From: Mathieu Baudier Date: Tue, 13 Sep 2016 11:37:21 +0000 (+0000) Subject: Do not time out demo. X-Git-Tag: argeo-commons-2.1.45~3 X-Git-Url: http://git.argeo.org/?a=commitdiff_plain;h=4702d1d7950fb8f0e8c6e840c2f08cb07b87ec71;p=lgpl%2Fargeo-commons.git Do not time out demo. git-svn-id: https://svn.argeo.org/commons/trunk@9118 4cfe0d0a-d680-48aa-b62c-e0a02a3f76cc --- diff --git a/org.argeo.cms/src/org/argeo/cms/auth/HttpLoginModule.java b/org.argeo.cms/src/org/argeo/cms/auth/HttpLoginModule.java index e99e26d13..71aec68c8 100644 --- a/org.argeo.cms/src/org/argeo/cms/auth/HttpLoginModule.java +++ b/org.argeo.cms/src/org/argeo/cms/auth/HttpLoginModule.java @@ -2,8 +2,6 @@ package org.argeo.cms.auth; import java.io.IOException; import java.util.Collection; -import java.util.Hashtable; -import java.util.Iterator; import java.util.Map; import javax.security.auth.Subject; @@ -23,7 +21,6 @@ import org.osgi.framework.BundleContext; import org.osgi.framework.FrameworkUtil; import org.osgi.framework.InvalidSyntaxException; import org.osgi.framework.ServiceReference; -import org.osgi.framework.ServiceRegistration; import org.osgi.service.http.HttpContext; import org.osgi.service.useradmin.Authorization; @@ -74,22 +71,26 @@ public class HttpLoginModule implements LoginModule, AuthConstants { if (request != null) { authorization = (Authorization) request.getAttribute(HttpContext.AUTHORIZATION); if (authorization == null) { - String sessionId = request.getSession().getId(); + String httpSessionId = request.getSession().getId(); authorization = (Authorization) request.getSession().getAttribute(HttpContext.AUTHORIZATION); if (authorization == null) { Collection> sr; try { sr = bc.getServiceReferences(WebCmsSession.class, - "(" + WebCmsSession.CMS_SESSION_ID + "=" + sessionId + ")"); + "(" + WebCmsSession.CMS_SESSION_ID + "=" + httpSessionId + ")"); } catch (InvalidSyntaxException e) { - throw new CmsException("Cannot get CMS session for id " + sessionId, e); + throw new CmsException("Cannot get CMS session for id " + httpSessionId, e); } if (sr.size() == 1) { WebCmsSession cmsSession = bc.getService(sr.iterator().next()); authorization = cmsSession.getAuthorization(); if (log.isTraceEnabled()) log.trace("Retrieved authorization from " + cmsSession); - } + } else if (sr.size() == 0) + return null; + else + throw new CmsException( + sr.size() + ">1 web sessions detected for http session " + httpSessionId); } } } @@ -103,7 +104,7 @@ public class HttpLoginModule implements LoginModule, AuthConstants { return false; if (request == null) return false; - String sessionId = request.getSession().getId(); + String httpSessionId = request.getSession().getId(); if (authorization.getName() != null) { request.setAttribute(HttpContext.REMOTE_USER, authorization.getName()); request.setAttribute(HttpContext.AUTHORIZATION, authorization); @@ -114,28 +115,22 @@ public class HttpLoginModule implements LoginModule, AuthConstants { Collection> sr; try { sr = bc.getServiceReferences(WebCmsSession.class, - "(" + WebCmsSession.CMS_SESSION_ID + "=" + sessionId + ")"); + "(" + WebCmsSession.CMS_SESSION_ID + "=" + httpSessionId + ")"); } catch (InvalidSyntaxException e) { - throw new CmsException("Cannot get CMS session for id " + sessionId, e); + throw new CmsException("Cannot get CMS session for id " + httpSessionId, e); } ServiceReference cmsSessionRef; if (sr.size() == 1) { cmsSessionRef = sr.iterator().next(); } else if (sr.size() == 0) { - Hashtable props = new Hashtable<>(); - props.put(WebCmsSession.CMS_DN, authorization.getName()); - props.put(WebCmsSession.CMS_SESSION_ID, sessionId); - WebCmsSessionImpl cmsSessionImpl = new WebCmsSessionImpl(sessionId, authorization); - ServiceRegistration cmSessionReg = bc.registerService(WebCmsSession.class, - cmsSessionImpl, props); - cmsSessionImpl.setServiceRegistration(cmSessionReg); - cmsSessionRef = cmSessionReg.getReference(); + WebCmsSessionImpl cmsSessionImpl = new WebCmsSessionImpl(httpSessionId, authorization); + cmsSessionRef = cmsSessionImpl.getServiceRegistration().getReference(); if (log.isDebugEnabled()) log.debug("Initialized " + cmsSessionImpl + " for " + authorization.getName()); } else - throw new CmsException(sr.size() + " CMS sessions registered for " + sessionId); + throw new CmsException(sr.size() + " CMS sessions registered for " + httpSessionId); - WebCmsSession cmsSession = bc.getService(cmsSessionRef); + WebCmsSessionImpl cmsSession = (WebCmsSessionImpl) bc.getService(cmsSessionRef); cmsSession.addHttpSession(request); if (log.isTraceEnabled()) log.trace("Added " + request.getServletPath() + " to " + cmsSession + " (" + request.getRequestURI() @@ -144,12 +139,12 @@ public class HttpLoginModule implements LoginModule, AuthConstants { } } if (subject.getPrivateCredentials(HttpSessionId.class).size() == 0) - subject.getPrivateCredentials().add(new HttpSessionId(sessionId)); + subject.getPrivateCredentials().add(new HttpSessionId(httpSessionId)); else { String storedSessionId = subject.getPrivateCredentials(HttpSessionId.class).iterator().next().getValue(); - if (storedSessionId.equals(sessionId)) + if (storedSessionId.equals(httpSessionId)) throw new LoginException( - "Subject already logged with session " + storedSessionId + " (not " + sessionId + ")"); + "Subject already logged with session " + storedSessionId + " (not " + httpSessionId + ")"); } return true; } @@ -161,26 +156,29 @@ public class HttpLoginModule implements LoginModule, AuthConstants { @Override public boolean logout() throws LoginException { - String sessionId; + String httpSessionId; if (subject.getPrivateCredentials(HttpSessionId.class).size() == 1) - sessionId = subject.getPrivateCredentials(HttpSessionId.class).iterator().next().getValue(); + httpSessionId = subject.getPrivateCredentials(HttpSessionId.class).iterator().next().getValue(); else return false; Collection> srs; try { srs = bc.getServiceReferences(WebCmsSession.class, - "(" + WebCmsSession.CMS_SESSION_ID + "=" + sessionId + ")"); + "(" + WebCmsSession.CMS_SESSION_ID + "=" + httpSessionId + ")"); } catch (InvalidSyntaxException e) { - throw new CmsException("Cannot retrieve CMS session #" + sessionId, e); + throw new CmsException("Cannot retrieve CMS session #" + httpSessionId, e); } - for (Iterator> it = srs.iterator(); it.hasNext();) { - ServiceReference sr = it.next(); - WebCmsSession cmsSession = bc.getService(sr); - cmsSession.cleanUp(); - if (log.isDebugEnabled()) - log.debug("Cleaned up " + cmsSession); - } + if (srs.size() == 0) + throw new CmsException("No CMS web sesison found for http session " + httpSessionId); + else if (srs.size() > 1) + throw new CmsException(srs.size() + " CMS web sessions found for http session " + httpSessionId); + + WebCmsSessionImpl cmsSession = (WebCmsSessionImpl) bc.getService(srs.iterator().next()); + cmsSession.cleanUp(); + subject.getPrivateCredentials().removeAll(subject.getPrivateCredentials(HttpSessionId.class)); + if (log.isDebugEnabled()) + log.debug("Cleaned up " + cmsSession); return true; } diff --git a/org.argeo.cms/src/org/argeo/cms/auth/WebCmsSession.java b/org.argeo.cms/src/org/argeo/cms/auth/WebCmsSession.java index 5352223ce..3e2eb2447 100644 --- a/org.argeo.cms/src/org/argeo/cms/auth/WebCmsSession.java +++ b/org.argeo.cms/src/org/argeo/cms/auth/WebCmsSession.java @@ -1,18 +1,16 @@ package org.argeo.cms.auth; -import javax.servlet.http.HttpServletRequest; - import org.osgi.service.useradmin.Authorization; public interface WebCmsSession { public final static String CMS_DN = "cms.dn"; public final static String CMS_SESSION_ID = "cms.sessionId"; - public String getId(); +// public String getId(); public Authorization getAuthorization(); - public void addHttpSession(HttpServletRequest request); +// public void addHttpSession(HttpServletRequest request); - public void cleanUp(); +// public void cleanUp(); } diff --git a/org.argeo.cms/src/org/argeo/cms/internal/kernel/WebCmsSessionImpl.java b/org.argeo.cms/src/org/argeo/cms/internal/kernel/WebCmsSessionImpl.java index ac4b35336..b30b00323 100644 --- a/org.argeo.cms/src/org/argeo/cms/internal/kernel/WebCmsSessionImpl.java +++ b/org.argeo.cms/src/org/argeo/cms/internal/kernel/WebCmsSessionImpl.java @@ -2,6 +2,7 @@ package org.argeo.cms.internal.kernel; import java.util.ArrayList; import java.util.Date; +import java.util.Hashtable; import java.util.List; import javax.servlet.http.HttpServletRequest; @@ -10,11 +11,14 @@ import javax.servlet.http.HttpSession; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.argeo.cms.auth.WebCmsSession; +import org.osgi.framework.BundleContext; +import org.osgi.framework.FrameworkUtil; import org.osgi.framework.ServiceRegistration; import org.osgi.service.http.HttpContext; import org.osgi.service.useradmin.Authorization; public class WebCmsSessionImpl implements WebCmsSession { + private final BundleContext bc = FrameworkUtil.getBundle(getClass()).getBundleContext(); private final static Log log = LogFactory.getLog(WebCmsSessionImpl.class); private final String id; @@ -24,9 +28,14 @@ public class WebCmsSessionImpl implements WebCmsSession { private ServiceRegistration serviceRegistration; - public WebCmsSessionImpl(String id, Authorization authorization) { - this.id = id; + public WebCmsSessionImpl(String sessionId, Authorization authorization) { + this.id = sessionId; this.authorization = authorization; + // register as service + Hashtable props = new Hashtable<>(); + props.put(WebCmsSession.CMS_DN, authorization.getName()); + props.put(WebCmsSession.CMS_SESSION_ID, sessionId); + serviceRegistration = bc.registerService(WebCmsSession.class, this, props); } public void cleanUp() { @@ -40,7 +49,10 @@ public class WebCmsSessionImpl implements WebCmsSession { return authorization; } - @Override + public ServiceRegistration getServiceRegistration() { + return serviceRegistration; + } + public void addHttpSession(HttpServletRequest request) { subHttpSessions.add(new SubHttpSession(request)); } @@ -49,10 +61,6 @@ public class WebCmsSessionImpl implements WebCmsSession { return id; } - public void setServiceRegistration(ServiceRegistration serviceRegistration) { - this.serviceRegistration = serviceRegistration; - } - public String toString() { return "CMS Session #" + id; } @@ -60,16 +68,16 @@ public class WebCmsSessionImpl implements WebCmsSession { static class SubHttpSession { private final HttpSession httpSession; private final String sessionId; -// private final String originalURI; -// private final String servletPath; + // private final String originalURI; + // private final String servletPath; private final Date start = new Date(); public SubHttpSession(HttpServletRequest request) { this.httpSession = request.getSession(); this.sessionId = httpSession.getId(); -// this.originalURI = request.getRequestURI(); -// this.servletPath = request.getServletPath(); + // this.originalURI = request.getRequestURI(); + // this.servletPath = request.getServletPath(); } public Date getStart() { @@ -79,7 +87,7 @@ public class WebCmsSessionImpl implements WebCmsSession { public void cleanUp() { try { httpSession.setAttribute(HttpContext.AUTHORIZATION, null); - //httpSession.setMaxInactiveInterval(1); + // httpSession.setMaxInactiveInterval(1); } catch (Exception e) { log.warn("Could not clean up " + sessionId, e); }