From 82ffa96de19042902562e05aa5d903ea188ebfdf Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Mon, 8 Jul 2013 16:10:24 +0200 Subject: =?UTF-8?q?Bugfix:=20Zertifikatsspeicherung=20f=C3=BCr=20ForeignID?= =?UTF-8?q?s?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../moa/id/auth/AuthenticationServer.java | 13 ++++--------- .../moa/id/auth/servlet/GetForeignIDServlet.java | 17 +++++++++++++---- .../moa/id/auth/servlet/PEPSConnectorServlet.java | 13 ++++++++++--- .../id/auth/servlet/VerifyCertificateServlet.java | 22 ++++++++++++++-------- 4 files changed, 41 insertions(+), 24 deletions(-) (limited to 'id/server/idserverlib/src') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java index ba66041d7..19af66150 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java @@ -2269,17 +2269,17 @@ public class AuthenticationServer implements MOAIDAuthConstants { * @return SAML artifact needed for retrieving authentication data, encoded * BASE64 */ - public String getForeignAuthenticationData(String sessionID) + public String getForeignAuthenticationData(AuthenticationSession session) throws AuthenticationException, BuildException, ParseException, ConfigurationException, ServiceException, ValidateException { //TODO: CHECK if STORK parts works correct!!!! - if (isEmpty(sessionID)) + if (session == null) throw new AuthenticationException("auth.10", new Object[] { REQ_VERIFY_AUTH_BLOCK, PARAM_SESSIONID }); - AuthenticationSession session = getSession(sessionID); + //AuthenticationSession session = getSession(sessionID); // AuthConfigurationProvider authConf = // AuthConfigurationProvider.getInstance(); @@ -2348,12 +2348,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { vsresp.setX509certificate(null); session.setForeigner(true); - //session is implicit stored in changeSessionID!!!! - String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(session); - - Logger.info("Changed MOASession " + sessionID + " to Session " + newMOASessionID); - Logger.info("Daten angelegt zu MOASession " + newMOASessionID); - return newMOASessionID; + return "new Session"; //TODO: regenerate MOASession ID! /* diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java index 935edb557..d49f4e215 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java @@ -179,7 +179,15 @@ public class GetForeignIDServlet extends AuthServlet { session.setIdentityLink(identitylink); String samlArtifactBase64 = - AuthenticationServer.getInstance().getForeignAuthenticationData(sessionID); + AuthenticationServer.getInstance().getForeignAuthenticationData(session); + + + //session is implicit stored in changeSessionID!!!! + String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(session); + + Logger.info("Changed MOASession " + sessionID + " to Session " + newMOASessionID); + Logger.info("Daten angelegt zu MOASession " + newMOASessionID); + if (!samlArtifactBase64.equals("Redirect to Input Processor")) { /*redirectURL = session.getOAURLRequested(); if (!session.getBusinessService()) { @@ -188,11 +196,12 @@ public class GetForeignIDServlet extends AuthServlet { redirectURL = addURLParameter(redirectURL, PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64, "UTF-8")); redirectURL = resp.encodeRedirectURL(redirectURL);*/ redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(), - ModulUtils.buildAuthURL(session.getModul(), session.getAction()), samlArtifactBase64); + ModulUtils.buildAuthURL(session.getModul(), session.getAction()), newMOASessionID); redirectURL = resp.encodeRedirectURL(redirectURL); - } else { - redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(), AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, session.getSessionID()); + } else { + redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(), AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, newMOASessionID); + } try { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java index 3c8892e33..63bc2a8cc 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java @@ -196,9 +196,15 @@ public class PEPSConnectorServlet extends AuthServlet { Logger.debug("Starting to assemble MOA assertion"); //produce MOA-Assertion and artifact String samlArtifactBase64 = - AuthenticationServer.getInstance().getForeignAuthenticationData(moaSessionID); + AuthenticationServer.getInstance().getForeignAuthenticationData(moaSession); Logger.info("MOA assertion assembled and SAML Artifact generated."); + //session is implicit stored in changeSessionID!!!! + String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(moaSession); + + Logger.info("Changed MOASession " + moaSessionID + " to Session " + newMOASessionID); + Logger.info("Daten angelegt zu MOASession " + newMOASessionID); + //redirect String redirectURL = null; if (!samlArtifactBase64.equals("Redirect to Input Processor")) { @@ -209,10 +215,11 @@ public class PEPSConnectorServlet extends AuthServlet { redirectURL = addURLParameter(redirectURL, PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64, "UTF-8")); redirectURL = response.encodeRedirectURL(redirectURL);*/ redirectURL = new DataURLBuilder().buildDataURL(moaSession.getAuthURL(), - ModulUtils.buildAuthURL(moaSession.getModul(), moaSession.getAction()), samlArtifactBase64); + ModulUtils.buildAuthURL(moaSession.getModul(), moaSession.getAction()), newMOASessionID); redirectURL = response.encodeRedirectURL(redirectURL); } else { - redirectURL = new DataURLBuilder().buildDataURL(moaSession.getAuthURL(), AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, moaSession.getSessionID()); + + redirectURL = new DataURLBuilder().buildDataURL(moaSession.getAuthURL(), AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, newMOASessionID); } try { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java index 7b5c1513a..e07be8420 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java @@ -144,6 +144,12 @@ public class VerifyCertificateServlet extends AuthServlet { // verify certificate for OrganWalter String createXMLSignatureRequestOrRedirect = AuthenticationServer.getInstance().verifyCertificate(session, cert); + try { + AuthenticationSessionStoreage.storeSession(session); + } catch (MOADatabaseException e) { + throw new MOAIDException("session store error", null); + } + ServletUtils.writeCreateXMLSignatureRequestOrRedirect(resp, session, createXMLSignatureRequestOrRedirect, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "VerifyIdentityLink"); } else { @@ -156,19 +162,19 @@ public class VerifyCertificateServlet extends AuthServlet { session.getAuthURL(), REQ_GET_FOREIGN_ID, session.getSessionID()); - + + try { + AuthenticationSessionStoreage.storeSession(session); + } catch (MOADatabaseException e) { + throw new MOAIDException("session store error", null); + } + ServletUtils.writeCreateXMLSignatureRequest(resp, session, createXMLSignatureRequest, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "GetForeignID", dataurl); Logger.debug("Send CreateXMLSignatureRequest to BKU"); } - - try { - AuthenticationSessionStoreage.storeSession(session); - } catch (MOADatabaseException e) { - throw new MOAIDException("session store error", null); - } - + } catch (MOAIDException ex) { handleError(null, ex, req, resp); -- cgit v1.2.3