,9 +185,9 @@ public class SSOManager { public String getUniqueSessionIdentifier(String ssoSessionID) { try { if (MiscUtil.isNotEmpty(ssoSessionID)) { - String moaSessionID = authenticatedSessionStore.getMOASessionSSOID(ssoSessionID); - if (MiscUtil.isNotEmpty(moaSessionID)) { - AuthenticationSessionExtensions extSessionInformation = authenticatedSessionStore.getAuthenticationSessionExtensions(moaSessionID); + AuthenticationSession moaSession = authenticatedSessionStore.getInternalMOASessionWithSSOID(ssoSessionID); + if (moaSession != null) { + AuthenticationSessionExtensions extSessionInformation = authenticatedSessionStore.getAuthenticationSessionExtensions(moaSession.getSessionID()); return extSessionInformation.getUniqueSessionId(); } @@ -200,31 +203,14 @@ public class SSOManager { public String existsOldSSOSession(String ssoId) { Logger.trace("Check that the SSOID has already been used"); - Session session = MOASessionDBUtils.getCurrentSession(); - List<OldSSOSessionIDStore> result; + OldSSOSessionIDStore oldSSOSession = authenticatedSessionStore.checkSSOTokenAlreadyUsed(ssoId); - synchronized (session) { - - session.beginTransaction(); - Query query = session.getNamedQuery("getSSOSessionWithOldSessionID"); - query.setParameter("sessionid", ssoId); - result = query.list(); - - // send transaction - - } - - Logger.trace("Found entries: " + result.size()); - - // Assertion requires an unique artifact - if (result.size() == 0) { - session.getTransaction().commit(); + if (oldSSOSession == null) { + Logger.debug("SSO session-cookie was not used in parst"); return null; } - OldSSOSessionIDStore oldSSOSession = result.get(0); - AuthenticatedSessionStore correspondingMoaSession = oldSSOSession.getMoasession(); if (correspondingMoaSession == null) { @@ -232,11 +218,7 @@ public class SSOManager { return null; } - String moasessionid = correspondingMoaSession.getSessionid(); - - session.getTransaction().commit(); - - return moasessionid; + return correspondingMoaSession.getSessionid(); } @@ -289,7 +271,7 @@ public class SSOManager { //no local SSO session exist -> request interfederated IDP Logger.info("Delete interfederated IDP " + selectedIDP.getIdpurlprefix() + " from MOASession " + storedSession.getSessionid()); - MOASessionDBUtils.delete(selectedIDP); + authenticatedSessionStore.deleteIdpInformation(selectedIDP); } else { Logger.warn("MOASession is marked as interfederated SSO session but no interfederated IDP is found. Switch to local authentication ..."); |