First pass to clean up config and fix multi serivce instance bug
[java-idp.git] / src / edu / internet2 / middleware / shibboleth / idp / session / IdPSessionFilter.java
index c6e02c4..e1a6a88 100644 (file)
@@ -30,16 +30,19 @@ import javax.servlet.http.HttpServletResponse;
 
 import org.joda.time.DateTime;
 import org.opensaml.xml.util.DatatypeHelper;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 import edu.internet2.middleware.shibboleth.common.session.SessionManager;
+import edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine;
 
 /**
  * A filter that adds the current users {@link Session} the request, if the user has a session.
  */
 public class IdPSessionFilter implements Filter {
 
-    /** Name of the IdP Cookie containing the IdP session ID. */
-    public static final String IDP_SESSION_COOKIE_NAME = "_idp_session";
+    /** Class Logger. */
+    private final Logger log = LoggerFactory.getLogger(IdPSessionFilter.class);
 
     /** IdP session manager. */
     private SessionManager<Session> sessionManager;
@@ -60,19 +63,23 @@ public class IdPSessionFilter implements Filter {
         if (idpSessionCookie != null) {
             idpSession = sessionManager.getSession(idpSessionCookie.getValue());
             if (idpSession != null) {
+                log.trace("Updating IdP session activity time and adding session object to the request");
                 idpSession.setLastActivityInstant(new DateTime());
                 httpRequest.setAttribute(Session.HTTP_SESSION_BINDING_ATTRIBUTE, idpSession);
             }
         }
 
-        addIdPSessionCookieToResponse(httpRequest, httpResponse, idpSession);
-
         filterChain.doFilter(request, response);
     }
 
     /** {@inheritDoc} */
     public void init(FilterConfig filterConfig) throws ServletException {
-        sessionManager = (SessionManager<Session>) filterConfig.getServletContext().getAttribute("sessionManager");
+        String sessionManagerId = filterConfig.getInitParameter("sessionManagedId");
+        if (DatatypeHelper.isEmpty(sessionManagerId)) {
+            sessionManagerId = "shibboleth.SessionManager";
+        }
+
+        sessionManager = (SessionManager<Session>) filterConfig.getServletContext().getAttribute(sessionManagerId);
     }
 
     /**
@@ -83,38 +90,19 @@ public class IdPSessionFilter implements Filter {
      * @return the user's current IdP session cookie, if they have a current session, otherwise null
      */
     protected Cookie getIdPSessionCookie(HttpServletRequest request) {
+        log.trace("Attempting to retrieve IdP session cookie.");
         Cookie[] requestCookies = request.getCookies();
 
         if (requestCookies != null) {
             for (Cookie requestCookie : requestCookies) {
-                if (DatatypeHelper.safeEquals(requestCookie.getDomain(), request.getLocalName())
-                        && DatatypeHelper.safeEquals(requestCookie.getPath(), request.getContextPath())
-                        && DatatypeHelper.safeEquals(requestCookie.getName(), IDP_SESSION_COOKIE_NAME)) {
+                if (DatatypeHelper.safeEquals(requestCookie.getName(), AuthenticationEngine.IDP_SESSION_COOKIE_NAME)) {
+                    log.trace("Found IdP session cookie.");
                     return requestCookie;
                 }
             }
         }
 
+        log.trace("No IdP session cookie sent by the client.");
         return null;
     }
-
-    /**
-     * Adds a cookie, containing the user's IdP session ID, to the response.
-     * 
-     * @param request current HTTP request
-     * @param response current HTTP response
-     * @param userSession user's currentSession
-     */
-    protected void addIdPSessionCookieToResponse(HttpServletRequest request, HttpServletResponse response,
-            Session userSession) {
-        Cookie sessionCookie = new Cookie(IDP_SESSION_COOKIE_NAME, userSession.getSessionID());
-        sessionCookie.setDomain(request.getLocalName());
-        sessionCookie.setPath(request.getContextPath());
-        sessionCookie.setSecure(false);
-
-        int maxAge = (int) (userSession.getInactivityTimeout() / 1000);
-        sessionCookie.setMaxAge(maxAge);
-
-        response.addCookie(sessionCookie);
-    }
 }
\ No newline at end of file