aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/idserverlib/src/main/java')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java4
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java12
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java2
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java7
4 files changed, 18 insertions, 7 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
index d58b7b267..31c6f43c5 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
@@ -157,6 +157,10 @@ public class DispatcherServlet extends AuthServlet{
StatisticLogger logger = StatisticLogger.getInstance();
logger.logErrorOperation(throwable, errorRequest);
+ //remove MOASession
+ AuthenticationSession moaSession = AuthenticationSessionStoreage.getSessionWithPendingRequestID(pendingRequestID);
+ AuthenticationManager.getInstance().logout(req, resp, moaSession.getSessionID());
+
return;
}
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
index 804688de5..1d85f29bf 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
@@ -278,23 +278,23 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants {
StatusMessage statusMessage = SAML2Utils.createSAMLObject(StatusMessage.class);
if(e instanceof NoPassivAuthenticationException) {
statusCode.setValue(StatusCode.NO_PASSIVE_URI);
- statusMessage.setMessage(e.getLocalizedMessage());
+ statusMessage.setMessage(StringEscapeUtils.escapeXml(e.getLocalizedMessage()));
} else if (e instanceof NameIDFormatNotSupportedException) {
statusCode.setValue(StatusCode.INVALID_NAMEID_POLICY_URI);
- statusMessage.setMessage(e.getLocalizedMessage());
+ statusMessage.setMessage(StringEscapeUtils.escapeXml(e.getLocalizedMessage()));
} else if(e instanceof PVP2Exception) {
PVP2Exception ex = (PVP2Exception) e;
statusCode.setValue(ex.getStatusCodeValue());
String statusMessageValue = ex.getStatusMessageValue();
if(statusMessageValue != null) {
- statusMessage.setMessage(statusMessageValue);
+ statusMessage.setMessage(StringEscapeUtils.escapeXml(statusMessageValue));
}
} else {
statusCode.setValue(StatusCode.RESPONDER_URI);
- statusMessage.setMessage(e.getLocalizedMessage());
+ statusMessage.setMessage(StringEscapeUtils.escapeXml(e.getLocalizedMessage()));
}
status.setStatusCode(statusCode);
@@ -302,7 +302,9 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants {
status.setStatusMessage(statusMessage);
}
samlResponse.setStatus(status);
-
+ String remoteSessionID = SAML2Utils.getSecureIdentifier();
+ samlResponse.setID(remoteSessionID);
+
IEncoder encoder = null;
if(pvpRequest.getBinding().equals(SAMLConstants.SAML2_REDIRECT_BINDING_URI)) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java
index 7f5e2420e..51f3cf4a7 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java
@@ -324,7 +324,7 @@ public class PVP2AssertionBuilder implements PVPConstants {
} else if (NameID.TRANSIENT.equals(el.getFormat()) ||
NameID.UNSPECIFIED.equals(el.getFormat()))
break;
-
+
}
}
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
index 229158778..4d143058b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
@@ -102,6 +102,10 @@ public class AuthnRequestHandler implements IRequestHandler, PVPConstants {
authResponse.setIssuer(nissuer);
authResponse.setInResponseTo(authnRequest.getID());
+ //set responseID
+ String remoteSessionID = SAML2Utils.getSecureIdentifier();
+ authResponse.setID(remoteSessionID);
+
//SAML2 response required IssueInstant
authResponse.setIssueInstant(date);
@@ -150,7 +154,8 @@ public class AuthnRequestHandler implements IRequestHandler, PVPConstants {
}
- if (encryptionCredentials != null) {
+ //TODO: insert!!!!!!
+ if (encryptionCredentials != null && false) {
//encrypt SAML2 assertion
try {