aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java180
1 files changed, 91 insertions, 89 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java
index 094e25040..4d7936f25 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java
@@ -35,6 +35,7 @@ import org.hibernate.Transaction;
import org.hibernate.resource.transaction.spi.TransactionStatus;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
import com.fasterxml.jackson.core.JsonProcessingException;
@@ -65,7 +66,7 @@ import at.gv.egovernment.moa.util.MiscUtil;
public class DBAuthenticationSessionStoreage implements IAuthenticationSessionStoreage{
@Autowired AuthConfiguration authConfig;
-
+ @Autowired MOASessionDBUtils moaSessionDBUtils;
private static JsonMapper mapper = new JsonMapper();
@Override
@@ -74,7 +75,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
AuthenticatedSessionStore session;
try {
- session = searchInDatabase(moaSessionID, true);
+ session = searchInDatabase(moaSessionID);
return session.isAuthenticated();
} catch (MOADatabaseException e) {
@@ -104,7 +105,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
encryptSession(session, dbsession);
//store AssertionStore element to Database
- MOASessionDBUtils.saveOrUpdate(dbsession);
+ moaSessionDBUtils.saveOrUpdate(dbsession);
Logger.info("Create MOASession with sessionID: " + id);
return session;
@@ -128,7 +129,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
return null;
try {
- AuthenticatedSessionStore dbsession = searchInDatabase(sessionID, true);
+ AuthenticatedSessionStore dbsession = searchInDatabase(sessionID);
return decryptSession(dbsession);
} catch (MOADatabaseException e) {
@@ -143,7 +144,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
@Override
public AuthenticationSessionExtensions getAuthenticationSessionExtensions(String sessionID) throws MOADatabaseException {
- AuthenticatedSessionStore dbsession = searchInDatabase(sessionID, true);
+ AuthenticatedSessionStore dbsession = searchInDatabase(sessionID);
if (MiscUtil.isNotEmpty(dbsession.getAdditionalInformation())) {
try {
@@ -161,12 +162,12 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
@Override
public void setAuthenticationSessionExtensions(String sessionID, AuthenticationSessionExtensions sessionExtensions) throws MOADatabaseException {
try {
- AuthenticatedSessionStore dbsession = searchInDatabase(sessionID, true);
+ AuthenticatedSessionStore dbsession = searchInDatabase(sessionID);
dbsession.setAdditionalInformation(
mapper.serialize(sessionExtensions));
- MOASessionDBUtils.saveOrUpdate(dbsession);
+ moaSessionDBUtils.saveOrUpdate(dbsession);
Logger.debug("MOASession with sessionID=" + sessionID + " is stored in Database");
@@ -185,7 +186,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
@Override
public void storeSession(AuthenticationSession session) throws MOADatabaseException, BuildException {
try {
- AuthenticatedSessionStore dbsession = searchInDatabase(session.getSessionID(), true);
+ AuthenticatedSessionStore dbsession = searchInDatabase(session.getSessionID());
encryptSession(session, dbsession);
@@ -193,7 +194,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
dbsession.setAuthenticated(session.isAuthenticated());
dbsession.setUpdated(new Date());
- MOASessionDBUtils.saveOrUpdate(dbsession);
+ moaSessionDBUtils.saveOrUpdate(dbsession);
Logger.debug("MOASession with sessionID=" + session.getSessionID() + " is stored in Database");
} catch (MOADatabaseException e) {
@@ -205,7 +206,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
@Override
public void destroySession(String moaSessionID) throws MOADatabaseException {
- Session session = MOASessionDBUtils.getCurrentSession();
+ Session session = moaSessionDBUtils.getCurrentSession();
List<AuthenticatedSessionStore> result;
Transaction tx = null;
@@ -216,6 +217,8 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
Query query = session.getNamedQuery("getSessionWithID");
query.setParameter("sessionid", moaSessionID);
result = query.list();
+
+
Logger.trace("Found entries: " + result.size());
@@ -243,7 +246,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
@Override
public String changeSessionID(AuthenticationSession session, String newSessionID) throws BuildException, MOADatabaseException {
- AuthenticatedSessionStore dbsession = searchInDatabase(session.getSessionID(), true);
+ AuthenticatedSessionStore dbsession = searchInDatabase(session.getSessionID());
Logger.debug("Change SessionID from " + session.getSessionID()
+ "to " + newSessionID);
@@ -257,7 +260,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
//set Timestamp in this state, because automated timestamp generation is buggy in Hibernate 4.2.1
dbsession.setUpdated(new Date());
- MOASessionDBUtils.saveOrUpdate(dbsession);
+ moaSessionDBUtils.saveOrUpdate(dbsession);
Logger.trace("Change SessionID complete.");
@@ -279,9 +282,9 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
AuthenticatedSessionStore session;
try {
- session = searchInDatabase(moaSessionID, true);
+ session = searchInDatabase(moaSessionID);
session.setAuthenticated(isAuthenticated);
- MOASessionDBUtils.saveOrUpdate(session);
+ moaSessionDBUtils.saveOrUpdate(session);
} catch (MOADatabaseException e) {
@@ -293,7 +296,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
public String getMOASessionSSOID(String SSOSessionID) {
MiscUtil.assertNotNull(SSOSessionID, "SSOsessionID");
Logger.trace("Get authenticated session with SSOID " + SSOSessionID + " from database.");
- Session session = MOASessionDBUtils.getCurrentSession();
+ Session session = moaSessionDBUtils.getCurrentSession();
List<AuthenticatedSessionStore> result;
Transaction tx = null;
@@ -331,7 +334,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
@Override
public boolean isSSOSession(String sessionID) throws MOADatabaseException {
try {
- AuthenticatedSessionStore dbsession = searchInDatabase(sessionID, true);
+ AuthenticatedSessionStore dbsession = searchInDatabase(sessionID);
return dbsession.isSSOSession();
} catch (MOADatabaseException e) {
@@ -346,7 +349,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
//TODO: is this method really needed??
MiscUtil.assertNotNull(SSOId, "SSOSessionID");
Logger.trace("Get authenticated session with SSOID " + SSOId + " from database.");
- Session session = MOASessionDBUtils.getCurrentSession();
+ Session session = moaSessionDBUtils.getCurrentSession();
List<AuthenticatedSessionStore> result;
Transaction tx = null;
@@ -387,7 +390,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
try {
- Session session = MOASessionDBUtils.getCurrentSession();
+ Session session = moaSessionDBUtils.getCurrentSession();
List<AuthenticatedSessionStore> result;
Logger.trace("Add SSO information to session " + moaSessionID);
@@ -487,63 +490,63 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
@Override
public List<OASessionStore> getAllActiveOAFromMOASession(AuthenticationSession moaSession) {
MiscUtil.assertNotNull(moaSession, "MOASession");
- Session session = null;
-
- try {
- List<OASessionStore> oas = new ArrayList<OASessionStore>();
-
- AuthenticatedSessionStore dbsession = searchInDatabase(moaSession.getSessionID(), false);
- oas.addAll(dbsession.getActiveOAsessions());
-
- session = MOASessionDBUtils.getCurrentSession();
- session.getTransaction().commit();
-
- return oas;
-
- } catch (MOADatabaseException e) {
- Logger.warn("NO session information found for sessionID " + moaSession.getSessionID(), e);
-
- } catch (Exception e) {
- if (session != null && session.getTransaction() != null
- && !session.getTransaction().getStatus().equals(TransactionStatus.COMMITTED)) {
- session.getTransaction().rollback();
- throw e;
-
- }
-
- }
-
- return null;
+
+ Logger.trace("Get OAs for moaSession " + moaSession.getSessionID() + " from database.");
+ Session session = moaSessionDBUtils.getCurrentSession();
+
+ List<OASessionStore> result;
+ Transaction tx = null;
+ try {
+ synchronized (session) {
+ tx = session.beginTransaction();
+ Query query = session.getNamedQuery("getAllActiveOAsForSessionID");
+ query.setParameter("sessionID", moaSession.getSessionID());
+ result = query.list();
+
+ //send transaction
+ tx.commit();
+ }
+
+ Logger.trace("Found entries: " + result.size());
+
+ return result;
+
+ } catch (Exception e) {
+ if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED))
+ tx.rollback();
+ throw e;
+ }
}
@Override
public List<InterfederationSessionStore> getAllActiveIDPsFromMOASession(AuthenticationSession moaSession) {
MiscUtil.assertNotNull(moaSession, "MOASession");
- Session session = null;
- try {
- List<InterfederationSessionStore> idps = new ArrayList<InterfederationSessionStore>();
- AuthenticatedSessionStore dbsession = searchInDatabase(moaSession.getSessionID(), false);
- idps.addAll(dbsession.getInderfederation());
-
- session = MOASessionDBUtils.getCurrentSession();
- session.getTransaction().commit();
-
- return idps;
-
- } catch (MOADatabaseException e) {
- Logger.warn("NO session information found for sessionID " + moaSession.getSessionID(), e);
-
- } catch (Exception e) {
- if (session != null && session.getTransaction() != null
- && !session.getTransaction().getStatus().equals(TransactionStatus.COMMITTED)) {
- session.getTransaction().rollback();
- throw e;
-
- }
-
- }
-
- return null;
+
+ Logger.trace("Get active IDPs for moaSession " + moaSession.getSessionID() + " from database.");
+ Session session = moaSessionDBUtils.getCurrentSession();
+
+ List<InterfederationSessionStore> result;
+ Transaction tx = null;
+ try {
+ synchronized (session) {
+ tx = session.beginTransaction();
+ Query query = session.getNamedQuery("getAllActiveIDPsForSessionID");
+ query.setParameter("sessionID", moaSession.getSessionID());
+ result = query.list();
+
+ //send transaction
+ tx.commit();
+ }
+
+ Logger.trace("Found entries: " + result.size());
+
+ return result;
+
+ } catch (Exception e) {
+ if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED))
+ tx.rollback();
+ throw e;
+ }
}
@Override
@@ -552,7 +555,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
MiscUtil.assertNotNull(userNameID, "userNameID");
Logger.trace("Get moaSession for userNameID " + userNameID + " and OA "
+ oaID + " from database.");
- Session session = MOASessionDBUtils.getCurrentSession();
+ Session session = moaSessionDBUtils.getCurrentSession();
Transaction tx = null;
List<AuthenticatedSessionStore> result = null;;
@@ -598,7 +601,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
MiscUtil.assertNotNull(protocolType, "usedProtocol");
Logger.trace("Get active OnlineApplication for sessionID " + moaSession.getSessionID() + " with OAID "
+ oaID + " from database.");
- Session session = MOASessionDBUtils.getCurrentSession();
+ Session session = moaSessionDBUtils.getCurrentSession();
List<AuthenticatedSessionStore> result;
Transaction tx = null;
@@ -640,7 +643,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
try {
MiscUtil.assertNotNull(nameID, "nameID");
Logger.trace("Get authenticated session with pedingRequestID " + nameID + " from database.");
- Session session = MOASessionDBUtils.getCurrentSession();
+ Session session = moaSessionDBUtils.getCurrentSession();
List<AuthenticatedSessionStore> result;
@@ -677,7 +680,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
public InterfederationSessionStore searchInterfederatedIDPFORSSOWithMOASession(String sessionID) {
MiscUtil.assertNotNull(sessionID, "MOASession");
Logger.trace("Get interfederated IDP for SSO with sessionID " + sessionID + " from database.");
- Session session = MOASessionDBUtils.getCurrentSession();
+ Session session = moaSessionDBUtils.getCurrentSession();
List<AuthenticatedSessionStore> result;
Transaction tx = null;
@@ -714,7 +717,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
MiscUtil.assertNotNull(sessionID, "MOASession");
MiscUtil.assertNotNull(idpID, "Interfederated IDP ID");
Logger.trace("Get interfederated IDP "+ idpID + " for SSO with sessionID " + sessionID + " from database.");
- Session session = MOASessionDBUtils.getCurrentSession();
+ Session session = moaSessionDBUtils.getCurrentSession();
List<AuthenticatedSessionStore> result;
Transaction tx = null;
@@ -756,7 +759,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
String moaSession = getMOASessionSSOID(req.getMOASessionIdentifier());
if (MiscUtil.isNotEmpty(moaSession)) {
try {
- dbsession = searchInDatabase(moaSession, true);
+ dbsession = searchInDatabase(moaSession);
}catch (MOADatabaseException e) {
Logger.error("NO MOASession found but MOASession MUST already exist!");
@@ -818,7 +821,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
//store AssertionStore element to Database
try {
- MOASessionDBUtils.saveOrUpdate(dbsession);
+ moaSessionDBUtils.saveOrUpdate(dbsession);
} catch (MOADatabaseException e) {
Logger.warn("MOASession could not be created.");
@@ -831,7 +834,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
public InterfederationSessionStore searchInterfederatedIDPFORAttributeQueryWithSessionID(String moaSessionID) {
MiscUtil.assertNotNull(moaSessionID, "MOASessionID");
Logger.trace("Get interfederated IDP for AttributeQuery with sessionID " + moaSessionID + " from database.");
- Session session = MOASessionDBUtils.getCurrentSession();
+ Session session = moaSessionDBUtils.getCurrentSession();
List<AuthenticatedSessionStore> result;
Transaction tx = null;
@@ -872,7 +875,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
MiscUtil.assertNotNull(pedingRequestID, "pedingRequestID");
Logger.trace("Get authenticated session with pedingRequestID " + pedingRequestID + " from database.");
- Session session = MOASessionDBUtils.getCurrentSession();
+ Session session = moaSessionDBUtils.getCurrentSession();
List<AuthenticatedSessionStore> result;
@@ -907,7 +910,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
}
}
- MOASessionDBUtils.saveOrUpdate(authsession);
+ moaSessionDBUtils.saveOrUpdate(authsession);
return true;
} catch (Throwable e) {
@@ -922,7 +925,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
Date expioredateupdate = new Date(now.getTime() - authDataTimeOutUpdated);
List<AuthenticatedSessionStore> results;
- Session session = MOASessionDBUtils.getCurrentSession();
+ Session session = moaSessionDBUtils.getCurrentSession();
Transaction tx = null;
try {
synchronized (session) {
@@ -972,26 +975,26 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
}
- private static void cleanDelete(AuthenticatedSessionStore result) {
+ private void cleanDelete(AuthenticatedSessionStore result) {
try {
result.setSession("blank".getBytes());
- MOASessionDBUtils.saveOrUpdate(result);
+ moaSessionDBUtils.saveOrUpdate(result);
} catch (MOADatabaseException e) {
Logger.warn("Blank authenticated session with sessionID=" + result.getSessionid() + " FAILED.", e);
} finally {
- if (!MOASessionDBUtils.delete(result))
+ if (!moaSessionDBUtils.delete(result))
Logger.error("Authenticated session with sessionID=" + result.getSessionid() + " not removed! (Error during Database communication)");
}
}
@SuppressWarnings("rawtypes")
- private static AuthenticatedSessionStore searchInDatabase(String sessionID, boolean commit) throws MOADatabaseException {
+ private AuthenticatedSessionStore searchInDatabase(String sessionID) throws MOADatabaseException {
MiscUtil.assertNotNull(sessionID, "moasessionID");
Logger.trace("Get authenticated session with sessionID " + sessionID + " from database.");
- Session session = MOASessionDBUtils.getCurrentSession();
+ Session session = moaSessionDBUtils.getCurrentSession();
List result;
Transaction tx = null;
@@ -1003,8 +1006,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
result = query.list();
//send transaction
- if (commit)
- tx.commit();
+ tx.commit();
}
Logger.trace("Found entries: " + result.size());
@@ -1019,7 +1021,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
return (AuthenticatedSessionStore) result.get(0);
} catch (Exception e) {
- if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED) && commit)
+ if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED))
tx.rollback();
throw e;
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-03 04:36:18 +0000