diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java')
-rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java | 61 |
1 files changed, 38 insertions, 23 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java index 4399c556b..d22993030 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java @@ -22,10 +22,12 @@ import at.gv.egovernment.moa.id.auth.data.IdentityLink; import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse; import at.gv.egovernment.moa.id.auth.parser.SAMLArtifactParser; import at.gv.egovernment.moa.id.auth.validator.parep.ParepUtils; +import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.AuthenticationData; +import at.gv.egovernment.moa.id.storage.AssertionStorage; import at.gv.egovernment.moa.id.util.Random; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Base64Utils; @@ -39,7 +41,11 @@ public class SAML1AuthenticationServer extends AuthenticationServer { // We might need to introduce a openEJB to accomplish this /** authentication data store (assertion handle -> AuthenticationData) */ @SuppressWarnings("rawtypes") - private static Map authenticationDataStore = new HashMap(); + + + //private static Map authenticationDataStore = new HashMap(); + private static AssertionStorage authenticationDataStore = AssertionStorage.getInstance(); + /** * time out in milliseconds used by {@link cleanup} for authentication data @@ -180,34 +186,40 @@ public class SAML1AuthenticationServer extends AuthenticationServer { AuthenticationData authData = null; synchronized (authenticationDataStore) { // System.out.println("assertionHandle: " + assertionHandle); - authData = (AuthenticationData) authenticationDataStore - .get(assertionHandle); - if (authData == null) { - Logger.error("Assertion not found for SAML Artifact: " - + samlArtifact); - throw new AuthenticationException("1206", - new Object[] { samlArtifact }); - } - boolean keepAssertion = false; + try { - String boolStr = AuthConfigurationProvider.getInstance() - .getGenericConfigurationParameter( - "AuthenticationServer.KeepAssertion"); - if (null != boolStr && boolStr.equalsIgnoreCase("true")) - keepAssertion = true;// Only allowed for debug purposes!!! - } catch (ConfigurationException ex) { - throw new AuthenticationException("1205", new Object[] { - samlArtifact, ex.toString() }); - } - if (!keepAssertion) { - authenticationDataStore.remove(assertionHandle); + authData = (AuthenticationData) authenticationDataStore + .get(assertionHandle); + + } catch (MOADatabaseException e) { + Logger.error("Assertion not found for SAML Artifact: " + samlArtifact); + throw new AuthenticationException("1206", new Object[] { samlArtifact }); } + } + boolean keepAssertion = false; + try { + String boolStr = AuthConfigurationProvider.getInstance() + .getGenericConfigurationParameter( + "AuthenticationServer.KeepAssertion"); + if (null != boolStr && boolStr.equalsIgnoreCase("true")) + keepAssertion = true;// Only allowed for debug purposes!!! + + } catch (ConfigurationException ex) { + throw new AuthenticationException("1205", new Object[] { + samlArtifact, ex.toString() }); + } + if (!keepAssertion) { + authenticationDataStore.remove(assertionHandle); + } + long now = new Date().getTime(); + if (now - authData.getTimestamp().getTime() > authDataTimeOut) - throw new AuthenticationException("1207", - new Object[] { samlArtifact }); + throw new AuthenticationException("1207", new Object[] { samlArtifact }); + Logger.debug("Assertion delivered for SAML Artifact: " + samlArtifact); + return authData; } @@ -283,13 +295,16 @@ public class SAML1AuthenticationServer extends AuthenticationServer { throw new AuthenticationException("auth.06", new Object[] { samlArtifact }); String assertionHandle = parser.parseAssertionHandle(); + synchronized (authenticationDataStore) { Logger.debug("Assertion stored for SAML Artifact: " + samlArtifact); authenticationDataStore.put(assertionHandle, authData); } + } catch (AuthenticationException ex) { throw ex; + } catch (Throwable ex) { throw new AuthenticationException("auth.06", new Object[] { samlArtifact }); |