X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Finternal%2Fhttp%2FCmsSessionProvider.java;h=5dd98d2c7306f12772ded883bb6cf0a0f4d598e7;hb=d169026cb1939009fd90ac46a11f480cb3d803c0;hp=c0284f4c72967b7630cff88622d64d9cf57a3fff;hpb=7497859fd48bb56b4dc158ded8abc4086d012de4;p=lgpl%2Fargeo-commons.git diff --git a/org.argeo.cms/src/org/argeo/cms/internal/http/CmsSessionProvider.java b/org.argeo.cms/src/org/argeo/cms/internal/http/CmsSessionProvider.java index c0284f4c7..5dd98d2c7 100644 --- a/org.argeo.cms/src/org/argeo/cms/internal/http/CmsSessionProvider.java +++ b/org.argeo.cms/src/org/argeo/cms/internal/http/CmsSessionProvider.java @@ -1,36 +1,41 @@ package org.argeo.cms.internal.http; import java.io.Serializable; +import java.security.PrivilegedActionException; import java.security.PrivilegedExceptionAction; +import java.util.HashMap; +import java.util.HashSet; import java.util.LinkedHashMap; +import java.util.Map; +import java.util.Set; import javax.jcr.Repository; import javax.jcr.RepositoryException; import javax.jcr.Session; import javax.security.auth.Subject; -import javax.security.auth.login.LoginContext; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; import org.apache.jackrabbit.server.SessionProvider; -import org.argeo.cms.CmsException; +import org.argeo.api.NodeConstants; import org.argeo.cms.auth.CmsSession; +import org.argeo.cms.internal.auth.CmsSessionImpl; import org.argeo.jcr.JcrUtils; -import org.argeo.node.NodeConstants; /** * Implements an open session in view patter: a new JCR session is created for * each request */ -class CmsSessionProvider implements SessionProvider, Serializable { +public class CmsSessionProvider implements SessionProvider, Serializable { private static final long serialVersionUID = -1358136599534938466L; - // private final static Log log = - // LogFactory.getLog(CmsSessionProvider.class); + private final static Log log = LogFactory.getLog(CmsSessionProvider.class); private final String alias; - private LinkedHashMap cmsSessions = new LinkedHashMap<>(); + private LinkedHashMap cmsSessions = new LinkedHashMap<>(); public CmsSessionProvider(String alias) { this.alias = alias; @@ -39,41 +44,131 @@ class CmsSessionProvider implements SessionProvider, Serializable { public Session getSession(HttpServletRequest request, Repository rep, String workspace) throws javax.jcr.LoginException, ServletException, RepositoryException { - CmsSession cmsSession = WebCmsSessionImpl.getCmsSession(request); - if (cmsSession == null) - return anonymousSession(request, rep, workspace); - Session session = cmsSession.getDataSession(alias, workspace, rep); - cmsSessions.put(session, cmsSession); - return session; - } + // a client is scanning parent URLs. +// if (workspace == null) +// return null; - private synchronized Session anonymousSession(HttpServletRequest request, Repository repository, String workspace) { - // TODO rather log in here as anonymous? - LoginContext lc = (LoginContext) request.getAttribute(NodeConstants.LOGIN_CONTEXT_USER); - if (lc == null) - throw new CmsException("No login context available"); - // optimize - Session session; - try { - session = Subject.doAs(lc.getSubject(), new PrivilegedExceptionAction() { - @Override - public Session run() throws Exception { - return repository.login(workspace); - } - }); - } catch (Exception e) { - throw new CmsException("Cannot log in to JCR", e); + CmsSessionImpl cmsSession = WebCmsSessionImpl.getCmsSession(request); + if (log.isTraceEnabled()) { + log.trace("Get JCR session from " + cmsSession); } + if (cmsSession == null) + throw new IllegalStateException("Cannot find a session for request " + request.getRequestURI()); + CmsDataSession cmsDataSession = new CmsDataSession(cmsSession); + Session session = cmsDataSession.getDataSession(alias, workspace, rep); + cmsSessions.put(session, cmsDataSession); return session; } - public synchronized void releaseSession(Session session) { + public void releaseSession(Session session) { +// JcrUtils.logoutQuietly(session); if (cmsSessions.containsKey(session)) { - CmsSession cmsSession = cmsSessions.get(session); - cmsSession.releaseDataSession(alias, session); + CmsDataSession cmsDataSession = cmsSessions.get(session); + cmsDataSession.releaseDataSession(alias, session); } else { - // anonymous + log.warn("JCR session " + session + " not found in CMS session list. Logging it out..."); JcrUtils.logoutQuietly(session); } } + + static class CmsDataSession { + private CmsSession cmsSession; + + private Map dataSessions = new HashMap<>(); + private Set dataSessionsInUse = new HashSet<>(); + private Set additionalDataSessions = new HashSet<>(); + + private CmsDataSession(CmsSession cmsSession) { + this.cmsSession = cmsSession; + } + + public Session newDataSession(String cn, String workspace, Repository repository) { + checkValid(); + return login(repository, workspace); + } + + public synchronized Session getDataSession(String cn, String workspace, Repository repository) { + checkValid(); + // FIXME make it more robust + if (workspace == null) + workspace = NodeConstants.SYS_WORKSPACE; + String path = cn + '/' + workspace; + if (dataSessionsInUse.contains(path)) { + try { + wait(1000); + if (dataSessionsInUse.contains(path)) { + Session session = login(repository, workspace); + additionalDataSessions.add(session); + if (log.isTraceEnabled()) + log.trace("Additional data session " + path + " for " + cmsSession.getUserDn()); + return session; + } + } catch (InterruptedException e) { + // silent + } + } + + Session session = null; + if (dataSessions.containsKey(path)) { + session = dataSessions.get(path); + } else { + session = login(repository, workspace); + dataSessions.put(path, session); + if (log.isTraceEnabled()) + log.trace("New data session " + path + " for " + cmsSession.getUserDn()); + } + dataSessionsInUse.add(path); + return session; + } + + private Session login(Repository repository, String workspace) { + try { + return Subject.doAs(cmsSession.getSubject(), new PrivilegedExceptionAction() { + @Override + public Session run() throws Exception { + return repository.login(workspace); + } + }); + } catch (PrivilegedActionException e) { + throw new IllegalStateException("Cannot log in " + cmsSession.getUserDn() + " to JCR", e); + } + } + + public synchronized void releaseDataSession(String cn, Session session) { + if (additionalDataSessions.contains(session)) { + JcrUtils.logoutQuietly(session); + additionalDataSessions.remove(session); + if (log.isTraceEnabled()) + log.trace("Remove additional data session " + session); + return; + } + String path = cn + '/' + session.getWorkspace().getName(); + if (!dataSessionsInUse.contains(path)) + log.warn("Data session " + path + " was not in use for " + cmsSession.getUserDn()); + dataSessionsInUse.remove(path); + Session registeredSession = dataSessions.get(path); + if (session != registeredSession) + log.warn("Data session " + path + " not consistent for " + cmsSession.getUserDn()); + if (log.isTraceEnabled()) + log.trace("Released data session " + session + " for " + path); + notifyAll(); + } + + private void checkValid() { + if (!cmsSession.isValid()) + throw new IllegalStateException( + "CMS session " + cmsSession.getUuid() + " is not valid since " + cmsSession.getEnd()); + } + + private void close() { + // FIXME class this when CMS session is closed + synchronized (this) { + // TODO check data session in use ? + for (String path : dataSessions.keySet()) + JcrUtils.logoutQuietly(dataSessions.get(path)); + for (Session session : additionalDataSessions) + JcrUtils.logoutQuietly(session); + } + } + } }