diff options
Diffstat (limited to 'id/server/idserverlib')
3 files changed, 344 insertions, 239 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java index 190c5f064..645831479 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java @@ -980,9 +980,17 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @return the requested online application or {@code null} */ public Map<String, String> getActiveOnlineApplication(String id) { - Logger.trace("Get active OnlineApplication with ID " + id + " from database."); + Logger.trace("Get active OnlineApplication with ID " + id + " from database."); + Map<String, String> oaConfig = null; try { - Map<String, String> oaConfig = configuration.getOnlineApplication(id); + //OracleDB does not allow the selection of a lob in SQL where expression + String dbDriver = properties.getProperty("configuration.hibernate.connection.driver_class"); + if (MiscUtil.isNotEmpty(dbDriver) && dbDriver.startsWith("oracle.jdbc.")) + oaConfig = configuration.getOnlineApplicationBackupVersion(id); + + else + oaConfig = configuration.getOnlineApplication(id); + if (oaConfig != null) { String isActiveString = oaConfig.get(MOAIDConfigurationConstants.SERVICE_ISACTIVE); if (isActiveString != null && Boolean.valueOf(isActiveString)) diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java index 4b4b5ddc5..829383cb4 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java @@ -206,26 +206,34 @@ public class AuthenticationSessionStoreage { Session session = MOASessionDBUtils.getCurrentSession(); List<AuthenticatedSessionStore> result; - - synchronized (session) { - - session.beginTransaction(); - Query query = session.getNamedQuery("getSessionWithID"); - query.setParameter("sessionid", moaSessionID); - result = query.list(); - - - Logger.trace("Found entries: " + result.size()); + Transaction tx = null; + try { + synchronized (session) { + + tx = session.beginTransaction(); + Query query = session.getNamedQuery("getSessionWithID"); + query.setParameter("sessionid", moaSessionID); + result = query.list(); + - //Assertion requires an unique artifact - if (result.size() != 1) { - Logger.trace("No entries found."); - throw new MOADatabaseException("No session found with this sessionID"); + Logger.trace("Found entries: " + result.size()); + + //Assertion requires an unique artifact + if (result.size() != 1) { + Logger.trace("No entries found."); + throw new MOADatabaseException("No session found with this sessionID"); + } + + AuthenticatedSessionStore dbsession = (AuthenticatedSessionStore) result.get(0); + tx.commit(); + cleanDelete(dbsession); } - AuthenticatedSessionStore dbsession = (AuthenticatedSessionStore) result.get(0); - session.getTransaction().commit(); - cleanDelete(dbsession); + } catch (Exception e) { + if (tx != null && !tx.wasCommitted()) + tx.rollback(); + throw e; + } } @@ -290,28 +298,36 @@ public class AuthenticationSessionStoreage { Session session = MOASessionDBUtils.getCurrentSession(); List<AuthenticatedSessionStore> result; - - synchronized (session) { - session.beginTransaction(); - Query query = session.getNamedQuery("getSessionWithSSOID"); - query.setParameter("sessionid", SSOSessionID); - result = query.list(); + Transaction tx = null; + try { + synchronized (session) { + + tx = session.beginTransaction(); + Query query = session.getNamedQuery("getSessionWithSSOID"); + query.setParameter("sessionid", SSOSessionID); + result = query.list(); - //send transaction - session.getTransaction().commit(); - } + //send transaction + tx.commit(); + + } - Logger.trace("Found entries: " + result.size()); + Logger.trace("Found entries: " + result.size()); - //Assertion requires an unique artifact - if (result.size() != 1) { - Logger.trace("No entries found."); - return null; + //Assertion requires an unique artifact + if (result.size() != 1) { + Logger.trace("No entries found."); + return null; - } else { - return result.get(0).getSessionid(); + } else { + return result.get(0).getSessionid(); - } + } + } catch (Exception e) { + if (tx != null && !tx.wasCommitted()) + tx.rollback(); + throw e; + } } public static boolean isSSOSession(String sessionID) throws MOADatabaseException { @@ -331,27 +347,33 @@ public class AuthenticationSessionStoreage { Session session = MOASessionDBUtils.getCurrentSession(); List<AuthenticatedSessionStore> result; - - synchronized (session) { - session.beginTransaction(); - Query query = session.getNamedQuery("getSessionWithSSOID"); - query.setParameter("sessionid", SSOId); - result = query.list(); + Transaction tx = null; + try { + synchronized (session) { + tx = session.beginTransaction(); + Query query = session.getNamedQuery("getSessionWithSSOID"); + query.setParameter("sessionid", SSOId); + result = query.list(); + + //send transaction + tx.commit(); + } + + Logger.trace("Found entries: " + result.size()); - //send transaction - session.getTransaction().commit(); + //Assertion requires an unique artifact + if (result.size() != 1) { + Logger.trace("No entries found."); + return null; + + } else { + return result.get(0); + } + } catch (Exception e) { + if (tx != null && !tx.wasCommitted()) + tx.rollback(); + throw e; } - - Logger.trace("Found entries: " + result.size()); - - //Assertion requires an unique artifact - if (result.size() != 1) { - Logger.trace("No entries found."); - return null; - - } else { - return result.get(0); - } } public static void addSSOInformation(String moaSessionID, String SSOSessionID, @@ -453,13 +475,15 @@ public class AuthenticationSessionStoreage { } catch(HibernateException e) { Logger.warn("Error during database saveOrUpdate. Rollback.", e); - tx.rollback(); - throw new AuthenticationException("SSO Session information can not be stored! --> SSO is deactivated", null); - } + if (tx != null && !tx.wasCommitted()) + tx.rollback(); + throw new AuthenticationException("SSO Session information can not be stored! --> SSO is deactivated", null); + } } public static List<OASessionStore> getAllActiveOAFromMOASession(AuthenticationSession moaSession) { MiscUtil.assertNotNull(moaSession, "MOASession"); + Session session = null; try { List<OASessionStore> oas = new ArrayList<OASessionStore>(); @@ -467,7 +491,7 @@ public class AuthenticationSessionStoreage { AuthenticatedSessionStore dbsession = searchInDatabase(moaSession.getSessionID(), false); oas.addAll(dbsession.getActiveOAsessions()); - Session session = MOASessionDBUtils.getCurrentSession(); + session = MOASessionDBUtils.getCurrentSession(); session.getTransaction().commit(); return oas; @@ -475,6 +499,14 @@ public class AuthenticationSessionStoreage { } catch (MOADatabaseException e) { Logger.warn("NO session information found for sessionID " + moaSession.getSessionID(), e); + } catch (Exception e) { + if (session != null && session.getTransaction() != null + && !session.getTransaction().wasCommitted()) { + session.getTransaction().rollback(); + throw e; + + } + } return null; @@ -482,13 +514,13 @@ public class AuthenticationSessionStoreage { public static List<InterfederationSessionStore> getAllActiveIDPsFromMOASession(AuthenticationSession moaSession) { MiscUtil.assertNotNull(moaSession, "MOASession"); - + Session session = null; try { List<InterfederationSessionStore> idps = new ArrayList<InterfederationSessionStore>(); AuthenticatedSessionStore dbsession = searchInDatabase(moaSession.getSessionID(), false); idps.addAll(dbsession.getInderfederation()); - Session session = MOASessionDBUtils.getCurrentSession(); + session = MOASessionDBUtils.getCurrentSession(); session.getTransaction().commit(); return idps; @@ -496,6 +528,14 @@ public class AuthenticationSessionStoreage { } catch (MOADatabaseException e) { Logger.warn("NO session information found for sessionID " + moaSession.getSessionID(), e); + } catch (Exception e) { + if (session != null && session.getTransaction() != null + && !session.getTransaction().wasCommitted()) { + session.getTransaction().rollback(); + throw e; + + } + } return null; @@ -507,35 +547,42 @@ public class AuthenticationSessionStoreage { Logger.trace("Get moaSession for userNameID " + userNameID + " and OA " + oaID + " from database."); Session session = MOASessionDBUtils.getCurrentSession(); - - List<AuthenticatedSessionStore> result; + Transaction tx = null; - synchronized (session) { - session.beginTransaction(); - Query query = session.getNamedQuery("getMOASessionWithNameIDandOAID"); - query.setParameter("oaID", oaID); - query.setParameter("nameID", userNameID); - result = query.list(); + List<AuthenticatedSessionStore> result = null;; + try { + synchronized (session) { + tx = session.beginTransaction(); + Query query = session.getNamedQuery("getMOASessionWithNameIDandOAID"); + query.setParameter("oaID", oaID); + query.setParameter("nameID", userNameID); + result = query.list(); + + //send transaction + tx.commit(); + } - //send transaction - session.getTransaction().commit(); - } - - Logger.trace("Found entries: " + result.size()); - - //Assertion requires an unique artifact - if (result.size() != 1) { - Logger.trace("No unique entry found."); - return null; - - } - try { - return decryptSession(result.get(0)); + Logger.trace("Found entries: " + result.size()); + + //Assertion requires an unique artifact + if (result.size() != 1) { + Logger.trace("No unique entry found."); + return null; + + } + + return decryptSession(result.get(0)); } catch (BuildException e) { - Logger.warn("MOASession deserialization-exception by using MOASessionID=" + result.get(0).getSessionid(), e); + Logger.warn("MOASession deserialization-exception by using MOASessionID=" + result.get(0).getSessionid(), e); return null; + + } catch (Exception e) { + if (tx != null && !tx.wasCommitted()) + tx.rollback(); + throw e; } + } public static OASessionStore searchActiveOASSOSession(AuthenticationSession moaSession, String oaID, String protocolType) { @@ -547,29 +594,36 @@ public class AuthenticationSessionStoreage { Session session = MOASessionDBUtils.getCurrentSession(); List<AuthenticatedSessionStore> result; - - synchronized (session) { - session.beginTransaction(); - Query query = session.getNamedQuery("getActiveOAWithSessionIDandOAIDandProtocol"); - query.setParameter("sessionID", moaSession.getSessionID()); - query.setParameter("oaID", oaID); - query.setParameter("protocol", protocolType); - result = query.list(); + Transaction tx = null; + try { + synchronized (session) { + tx = session.beginTransaction(); + Query query = session.getNamedQuery("getActiveOAWithSessionIDandOAIDandProtocol"); + query.setParameter("sessionID", moaSession.getSessionID()); + query.setParameter("oaID", oaID); + query.setParameter("protocol", protocolType); + result = query.list(); + + //send transaction + tx.commit(); + } - //send transaction - session.getTransaction().commit(); - } - - Logger.trace("Found entries: " + result.size()); - - //Assertion requires an unique artifact - if (result.size() == 0) { - Logger.trace("No entries found."); - return null; - - } - - return result.get(0).getActiveOAsessions().get(0); + Logger.trace("Found entries: " + result.size()); + + //Assertion requires an unique artifact + if (result.size() == 0) { + Logger.trace("No entries found."); + return null; + + } + + return result.get(0).getActiveOAsessions().get(0); + + } catch (Exception e) { + if (tx != null && !tx.wasCommitted()) + tx.rollback(); + throw e; + } } public static String getPendingRequestID(String sessionID) { @@ -584,6 +638,7 @@ public class AuthenticationSessionStoreage { } public static AuthenticationSession getSessionWithPendingRequestID(String pedingRequestID) { + Transaction tx = null; try { MiscUtil.assertNotNull(pedingRequestID, "pedingRequestID"); Logger.trace("Get authenticated session with pedingRequestID " + pedingRequestID + " from database."); @@ -592,13 +647,13 @@ public class AuthenticationSessionStoreage { List<AuthenticatedSessionStore> result; synchronized (session) { - session.beginTransaction(); + tx = session.beginTransaction(); Query query = session.getNamedQuery("getSessionWithPendingRequestID"); query.setParameter("sessionid", pedingRequestID); result = query.list(); //send transaction - session.getTransaction().commit(); + tx.commit(); } Logger.trace("Found entries: " + result.size()); @@ -613,8 +668,13 @@ public class AuthenticationSessionStoreage { } catch (Throwable e) { Logger.warn("MOASession deserialization-exception by using MOASessionID=" + pedingRequestID); + + if (tx != null && !tx.wasCommitted()) + tx.rollback(); + return null; - } + + } } public static boolean deleteSessionWithPendingRequestID(String id) { @@ -623,34 +683,39 @@ public class AuthenticationSessionStoreage { Session session = MOASessionDBUtils.getCurrentSession(); List<AuthenticatedSessionStore> result; - - synchronized (session) { - session.beginTransaction(); - Query query = session.getNamedQuery("getSessionWithPendingRequestID"); - query.setParameter("sessionid", id); - result = query.list(); + Transaction tx = null; + try { + synchronized (session) { + tx = session.beginTransaction(); + Query query = session.getNamedQuery("getSessionWithPendingRequestID"); + query.setParameter("sessionid", id); + result = query.list(); + + //send transaction + tx.commit(); + } - //send transaction - session.getTransaction().commit(); - } - - Logger.trace("Found entries: " + result.size()); - - //Assertion requires an unique artifact - if (result.size() != 1) { - Logger.trace("No entries found."); - return false; - - } else { - cleanDelete(result.get(0)); - return true; - } - - + Logger.trace("Found entries: " + result.size()); + + //Assertion requires an unique artifact + if (result.size() != 1) { + Logger.trace("No entries found."); + return false; + + } else { + cleanDelete(result.get(0)); + return true; + } + } catch (Exception e) { + if (tx != null && !tx.wasCommitted()) + tx.rollback(); + throw e; + } } public static AuthenticationSession getSessionWithUserNameID(String nameID) { + Transaction tx = null; try { MiscUtil.assertNotNull(nameID, "nameID"); Logger.trace("Get authenticated session with pedingRequestID " + nameID + " from database."); @@ -659,13 +724,13 @@ public class AuthenticationSessionStoreage { List<AuthenticatedSessionStore> result; synchronized (session) { - session.beginTransaction(); + tx = session.beginTransaction(); Query query = session.getNamedQuery("getMOAISessionWithUserNameID"); query.setParameter("usernameid", StringEscapeUtils.escapeHtml(nameID)); result = query.list(); //send transaction - session.getTransaction().commit(); + tx.commit(); } Logger.trace("Found entries: " + result.size()); @@ -679,7 +744,9 @@ public class AuthenticationSessionStoreage { return decryptSession(result.get(0)); } catch (Throwable e) { - Logger.warn("MOASession deserialization-exception by using MOASessionID=" + nameID); + Logger.warn("MOASession deserialization-exception by using MOASessionID=" + nameID); + if (tx != null && !tx.wasCommitted()) + tx.rollback(); return null; } @@ -691,27 +758,33 @@ public class AuthenticationSessionStoreage { Session session = MOASessionDBUtils.getCurrentSession(); List<AuthenticatedSessionStore> result; - - synchronized (session) { - session.beginTransaction(); - Query query = session.getNamedQuery("getInterfederatedIDPForSSOWithSessionID"); - query.setParameter("sessionID", sessionID); - result = query.list(); + Transaction tx = null; + try { + synchronized (session) { + tx = session.beginTransaction(); + Query query = session.getNamedQuery("getInterfederatedIDPForSSOWithSessionID"); + query.setParameter("sessionID", sessionID); + result = query.list(); + + //send transaction + tx.commit(); + } - //send transaction - session.getTransaction().commit(); - } - - Logger.trace("Found entries: " + result.size()); - - //Assertion requires an unique artifact - if (result.size() == 0) { - Logger.trace("No entries found."); - return null; - - } - - return result.get(0).getInderfederation().get(0); + Logger.trace("Found entries: " + result.size()); + + //Assertion requires an unique artifact + if (result.size() == 0) { + Logger.trace("No entries found."); + return null; + + } + + return result.get(0).getInderfederation().get(0); + } catch (Exception e) { + if (tx != null && !tx.wasCommitted()) + tx.rollback(); + throw e; + } } public static InterfederationSessionStore searchInterfederatedIDPFORSSOWithMOASessionIDPID(String sessionID, String idpID) { @@ -721,28 +794,34 @@ public class AuthenticationSessionStoreage { Session session = MOASessionDBUtils.getCurrentSession(); List<AuthenticatedSessionStore> result; - - synchronized (session) { - session.beginTransaction(); - Query query = session.getNamedQuery("getInterfederatedIDPForSSOWithSessionIDIDPID"); - query.setParameter("sessionID", sessionID); - query.setParameter("idpID", idpID); - result = query.list(); + Transaction tx = null; + try { + synchronized (session) { + tx = session.beginTransaction(); + Query query = session.getNamedQuery("getInterfederatedIDPForSSOWithSessionIDIDPID"); + query.setParameter("sessionID", sessionID); + query.setParameter("idpID", idpID); + result = query.list(); + + //send transaction + tx.commit(); + } - //send transaction - session.getTransaction().commit(); - } - - Logger.trace("Found entries: " + result.size()); - - //Assertion requires an unique artifact - if (result.size() == 0) { - Logger.trace("No entries found."); - return null; - - } - - return result.get(0).getInderfederation().get(0); + Logger.trace("Found entries: " + result.size()); + + //Assertion requires an unique artifact + if (result.size() == 0) { + Logger.trace("No entries found."); + return null; + + } + + return result.get(0).getInderfederation().get(0); + } catch (Exception e) { + if (tx != null && !tx.wasCommitted()) + tx.rollback(); + throw e; + } } public static String createInterfederatedSession(IRequest req, boolean isAuthenticated, String ssoID) throws MOADatabaseException, AssertionAttributeExtractorExeption, BuildException { @@ -847,27 +926,33 @@ public class AuthenticationSessionStoreage { Session session = MOASessionDBUtils.getCurrentSession(); List<AuthenticatedSessionStore> result; - - synchronized (session) { - session.beginTransaction(); - Query query = session.getNamedQuery("getInterfederatedIDPForAttributeQueryWithSessionID"); - query.setParameter("sessionID", moaSession.getSessionID()); - result = query.list(); + Transaction tx = null; + try { + synchronized (session) { + tx = session.beginTransaction(); + Query query = session.getNamedQuery("getInterfederatedIDPForAttributeQueryWithSessionID"); + query.setParameter("sessionID", moaSession.getSessionID()); + result = query.list(); + + //send transaction + tx.commit(); + } - //send transaction - session.getTransaction().commit(); - } - - Logger.trace("Found entries: " + result.size()); - - //Assertion requires an unique artifact - if (result.size() == 0) { - Logger.trace("No entries found."); - return null; - - } - - return result.get(0).getInderfederation().get(0); + Logger.trace("Found entries: " + result.size()); + + //Assertion requires an unique artifact + if (result.size() == 0) { + Logger.trace("No entries found."); + return null; + + } + + return result.get(0).getInderfederation().get(0); + } catch (Exception e) { + if (tx != null && !tx.wasCommitted()) + tx.rollback(); + throw e; + } } /** @@ -930,28 +1015,34 @@ public class AuthenticationSessionStoreage { List<AuthenticatedSessionStore> results; Session session = MOASessionDBUtils.getCurrentSession(); - - synchronized (session) { - session.beginTransaction(); - Query query = session.getNamedQuery("getMOAISessionsWithTimeOut"); - query.setTimestamp("timeoutcreate", expioredatecreate); - query.setTimestamp("timeoutupdate", expioredateupdate); - results = query.list(); - session.getTransaction().commit(); - } - - if (results.size() != 0) { - for(AuthenticatedSessionStore result : results) { - try { - cleanDelete(result); - Logger.info("Authenticated session with sessionID=" + result.getSessionid() - + " after session timeout."); - - } catch (HibernateException e){ - Logger.warn("Authenticated session with sessionID=" + result.getSessionid() - + " not removed after timeout! (Error during Database communication)", e); - } - } + Transaction tx = null; + try { + synchronized (session) { + tx = session.beginTransaction(); + Query query = session.getNamedQuery("getMOAISessionsWithTimeOut"); + query.setTimestamp("timeoutcreate", expioredatecreate); + query.setTimestamp("timeoutupdate", expioredateupdate); + results = query.list(); + tx.commit(); + } + + if (results.size() != 0) { + for(AuthenticatedSessionStore result : results) { + try { + cleanDelete(result); + Logger.info("Authenticated session with sessionID=" + result.getSessionid() + + " after session timeout."); + + } catch (HibernateException e){ + Logger.warn("Authenticated session with sessionID=" + result.getSessionid() + + " not removed after timeout! (Error during Database communication)", e); + } + } + } + } catch (Exception e) { + if (tx != null && !tx.wasCommitted()) + tx.rollback(); + throw e; } } @@ -1004,26 +1095,32 @@ public class AuthenticationSessionStoreage { Session session = MOASessionDBUtils.getCurrentSession(); List result; - - synchronized (session) { - session.beginTransaction(); - Query query = session.getNamedQuery("getSessionWithID"); - query.setParameter("sessionid", sessionID); - result = query.list(); + Transaction tx = null; + try { + synchronized (session) { + tx = session.beginTransaction(); + Query query = session.getNamedQuery("getSessionWithID"); + query.setParameter("sessionid", sessionID); + result = query.list(); + + //send transaction + if (commit) + tx.commit(); + } - //send transaction - if (commit) - session.getTransaction().commit(); - } - - Logger.trace("Found entries: " + result.size()); - - //Assertion requires an unique artifact - if (result.size() != 1) { - Logger.trace("No entries found."); - throw new MOADatabaseException("No session found with this sessionID"); - } - - return (AuthenticatedSessionStore) result.get(0); + Logger.trace("Found entries: " + result.size()); + + //Assertion requires an unique artifact + if (result.size() != 1) { + Logger.trace("No entries found."); + throw new MOADatabaseException("No session found with this sessionID"); + } + + return (AuthenticatedSessionStore) result.get(0); + } catch (Exception e) { + if (tx != null && !tx.wasCommitted() && commit) + tx.rollback(); + throw e; + } } } diff --git a/id/server/idserverlib/src/main/resources/moaid.configuration.beans.xml b/id/server/idserverlib/src/main/resources/moaid.configuration.beans.xml index 206fde87d..7e319e235 100644 --- a/id/server/idserverlib/src/main/resources/moaid.configuration.beans.xml +++ b/id/server/idserverlib/src/main/resources/moaid.configuration.beans.xml @@ -29,7 +29,7 @@ <property name="testOnBorrow" value="${configuration.dbcp.testOnBorrow}" /> <property name="testOnReturn" value="${configuration.dbcp.testOnReturn}" /> <property name="testWhileIdle" value="${configuration.dbcp.testWhileIdle}" /> - <property name="validationQuery" value="SELECT 1" /> + <property name="validationQuery" value="${configuration.dbcp.validationQuery}" /> </bean> <bean id="jpaVendorAdapter" class="org.springframework.orm.jpa.vendor.HibernateJpaVendorAdapter"> |