From 121e70662f53fe0820823a23784794021fbc7920 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Fri, 21 Oct 2016 10:26:15 +0200 Subject: fix possible multi-threading problem with database connections --- .../id/advancedlogging/DummyStatisticLogger.java | 9 + .../moa/id/advancedlogging/IStatisticLogger.java | 2 + .../moa/id/advancedlogging/StatisticLogger.java | 53 +- .../moa/id/config/ConfigurationProviderImpl.java | 68 +- .../PropertyBasedAuthConfigurationProvider.java | 139 +++- .../gv/egovernment/moa/id/moduls/SSOManager.java | 44 +- .../id/protocols/pvp2x/AttributQueryAction.java | 45 +- .../storage/DBAuthenticationSessionStoreage.java | 824 ++++++++------------- .../id/storage/IAuthenticationSessionStoreage.java | 24 + .../src/main/resources/session.common.beans.xml | 9 +- .../SpringExpressionAwareProcessEngineTest.java | 1 - .../moa/id/process/test/ProcessEngineTest.java | 1 - .../moa/id/commons/api/ConfigurationProvider.java | 7 + .../exceptions/SessionDataStorageException.java | 9 + .../moa/id/commons/db/MOASessionDBUtils.java | 94 --- .../moa/id/commons/db/NewConfigurationDBRead.java | 11 + .../moa/id/commons/db/StatisticLogDBUtils.java | 88 --- .../src/main/resources/statistic.logging.beans.xml | 9 +- .../moa/id/auth/MOAIDAuthSpringInitializer.java | 5 +- .../moa/id/monitoring/DatabaseTestModule.java | 52 +- .../egovernment/moa/id/monitoring/TestManager.java | 10 +- 21 files changed, 595 insertions(+), 909 deletions(-) delete mode 100644 id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/MOASessionDBUtils.java delete mode 100644 id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/StatisticLogDBUtils.java diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/DummyStatisticLogger.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/DummyStatisticLogger.java index 5a1b7205d..8fff6b20b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/DummyStatisticLogger.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/DummyStatisticLogger.java @@ -46,4 +46,13 @@ public class DummyStatisticLogger implements IStatisticLogger{ @Override public void logErrorOperation(Throwable throwable, IRequest errorRequest) { Logger.trace("Dummy-logErrorOperation"); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.advancedlogging.IStatisticLogger#testConnection() + */ + @Override + public void testConnection() throws Exception { + Logger.trace("Dummy-logErrorOperation"); + }} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/IStatisticLogger.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/IStatisticLogger.java index 2d97d7258..e0f21c012 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/IStatisticLogger.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/IStatisticLogger.java @@ -34,4 +34,6 @@ public interface IStatisticLogger { public void logErrorOperation(Throwable throwable, IRequest errorRequest); + public void testConnection() throws Exception; + } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java index 34bdd350b..14c0800b1 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java @@ -26,15 +26,19 @@ import java.io.ByteArrayInputStream; import java.io.IOException; import java.io.InputStream; import java.util.Date; +import java.util.List; +import javax.persistence.EntityManager; +import javax.persistence.PersistenceContext; +import javax.persistence.Query; import javax.xml.bind.JAXBContext; import javax.xml.bind.JAXBException; import javax.xml.bind.Unmarshaller; import org.apache.commons.lang3.StringEscapeUtils; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.context.annotation.Profile; -import org.springframework.stereotype.Service; +import org.springframework.stereotype.Repository; +import org.springframework.transaction.annotation.Transactional; import at.gv.e_government.reference.namespace.mandates._20040701_.Mandate; import at.gv.e_government.reference.namespace.mandates._20040701_.Mandator; @@ -49,8 +53,6 @@ import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.commons.api.IRequest; import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; -import at.gv.egovernment.moa.id.commons.config.SpringProfileConstants; -import at.gv.egovernment.moa.id.commons.db.StatisticLogDBUtils; import at.gv.egovernment.moa.id.commons.db.dao.statistic.StatisticLog; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; @@ -61,7 +63,8 @@ import at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; -@Service("StatisticLogger") +@Repository("StatisticLogger") +@Transactional("statisticLogTransactionManager") public class StatisticLogger implements IStatisticLogger{ private static final String GENERIC_LOCALBKU = ":3496/https-security-layer-request"; @@ -81,8 +84,20 @@ public class StatisticLogger implements IStatisticLogger{ @Autowired AuthConfiguration authConfig; @Autowired IAuthenticationSessionStoreage authenticatedSessionStorage; - @Autowired StatisticLogDBUtils statisticLogDBUtils; + + @PersistenceContext(unitName="statistic") + private EntityManager entityManager; + + + public void testConnection() throws Exception { + Date expioredate = new Date(new Date().getTime() - 120); + Query query = entityManager.createNamedQuery("getAllEntriesNotBeforeTimeStamp"); + query.setParameter("timeout", expioredate); + List result = query.getResultList(); + } + + public void logSuccessOperation(IRequest protocolRequest, IAuthData authData, boolean isSSOSession) { if ( authConfig.isAdvancedLoggingActive() && protocolRequest != null && authData != null) { @@ -190,15 +205,9 @@ public class StatisticLogger implements IStatisticLogger{ } } } + + entityManager.persist(dblog); - - - try { - statisticLogDBUtils.saveOrUpdate(dblog); - - } catch (MOADatabaseException e) { - Logger.warn("Statistic Log can not be stored into Database", e); - } } } @@ -219,12 +228,8 @@ public class StatisticLogger implements IStatisticLogger{ - try { - statisticLogDBUtils.saveOrUpdate(dblog); - - } catch (MOADatabaseException e) { - Logger.warn("Statistic Log can not be stored into Database", e); - } + entityManager.persist(dblog); + } } @@ -268,14 +273,8 @@ public class StatisticLogger implements IStatisticLogger{ generateErrorLogFormThrowable(throwable, dblog); - + entityManager.persist(dblog); - try { - statisticLogDBUtils.saveOrUpdate(dblog); - - } catch (MOADatabaseException e) { - Logger.warn("Statistic Log can not be stored into Database", e); - } } } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProviderImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProviderImpl.java index 67ad4762c..0c4dd2097 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProviderImpl.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProviderImpl.java @@ -50,19 +50,9 @@ import java.util.ArrayList; import java.util.Map; import java.util.Properties; -import org.hibernate.cfg.Configuration; - import at.gv.egovernment.moa.id.commons.api.ConfigurationProvider; import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.id.commons.config.SpringProfileConstants; -import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils; -import at.gv.egovernment.moa.id.commons.db.StatisticLogDBUtils; -import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore; -import at.gv.egovernment.moa.id.commons.db.dao.session.AuthenticatedSessionStore; -import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore; -import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore; -import at.gv.egovernment.moa.id.commons.db.dao.session.OldSSOSessionIDStore; -import at.gv.egovernment.moa.id.commons.db.dao.statistic.StatisticLog; import at.gv.egovernment.moa.id.data.IssuerAndSerial; import at.gv.egovernment.moa.id.protocols.pvp2x.config.MOADefaultBootstrap; import at.gv.egovernment.moa.logging.Logger; @@ -213,35 +203,35 @@ public abstract class ConfigurationProviderImpl implements ConfigurationProvider } } - // initialize hibernate - synchronized (ConfigurationProviderImpl.class) { - - //Initial config Database - // ConfigurationDBUtils.initHibernate(configProp); - - //initial MOAID Session Database - Configuration config = new Configuration(); - config.addAnnotatedClass(AssertionStore.class); - config.addAnnotatedClass(AuthenticatedSessionStore.class); - config.addAnnotatedClass(OASessionStore.class); - config.addAnnotatedClass(OldSSOSessionIDStore.class); - config.addAnnotatedClass(InterfederationSessionStore.class); - //config.addAnnotatedClass(ProcessInstanceStore.class); - config.addProperties(moaSessionProp); - //MOASessionDBUtils.initHibernate(config, moaSessionProp); - - //initial advanced logging -// if (Boolean.valueOf(props.getProperty("configuration.advancedlogging.active", "false"))) { -// Logger.info("Advanced statistic log is activated, starting initialization process ..."); -// Configuration statisticconfig = new Configuration(); -// statisticconfig.addAnnotatedClass(StatisticLog.class); -// statisticconfig.addProperties(statisticProps); -// StatisticLogDBUtils.initHibernate(statisticconfig, statisticProps); -// Logger.info("Advanced statistic log is initialized."); -// } - - } - Logger.trace("Hibernate initialization finished."); +// // initialize hibernate +// synchronized (ConfigurationProviderImpl.class) { +// +// //Initial config Database +// // ConfigurationDBUtils.initHibernate(configProp); +// +// //initial MOAID Session Database +// Configuration config = new Configuration(); +// config.addAnnotatedClass(AssertionStore.class); +// config.addAnnotatedClass(AuthenticatedSessionStore.class); +// config.addAnnotatedClass(OASessionStore.class); +// config.addAnnotatedClass(OldSSOSessionIDStore.class); +// config.addAnnotatedClass(InterfederationSessionStore.class); +// //config.addAnnotatedClass(ProcessInstanceStore.class); +// config.addProperties(moaSessionProp); +// //MOASessionDBUtils.initHibernate(config, moaSessionProp); +// +// //initial advanced logging +//// if (Boolean.valueOf(props.getProperty("configuration.advancedlogging.active", "false"))) { +//// Logger.info("Advanced statistic log is activated, starting initialization process ..."); +//// Configuration statisticconfig = new Configuration(); +//// statisticconfig.addAnnotatedClass(StatisticLog.class); +//// statisticconfig.addProperties(statisticProps); +//// StatisticLogDBUtils.initHibernate(statisticconfig, statisticProps); +//// Logger.info("Advanced statistic log is initialized."); +//// } +// +// } +// Logger.trace("Hibernate initialization finished."); } catch (ExceptionInInitializerError e) { throw new ConfigurationException("config.17", null, e); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java index e62a4a8d5..94353fb6b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java @@ -18,6 +18,7 @@ import java.util.Map; import java.util.Properties; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.transaction.annotation.Transactional; import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; import at.gv.egovernment.moa.id.commons.MOAIDConstants; @@ -38,13 +39,13 @@ import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils; import at.gv.egovernment.moa.id.config.ConfigurationProviderImpl; import at.gv.egovernment.moa.id.config.ConfigurationUtils; import at.gv.egovernment.moa.id.config.ConnectionParameter; -import at.gv.egovernment.moa.id.config.ConnectionParameterForeign; import at.gv.egovernment.moa.id.config.ConnectionParameterMOASP; import at.gv.egovernment.moa.id.config.ConnectionParameterMandate; import at.gv.egovernment.moa.id.config.stork.STORKConfig; import at.gv.egovernment.moa.id.protocols.pvp2x.PVP2XProtocol; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; +import iaik.pki.revocation.RevocationSourceTypes; /** * A class providing access to the Auth Part of the MOA-ID configuration data. @@ -196,6 +197,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#getPropertiesWithPrefix(java.lang.String) */ @Override + @Transactional public Map getConfigurationWithPrefix(String Prefix) { try { return configuration.getPropertySubset(Prefix); @@ -212,6 +214,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#getPropertiesWithPrefix(java.lang.String) */ @Override + @Transactional public Map getConfigurationWithWildCard(String key) { try { return configuration.searchPropertiesWithWildcard(key); @@ -238,19 +241,23 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#getPropertyWithKey(java.lang.String) */ @Override + @Transactional public String getConfigurationWithKey(String key) { try { - return configuration.getStringValue(key).trim(); - - } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) { - return null; - } + String value = configuration.getStringValue(key); + if (value != null) + return value.trim(); + + } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) {} + + return null; } /** * Returns the general pvp2 properties config. NOTE: may be empty but never {@code null}. * @return the general pvp2 properties config. */ + @Transactional public Properties getGeneralPVP2ProperiesConfig() { return this.getGeneralProperiesConfig("protocols.pvp2."); } @@ -259,6 +266,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * Returns the general oauth20 properties config. NOTE: may be empty but never {@code null}. * @return the general oauth20 properties config. */ + @Transactional public Properties getGeneralOAuth20ProperiesConfig() { return this.getGeneralProperiesConfig("protocols.oauth20."); } @@ -268,6 +276,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * * @return the allowed protocols or {@code null}. */ + @Transactional public ProtocolAllowed getAllowedProtocols() { try { ProtocolAllowed allowedProtcols = new ProtocolAllowed(); @@ -293,6 +302,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#getTransactionTimeOut() */ @Override + @Transactional public int getTransactionTimeOut() { try { return configuration.getIntegerValue( @@ -308,6 +318,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#getSSOCreatedTimeOut() */ @Override + @Transactional public int getSSOCreatedTimeOut() { try { return configuration.getIntegerValue( @@ -323,6 +334,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#getSSOUpdatedTimeOut() */ @Override + @Transactional public int getSSOUpdatedTimeOut() { try { return configuration.getIntegerValue( @@ -340,6 +352,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @return an alternative source ID or {@code null}. * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} */ + @Transactional public String getAlternativeSourceID() throws ConfigurationException { try { return configuration.getStringValue(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_SAML1_SOURCEID); @@ -355,6 +368,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * * @return the list of protocols. */ + @Transactional public List getLegacyAllowedProtocols() { List legacy = new ArrayList(); @@ -386,6 +400,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @param oaURL URL requested for an online application * @return an OAAuthParameter, or null if none is applicable */ + @Transactional public OAAuthParameter getOnlineApplicationParameter(String oaURL) { Map oa = getActiveOnlineApplication(oaURL); if (oa == null) { @@ -401,6 +416,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @return a string with a url-reference to the VerifyAuthBlock trust profile ID. * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} or in case of missing {@link MOASP}. */ + @Transactional public String getMoaSpAuthBlockTrustProfileID(boolean useTestTrustStore) throws ConfigurationException { if (useTestTrustStore) return getMoaSpAuthBlockTestTrustProfileID(); @@ -457,6 +473,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @return a list of strings containing all urls to the verify transform info IDs. * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} or in case of missing {@link MOASP}. */ + @Transactional public List getMoaSpAuthBlockVerifyTransformsInfoIDs() throws ConfigurationException { try { return Arrays.asList(configuration.getStringValue( @@ -474,6 +491,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @return ConnectionParameter of the authentication component moa-sp element. * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral}. */ + @Transactional public ConnectionParameter getMoaSpConnectionParameter() throws ConfigurationException { ConnectionParameter result = null; String moaspURL; @@ -500,24 +518,34 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @return the connection parameter. * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral}. */ - public ConnectionParameter getForeignIDConnectionParameter() throws ConfigurationException { - ConnectionParameter result = null; - String serviceURL; + @Transactional + public ConnectionParameter getForeignIDConnectionParameter(IOAAuthParameters oaParameters) throws ConfigurationException { + String serviceURL = null; try { - serviceURL = configuration.getStringValue( - MOAIDConfigurationConstants.GENERAL_AUTH_SERVICES_SZRGW_URL); - if (serviceURL != null) { - result = - new ConnectionParameterForeign(serviceURL, this.getProperties(), this.getRootConfigFileDir()); + //load OA specific MIS service URL if OA configuration exists + if (oaParameters != null) + serviceURL = oaParameters.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_EXTERNAL_SZRGW_SERVICE_URL); + //get first entry from general configuration if no OA specific URL exists + if (MiscUtil.isEmpty(serviceURL)) { + List serviceURLs = KeyValueUtils.getListOfCSVValues( + configuration.getStringValue(MOAIDConfigurationConstants.GENERAL_AUTH_SERVICES_SZRGW_URL)); + if (serviceURLs.size() > 0) + serviceURL = serviceURLs.get(0); + } + if (MiscUtil.isNotEmpty(serviceURL)) + return new ConnectionParameterMandate(serviceURL, this.getProperties(), this.getRootConfigFileDir()); + + else + throw new ConfigurationException("service.09", new Object[]{"NO SZR-GW Service URL"}); + } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) { - Logger.warn("Loading SZRGW Service URL from configuration FAILED.", e); + Logger.warn("Initialize SZR-GW service connection parameters FAILED.", e); + throw new ConfigurationException("service.09", new Object[]{e.getMessage()}, e); - } - - return result; + } } /** @@ -526,24 +554,35 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @return the connection parameter. * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} */ - public ConnectionParameter getOnlineMandatesConnectionParameter() throws ConfigurationException { - ConnectionParameter result = null; - String serviceURL; + @Transactional + public ConnectionParameter getOnlineMandatesConnectionParameter(IOAAuthParameters oaParameters) throws ConfigurationException { + String serviceURL = null; try { - serviceURL = configuration.getStringValue( - MOAIDConfigurationConstants.GENERAL_AUTH_SERVICES_OVS_URL); - if (serviceURL != null) { - result = - new ConnectionParameterMandate(serviceURL, this.getProperties(), this.getRootConfigFileDir()); + //load OA specific MIS service URL if OA configuration exists + if (oaParameters != null) + serviceURL = oaParameters.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_EXTERNAL_MIS_SERVICE_URL); + //get first entry from general configuration if no OA specific URL exists + if (MiscUtil.isEmpty(serviceURL)) { + List serviceURLs = KeyValueUtils.getListOfCSVValues( + configuration.getStringValue(MOAIDConfigurationConstants.GENERAL_AUTH_SERVICES_OVS_URL)); + if (serviceURLs.size() > 0) + serviceURL = serviceURLs.get(0); + } + if (MiscUtil.isNotEmpty(serviceURL)) + return new ConnectionParameterMandate(serviceURL, this.getProperties(), this.getRootConfigFileDir()); + + else + throw new ConfigurationException("service.06", new Object[]{"NO MIS Service URL"}); + } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) { - Logger.warn("Loading SZRGW Service URL from configuration FAILED.", e); + Logger.warn("Initialize MIS service connection parameters FAILED.", e); + throw new ConfigurationException("service.06", new Object[]{e.getMessage()}, e); } - - return result; + } /** @@ -569,6 +608,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @return a list of transform infos. * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} or in case of missing {@link SecurityLayer}. */ + @Transactional public List getTransformsInfos() throws ConfigurationException { try { String securityLayer = configuration.getStringValue( @@ -601,6 +641,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} */ + @Transactional public List getIdentityLinkX509SubjectNames() throws ConfigurationException { ArrayList identityLinkX509SubjectNames = new ArrayList(); @@ -622,6 +663,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @return list of default SLRequestTemplates. * @throws ConfigurationException is never thrown */ + @Transactional public List getSLRequestTemplates() throws ConfigurationException { List templatesList = new ArrayList(); @@ -648,6 +690,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * * @throws ConfigurationException is never thrown */ + @Transactional public String getSLRequestTemplates(String type) throws ConfigurationException { String slRequestTemplate = null; @@ -683,6 +726,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @return list of default BKUURLs. * @throws ConfigurationException is never thrown */ + @Transactional public List getDefaultBKUURLs() throws ConfigurationException { List bkuurlsList = new ArrayList(); try { @@ -708,6 +752,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * * @throws ConfigurationException is never thrown */ + @Transactional public String getDefaultBKUURL(String type) throws ConfigurationException { String defaultBKUUrl = null; try { @@ -742,6 +787,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @return the SSOTagetIdentifier or {@code null} * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} */ + @Transactional public String getSSOTagetIdentifier() throws ConfigurationException { try { String value = configuration.getStringValue( @@ -762,6 +808,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * * @return the SSOFriendlyName or a default String */ + @Transactional public String getSSOFriendlyName() { try { return configuration.getStringValue( @@ -778,6 +825,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * * @return the SSOSpecialText or an empty String */ + @Transactional public String getSSOSpecialText() { try { String text = configuration.getStringValue( @@ -864,6 +912,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide return Boolean.valueOf(prop); } + @Transactional public List getPublicURLPrefix() throws ConfigurationException{ try { String publicURLPrefixList = configuration.getStringValue( @@ -929,6 +978,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @return a new STORK Configuration or {@code null} * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} */ + @Transactional public IStorkConfig getStorkConfig() throws ConfigurationException { IStorkConfig result = null; try { @@ -1015,6 +1065,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @return {@code true} if enable, {@code false} if disabled */ @Override + @Transactional public boolean isTrustmanagerrevoationchecking() { try { @@ -1033,6 +1084,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @return the path to the certstore directory or {@code null} */ @Override + @Transactional public String getCertstoreDirectory() { try { String path = rootConfigFileDir + configuration.getStringValue( @@ -1053,6 +1105,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide } @Override + @Transactional public String getTrustedCACertificates() { try { String path = rootConfigFileDir + configuration.getStringValue( @@ -1079,6 +1132,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @param id the id of the requested online application * @return the requested online application or {@code null} */ + @Transactional public Map getActiveOnlineApplication(String id) { Logger.trace("Get active OnlineApplication with ID " + id + " from database."); Map oaConfig = null; @@ -1179,10 +1233,35 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide return Boolean.valueOf(prop); } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.commons.api.AuthConfiguration#getRevocationMethodOrder() + */ + @Override + public String[] getRevocationMethodOrder() { + final String[] DEFAULTORDER = new String[] {RevocationSourceTypes.OCSP, RevocationSourceTypes.CRL}; + List result = new ArrayList(); + + String prop = properties.getProperty("configuration.ssl.validation.revocation.method.order"); + if (MiscUtil.isNotEmpty(prop)) { + String[] configOrder = prop.split(","); + for (String el : configOrder) { + if (RevocationSourceTypes.ALL.contains(el.trim())) { + result.add(el.trim()); + } + } + } + + if (result.isEmpty()) + return DEFAULTORDER; + else + return result.toArray(new String[result.size()]); + } + /* (non-Javadoc) * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#getDefaultRevisionsLogEventCodes() */ @Override + @Transactional public List getDefaultRevisionsLogEventCodes() { try { String eventcodes = configuration.getStringValue(MOAIDConfigurationConstants.GENERAL_REVERSION_LOGS_EVENTCODES); @@ -1215,6 +1294,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#getMoaSpIdentityLinkTrustProfileID(boolean) */ @Override + @Transactional public String getMoaSpIdentityLinkTrustProfileID(boolean useTestTrustStore) throws ConfigurationException { if (useTestTrustStore) @@ -1227,6 +1307,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#isVirtualIDPsEnabled() */ @Override + @Transactional public boolean isVirtualIDPsEnabled() { try { String value = configuration.getStringValue( diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java index 0799760ce..c27012ba9 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java @@ -23,14 +23,11 @@ package at.gv.egovernment.moa.id.moduls; import java.util.Date; -import java.util.List; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import org.hibernate.Query; -import org.hibernate.Session; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; @@ -40,7 +37,6 @@ import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; import at.gv.egovernment.moa.id.commons.api.IRequest; import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.id.commons.api.exceptions.SessionDataStorageException; -import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils; import at.gv.egovernment.moa.id.commons.db.dao.session.AuthenticatedSessionStore; import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore; import at.gv.egovernment.moa.id.commons.db.dao.session.OldSSOSessionIDStore; @@ -63,7 +59,7 @@ public class SSOManager { @Autowired private IAuthenticationSessionStoreage authenticatedSessionStore; @Autowired protected AuthConfiguration authConfig; - @Autowired private MOASessionDBUtils moaSessionDBUtils; + //@Autowired private MOASessionDBUtils moaSessionDBUtils; /** * Check if interfederation IDP is requested via HTTP GET parameter or if interfederation cookie exists. @@ -160,7 +156,12 @@ public class SSOManager { } else { Logger.warn("MOASession is marked as interfederated SSO session but no interfederated IDP is found. Switch to local authentication ..."); - moaSessionDBUtils.delete(storedSession); + try { + authenticatedSessionStore.destroySession(storedSession.getSessionid()); + + } catch (MOADatabaseException e) { + Logger.error("Delete MOASession with ID:" + storedSession.getSessionid() + " FAILED!" , e); + } } } @@ -201,31 +202,14 @@ public class SSOManager { public String existsOldSSOSession(String ssoId) { Logger.trace("Check that the SSOID has already been used"); - Session session = moaSessionDBUtils.getCurrentSession(); - List result; + OldSSOSessionIDStore oldSSOSession = authenticatedSessionStore.checkSSOTokenAlreadyUsed(ssoId); - synchronized (session) { - - session.beginTransaction(); - Query query = session.getNamedQuery("getSSOSessionWithOldSessionID"); - query.setParameter("sessionid", ssoId); - result = query.list(); - - // send transaction - - } - - Logger.trace("Found entries: " + result.size()); - - // Assertion requires an unique artifact - if (result.size() == 0) { - session.getTransaction().commit(); + if (oldSSOSession == null) { + Logger.debug("SSO session-cookie was not used in parst"); return null; } - OldSSOSessionIDStore oldSSOSession = result.get(0); - AuthenticatedSessionStore correspondingMoaSession = oldSSOSession.getMoasession(); if (correspondingMoaSession == null) { @@ -233,11 +217,7 @@ public class SSOManager { return null; } - String moasessionid = correspondingMoaSession.getSessionid(); - - session.getTransaction().commit(); - - return moasessionid; + return correspondingMoaSession.getSessionid(); } @@ -290,7 +270,7 @@ public class SSOManager { //no local SSO session exist -> request interfederated IDP Logger.info("Delete interfederated IDP " + selectedIDP.getIdpurlprefix() + " from MOASession " + storedSession.getSessionid()); - moaSessionDBUtils.delete(selectedIDP); + authenticatedSessionStore.deleteIdpInformation(selectedIDP); } else { Logger.warn("MOASession is marked as interfederated SSO session but no interfederated IDP is found. Switch to local authentication ..."); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AttributQueryAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AttributQueryAction.java index 6375f26a3..cd14664f9 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AttributQueryAction.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AttributQueryAction.java @@ -48,9 +48,7 @@ import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.commons.api.IRequest; import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; -import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils; import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore; -import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.IAuthData; @@ -80,7 +78,6 @@ public class AttributQueryAction implements IAction { @Autowired private AuthenticationDataBuilder authDataBuilder; @Autowired private IDPCredentialProvider pvpCredentials; @Autowired private AuthConfiguration authConfig; - @Autowired private MOASessionDBUtils moaSessionDBUtils; @Autowired(required=true) private MOAMetadataProvider metadataProvider; private final static List DEFAULTSTORKATTRIBUTES = Arrays.asList( @@ -192,21 +189,11 @@ public class AttributQueryAction implements IAction { AuthenticationSession session, List reqAttributes, InterfederationSessionStore nextIDPInformation) throws MOAIDException { try { //mark AttributeQuery as used if it exists - OASessionStore activeOA = authenticationSessionStorage.searchActiveOASSOSession(session, pendingReq.getOAURL(), pendingReq.requestedModule()); - if (activeOA != null) { - //mark - if ( pendingReq instanceof PVPTargetConfiguration && - ((PVPTargetConfiguration) pendingReq).getRequest() instanceof MOARequest && - ((PVPTargetConfiguration) pendingReq).getRequest().getInboundMessage() instanceof AttributeQuery) { - try { - activeOA.setAttributeQueryUsed(true); - moaSessionDBUtils.saveOrUpdate(activeOA); - - } catch (MOADatabaseException e) { - Logger.error("MOASession interfederation information can not stored to database.", e); - - } - } + if ( pendingReq instanceof PVPTargetConfiguration && + ((PVPTargetConfiguration) pendingReq).getRequest() instanceof MOARequest && + ((PVPTargetConfiguration) pendingReq).getRequest().getInboundMessage() instanceof AttributeQuery) { + + authenticationSessionStorage.markOAWithAttributeQueryUsedFlag(session, pendingReq.getOAURL(), pendingReq.requestedModule()); } //build OnlineApplication dynamic from requested attributes (AttributeQuerry Request) and configuration @@ -249,20 +236,16 @@ public class AttributQueryAction implements IAction { AssertionAttributeExtractor extractor = authDataBuilder.getAuthDataFromAttributeQuery(reqAttributes, nextIDPInformation.getUserNameID(), idp); - try { - //mark attribute request as used - if (nextIDPInformation.isStoreSSOInformation()) { - nextIDPInformation.setAttributesRequested(true); - moaSessionDBUtils.saveOrUpdate(nextIDPInformation); + //mark attribute request as used + if (nextIDPInformation.isStoreSSOInformation()) { + nextIDPInformation.setAttributesRequested(true); + authenticationSessionStorage.persistIdpInformation(nextIDPInformation); + //moaSessionDBUtils.saveOrUpdate(nextIDPInformation); - //delete federated IDP from Session - } else { - moaSessionDBUtils.delete(nextIDPInformation); - - } - - } catch (MOADatabaseException e) { - Logger.error("MOASession interfederation information can not stored to database.", e); + //delete federated IDP from Session + } else { + authenticationSessionStorage.deleteIdpInformation(nextIDPInformation); + //moaSessionDBUtils.delete(nextIDPInformation); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java index 4d7936f25..7dd6d15cd 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java @@ -26,15 +26,15 @@ import java.util.ArrayList; import java.util.Date; import java.util.List; +import javax.persistence.EntityManager; +import javax.persistence.PersistenceContext; +import javax.persistence.Query; + import org.apache.commons.lang.SerializationUtils; import org.apache.commons.lang.StringEscapeUtils; import org.hibernate.HibernateException; -import org.hibernate.Query; -import org.hibernate.Session; -import org.hibernate.Transaction; -import org.hibernate.resource.transaction.spi.TransactionStatus; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Service; +import org.springframework.stereotype.Repository; import org.springframework.transaction.annotation.Transactional; import com.fasterxml.jackson.core.JsonProcessingException; @@ -46,7 +46,6 @@ import at.gv.egovernment.moa.id.auth.exception.BuildException; import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.commons.api.IRequest; -import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils; import at.gv.egovernment.moa.id.commons.db.dao.session.AuthenticatedSessionStore; import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore; import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore; @@ -62,13 +61,19 @@ import at.gv.egovernment.moa.id.util.SessionEncrytionUtil; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; -@Service("AuthenticationSessionStoreage") +@Repository("AuthenticationSessionStoreage") +@Transactional("sessionTransactionManager") public class DBAuthenticationSessionStoreage implements IAuthenticationSessionStoreage{ + @PersistenceContext(unitName="session") + private EntityManager entityManager; + @Autowired AuthConfiguration authConfig; - @Autowired MOASessionDBUtils moaSessionDBUtils; + private static JsonMapper mapper = new JsonMapper(); + //@Autowired MOASessionDBUtils moaSessionDBUtils; + @Override public boolean isAuthenticated(String moaSessionID) { @@ -104,15 +109,15 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt AuthenticationSession session = new AuthenticationSession(id, now); encryptSession(session, dbsession); - //store AssertionStore element to Database - moaSessionDBUtils.saveOrUpdate(dbsession); + //store AssertionStore element to Database + entityManager.persist(dbsession); Logger.info("Create MOASession with sessionID: " + id); return session; - } catch (MOADatabaseException e) { - Logger.warn("MOASession could not be created."); - throw new MOADatabaseException(e); +// } catch (MOADatabaseException e) { +// Logger.warn("MOASession could not be created."); +// throw new MOADatabaseException(e); } catch (JsonProcessingException e) { Logger.warn("Extended session information can not be stored.", e); @@ -167,7 +172,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt dbsession.setAdditionalInformation( mapper.serialize(sessionExtensions)); - moaSessionDBUtils.saveOrUpdate(dbsession); + entityManager.merge(dbsession); Logger.debug("MOASession with sessionID=" + sessionID + " is stored in Database"); @@ -194,7 +199,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt dbsession.setAuthenticated(session.isAuthenticated()); dbsession.setUpdated(new Date()); - moaSessionDBUtils.saveOrUpdate(dbsession); + entityManager.merge(dbsession); Logger.debug("MOASession with sessionID=" + session.getSessionID() + " is stored in Database"); } catch (MOADatabaseException e) { @@ -206,40 +211,21 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt @Override public void destroySession(String moaSessionID) throws MOADatabaseException { - Session session = moaSessionDBUtils.getCurrentSession(); - - List result; - Transaction tx = null; - try { - synchronized (session) { - - tx = session.beginTransaction(); - Query query = session.getNamedQuery("getSessionWithID"); - query.setParameter("sessionid", moaSessionID); - result = query.list(); - - - - - Logger.trace("Found entries: " + result.size()); + Query query = entityManager.createNamedQuery("getSessionWithID"); + query.setParameter("sessionid", moaSessionID); + List results = query.getResultList(); + + Logger.trace("Found entries: " + results.size()); - //Assertion requires an unique artifact - if (result.size() != 1) { - Logger.trace("No entries found."); - throw new MOADatabaseException("No session found with this sessionID"); - } + //Assertion requires an unique artifact + if (results.size() != 1) { + Logger.trace("No entries found."); + throw new MOADatabaseException("No session found with this sessionID"); + + } - AuthenticatedSessionStore dbsession = (AuthenticatedSessionStore) result.get(0); - tx.commit(); - cleanDelete(dbsession); - } - - } catch (Exception e) { - if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED)) - tx.rollback(); - throw e; - - } + AuthenticatedSessionStore dbsession = (AuthenticatedSessionStore) results.get(0); + cleanDelete(dbsession); } @@ -260,7 +246,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt //set Timestamp in this state, because automated timestamp generation is buggy in Hibernate 4.2.1 dbsession.setUpdated(new Date()); - moaSessionDBUtils.saveOrUpdate(dbsession); + entityManager.merge(dbsession); Logger.trace("Change SessionID complete."); @@ -284,7 +270,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt try { session = searchInDatabase(moaSessionID); session.setAuthenticated(isAuthenticated); - moaSessionDBUtils.saveOrUpdate(session); + entityManager.merge(session); } catch (MOADatabaseException e) { @@ -294,41 +280,23 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt @Override public String getMOASessionSSOID(String SSOSessionID) { - MiscUtil.assertNotNull(SSOSessionID, "SSOsessionID"); - Logger.trace("Get authenticated session with SSOID " + SSOSessionID + " from database."); - Session session = moaSessionDBUtils.getCurrentSession(); - - List result; - Transaction tx = null; - try { - synchronized (session) { - - tx = session.beginTransaction(); - Query query = session.getNamedQuery("getSessionWithSSOID"); - query.setParameter("sessionid", SSOSessionID); - result = query.list(); - - //send transaction - tx.commit(); - - } - - Logger.trace("Found entries: " + result.size()); + MiscUtil.assertNotNull(SSOSessionID, "SSOsessionID"); + Logger.trace("Get authenticated session with SSOID " + SSOSessionID + " from database."); + + Query query = entityManager.createNamedQuery("getSessionWithSSOID"); + query.setParameter("sessionid", SSOSessionID); + List results = query.getResultList(); + + Logger.trace("Found entries: " + results.size()); - //Assertion requires an unique artifact - if (result.size() != 1) { - Logger.trace("No entries found."); - return null; + //Assertion requires an unique artifact + if (results.size() != 1) { + Logger.trace("No entries found."); + return null; - } else { - return result.get(0).getSessionid(); + } else + return results.get(0).getSessionid(); - } - } catch (Exception e) { - if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED)) - tx.rollback(); - throw e; - } } @Override @@ -347,144 +315,101 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt public AuthenticatedSessionStore isValidSessionWithSSOID(String SSOId) { //TODO: is this method really needed?? - MiscUtil.assertNotNull(SSOId, "SSOSessionID"); - Logger.trace("Get authenticated session with SSOID " + SSOId + " from database."); - Session session = moaSessionDBUtils.getCurrentSession(); + MiscUtil.assertNotNull(SSOId, "SSOSessionID"); + Logger.trace("Get authenticated session with SSOID " + SSOId + " from database."); - List result; - Transaction tx = null; - try { - synchronized (session) { - tx = session.beginTransaction(); - Query query = session.getNamedQuery("getSessionWithSSOID"); - query.setParameter("sessionid", SSOId); - result = query.list(); - - //send transaction - tx.commit(); - } + Query query = entityManager.createNamedQuery("getSessionWithSSOID"); + query.setParameter("sessionid", SSOId); + List results = query.getResultList(); - Logger.trace("Found entries: " + result.size()); + Logger.trace("Found entries: " + results.size()); - //Assertion requires an unique artifact - if (result.size() != 1) { - Logger.trace("No entries found."); - return null; + //Assertion requires an unique artifact + if (results.size() != 1) { + Logger.trace("No entries found."); + return null; - } else { - return result.get(0); - } - } catch (Exception e) { - if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED)) - tx.rollback(); - throw e; - } + } else + return results.get(0); + } @Override public void addSSOInformation(String moaSessionID, String SSOSessionID, SLOInformationInterface SLOInfo, IRequest protocolRequest) throws AuthenticationException { - AuthenticatedSessionStore dbsession; - Transaction tx = null; - - try { - - Session session = moaSessionDBUtils.getCurrentSession(); - List result; - - Logger.trace("Add SSO information to session " + moaSessionID); - - synchronized (session) { - - tx = session.beginTransaction(); - Query query = session.getNamedQuery("getSessionWithID"); - query.setParameter("sessionid", moaSessionID); - result = query.list(); - - - Logger.trace("Found entries: " + result.size()); + Query query = entityManager.createNamedQuery("getSessionWithID"); + query.setParameter("sessionid", moaSessionID); + List results = query.getResultList(); + + Logger.trace("Found entries: " + results.size()); - //Assertion requires an unique artifact - if (result.size() != 1) { - Logger.trace("No entries found."); - tx.rollback(); - throw new MOADatabaseException("No session found with this sessionID"); - } + //Assertion requires an unique artifact + if (results.size() != 1) { + Logger.trace("No entries found."); + throw new AuthenticationException("No session found with this sessionID", null); + + } - dbsession = (AuthenticatedSessionStore) result.get(0); + AuthenticatedSessionStore dbsession = results.get(0); - OASessionStore activeOA = null; - //check if OA already has an active OA session - if (dbsession.getActiveOAsessions() != null) { - for (OASessionStore el : dbsession.getActiveOAsessions()) { - if (el.getOaurlprefix().equals(protocolRequest.getOAURL())) - activeOA = el; - } - } - - if (activeOA == null) - activeOA = new OASessionStore(); + OASessionStore activeOA = null; + //check if OA already has an active OA session + if (dbsession.getActiveOAsessions() != null) { + for (OASessionStore el : dbsession.getActiveOAsessions()) { + if (el.getOaurlprefix().equals(protocolRequest.getOAURL())) + activeOA = el; + } + } - //set active OA applications - activeOA.setOaurlprefix(protocolRequest.getOAURL()); - activeOA.setMoasession(dbsession); - activeOA.setCreated(new Date()); + if (activeOA == null) + activeOA = new OASessionStore(); - //set additional information for SLO - if (SLOInfo != null) { - activeOA.setAssertionSessionID(SLOInfo.getSessionIndex()); - activeOA.setUserNameID(SLOInfo.getUserNameIdentifier()); - activeOA.setUserNameIDFormat(SLOInfo.getUserNameIDFormat()); - activeOA.setProtocolType(SLOInfo.getProtocolType()); - activeOA.setAttributeQueryUsed(false); - activeOA.setAuthURL(protocolRequest.getAuthURL()); - - - } - - List activeOAs = dbsession.getActiveOAsessions(); - activeOAs.add(activeOA); - dbsession.setActiveOAsessions(activeOAs); + //set active OA applications + activeOA.setOaurlprefix(protocolRequest.getOAURL()); + activeOA.setMoasession(dbsession); + activeOA.setCreated(new Date()); + + //set additional information for SLO + if (SLOInfo != null) { + activeOA.setAssertionSessionID(SLOInfo.getSessionIndex()); + activeOA.setUserNameID(SLOInfo.getUserNameIdentifier()); + activeOA.setUserNameIDFormat(SLOInfo.getUserNameIDFormat()); + activeOA.setProtocolType(SLOInfo.getProtocolType()); + activeOA.setAttributeQueryUsed(false); + activeOA.setAuthURL(protocolRequest.getAuthURL()); + + + } + + List activeOAs = dbsession.getActiveOAsessions(); + activeOAs.add(activeOA); + dbsession.setActiveOAsessions(activeOAs); + + //Store used SSOId + if (dbsession.getSSOsessionid() != null) { + OldSSOSessionIDStore oldSSOId = new OldSSOSessionIDStore(); + oldSSOId.setOldsessionid(dbsession.getSSOsessionid()); + oldSSOId.setMoasession(dbsession); + + List oldSSOIds = dbsession.getOldssosessionids(); + oldSSOIds.add(oldSSOId); + } - //Store used SSOId - if (dbsession.getSSOsessionid() != null) { - OldSSOSessionIDStore oldSSOId = new OldSSOSessionIDStore(); - oldSSOId.setOldsessionid(dbsession.getSSOsessionid()); - oldSSOId.setMoasession(dbsession); - - List oldSSOIds = dbsession.getOldssosessionids(); - oldSSOIds.add(oldSSOId); - } - - dbsession.setSSOSession(true); - dbsession.setSSOsessionid(SSOSessionID); - dbsession.setAuthenticated(false); + dbsession.setSSOSession(true); + dbsession.setSSOsessionid(SSOSessionID); + dbsession.setAuthenticated(false); - //Store MOASession - session.saveOrUpdate(dbsession); - - //send transaction - tx.commit(); + //Store MOASession + entityManager.merge(dbsession); - if (SLOInfo != null) - Logger.info("Add SSO-Session login information for OA: " + protocolRequest.getOAURL() - + " and AssertionID: " + SLOInfo.getSessionIndex()); - else - Logger.info("Add SSO-Session login information for OA: " + protocolRequest.getOAURL()); + if (SLOInfo != null) + Logger.info("Add SSO-Session login information for OA: " + protocolRequest.getOAURL() + + " and AssertionID: " + SLOInfo.getSessionIndex()); + else + Logger.info("Add SSO-Session login information for OA: " + protocolRequest.getOAURL()); - } - - } catch (MOADatabaseException e) { - throw new AuthenticationException("No MOASession found with Id="+moaSessionID, null); - - } catch(HibernateException e) { - Logger.warn("Error during database saveOrUpdate. Rollback.", e); - if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED)) - tx.rollback(); - throw new AuthenticationException("SSO Session information can not be stored! --> SSO is deactivated", null); - } } @Override @@ -492,30 +417,15 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt MiscUtil.assertNotNull(moaSession, "MOASession"); Logger.trace("Get OAs for moaSession " + moaSession.getSessionID() + " from database."); - Session session = moaSessionDBUtils.getCurrentSession(); - List result; - Transaction tx = null; - try { - synchronized (session) { - tx = session.beginTransaction(); - Query query = session.getNamedQuery("getAllActiveOAsForSessionID"); - query.setParameter("sessionID", moaSession.getSessionID()); - result = query.list(); - - //send transaction - tx.commit(); - } + Query query = entityManager.createNamedQuery("getAllActiveOAsForSessionID"); + query.setParameter("sessionID", moaSession.getSessionID()); + List results = query.getResultList(); - Logger.trace("Found entries: " + result.size()); + Logger.trace("Found entries: " + results.size()); - return result; + return results; - } catch (Exception e) { - if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED)) - tx.rollback(); - throw e; - } } @Override @@ -523,30 +433,14 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt MiscUtil.assertNotNull(moaSession, "MOASession"); Logger.trace("Get active IDPs for moaSession " + moaSession.getSessionID() + " from database."); - Session session = moaSessionDBUtils.getCurrentSession(); - List result; - Transaction tx = null; - try { - synchronized (session) { - tx = session.beginTransaction(); - Query query = session.getNamedQuery("getAllActiveIDPsForSessionID"); - query.setParameter("sessionID", moaSession.getSessionID()); - result = query.list(); - - //send transaction - tx.commit(); - } - - Logger.trace("Found entries: " + result.size()); - - return result; + Query query = entityManager.createNamedQuery("getAllActiveIDPsForSessionID"); + query.setParameter("sessionID", moaSession.getSessionID()); + List results = query.getResultList(); + + Logger.trace("Found entries: " + results.size()); - } catch (Exception e) { - if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED)) - tx.rollback(); - throw e; - } + return results; } @Override @@ -555,43 +449,29 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt MiscUtil.assertNotNull(userNameID, "userNameID"); Logger.trace("Get moaSession for userNameID " + userNameID + " and OA " + oaID + " from database."); - Session session = moaSessionDBUtils.getCurrentSession(); - Transaction tx = null; - List result = null;; - try { - synchronized (session) { - tx = session.beginTransaction(); - Query query = session.getNamedQuery("getMOASessionWithNameIDandOAID"); - query.setParameter("oaID", oaID); - query.setParameter("nameID", userNameID); - result = query.list(); - - //send transaction - tx.commit(); - } - - Logger.trace("Found entries: " + result.size()); - - //Assertion requires an unique artifact - if (result.size() != 1) { - Logger.trace("No unique entry found."); - return null; - - } - - return decryptSession(result.get(0)); - - } catch (BuildException e) { - Logger.warn("MOASession deserialization-exception by using MOASessionID=" + result.get(0).getSessionid(), e); - return null; + Query query = entityManager.createNamedQuery("getMOASessionWithNameIDandOAID"); + query.setParameter("oaID", oaID); + query.setParameter("nameID", userNameID); + List results = query.getResultList(); + + Logger.trace("Found entries: " + results.size()); + + //Assertion requires an unique artifact + if (results.size() != 1) { + Logger.trace("No unique entry found."); + return null; + + } + + try { + return decryptSession(results.get(0)); - } catch (Exception e) { - if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED)) - tx.rollback(); - throw e; - } - + } catch (BuildException e) { + Logger.warn("MOASession deserialization-exception by using MOASessionID=" + results.get(0).getSessionid(), e); + return null; + + } } @Override @@ -601,76 +481,64 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt MiscUtil.assertNotNull(protocolType, "usedProtocol"); Logger.trace("Get active OnlineApplication for sessionID " + moaSession.getSessionID() + " with OAID " + oaID + " from database."); - Session session = moaSessionDBUtils.getCurrentSession(); - List result; - Transaction tx = null; - try { - synchronized (session) { - tx = session.beginTransaction(); - Query query = session.getNamedQuery("getActiveOAWithSessionIDandOAIDandProtocol"); - query.setParameter("sessionID", moaSession.getSessionID()); - query.setParameter("oaID", oaID); - query.setParameter("protocol", protocolType); - result = query.list(); - - //send transaction - tx.commit(); - } - - Logger.trace("Found entries: " + result.size()); + Query query = entityManager.createNamedQuery("getActiveOAWithSessionIDandOAIDandProtocol"); + query.setParameter("sessionID", moaSession.getSessionID()); + query.setParameter("oaID", oaID); + query.setParameter("protocol", protocolType); + List results = query.getResultList(); + + Logger.trace("Found entries: " + results.size()); - //Assertion requires an unique artifact - if (result.size() == 0) { - Logger.trace("No entries found."); - return null; + //Assertion requires an unique artifact + if (results.size() == 0) { + Logger.trace("No entries found."); + return null; - } - - return result.get(0).getActiveOAsessions().get(0); + } - } catch (Exception e) { - if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED)) - tx.rollback(); - throw e; - } + return results.get(0).getActiveOAsessions().get(0); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage#markOAWithAttributeQueryUsedFlag(at.gv.egovernment.moa.id.auth.data.AuthenticationSession, java.lang.String, java.lang.String) + */ + @Override + public void markOAWithAttributeQueryUsedFlag(AuthenticationSession session, String oaurl, String requestedModule) { + OASessionStore activeOA = searchActiveOASSOSession(session, oaurl, requestedModule); + if (activeOA != null) { + activeOA.setAttributeQueryUsed(true); + entityManager.merge(activeOA); + + } + } @Override public AuthenticationSession getSessionWithUserNameID(String nameID) { - Transaction tx = null; - try { - MiscUtil.assertNotNull(nameID, "nameID"); - Logger.trace("Get authenticated session with pedingRequestID " + nameID + " from database."); - Session session = moaSessionDBUtils.getCurrentSession(); - - List result; - - synchronized (session) { - tx = session.beginTransaction(); - Query query = session.getNamedQuery("getMOAISessionWithUserNameID"); - query.setParameter("usernameid", StringEscapeUtils.escapeHtml(nameID)); - result = query.list(); - - //send transaction - tx.commit(); - } + MiscUtil.assertNotNull(nameID, "nameID"); + Logger.trace("Get authenticated session with pedingRequestID " + nameID + " from database."); - Logger.trace("Found entries: " + result.size()); + Query query = entityManager.createNamedQuery("getMOAISessionWithUserNameID"); + query.setParameter("usernameid", StringEscapeUtils.escapeHtml(nameID)); + List results = query.getResultList(); + + Logger.trace("Found entries: " + results.size()); - //Assertion requires an unique artifact - if (result.size() == 0) { - Logger.trace("No entries found."); - return null; - } + //Assertion requires an unique artifact + if (results.size() == 0) { + Logger.trace("No entries found."); + return null; + + } - return decryptSession(result.get(0)); + try { + return decryptSession(results.get(0)); } catch (Throwable e) { Logger.warn("MOASession deserialization-exception by using MOASessionID=" + nameID); - if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED)) - tx.rollback(); return null; } @@ -680,36 +548,21 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt public InterfederationSessionStore searchInterfederatedIDPFORSSOWithMOASession(String sessionID) { MiscUtil.assertNotNull(sessionID, "MOASession"); Logger.trace("Get interfederated IDP for SSO with sessionID " + sessionID + " from database."); - Session session = moaSessionDBUtils.getCurrentSession(); - List result; - Transaction tx = null; - try { - synchronized (session) { - tx = session.beginTransaction(); - Query query = session.getNamedQuery("getInterfederatedIDPForSSOWithSessionID"); - query.setParameter("sessionID", sessionID); - result = query.list(); - - //send transaction - tx.commit(); - } - - Logger.trace("Found entries: " + result.size()); + Query query = entityManager.createNamedQuery("getInterfederatedIDPForSSOWithSessionID"); + query.setParameter("sessionID", sessionID); + List results = query.getResultList(); + + Logger.trace("Found entries: " + results.size()); - //Assertion requires an unique artifact - if (result.size() == 0) { - Logger.trace("No entries found."); - return null; - - } + //Assertion requires an unique artifact + if (results.size() == 0) { + Logger.trace("No entries found."); + return null; + + } - return result.get(0).getInderfederation().get(0); - } catch (Exception e) { - if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED)) - tx.rollback(); - throw e; - } + return results.get(0).getInderfederation().get(0); } @Override @@ -717,37 +570,23 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt MiscUtil.assertNotNull(sessionID, "MOASession"); MiscUtil.assertNotNull(idpID, "Interfederated IDP ID"); Logger.trace("Get interfederated IDP "+ idpID + " for SSO with sessionID " + sessionID + " from database."); - Session session = moaSessionDBUtils.getCurrentSession(); - List result; - Transaction tx = null; - try { - synchronized (session) { - tx = session.beginTransaction(); - Query query = session.getNamedQuery("getInterfederatedIDPForSSOWithSessionIDIDPID"); - query.setParameter("sessionID", sessionID); - query.setParameter("idpID", idpID); - result = query.list(); - - //send transaction - tx.commit(); - } - - Logger.trace("Found entries: " + result.size()); + Query query = entityManager.createNamedQuery("getInterfederatedIDPForSSOWithSessionIDIDPID"); + query.setParameter("sessionID", sessionID); + query.setParameter("idpID", idpID); + List results = query.getResultList(); + + Logger.trace("Found entries: " + results.size()); - //Assertion requires an unique artifact - if (result.size() == 0) { - Logger.trace("No entries found."); - return null; - - } + //Assertion requires an unique artifact + if (results.size() == 0) { + Logger.trace("No entries found."); + return null; + + } - return result.get(0).getInderfederation().get(0); - } catch (Exception e) { - if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED)) - tx.rollback(); - throw e; - } + return results.get(0).getInderfederation().get(0); + } @Override @@ -819,14 +658,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt idp.setAttributesRequested(false); idp.setQAALevel(extractor.getQAALevel()); - //store AssertionStore element to Database - try { - moaSessionDBUtils.saveOrUpdate(dbsession); - - } catch (MOADatabaseException e) { - Logger.warn("MOASession could not be created."); - throw new MOADatabaseException(e); - } + entityManager.merge(dbsession); } @@ -834,36 +666,22 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt public InterfederationSessionStore searchInterfederatedIDPFORAttributeQueryWithSessionID(String moaSessionID) { MiscUtil.assertNotNull(moaSessionID, "MOASessionID"); Logger.trace("Get interfederated IDP for AttributeQuery with sessionID " + moaSessionID + " from database."); - Session session = moaSessionDBUtils.getCurrentSession(); - List result; - Transaction tx = null; - try { - synchronized (session) { - tx = session.beginTransaction(); - Query query = session.getNamedQuery("getInterfederatedIDPForAttributeQueryWithSessionID"); - query.setParameter("sessionID", moaSessionID); - result = query.list(); - - //send transaction - tx.commit(); - } - - Logger.trace("Found entries: " + result.size()); - - //Assertion requires an unique artifact - if (result.size() == 0) { - Logger.trace("No entries found."); - return null; - - } + Query query = entityManager.createNamedQuery("getInterfederatedIDPForAttributeQueryWithSessionID"); + query.setParameter("sessionID", moaSessionID); + List results = query.getResultList(); + + Logger.trace("Found entries: " + results.size()); + + //Assertion requires an unique artifact + if (results.size() == 0) { + Logger.trace("No entries found."); + return null; + + } - return result.get(0).getInderfederation().get(0); - } catch (Exception e) { - if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED)) - tx.rollback(); - throw e; - } + return results.get(0).getInderfederation().get(0); + } @Override @@ -875,31 +693,20 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt MiscUtil.assertNotNull(pedingRequestID, "pedingRequestID"); Logger.trace("Get authenticated session with pedingRequestID " + pedingRequestID + " from database."); - Session session = moaSessionDBUtils.getCurrentSession(); - - List result; - //TODO: !!!!!!!!!!! PendingRequestID does not work - - synchronized (session) { - session.beginTransaction(); - Query query = session.getNamedQuery("getSessionWithPendingRequestID"); - query.setParameter("sessionid", pedingRequestID); - result = query.list(); - - //send transaction - session.getTransaction().commit(); - } - - Logger.trace("Found entries: " + result.size()); + Query query = entityManager.createNamedQuery("getSessionWithPendingRequestID"); + query.setParameter("sessionid", pedingRequestID); + List results = query.getResultList(); + + Logger.trace("Found entries: " + results.size()); //Assertion requires an unique artifact - if (result.size() != 1) { + if (results.size() != 1) { Logger.trace("No entries found."); return false; } - AuthenticatedSessionStore authsession = result.get(0); + AuthenticatedSessionStore authsession = results.get(0); List idpSessions = authsession.getInderfederation(); if (idpSessions != null) { @@ -909,8 +716,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt } } - - moaSessionDBUtils.saveOrUpdate(authsession); + entityManager.merge(authsession); return true; } catch (Throwable e) { @@ -924,38 +730,25 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt Date expioredatecreate = new Date(now.getTime() - authDataTimeOutCreated); Date expioredateupdate = new Date(now.getTime() - authDataTimeOutUpdated); - List results; - Session session = moaSessionDBUtils.getCurrentSession(); - Transaction tx = null; - try { - synchronized (session) { - tx = session.beginTransaction(); - Query query = session.getNamedQuery("getMOAISessionsWithTimeOut"); - query.setTimestamp("timeoutcreate", expioredatecreate); - query.setTimestamp("timeoutupdate", expioredateupdate); - results = query.list(); - tx.commit(); + Query query = entityManager.createNamedQuery("getMOAISessionsWithTimeOut"); + query.setParameter("timeoutcreate", expioredatecreate); + query.setParameter("timeoutupdate", expioredateupdate); + List results = query.getResultList(); - if (results.size() != 0) { - for(AuthenticatedSessionStore result : results) { - try { - cleanDelete(result); - Logger.info("Authenticated session with sessionID=" + result.getSessionid() - + " after session timeout."); + if (results.size() != 0) { + for(AuthenticatedSessionStore result : results) { + try { + cleanDelete(result); + Logger.info("Authenticated session with sessionID=" + result.getSessionid() + + " after session timeout."); - } catch (HibernateException e){ - Logger.warn("Authenticated session with sessionID=" + result.getSessionid() - + " not removed after timeout! (Error during Database communication)", e); - } - } + } catch (HibernateException e){ + Logger.warn("Authenticated session with sessionID=" + result.getSessionid() + + " not removed after timeout! (Error during Database communication)", e); } } - - } catch (Exception e) { - if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED)) - tx.rollback(); - throw e; - } + } + } private static void encryptSession(AuthenticationSession session, AuthenticatedSessionStore dbsession) throws BuildException { @@ -976,55 +769,68 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt } private void cleanDelete(AuthenticatedSessionStore result) { - - try { result.setSession("blank".getBytes()); - moaSessionDBUtils.saveOrUpdate(result); - - } catch (MOADatabaseException e) { - Logger.warn("Blank authenticated session with sessionID=" + result.getSessionid() + " FAILED.", e); - - } finally { - if (!moaSessionDBUtils.delete(result)) - Logger.error("Authenticated session with sessionID=" + result.getSessionid() + " not removed! (Error during Database communication)"); - } + entityManager.merge(result); + entityManager.remove(result); + } @SuppressWarnings("rawtypes") private AuthenticatedSessionStore searchInDatabase(String sessionID) throws MOADatabaseException { MiscUtil.assertNotNull(sessionID, "moasessionID"); Logger.trace("Get authenticated session with sessionID " + sessionID + " from database."); - Session session = moaSessionDBUtils.getCurrentSession(); - List result; - Transaction tx = null; - try { - synchronized (session) { - tx = session.beginTransaction(); - Query query = session.getNamedQuery("getSessionWithID"); - query.setParameter("sessionid", sessionID); - result = query.list(); - - //send transaction - tx.commit(); - } - - Logger.trace("Found entries: " + result.size()); - - //Assertion requires an unique artifact - if (result.size() != 1) { - Logger.trace("No entries found."); - throw new MOADatabaseException("No session found with this sessionID"); + Query query = entityManager.createNamedQuery("getSessionWithID"); + query.setParameter("sessionid", sessionID); + List results = query.getResultList(); + + Logger.trace("Found entries: " + results.size()); + + //Assertion requires an unique artifact + if (results.size() != 1) { + Logger.trace("No entries found."); + throw new MOADatabaseException("No session found with this sessionID"); - } - - return (AuthenticatedSessionStore) result.get(0); + } - } catch (Exception e) { - if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED)) - tx.rollback(); - throw e; - } + return (AuthenticatedSessionStore) results.get(0); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage#deleteIdpInformation(at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore) + */ + @Override + public void deleteIdpInformation(InterfederationSessionStore nextIDPInformation) { + entityManager.remove(nextIDPInformation); + } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage#persistIdpInformation(at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore) + */ + @Override + public void persistIdpInformation(InterfederationSessionStore nextIDPInformation) { + entityManager.merge(nextIDPInformation); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage#checkSSOTokenAlreadyUsed(java.lang.String) + */ + @Override + public OldSSOSessionIDStore checkSSOTokenAlreadyUsed(String ssoId) { + + Query query = entityManager.createNamedQuery("getSSOSessionWithOldSessionID"); + query.setParameter("sessionid", ssoId); + List results = query.getResultList(); + + Logger.trace("Found entries: " + results.size()); + + // Assertion requires an unique artifact + if (results.size() == 0) { + return null; + } + + return results.get(0); + } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/IAuthenticationSessionStoreage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/IAuthenticationSessionStoreage.java index b5d816eaf..934b7ca65 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/IAuthenticationSessionStoreage.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/IAuthenticationSessionStoreage.java @@ -33,6 +33,7 @@ import at.gv.egovernment.moa.id.commons.api.IRequest; import at.gv.egovernment.moa.id.commons.db.dao.session.AuthenticatedSessionStore; import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore; import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore; +import at.gv.egovernment.moa.id.commons.db.dao.session.OldSSOSessionIDStore; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.data.SLOInformationInterface; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AssertionAttributeExtractorExeption; @@ -276,5 +277,28 @@ public interface IAuthenticationSessionStoreage { * @param authDataTimeOutUpdated timeOut after MOASession is updated last time [ms] */ public void clean(Date now, long authDataTimeOutCreated, long authDataTimeOutUpdated); + + /** + * @param session + * @param oaurl + * @param requestedModule + */ + public void markOAWithAttributeQueryUsedFlag(AuthenticationSession session, String oaurl, String requestedModule); + + /** + * @param nextIDPInformation + */ + public void deleteIdpInformation(InterfederationSessionStore nextIDPInformation); + + /** + * @param nextIDPInformation + */ + public void persistIdpInformation(InterfederationSessionStore nextIDPInformation); + + /** + * @param ssoId + * @return + */ + public OldSSOSessionIDStore checkSSOTokenAlreadyUsed(String ssoId); } diff --git a/id/server/idserverlib/src/main/resources/session.common.beans.xml b/id/server/idserverlib/src/main/resources/session.common.beans.xml index defa47ec0..bd3db0a5e 100644 --- a/id/server/idserverlib/src/main/resources/session.common.beans.xml +++ b/id/server/idserverlib/src/main/resources/session.common.beans.xml @@ -33,7 +33,7 @@ - + - + @@ -68,7 +68,6 @@ - - + \ No newline at end of file diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest.java index b308e2fa8..c06735f9e 100644 --- a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest.java +++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest.java @@ -18,7 +18,6 @@ import org.springframework.context.ApplicationContext; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; -import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils; import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore; import at.gv.egovernment.moa.id.module.test.TestRequestImpl; import at.gv.egovernment.moa.id.process.ProcessDefinitionParserException; diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/test/ProcessEngineTest.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/test/ProcessEngineTest.java index 197627a66..6744c0403 100644 --- a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/test/ProcessEngineTest.java +++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/test/ProcessEngineTest.java @@ -17,7 +17,6 @@ import org.springframework.context.ApplicationContext; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; -import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils; import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore; import at.gv.egovernment.moa.id.module.test.TestRequestImpl; import at.gv.egovernment.moa.id.process.ProcessDefinitionParser; diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/ConfigurationProvider.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/ConfigurationProvider.java index ca0a56049..cbbca12c5 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/ConfigurationProvider.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/ConfigurationProvider.java @@ -63,4 +63,11 @@ public interface ConfigurationProvider { public String getCertstoreDirectory(); public boolean isTrustmanagerrevoationchecking(); + + /** + * Get active Spring profiles from file based configuration + * + * @return Array of currently configurated Spring profiles + */ + public String[] getActiveProfiles(); } diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/exceptions/SessionDataStorageException.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/exceptions/SessionDataStorageException.java index 9414556a2..caff67985 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/exceptions/SessionDataStorageException.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/exceptions/SessionDataStorageException.java @@ -42,4 +42,13 @@ public class SessionDataStorageException extends MOAIDException { } + /** + * @param string + * @param object + * @param e + */ + public SessionDataStorageException(String string, Object[] object, Throwable e) { + super(string, object, e); + } + } diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/MOASessionDBUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/MOASessionDBUtils.java deleted file mode 100644 index 5cdd607ac..000000000 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/MOASessionDBUtils.java +++ /dev/null @@ -1,94 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.commons.db; - -import java.util.Properties; - -import org.hibernate.HibernateException; -import org.hibernate.Session; -import org.hibernate.SessionFactory; -import org.hibernate.Transaction; -import org.hibernate.cfg.Configuration; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.annotation.Qualifier; -import org.springframework.transaction.annotation.Propagation; -import org.springframework.transaction.annotation.Transactional; - -import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.logging.Logger; - -@Transactional("sessionTransactionManager") -public class MOASessionDBUtils { - - - private SessionFactory sessionFactory; - - @Autowired - @Qualifier("sessionSessionFactory") - public void setSessionFactory(SessionFactory sessionFactory) { - this.sessionFactory = sessionFactory; - } - - public void initHibernate(Configuration config, Properties hibernateProperties) { - - } - - /** - * Checks if a session factory is currently available. If necessary a new - * session factory is created. - * - * @return current (or new) session factory - * @throws HibernateException - * thrown if a hibernate error occurs - */ - public Session getCurrentSession() { - return sessionFactory.getCurrentSession(); - } - - public boolean saveOrUpdate(Object dbo) throws MOADatabaseException { - try { - Session session = sessionFactory.getCurrentSession(); - session.merge(dbo); - return true; - - } catch(HibernateException e) { - Logger.warn("Error during MOASession database saveOrUpdate.", e); - - throw new MOADatabaseException(e); - } - } - - public boolean delete(Object dbo) { - - try { - Session session = sessionFactory.getCurrentSession(); - session.delete(dbo); - return true; - - } catch(HibernateException e) { - Logger.warn("Error during MOASession database delete. Rollback."); - return false; - } - } - -} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/NewConfigurationDBRead.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/NewConfigurationDBRead.java index e2f793edf..3928cf8c0 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/NewConfigurationDBRead.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/NewConfigurationDBRead.java @@ -6,6 +6,7 @@ import java.util.List; import java.util.Map; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.transaction.annotation.Transactional; import at.gv.egiz.components.configuration.api.ConfigurationException; import at.gv.egovernment.moa.id.commons.config.ConfigurationMigrationUtils; @@ -39,6 +40,7 @@ public class NewConfigurationDBRead { } + @Transactional public Map getOnlineApplicationKeyValueWithId(String id, boolean backupVersion) { try { if (backupVersion) @@ -57,6 +59,7 @@ public class NewConfigurationDBRead { * * @return */ + @Transactional public List getAllOnlineApplications() { Logger.trace("Get All OnlineApplications from database."); @@ -113,6 +116,7 @@ public class NewConfigurationDBRead { * * @return */ + @Transactional public List getAllNewOnlineApplications() { Logger.trace("Get All New OnlineApplications from database."); @@ -139,6 +143,7 @@ public class NewConfigurationDBRead { * * @return */ + @Transactional public at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.MOAIDConfiguration getMOAIDConfiguration() { Logger.trace("Load MOAID Configuration from database."); Map generalConfig; @@ -168,6 +173,7 @@ public class NewConfigurationDBRead { * * @return */ + @Transactional public List getAllActiveOnlineApplications() { Logger.trace("Get All New OnlineApplications from database."); @@ -195,6 +201,7 @@ public class NewConfigurationDBRead { * @param id * @return */ + @Transactional public OnlineApplication getActiveOnlineApplication(String id) { Logger.trace("Getting Active OnlineApplication with ID " + id + " from database."); @@ -226,6 +233,7 @@ public class NewConfigurationDBRead { * @param dbid * @return */ + @Transactional public OnlineApplication getOnlineApplication(long dbid) { Logger.trace("Getting OnlineApplication with DBID " + dbid + " from database."); @@ -248,6 +256,7 @@ public class NewConfigurationDBRead { * @param id * @return */ + @Transactional public List getOnlineApplications(String id) { Logger.trace("Getting OnlineApplication with ID " + id + " from database."); @@ -273,6 +282,7 @@ public class NewConfigurationDBRead { * @param id * @return */ + @Transactional public OnlineApplication getOnlineApplication(String id) { Logger.trace("Getting OnlineApplication with ID " + id + " from database."); @@ -297,6 +307,7 @@ public class NewConfigurationDBRead { * @param id * @return */ + @Transactional public List searchOnlineApplications(String id) { Logger.trace("Getting OnlineApplication with ID " + id + " from database."); diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/StatisticLogDBUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/StatisticLogDBUtils.java deleted file mode 100644 index 51bb0eb6d..000000000 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/StatisticLogDBUtils.java +++ /dev/null @@ -1,88 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.commons.db; - -import java.util.Properties; - -import org.hibernate.HibernateException; -import org.hibernate.Session; -import org.hibernate.SessionFactory; -import org.hibernate.cfg.Configuration; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.annotation.Qualifier; -import org.springframework.transaction.annotation.Transactional; - -import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.logging.Logger; - -@Transactional("statisticLogTransactionManager") -public class StatisticLogDBUtils { - - private SessionFactory sessionFactory; - - @Autowired - @Qualifier("statisticLogSessionFactory") - public void setstatisticLogSessionFactory(SessionFactory sessionFactory) { - this.sessionFactory = sessionFactory; - } - - - public static void initHibernate(Configuration config, Properties hibernateProperties) { - - } - - public boolean saveOrUpdate(Object dbo) throws MOADatabaseException { - - try { - Session session = sessionFactory.getCurrentSession(); - session.saveOrUpdate(dbo); - //session.persist(dbo); - return true; - - } catch(HibernateException e) { - Logger.warn("Error during StatisicLogger database saveOrUpdate.", e); - - throw new MOADatabaseException(e); - } - - } - - public boolean delete(Object dbo) { - try { - Session session = sessionFactory.getCurrentSession(); - session.delete(dbo); - return true; - - } catch(HibernateException e) { - Logger.warn("Error during StatisicLogger database delete. Rollback."); - return false; - } - } - - - public Session getCurrentSession() { - // TODO Auto-generated method stub - return sessionFactory.getCurrentSession(); - } - -} diff --git a/id/server/moa-id-commons/src/main/resources/statistic.logging.beans.xml b/id/server/moa-id-commons/src/main/resources/statistic.logging.beans.xml index 5f80c6439..9b00ff3cd 100644 --- a/id/server/moa-id-commons/src/main/resources/statistic.logging.beans.xml +++ b/id/server/moa-id-commons/src/main/resources/statistic.logging.beans.xml @@ -33,7 +33,7 @@ - + + - - + diff --git a/id/server/moa-id-spring-initializer/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthSpringInitializer.java b/id/server/moa-id-spring-initializer/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthSpringInitializer.java index bfb43e61f..07ba6a89e 100644 --- a/id/server/moa-id-spring-initializer/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthSpringInitializer.java +++ b/id/server/moa-id-spring-initializer/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthSpringInitializer.java @@ -19,8 +19,8 @@ import org.springframework.web.context.support.ServletContextResource; import org.springframework.web.servlet.DispatcherServlet; import at.gv.egiz.components.spring.api.SpringLoader; +import at.gv.egovernment.moa.id.commons.api.ConfigurationProvider; import at.gv.egovernment.moa.id.commons.utils.MOAIDMessageProvider; -import at.gv.egovernment.moa.id.config.auth.PropertyBasedAuthConfigurationProvider; import at.gv.egovernment.moa.logging.Logger; /** @@ -65,10 +65,11 @@ public class MOAIDAuthSpringInitializer implements WebApplicationInitializer { rootContext.setServletContext(servletContext); rootContext.setParent(cfgRootContext); - PropertyBasedAuthConfigurationProvider moaidconfig = (PropertyBasedAuthConfigurationProvider) cfgRootContext.getBean("moaidauthconfig"); + ConfigurationProvider moaidconfig = (ConfigurationProvider) cfgRootContext.getBean("moaidauthconfig"); String[] springProfiles = moaidconfig.getActiveProfiles(); + Logger.info("=============== Setting active profiles! ==============="); if (this.activeProfiles != null) { for (String profile : this.activeProfiles) { diff --git a/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java index 8ae1850ce..b21c5e93f 100644 --- a/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java +++ b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java @@ -23,29 +23,23 @@ package at.gv.egovernment.moa.id.monitoring; import java.util.ArrayList; -import java.util.Date; import java.util.List; -import org.hibernate.Query; -import org.hibernate.Session; - +import at.gv.egovernment.moa.id.advancedlogging.IStatisticLogger; import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; -import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils; -import at.gv.egovernment.moa.id.commons.db.StatisticLogDBUtils; -import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore; -import at.gv.egovernment.moa.id.commons.db.dao.statistic.StatisticLog; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; +import at.gv.egovernment.moa.id.storage.ITransactionStorage; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; public class DatabaseTestModule implements TestModuleInterface{ - private MOASessionDBUtils dbUtils; - private StatisticLogDBUtils statLogUtils; + private ITransactionStorage transactionStorage; + private IStatisticLogger statLogUtils; - public DatabaseTestModule(MOASessionDBUtils dbUtils, StatisticLogDBUtils statLogUtils){ + public DatabaseTestModule(ITransactionStorage transactionStorage, IStatisticLogger statLogUtils){ this.statLogUtils = statLogUtils; - this.dbUtils = dbUtils; + this.transactionStorage = transactionStorage; } public List performTests() throws Exception { @@ -75,21 +69,9 @@ public class DatabaseTestModule implements TestModuleInterface{ private String testMOASessionDatabase() throws Exception{ Logger.trace("Start Test: MOASessionDatabase"); - - Date expioredate = new Date(new Date().getTime() - 120); - - - try { - List results; - Session session = dbUtils.getCurrentSession(); - - synchronized (session) { - session.beginTransaction(); - Query query = session.getNamedQuery("getAssertionWithTimeOut"); - query.setTimestamp("timeout", expioredate); - results = query.list(); - session.getTransaction().commit(); - } + + try { + transactionStorage.get("testKey"); Logger.trace("Finish Test: MOASessionDatabase"); return null; @@ -110,21 +92,9 @@ public class DatabaseTestModule implements TestModuleInterface{ return null; } - private String testMOAAdvancedLoggingDatabase() { - - Date expioredate = new Date(new Date().getTime() - 120); + private String testMOAAdvancedLoggingDatabase() { try { - Session session = statLogUtils.getCurrentSession(); - - List results; - - synchronized (session) { - session.beginTransaction(); - Query query = session.getNamedQuery("getAllEntriesNotBeforeTimeStamp"); - query.setTimestamp("timeout", expioredate); - results = query.list(); - session.getTransaction().commit(); - } + statLogUtils.testConnection(); Logger.trace("Finish Test: AdvancedLoggingDataBase"); return null; diff --git a/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/TestManager.java b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/TestManager.java index 4224fae59..9f0083fb8 100644 --- a/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/TestManager.java +++ b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/TestManager.java @@ -29,17 +29,17 @@ import java.util.Map; import org.springframework.beans.factory.annotation.Autowired; +import at.gv.egovernment.moa.id.advancedlogging.IStatisticLogger; import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; -import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils; -import at.gv.egovernment.moa.id.commons.db.StatisticLogDBUtils; +import at.gv.egovernment.moa.id.storage.ITransactionStorage; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.FileUtils; public class TestManager{ - @Autowired private MOASessionDBUtils moaSessionDBUtils; - @Autowired(required=false) private StatisticLogDBUtils statisticLogDBUtils = null; + @Autowired private ITransactionStorage transactionStorage; + @Autowired(required=false) private IStatisticLogger statisticLogDBUtils = null; @Autowired private AuthConfiguration authConfig; private Map tests = new HashMap(); @@ -94,7 +94,7 @@ public class TestManager{ Logger.debug("Start initializing MOA-ID-Auth TestManager"); //add Database test - DatabaseTestModule test1 = new DatabaseTestModule(this.moaSessionDBUtils, this.statisticLogDBUtils); + DatabaseTestModule test1 = new DatabaseTestModule(this.transactionStorage, this.statisticLogDBUtils); tests.put(test1.getName(), test1); //add IdentityLink verification test -- cgit v1.2.3