diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AssertionStorage.java')
-rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AssertionStorage.java | 58 |
1 files changed, 54 insertions, 4 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AssertionStorage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AssertionStorage.java index 6d8979da3..890ec9f0d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AssertionStorage.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AssertionStorage.java @@ -31,9 +31,11 @@ import org.hibernate.HibernateException; import org.hibernate.Query; import org.hibernate.Session; +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils; import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.id.data.AuthenticationData; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; @@ -82,10 +84,41 @@ public class AssertionStorage { } - public <T> T get(String artifact, final Class<T> clazz) throws MOADatabaseException { + + /** + * @param samlArtifact + * @param class1 + * @param authdatatimeout + * @return + * @throws MOADatabaseException + * @throws AuthenticationException + */ + public <T> T get(String samlArtifact, + final Class<T> clazz) throws MOADatabaseException { + + try { + return get(samlArtifact, clazz, -1); + + } catch (AuthenticationException e) { + //this execption only occurs if an additional timeOut is used + Logger.error("This exeption should not occur!!!!", e); + return null; + } + } + + public <T> T get(String artifact, final Class<T> clazz, long authdatatimeout) throws MOADatabaseException, AuthenticationException { AssertionStore element = searchInDatabase(artifact); + if (authdatatimeout > -1) { + //check timeout + long now = new Date().getTime(); + + if (now - element.getDatatime().getTime() > authdatatimeout) + throw new AuthenticationException("1207", new Object[] { artifact }); + } + + //Deserialize Assertion Object data = SerializationUtils.deserialize(element.getAssertion()); @@ -118,7 +151,7 @@ public class AssertionStorage { if (results.size() != 0) { for(AssertionStore result : results) { try { - MOASessionDBUtils.delete(result); + cleanDelete(result); Logger.info("Remove sessioninformation with ID=" + result.getArtifact() + " after timeout."); @@ -135,7 +168,7 @@ public class AssertionStorage { try { AssertionStore element = searchInDatabase(artifact); - MOASessionDBUtils.delete(element); + cleanDelete(element); Logger.info("Remove sessioninformation with ID" + artifact); @@ -148,6 +181,23 @@ public class AssertionStorage { } } + private void cleanDelete(AssertionStore element) { + try { + element.setAssertion(new byte[]{}); + MOASessionDBUtils.saveOrUpdate(element); + + } catch (MOADatabaseException e) { + Logger.warn("Blank shortTime session with artifact=" + element.getArtifact() + " FAILED.", e); + + } finally { + if (!MOASessionDBUtils.delete(element)) + Logger.error("ShortTime session with artifact=" + element.getArtifact() + + " not removed! (Error during Database communication)"); + + } + + } + @SuppressWarnings("rawtypes") private AssertionStore searchInDatabase(String artifact) throws MOADatabaseException { MiscUtil.assertNotNull(artifact, "artifact"); @@ -158,7 +208,7 @@ public class AssertionStorage { synchronized (session) { session.beginTransaction(); Query query = session.getNamedQuery("getAssertionWithArtifact"); - query.setString("artifact", artifact); + query.setParameter("artifact", artifact); result = query.list(); //send transaction |