fixed SEB session integrity check (allow multiple establish requests
from same SEB client. This is usful when the SEB sends the userSessionId multiple times)
This commit is contained in:
anhefti
parent
70358d0128
commit
42993e3c97
1 changed files with 798 additions and 781 deletions
|
|
@ -184,6 +184,23 @@ public class SEBClientConnectionServiceImpl implements SEBClientConnectionServic
|
||||||
final String clientId) {
|
final String clientId) {
|
||||||
|
|
||||||
return Result.tryCatch(() -> {
|
return Result.tryCatch(() -> {
|
||||||
|
|
||||||
|
final ClientConnection clientConnection = getClientConnection(connectionToken);
|
||||||
|
checkInstitutionalIntegrity(institutionId, clientConnection);
|
||||||
|
checkExamIntegrity(examId, clientConnection);
|
||||||
|
|
||||||
|
// connection integrity check
|
||||||
|
if (!clientConnection.status.clientActiveStatus) {
|
||||||
|
log.error("ClientConnection integrity violation: client connection is not in expected state: {}",
|
||||||
|
clientConnection);
|
||||||
|
throw new IllegalArgumentException(
|
||||||
|
"ClientConnection integrity violation: client connection is not in expected state");
|
||||||
|
}
|
||||||
|
|
||||||
|
if (examId != null) {
|
||||||
|
checkExamIntegrity(examId);
|
||||||
|
}
|
||||||
|
|
||||||
if (log.isDebugEnabled()) {
|
if (log.isDebugEnabled()) {
|
||||||
log.debug(
|
log.debug(
|
||||||
"SEB client connection, update ClientConnection for "
|
"SEB client connection, update ClientConnection for "
|
||||||
|
|
@ -201,35 +218,8 @@ public class SEBClientConnectionServiceImpl implements SEBClientConnectionServic
|
||||||
clientId);
|
clientId);
|
||||||
}
|
}
|
||||||
|
|
||||||
final ClientConnection clientConnection = getClientConnection(connectionToken);
|
|
||||||
|
|
||||||
checkInstitutionalIntegrity(institutionId, clientConnection);
|
|
||||||
checkExamIntegrity(examId, clientConnection);
|
|
||||||
|
|
||||||
// connection integrity check
|
|
||||||
if (clientConnection.status != ConnectionStatus.CONNECTION_REQUESTED) {
|
|
||||||
log.error("ClientConnection integrity violation: client connection is not in expected state: {}",
|
|
||||||
clientConnection);
|
|
||||||
throw new IllegalArgumentException(
|
|
||||||
"ClientConnection integrity violation: client connection is not in expected state");
|
|
||||||
}
|
|
||||||
|
|
||||||
if (examId != null) {
|
|
||||||
checkExamIntegrity(examId);
|
|
||||||
}
|
|
||||||
|
|
||||||
// userSessionId integrity check
|
// userSessionId integrity check
|
||||||
if (userSessionId != null &&
|
updateUserSessionId(userSessionId, clientConnection, examId);
|
||||||
clientConnection.userSessionId != null &&
|
|
||||||
!userSessionId.equals(clientConnection.userSessionId)) {
|
|
||||||
|
|
||||||
log.error(
|
|
||||||
"User session identifier integrity violation: another User session identifier is already set for the connection: {}",
|
|
||||||
clientConnection);
|
|
||||||
throw new IllegalArgumentException(
|
|
||||||
"User session identifier integrity violation: another User session identifier is already set for the connection");
|
|
||||||
}
|
|
||||||
|
|
||||||
final ClientConnection updatedClientConnection = this.clientConnectionDAO
|
final ClientConnection updatedClientConnection = this.clientConnectionDAO
|
||||||
.save(new ClientConnection(
|
.save(new ClientConnection(
|
||||||
clientConnection.id,
|
clientConnection.id,
|
||||||
|
|
@ -273,6 +263,34 @@ public class SEBClientConnectionServiceImpl implements SEBClientConnectionServic
|
||||||
|
|
||||||
return Result.tryCatch(() -> {
|
return Result.tryCatch(() -> {
|
||||||
|
|
||||||
|
ClientConnection clientConnection = getClientConnection(connectionToken);
|
||||||
|
|
||||||
|
// connection integrity check
|
||||||
|
if (clientConnection.status == ConnectionStatus.ACTIVE) {
|
||||||
|
if (clientConnection.clientAddress != null && clientConnection.clientAddress.equals(clientAddress)) {
|
||||||
|
// It seems that this is the same SEB that tries to establish the connection once again.
|
||||||
|
// Just log this and return already established connection
|
||||||
|
if (log.isDebugEnabled()) {
|
||||||
|
log.debug(
|
||||||
|
"SEB retired to establish an already established client connection. Client adress: {} : {}",
|
||||||
|
clientConnection.clientAddress,
|
||||||
|
clientAddress);
|
||||||
|
}
|
||||||
|
return clientConnection;
|
||||||
|
} else {
|
||||||
|
// It seems that this is a request from an other device then the original
|
||||||
|
log.error("ClientConnection integrity violation: client connection mismatch: {}",
|
||||||
|
clientConnection);
|
||||||
|
throw new IllegalArgumentException(
|
||||||
|
"ClientConnection integrity violation: client connection mismatch");
|
||||||
|
}
|
||||||
|
} else if (!clientConnection.status.clientActiveStatus) {
|
||||||
|
log.error("ClientConnection integrity violation: client connection is not in expected state: {}",
|
||||||
|
clientConnection);
|
||||||
|
throw new IllegalArgumentException(
|
||||||
|
"ClientConnection integrity violation: client connection is not in expected state");
|
||||||
|
}
|
||||||
|
|
||||||
if (log.isDebugEnabled()) {
|
if (log.isDebugEnabled()) {
|
||||||
log.debug(
|
log.debug(
|
||||||
"SEB client connection, establish ClientConnection for "
|
"SEB client connection, establish ClientConnection for "
|
||||||
|
|
@ -290,7 +308,6 @@ public class SEBClientConnectionServiceImpl implements SEBClientConnectionServic
|
||||||
clientId);
|
clientId);
|
||||||
}
|
}
|
||||||
|
|
||||||
ClientConnection clientConnection = getClientConnection(connectionToken);
|
|
||||||
checkInstitutionalIntegrity(institutionId, clientConnection);
|
checkInstitutionalIntegrity(institutionId, clientConnection);
|
||||||
checkExamIntegrity(examId, clientConnection);
|
checkExamIntegrity(examId, clientConnection);
|
||||||
clientConnection = updateUserSessionId(userSessionId, clientConnection, examId);
|
clientConnection = updateUserSessionId(userSessionId, clientConnection, examId);
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue