Java tutorial
/******************************************************************************* * Copyright 2014 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal * Chancellery Austria - ICT staff unit, and Graz University of Technology. * * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by * the European Commission - subsequent versions of the EUPL (the "Licence"); * You may not use this work except in compliance with the Licence. * You may obtain a copy of the Licence at: * http://www.osor.eu/eupl/ * * Unless required by applicable law or agreed to in writing, software * distributed under the Licence is distributed on an "AS IS" basis, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the Licence for the specific language governing permissions and * limitations under the Licence. * * This product combines work with different licenses. See the "NOTICE" text * file for details on the various modules and licenses. * The "NOTICE" text file is part of the distribution. Any derivative works * that you distribute must include a readable copy of the "NOTICE" text file. *******************************************************************************/ package at.gv.egovernment.moa.id.storage; import java.io.Serializable; import java.util.Date; import java.util.List; import org.apache.commons.lang.SerializationUtils; import org.hibernate.HibernateException; import org.hibernate.Query; import org.hibernate.Session; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils; import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.data.AuthenticationData; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; public class AssertionStorage { private static AssertionStorage instance = null; public static AssertionStorage getInstance() { if (instance == null) { instance = new AssertionStorage(); } return instance; } public boolean containsKey(String artifact) { try { searchInDatabase(artifact); return true; } catch (MOADatabaseException e) { return false; } } public void put(String artifact, Object assertion) throws MOADatabaseException { //setup AssertionStore element AssertionStore element = new AssertionStore(); element.setArtifact(artifact); element.setType(assertion.getClass().getName()); element.setDatatime(new Date()); //serialize the Assertion for Database storage byte[] data = SerializationUtils.serialize((Serializable) assertion); element.setAssertion(data); //store AssertionStore element to Database try { MOASessionDBUtils.saveOrUpdate(element); Logger.info("Sessioninformation with ID=" + artifact + " is stored in Database"); } catch (MOADatabaseException e) { Logger.warn("Sessioninformation could not be stored."); throw new MOADatabaseException(e); } } /** * @param samlArtifact * @param class1 * @param authdatatimeout * @return * @throws MOADatabaseException * @throws AuthenticationException */ public <T> T get(String samlArtifact, final Class<T> clazz) throws MOADatabaseException { try { return get(samlArtifact, clazz, -1); } catch (AuthenticationException e) { //this execption only occurs if an additional timeOut is used Logger.error("This exeption should not occur!!!!", e); return null; } } public <T> T get(String artifact, final Class<T> clazz, long authdatatimeout) throws MOADatabaseException, AuthenticationException { AssertionStore element = searchInDatabase(artifact); if (authdatatimeout > -1) { //check timeout long now = new Date().getTime(); if (now - element.getDatatime().getTime() > authdatatimeout) throw new AuthenticationException("1207", new Object[] { artifact }); } //Deserialize Assertion Object data = SerializationUtils.deserialize(element.getAssertion()); //check if assertion has the correct class type try { @SuppressWarnings("unchecked") T test = (T) Class.forName(element.getType()).cast(data); return test; } catch (Exception e) { Logger.warn("Sessioninformation Cast-Exception by using Artifact=" + artifact); throw new MOADatabaseException("Sessioninformation Cast-Exception"); } } public void clean(long now, long authDataTimeOut) { Date expioredate = new Date(now - authDataTimeOut); List<AssertionStore> results; Session session = MOASessionDBUtils.getCurrentSession(); synchronized (session) { session.beginTransaction(); Query query = session.getNamedQuery("getAssertionWithTimeOut"); query.setTimestamp("timeout", expioredate); results = query.list(); session.getTransaction().commit(); } if (results.size() != 0) { for (AssertionStore result : results) { try { cleanDelete(result); Logger.info("Remove sessioninformation with ID=" + result.getArtifact() + " after timeout."); } catch (HibernateException e) { Logger.warn("Sessioninformation with ID=" + result.getArtifact() + " not removed after timeout! (Error during Database communication)", e); } } } } public void remove(String artifact) { try { AssertionStore element = searchInDatabase(artifact); cleanDelete(element); Logger.info("Remove sessioninformation with ID" + artifact); } catch (MOADatabaseException e) { Logger.info("Sessioninformation not removed! (Sessioninformation with ID=" + artifact + "not found)"); } catch (HibernateException e) { Logger.warn("Sessioninformation not removed! (Error during Database communication)", e); } } private void cleanDelete(AssertionStore element) { try { element.setAssertion("blank".getBytes()); MOASessionDBUtils.saveOrUpdate(element); } catch (MOADatabaseException e) { Logger.warn("Blank shortTime session with artifact=" + element.getArtifact() + " FAILED.", e); } finally { if (!MOASessionDBUtils.delete(element)) Logger.error("ShortTime session with artifact=" + element.getArtifact() + " not removed! (Error during Database communication)"); } } @SuppressWarnings("rawtypes") private AssertionStore searchInDatabase(String artifact) throws MOADatabaseException { MiscUtil.assertNotNull(artifact, "artifact"); Logger.trace("Getting sessioninformation with ID " + artifact + " from database."); Session session = MOASessionDBUtils.getCurrentSession(); List result; synchronized (session) { session.beginTransaction(); Query query = session.getNamedQuery("getAssertionWithArtifact"); query.setParameter("artifact", artifact); result = query.list(); //send transaction session.getTransaction().commit(); } Logger.trace("Found entries: " + result.size()); //Assertion requires an unique artifact if (result.size() != 1) { Logger.trace("No entries found."); throw new MOADatabaseException("No sessioninformation found with this ID"); } return (AssertionStore) result.get(0); } }