2 * Copyright (C) 2007-2012 Mathieu Baudier
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
16 package org
.argeo
.jackrabbit
.remote
;
18 import java
.io
.Serializable
;
19 import java
.util
.List
;
21 import javax
.jcr
.LoginException
;
22 import javax
.jcr
.Repository
;
23 import javax
.jcr
.RepositoryException
;
24 import javax
.jcr
.Session
;
25 import javax
.servlet
.ServletException
;
26 import javax
.servlet
.http
.HttpServletRequest
;
27 import javax
.servlet
.http
.HttpSession
;
29 import org
.apache
.commons
.logging
.Log
;
30 import org
.apache
.commons
.logging
.LogFactory
;
31 import org
.apache
.jackrabbit
.server
.SessionProvider
;
32 import org
.argeo
.ArgeoException
;
33 import org
.argeo
.jcr
.JcrUtils
;
34 import org
.springframework
.security
.context
.SecurityContextHolder
;
37 * Session provider assuming a single workspace and a short life cycle,
38 * typically a Spring bean of scope (web) 'session'.
40 public class ScopedSessionProvider
implements SessionProvider
, Serializable
{
41 private static final long serialVersionUID
= 6589775984177317058L;
42 private static final Log log
= LogFactory
43 .getLog(ScopedSessionProvider
.class);
44 private transient HttpSession httpSession
= null;
45 private transient Session jcrSession
= null;
47 private transient String currentRepositoryName
= null;
48 private transient String currentWorkspaceName
= null;
49 private transient String currentJcrUser
= null;
51 public Session
getSession(HttpServletRequest request
, Repository rep
,
52 String workspace
) throws LoginException
, ServletException
,
55 String springUser
= SecurityContextHolder
.getContext()
56 .getAuthentication().getName();
59 String pathInfo
= request
.getPathInfo();
60 List
<String
> tokens
= JcrUtils
.tokenize(pathInfo
);
61 String httpRepository
= tokens
.get(0);
64 if (httpSession
!= null
65 && !httpSession
.getId().equals(request
.getSession().getId()))
66 throw new ArgeoException(
67 "Only session scope is supported in this mode");
68 if (httpSession
== null)
69 httpSession
= request
.getSession();
71 if (currentRepositoryName
== null)
72 currentRepositoryName
= httpRepository
;
73 if (currentWorkspaceName
== null)
74 currentWorkspaceName
= workspace
;
75 if (currentJcrUser
== null)
76 currentJcrUser
= springUser
;
78 if (jcrSession
!= null)
79 if (!currentRepositoryName
.equals(httpRepository
)) {
80 if (log
.isDebugEnabled())
81 log
.debug(getHttpSessionId() + " Changed from repository "
82 + currentRepositoryName
+ " to " + httpRepository
85 } else if (!currentWorkspaceName
.equals(workspace
)) {
86 if (log
.isDebugEnabled())
87 log
.debug(getHttpSessionId() + " Changed from workspace "
88 + currentWorkspaceName
+ " to " + workspace
91 } else if (!currentJcrUser
.equals(springUser
)) {
92 if (log
.isDebugEnabled())
93 log
.debug(getHttpSessionId() + " Changed from user "
94 + currentJcrUser
+ " to " + springUser
100 if (jcrSession
== null)
102 Session session
= login(rep
, workspace
);
103 if (!session
.getUserID().equals(springUser
))
104 throw new ArgeoException("HTTP user '" + springUser
105 + "' not in line with JCR user '"
106 + session
.getUserID() + "'");
107 currentRepositoryName
= httpRepository
;
108 // do not use workspace variable which may be null
109 currentWorkspaceName
= session
.getWorkspace().getName();
110 currentJcrUser
= session
.getUserID();
112 jcrSession
= session
;
114 } catch (RepositoryException e
) {
115 throw new ArgeoException("Cannot open session to workspace "
122 protected Session
login(Repository repository
, String workspace
)
123 throws RepositoryException
{
124 Session session
= repository
.login(workspace
);
125 if (log
.isDebugEnabled())
126 log
.debug(getHttpSessionId() + " User '" + session
.getUserID()
127 + "' logged in workspace '"
128 + session
.getWorkspace().getName() + "' of repository '"
129 + currentRepositoryName
+ "'");
133 public void releaseSession(Session session
) {
134 if (log
.isDebugEnabled())
135 log
.debug(getHttpSessionId() + " Releasing JCR session " + session
);
138 protected void logout() {
139 JcrUtils
.logoutQuietly(jcrSession
);
143 protected final String
getHttpSessionId() {
144 return httpSession
!= null ? httpSession
.getId() : "<null>";
150 public void destroy() {
152 if (log
.isDebugEnabled())
153 log
.debug(getHttpSessionId()
154 + " Cleaned up provider for web session ");