13 files changed, 223 insertions, 42 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/TransactionIDUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/TransactionIDUtils.java
index d428cddd1..7f6f2c6b3 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/TransactionIDUtils.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/TransactionIDUtils.java
@@ -22,9 +22,11 @@
  */
 package at.gv.egovernment.moa.id.advancedlogging;
 
-import org.slf4j.MDC;
+
+import java.util.Date;
 
 import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
+import at.gv.egovernment.moa.util.MiscUtil;
 
 /**
  * @author tlenz
@@ -33,14 +35,32 @@ import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
 public class TransactionIDUtils {
 
 	public static void setTransactionId(String pendingRequestID) {	  
-		MDC.put(MOAIDAuthConstants.MDC_TRANSACTION_ID, 
+		org.apache.log4j.MDC.put(MOAIDAuthConstants.MDC_TRANSACTION_ID, 
+				"TID-" + pendingRequestID);		
+		org.slf4j.MDC.put(MOAIDAuthConstants.MDC_TRANSACTION_ID, 
 				"TID-" + pendingRequestID);
 				    
 	}
 		
 	public static void removeTransactionId() {
-		MDC.remove(MOAIDAuthConstants.MDC_TRANSACTION_ID);
+		org.apache.log4j.MDC.remove(MOAIDAuthConstants.MDC_TRANSACTION_ID);
+		org.slf4j.MDC.remove(MOAIDAuthConstants.MDC_TRANSACTION_ID);
+		
+	}
+		
+	public static void setSessionId(String uniqueSessionId) {	  
+		org.apache.log4j.MDC.put(MOAIDAuthConstants.MDC_SESSION_ID, 
+				"TID-" + uniqueSessionId);		
+		org.slf4j.MDC.put(MOAIDAuthConstants.MDC_SESSION_ID, 
+				"TID-" + uniqueSessionId);
+				    
+	}
+		
+	public static void removeSessionId() {
+		org.apache.log4j.MDC.remove(MOAIDAuthConstants.MDC_SESSION_ID);
+		org.slf4j.MDC.remove(MOAIDAuthConstants.MDC_SESSION_ID);
 		
 	}
 	
+	
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java
index ac8d00ac8..fe09e743d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java
@@ -169,4 +169,5 @@ public interface MOAIDAuthConstants {
   public static final String REGEX_PATTERN_TARGET = "^[A-Za-z]{2}(-.*)?$";
   
   public static final String MDC_TRANSACTION_ID = "transactionId";
+  public static final String MDC_SESSION_ID = "sessionId";
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSessionExtensions.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSessionExtensions.java
new file mode 100644
index 000000000..61b8f7bd3
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSessionExtensions.java
@@ -0,0 +1,52 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.auth.data;
+
+import java.io.Serializable;
+
+/**
+ * @author tlenz
+ *
+ */
+public class AuthenticationSessionExtensions implements Serializable{
+
+	private static final long serialVersionUID = 1L;
+	
+	private String uniqueSessionId = null;
+
+	/**
+	 * @return the uniqueSessionId
+	 */
+	public String getUniqueSessionId() {
+		return uniqueSessionId;
+	}
+
+	/**
+	 * @param uniqueSessionId the uniqueSessionId to set
+	 */
+	public void setUniqueSessionId(String uniqueSessionId) {
+		this.uniqueSessionId = uniqueSessionId;
+	}
+	
+	
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java
index ee6f0d5a4..77f2cabc4 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java
@@ -10,6 +10,7 @@ import javax.servlet.http.HttpServletResponse;
 import org.apache.commons.lang.StringEscapeUtils;

 import org.apache.commons.lang3.ObjectUtils;

 

+import at.gv.egovernment.moa.id.advancedlogging.TransactionIDUtils;

 import at.gv.egovernment.moa.id.auth.builder.StartAuthenticationBuilder;

 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;

 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;

@@ -114,6 +115,8 @@ public class CreateIdentityLinkFormTask extends AbstractAuthServletTask {
 

 		finally {

 			ConfigurationDBUtils.closeSession();

+			TransactionIDUtils.removeTransactionId();

+			TransactionIDUtils.removeSessionId();

 		}

 	}

 

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessEngineSignalServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessEngineSignalServlet.java
index 49aa1c0f5..40e9fc819 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessEngineSignalServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessEngineSignalServlet.java
@@ -13,6 +13,7 @@ import at.gv.egovernment.moa.id.advancedlogging.TransactionIDUtils;
 import at.gv.egovernment.moa.id.auth.AuthenticationServer;

 import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;

 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;

+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionExtensions;

 import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;

 import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils;

 import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;

@@ -67,9 +68,12 @@ public class ProcessEngineSignalServlet extends AuthServlet {
 

 			// retrieve moa session

 			pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID);

+			AuthenticationSessionExtensions extendedSessionInformation = AuthenticationSessionStoreage.getAuthenticationSessionExtensions(sessionID);

 			AuthenticationSession session = AuthenticationServer.getSession(sessionID);

 

-			//add transactionID to Logger

+			//add transactionID and unique sessionID to Logger

+			if (extendedSessionInformation != null)

+				TransactionIDUtils.setSessionId(extendedSessionInformation.getUniqueSessionId());

 			TransactionIDUtils.setTransactionId(pendingRequestID);

 			

 			// process instance is mandatory

@@ -86,6 +90,7 @@ public class ProcessEngineSignalServlet extends AuthServlet {
 		} finally {

 			MOASessionDBUtils.closeSession();

 			TransactionIDUtils.removeTransactionId();

+			TransactionIDUtils.removeSessionId();

 			

 		}

 

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
index cce260d04..b287eb014 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
@@ -52,6 +52,7 @@ import at.gv.egovernment.moa.id.moduls.IModulInfo;
 import at.gv.egovernment.moa.id.moduls.IRequest;
 import at.gv.egovernment.moa.id.moduls.ModulStorage;
 import at.gv.egovernment.moa.id.moduls.NoPassivAuthenticationException;
+import at.gv.egovernment.moa.id.moduls.RequestImpl;
 import at.gv.egovernment.moa.id.moduls.RequestStorage;
 import at.gv.egovernment.moa.id.moduls.SSOManager;
 import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AuthnRequestValidatorException;
@@ -240,12 +241,16 @@ public class DispatcherServlet extends AuthServlet{
 				}
 			}
 
+			IRequest protocolRequest = null;
+			String uniqueSessionIdentifier = null;
+
 			//get SSO Cookie for Request
 			SSOManager ssomanager = SSOManager.getInstance();
 			String ssoId = ssomanager.getSSOSessionID(req);
 			
-			IRequest protocolRequest = null;
-			
+			//load unique session identifier with SSO-sessionID
+			uniqueSessionIdentifier = ssomanager.getUniqueSessionIdentifier(ssoId);
+									
 			try {
 				Object idObject = req.getParameter(PARAM_TARGET_PENDINGREQUESTID);
 	
@@ -256,6 +261,10 @@ public class DispatcherServlet extends AuthServlet{
 					
 					//get IRequest if it exits
 					if (protocolRequest != null) {
+
+						//set session and transaction IDs
+						TransactionIDUtils.setTransactionId(protocolRequestID);
+						TransactionIDUtils.setSessionId(protocolRequest.getSessionIdentifier());						
 						Logger.debug(DispatcherServlet.class.getName()+": Found PendingRequest with ID " + protocolRequestID);
 						
 					} else {
@@ -266,6 +275,15 @@ public class DispatcherServlet extends AuthServlet{
 					}
 				} else {
 					try {
+						//set transactionID to Logger
+						protocolRequestID = Random.nextRandom();
+						
+						if (MiscUtil.isEmpty(uniqueSessionIdentifier))
+							uniqueSessionIdentifier = Random.nextRandom();
+						
+						TransactionIDUtils.setTransactionId(protocolRequestID);
+						TransactionIDUtils.setSessionId(uniqueSessionIdentifier);
+						
 						protocolRequest = info.preProcess(req, resp, action);
 						
 						//request is a valid interfederation response 
@@ -319,8 +337,8 @@ public class DispatcherServlet extends AuthServlet{
 							else
 								moduleAction = info.getAction(protocolRequest.requestedAction());
 							
-							protocolRequestID = Random.nextRandom();
-							protocolRequest.setRequestID(protocolRequestID);							
+							protocolRequest.setRequestID(protocolRequestID);
+							((RequestImpl)protocolRequest).setSessionIdentifier(uniqueSessionIdentifier);
 							RequestStorage.setPendingRequest(protocolRequest);							
 							Logger.debug(DispatcherServlet.class.getName()+": Create PendingRequest with ID " + protocolRequestID + ".");
 
@@ -546,12 +564,11 @@ public class DispatcherServlet extends AuthServlet{
 		
 	    finally {
 	    	ConfigurationDBUtils.closeSession();
+	        Logger.trace("Clossing Dispatcher processing loop");
+	        
 	    	TransactionIDUtils.removeTransactionId();
-	    	
+	    	TransactionIDUtils.removeSessionId();	    	
 	    }
-
-        Logger.info("Clossing Dispatcher processing loop");
-        Logger.info("Http response prepared sent: " + resp.toString());
 	}
 	
 	@Override
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
index 49f3df25c..cbfdfc36b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
@@ -569,7 +569,7 @@ public class AuthenticationManager implements MOAIDAuthConstants {
 		try {
 			//check if an MOASession exists and if not create an new MOASession
 			//moasession = getORCreateMOASession(request);
-			moasession = AuthenticationSessionStoreage.createSession(target.getRequestID());
+			moasession = AuthenticationSessionStoreage.createSession(target);
 			
 		} catch (MOADatabaseException e1) {
 			Logger.error("Database Error! MOASession can not be created!");
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IRequest.java
index aaeb84f92..7fe933695 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IRequest.java
@@ -22,6 +22,7 @@
  *******************************************************************************/
 package at.gv.egovernment.moa.id.moduls;
 
+import java.util.Date;
 import java.util.List;
 
 import org.opensaml.saml2.core.Attribute;
@@ -40,6 +41,7 @@ public interface IRequest {
 	public String getTarget();
 	public void setRequestID(String id);
 	public String getRequestID();	
+	public String getSessionIdentifier();
 	public String getRequestedIDP();
 	public MOAResponse getInterfederationResponse();
 	public List<Attribute> getRequestedAttributes();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestImpl.java
index 4a54a516b..77256c897 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestImpl.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestImpl.java
@@ -41,6 +41,7 @@ public abstract class RequestImpl implements IRequest, Serializable{
 	private String action = null;
 	private String target = null;
 	private String requestID;
+	private String sessionIdentifier;
 	
 	//MOA-ID interfederation
 	private String requestedIDP = null;
@@ -147,6 +148,14 @@ public abstract class RequestImpl implements IRequest, Serializable{
 		this.response = response;
 	}
 	
+	public String getSessionIdentifier() {
+		return this.sessionIdentifier;
+		
+	}
 	
+	public void setSessionIdentifier(String sessionIdentifier) {
+		this.sessionIdentifier = sessionIdentifier;
+		
+	}
 	
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestStorage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestStorage.java
index be8e2dc2a..f0b12431a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestStorage.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestStorage.java
@@ -36,8 +36,9 @@ public class RequestStorage {
 			AssertionStorage storage = AssertionStorage.getInstance();
 			IRequest pendingRequest = storage.get(pendingReqID, IRequest.class);
 			
-			//set transactionID to Logger
+			//set transactionID and sessionID to Logger
 			TransactionIDUtils.setTransactionId(((IRequest)pendingRequest).getRequestID());
+			TransactionIDUtils.setSessionId(((IRequest)pendingRequest).getSessionIdentifier());
 			
 			return pendingRequest;
 		
@@ -54,10 +55,7 @@ public class RequestStorage {
 			
 			if (pendingRequest instanceof IRequest) {
 				storage.put(((IRequest)pendingRequest).getRequestID(), pendingRequest);
-				
-				//set transactionID to Logger
-				TransactionIDUtils.setTransactionId(((IRequest)pendingRequest).getRequestID());
-								
+												
 			} else {
 				throw new MOAIDException("auth.20", null);
 				
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
index 68545e1c2..04af8cea9 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
@@ -25,10 +25,8 @@ package at.gv.egovernment.moa.id.moduls;
 import java.io.BufferedReader;
 import java.io.File;
 import java.io.FileInputStream;
-import java.io.IOException;
 import java.io.InputStream;
 import java.io.InputStreamReader;
-import java.io.Reader;
 import java.io.StringWriter;
 import java.net.URI;
 import java.util.Date;
@@ -38,23 +36,21 @@ import javax.servlet.http.Cookie;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
-import org.apache.velocity.Template;
 import org.apache.velocity.VelocityContext;
-import org.apache.velocity.app.Velocity;
 import org.apache.velocity.app.VelocityEngine;
 import org.hibernate.Query;
 import org.hibernate.Session;
 
 import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionExtensions;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils;
 import at.gv.egovernment.moa.id.commons.db.dao.session.AuthenticatedSessionStore;
 import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore;
 import at.gv.egovernment.moa.id.commons.db.dao.session.OldSSOSessionIDStore;
+import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
 import at.gv.egovernment.moa.id.config.ConfigurationException;
 import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
-import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
 import at.gv.egovernment.moa.id.util.Random;
 import at.gv.egovernment.moa.id.util.VelocityProvider;
@@ -192,6 +188,23 @@ public class SSOManager {
 		
 	}
 	
+	public String getUniqueSessionIdentifier(String ssoSessionID) {
+		try {
+			if (MiscUtil.isNotEmpty(ssoSessionID)) {			
+				String moaSessionID = AuthenticationSessionStoreage.getMOASessionSSOID(ssoSessionID);
+				if (MiscUtil.isNotEmpty(moaSessionID)) {
+					AuthenticationSessionExtensions extSessionInformation = AuthenticationSessionStoreage.getAuthenticationSessionExtensions(moaSessionID);
+						return extSessionInformation.getUniqueSessionId();
+			
+				}
+			} 
+		} catch (MOADatabaseException e) {
+			Logger.debug("No SSO Session with SSO sessionID: " + ssoSessionID);
+		}
+					
+		return null;		
+	}
+	
 	public String existsOldSSOSession(String ssoId) {
 		
 		Logger.trace("Check that the SSOID has already been used");
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
index cf20db7d9..045db3f45 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
@@ -57,6 +57,7 @@ import org.opensaml.xml.signature.SignableXMLObject;
 
 import java.util.Arrays;
 
+import at.gv.egovernment.moa.id.advancedlogging.TransactionIDUtils;
 import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
 import at.gv.egovernment.moa.id.auth.exception.InvalidProtocolRequestException;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
@@ -252,11 +253,16 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants {
 				IRequest obj = RequestStorage.getPendingRequest(msg.getRelayState());
 				if (obj instanceof RequestImpl) {
 					RequestImpl iReqSP = (RequestImpl) obj;
-
+					
 					MOAResponse processedMsg = preProcessAuthResponse((MOAResponse) msg);
 					
 					if ( processedMsg != null ) {
-						iReqSP.setInterfederationResponse(processedMsg);						
+						iReqSP.setInterfederationResponse(processedMsg);
+
+						Logger.info("Receive a valid assertion from IDP " + msg.getEntityID() 
+								+ ". Switch to original transaction with ID " + iReqSP.getRequestID());
+						TransactionIDUtils.setTransactionId(iReqSP.getRequestID());
+						TransactionIDUtils.setSessionId(iReqSP.getSessionIdentifier());
 												
 					} else {
 						Logger.info("Interfederated IDP " + msg.getEntityID() + " has NO valid SSO session." 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
index 4288f48ad..541dc23b6 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
@@ -33,7 +33,10 @@ import org.hibernate.Query;
 import org.hibernate.Session;
 import org.hibernate.Transaction;
 
+import com.fasterxml.jackson.core.JsonProcessingException;
+
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionExtensions;
 import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
 import at.gv.egovernment.moa.id.auth.exception.BuildException;
 import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils;
@@ -42,6 +45,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionSto
 import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore;
 import at.gv.egovernment.moa.id.commons.db.dao.session.OldSSOSessionIDStore;
 import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
+import at.gv.egovernment.moa.id.commons.utils.JsonMapper;
 import at.gv.egovernment.moa.id.config.ConfigurationException;
 import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
@@ -60,6 +64,8 @@ public class AuthenticationSessionStoreage {
 
 	//private static HashMap<String, AuthenticationSession> sessionStore = new HashMap<String, AuthenticationSession>();
 
+	private static JsonMapper mapper = new JsonMapper();
+	
 	public static boolean isAuthenticated(String moaSessionID) {
 		
 		AuthenticatedSessionStore session;
@@ -73,34 +79,44 @@ public class AuthenticationSessionStoreage {
 		}
 	}
 
-	public static AuthenticationSession createSession(String pendingRequestID) throws MOADatabaseException, BuildException {
+	public static AuthenticationSession createSession(IRequest target) throws MOADatabaseException, BuildException {
 		String id = Random.nextRandom();
-
-		AuthenticatedSessionStore dbsession = new AuthenticatedSessionStore();
-		dbsession.setSessionid(id);
-		dbsession.setAuthenticated(false);
+		try {
+			AuthenticatedSessionStore dbsession = new AuthenticatedSessionStore();
+			dbsession.setSessionid(id);
+			dbsession.setAuthenticated(false);
 		
-		//set Timestamp in this state, because automated timestamp generation is buggy in Hibernate 4.2.1
-		Date now = new Date();
-		dbsession.setCreated(now);
-		dbsession.setUpdated(now);
+			//set Timestamp in this state, because automated timestamp generation is buggy in Hibernate 4.2.1
+			Date now = new Date();
+			dbsession.setCreated(now);
+			dbsession.setUpdated(now);
 		
-		dbsession.setPendingRequestID(pendingRequestID);
+			dbsession.setPendingRequestID(target.getRequestID());
 		
-		AuthenticationSession session = new AuthenticationSession(id, now);
-		encryptSession(session, dbsession);
+			//set additional session informations
+			AuthenticationSessionExtensions sessionExt = new AuthenticationSessionExtensions();
+			sessionExt.setUniqueSessionId(target.getSessionIdentifier());
+			dbsession.setAdditionalInformation(mapper.serialize(sessionExt));
 		
-		//store AssertionStore element to Database
-		try {
+			AuthenticationSession session = new AuthenticationSession(id, now);
+			encryptSession(session, dbsession);
+		
+			//store AssertionStore element to Database		
 			MOASessionDBUtils.saveOrUpdate(dbsession);
 			Logger.info("MOASession with sessionID=" + id + " is stored in Database");
 			
+			return session;
+			
 		} catch (MOADatabaseException e) {
 			Logger.warn("MOASession could not be created.");
 			throw new MOADatabaseException(e);
+			
+		} catch (JsonProcessingException e) {
+			Logger.warn("Extended session information can not be stored.", e);
+			throw new MOADatabaseException(e);
+			
 		}
-		
-		return session;
+				
 	}
 
 	public static AuthenticationSession getSession(String sessionID) throws MOADatabaseException {
@@ -118,6 +134,45 @@ public class AuthenticationSessionStoreage {
 			throw new MOADatabaseException("MOASession deserialization-exception");
 		}
 	}
+
+	public static AuthenticationSessionExtensions getAuthenticationSessionExtensions(String sessionID) throws MOADatabaseException {
+		AuthenticatedSessionStore dbsession = searchInDatabase(sessionID, true);
+		
+		if (MiscUtil.isNotEmpty(dbsession.getAdditionalInformation())) {
+			try {
+				return (AuthenticationSessionExtensions)mapper.deserialize(dbsession.getAdditionalInformation(), 
+						AuthenticationSessionExtensions.class);
+				
+			} catch (Exception e) {
+				Logger.warn("Extended session information extraction FAILED!", e);
+			}			
+		}
+		return null;
+		
+	}
+	
+	public static void setAuthenticationSessionExtensions(String sessionID, AuthenticationSessionExtensions sessionExtensions) throws MOADatabaseException {
+		try {
+			AuthenticatedSessionStore dbsession = searchInDatabase(sessionID, true);
+			
+			dbsession.setAdditionalInformation(
+					mapper.serialize(sessionExtensions));
+			
+			MOASessionDBUtils.saveOrUpdate(dbsession);
+			Logger.debug("MOASession with sessionID=" + sessionID + " is stored in Database");
+			
+			
+		} catch (MOADatabaseException e) {
+			Logger.warn("MOASession could not be stored.");
+			throw new MOADatabaseException(e);
+			
+		} catch (JsonProcessingException e) {
+			Logger.warn("Extended session information can not be stored.", e);
+			throw new MOADatabaseException("Extended session information can not be stored.", e);
+			
+		} 
+		
+	}
 	
 	public static void storeSession(AuthenticationSession session) throws MOADatabaseException, BuildException {
 		storeSession(session, null);