From 029b777dfc1bf108ffd8d20b7cbec9988ad4c73a Mon Sep 17 00:00:00 2001 From: pdanner Date: Thu, 6 Dec 2007 16:47:48 +0000 Subject: Added SessionCleaner which removes sessions began and not picked up SAML-assertions git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@1052 d688527b-c9ab-4aba-bd8d-4036d912da1d --- .../at/gv/egovernment/moa/id/auth/AuthenticationServer.java | 11 +++++------ .../at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java | 2 ++ .../resources/resources/properties/id_messages_de.properties | 4 ++-- 3 files changed, 9 insertions(+), 8 deletions(-) (limited to 'id/server') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java index caeff905b..3457051c4 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java @@ -1044,7 +1044,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { } else { authData.setBPK(identityLink.getIdentificationValue()); if (identityLink.getIdentificationType().equals(Constants.URN_PREFIX_BASEID)) { - // only compute bPK if online applcation is a public service and we have the Stammzahl + // only compute bPK if online application is a public service and we have the Stammzahl String bpkBase64 = new BPKBuilder().buildBPK( identityLink.getIdentificationValue(), session.getTarget()); @@ -1202,15 +1202,14 @@ public class AuthenticationServer implements MOAIDAuthConstants { synchronized (authenticationDataStore) { Set keys = new HashSet(authenticationDataStore.keySet()); for (Iterator iter = keys.iterator(); iter.hasNext();) { - String samlArtifact = (String) iter.next(); - AuthenticationData authData = - (AuthenticationData) authenticationDataStore.get(samlArtifact); + String samlAssertionHandle = (String) iter.next(); + AuthenticationData authData = (AuthenticationData) authenticationDataStore.get(samlAssertionHandle); if (now - authData.getTimestamp().getTime() > authDataTimeOut) { Logger.info( MOAIDMessageProvider.getInstance().getMessage( "cleaner.03", - new Object[] { samlArtifact })); - authenticationDataStore.remove(samlArtifact); + new Object[] { authData.getAssertionID() })); + authenticationDataStore.remove(samlAssertionHandle); } } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java index 7964e2fb6..dadfc16d6 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java @@ -158,6 +158,8 @@ public class MOAIDAuthInitializer { .setSecondsAuthDataTimeOut(authDataTimeOut); } + // Starts the session cleaner thread to remove unpicked authentication data + AuthenticationSessionCleaner.start(); } } \ No newline at end of file diff --git a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties index 825434b91..552619e45 100644 --- a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties +++ b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties @@ -73,8 +73,8 @@ service.03=Fehler beim Aufruf des SPSS-API: {0} cleaner.00=AuthenticationSessionCleaner wurde gestartet cleaner.01=Fehler im AuthenticationSessionCleaner -cleaner.02=MOASession {0} ist abgelaufen -cleaner.03=Anmeldedaten zu SAML-Artifakt {0} sind abgelaufen +cleaner.02=Abgelaufene MOASession {0} wurde aus dem Speicher entfernt +cleaner.03=Abgelaufene Anmeldedaten zur SAML-Assertion ID {0} wurden aus dem Speicher entfernt proxy.00=MOA ID Proxy wurde erfolgreich gestartet proxy.01=Unbekannter URL {0}, erwarteter URL auf {1} -- cgit v1.2.3