aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java17
1 files changed, 13 insertions, 4 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
index 1e863ec81..84817ba7a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
@@ -1,5 +1,7 @@
package at.gv.egovernment.moa.id.moduls;
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
import java.util.List;
import javax.servlet.http.Cookie;
@@ -13,6 +15,8 @@ import at.gv.egovernment.moa.id.AuthenticationException;
import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils;
import at.gv.egovernment.moa.id.commons.db.dao.session.AuthenticatedSessionStore;
import at.gv.egovernment.moa.id.commons.db.dao.session.OldSSOSessionIDStore;
+import at.gv.egovernment.moa.id.config.ConfigurationException;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
import at.gv.egovernment.moa.id.util.HTTPSessionUtils;
import at.gv.egovernment.moa.id.util.Random;
@@ -34,7 +38,14 @@ public class SSOManager {
instance = new SSOManager();
//TODO: move to config based timeout!
- sso_timeout = DEFAULTSSOTIMEOUT;
+ try {
+ sso_timeout = (int) AuthConfigurationProvider.getInstance().getTimeOuts().getMOASessionUpdated().longValue();
+
+ } catch (ConfigurationException e) {
+ Logger.info("SSO Timeout can not be loaded from MOA-ID configuration. Use default Timeout with " + DEFAULTSSOTIMEOUT);
+ sso_timeout = DEFAULTSSOTIMEOUT;
+ }
+
}
return instance;
@@ -100,10 +111,8 @@ public class SSOManager {
public String storeSSOSessionInformations(String moaSessionID, String OAUrl) {
- //TODO: use secure random number generation!!!!!
String newSSOId = Random.nextRandom();
-
-
+
System.out.println("generate new SSO Tokken (" + newSSOId + ")");
if (MiscUtil.isEmpty(moaSessionID) || MiscUtil.isEmpty(OAUrl)) {
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-26 07:45:50 +0000