diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/ProtocolFinalizationController.java')
-rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/ProtocolFinalizationController.java | 23 |
1 files changed, 14 insertions, 9 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/ProtocolFinalizationController.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/ProtocolFinalizationController.java index 009ef4b6d..a9fc994ec 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/ProtocolFinalizationController.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/ProtocolFinalizationController.java @@ -75,15 +75,9 @@ public class ProtocolFinalizationController extends AbstractAuthProtocolModulCon //build protocol-specific error message if possible buildProtocolSpecificErrorResponse(throwable, req, resp, pendingReq); - - //get MOASession for this pendingRequest - AuthenticationSession moaSession = - authenticatedSessionStorage.getSession( - pendingReq.getMOASessionIdentifier()); - - //remove MOASession if someone is found - if (moaSession != null) - authmanager.performOnlyIDPLogOut(req, resp, moaSession.getSessionID()); + + //remove active user-session + removeUserSession(pendingReq, req, resp); return; @@ -135,9 +129,18 @@ public class ProtocolFinalizationController extends AbstractAuthProtocolModulCon //check if pending-request has 'abortedByUser' flag set if (pendingReq.isAbortedByUser()) { + //send authentication aborted error to Service Provider buildProtocolSpecificErrorResponse( new AuthenticationException("auth.21", new Object[] {}), req, resp, pendingReq); + + //do not remove the full active SSO-Session + // in case of only one Service-Provider authentication request is aborted + if ( !(moaSession.isAuthenticated() + && pendingReq.needSingleSignOnFunctionality()) ) { + removeUserSession(pendingReq, req, resp); + + } //check if MOASession and pending-request are authenticated } else if (moaSession.isAuthenticated() && pendingReq.isAuthenticated()) { @@ -155,6 +158,8 @@ public class ProtocolFinalizationController extends AbstractAuthProtocolModulCon Logger.error("Finalize authentication protocol FAILED." , e); buildProtocolSpecificErrorResponse(e, req, resp, pendingReq); + removeUserSession(pendingReq, req, resp); + } } |