Package com.logicaldoc.core.security

Class SessionManager

java.lang.Object

java.util.AbstractMap<K,V>

java.util.concurrent.ConcurrentHashMap<String,Session>

com.logicaldoc.core.security.SessionManager

All Implemented Interfaces:

Serializable, ConcurrentMap<String,Session>, Map<String,Session>

public class SessionManager
extends ConcurrentHashMap<String,Session>

Repository of all current user sessions.

Since:

4.6

Author:

Marco Meschieri - LogicalDOC

See Also:

Serialized Form

Nested Class Summary

Nested classes/interfaces inherited from class java.util.concurrent.ConcurrentHashMap

ConcurrentHashMap.KeySetView<K extends Object,V extends Object>

Nested classes/interfaces inherited from class java.util.AbstractMap

AbstractMap.SimpleEntry<K extends Object,V extends Object>, AbstractMap.SimpleImmutableEntry<K extends Object,V extends Object>

Nested classes/interfaces inherited from interface java.util.Map

Map.Entry<K extends Object,V extends Object>

Field Summary

Fields

Modifier and Type	Field	Description
static String	COOKIE_SID
static String	PARAM_SID

Method Summary

Modifier and Type	Method	Description
void	addListener(SessionListener listener)
Client	buildClient(javax.servlet.http.HttpServletRequest req)	Create a client identified using a concatenation of Basic authentication credentials and remote IP.
int	countOpened()	Counts the total number of opened sessions
int	countOpened(long tenantId)	Counts the total number of opened sessions per tenant
Session	createSession(User user, Client client)	Creates a new session by authenticated the given user and stores it in the pool of opened sessions
void	destroy()
static SessionManager	get()
Session	get(Object sid)
Session	getByClientId(String clientId)	Gets the session of the given client
static String	getCurrentSid()	Retrieves the session ID of the current thread execution
javax.servlet.http.HttpSession	getServletSession(String sid)
Session	getSession(javax.servlet.http.HttpServletRequest request)	Gets the Session with the identifier returned by getSessionId(HttpServletRequest)
SessionDAO	getSessionDao()
String	getSessionId(javax.servlet.http.HttpServletRequest request)	Gets the Session ID specification from the current request following this lookup strategy: Session attribute PARAM_SID Request attribute PARAM_SID Request parameter PARAM_SID Cookie COOKIE_SID Spring SecurityContextHolder
List<Session>	getSessions()	Returns the list of sessions of the current node ordered by ascending status and creation date.
int	getStatus(String sid)
boolean	isOpen(String sid)	Checks if a session is valid or not.
void	kill(String sid)	Kills an existing session
Session	newSession(String username, String password, Client client)	Creates a new session by authenticated the given user and stores it in the pool of opened sessions
Session	newSession(String username, String password, String key, Client client)	Creates a new session by authenticated the given user and stores it in the pool of opened sessions
Session	remove(Object sid)
void	removeListener(SessionListener listener)
void	removeSid(javax.servlet.http.HttpServletRequest request)	Removes the Sid from the http request
void	renew(String sid)	Renews an opened session
void	saveSid(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, String sid)	Saves the session identifier in the request and session attribute PARAM_SID and Cookie COOKIE_SID
void	setAuthenticationChain(AuthenticationChain authenticationChain)
void	setSessionDao(SessionDAO sessionDao)

Methods inherited from class java.util.concurrent.ConcurrentHashMap

clear, compute, computeIfAbsent, computeIfPresent, contains, containsKey, containsValue, elements, entrySet, equals, forEach, forEach, forEach, forEachEntry, forEachEntry, forEachKey, forEachKey, forEachValue, forEachValue, getOrDefault, hashCode, isEmpty, keys, keySet, keySet, mappingCount, merge, newKeySet, newKeySet, put, putAll, putIfAbsent, reduce, reduceEntries, reduceEntries, reduceEntriesToDouble, reduceEntriesToInt, reduceEntriesToLong, reduceKeys, reduceKeys, reduceKeysToDouble, reduceKeysToInt, reduceKeysToLong, reduceToDouble, reduceToInt, reduceToLong, reduceValues, reduceValues, reduceValuesToDouble, reduceValuesToInt, reduceValuesToLong, remove, replace, replace, replaceAll, search, searchEntries, searchKeys, searchValues, size, toString, values

Methods inherited from class java.lang.Object

getClass, notify, notifyAll, wait, wait, wait

Field Detail

COOKIE_SID

public static final String COOKIE_SID

See Also:

Constant Field Values

PARAM_SID

public static final String PARAM_SID

See Also:

Constant Field Values

Method Detail

get

public static final SessionManager get()

newSession

public Session newSession(String username,
                          String password,
                          String key,
                          Client client)
                   throws AuthenticationException

Creates a new session by authenticated the given user and stores it in the pool of opened sessions

Parameters:

username - the username

password - the passowrd

key - the secret key

client - client informations

Returns:

the session created after the successful login

Throws:

AuthenticationException - raised in case of failed login

newSession

public Session newSession(String username,
                          String password,
                          Client client)
                   throws AuthenticationException

Creates a new session by authenticated the given user and stores it in the pool of opened sessions

Parameters:

username - the username

password - the passowrd

client - client informations

Returns:

the session created after the successful login

Throws:

AuthenticationException - raised in case of failed login

createSession

public Session createSession(User user,
                             Client client)
                      throws AuthenticationException

Creates a new session by authenticated the given user and stores it in the pool of opened sessions

Parameters:

user - the user

client - client informations

Returns:

the session created after the successful login

Throws:

AuthenticationException

kill

public void kill(String sid)

Kills an existing session

Parameters:

sid - identifier of the session to kill

remove

public Session remove(Object sid)

Specified by:

remove in interface Map<String,Session>

Overrides:

remove in class ConcurrentHashMap<String,Session>

renew

public void renew(String sid)

Renews an opened session

Parameters:

sid - The session to be renewed

getStatus

public int getStatus(String sid)

isOpen

public boolean isOpen(String sid)

Checks if a session is valid or not. A valid session is a one that exists and is in state OPEN

Parameters:

sid - The session identifier

Returns:

true only if the session exists and is OPEN

get

public Session get(Object sid)

Specified by:

get in interface Map<String,Session>

Overrides:

get in class ConcurrentHashMap<String,Session>

getByClientId

public Session getByClientId(String clientId)

Gets the session of the given client

Parameters:

clientId - identifier of the client

Returns:

the session

countOpened

public int countOpened()

Counts the total number of opened sessions

Returns:

number of opened sessions

countOpened

public int countOpened(long tenantId)

Counts the total number of opened sessions per tenant

Parameters:

tenantId - identifier of the tenant

Returns:

number of opened sessions

getSessions

public List<Session> getSessions()

Returns the list of sessions of the current node ordered by ascending status and creation date.

Returns:

list of sessions

getSession

public Session getSession(javax.servlet.http.HttpServletRequest request)

Gets the Session with the identifier returned by getSessionId(HttpServletRequest)

Parameters:

request - the HTTP request

Returns:

the found session, can be null

getSessionId

public String getSessionId(javax.servlet.http.HttpServletRequest request)

Gets the Session ID specification from the current request following this lookup strategy:

1. Session attribute PARAM_SID
2. Request attribute PARAM_SID
3. Request parameter PARAM_SID
4. Cookie COOKIE_SID
5. Spring SecurityContextHolder

Parameters:

request - The current request to inspect

Returns:

The SID if any

saveSid

public void saveSid(javax.servlet.http.HttpServletRequest request,
                    javax.servlet.http.HttpServletResponse response,
                    String sid)

Saves the session identifier in the request and session attribute PARAM_SID and Cookie COOKIE_SID

Parameters:

request - the HTTP request

response - the HTTP response

sid - identifier of the session

removeSid

public void removeSid(javax.servlet.http.HttpServletRequest request)

Removes the Sid from the http request

Parameters:

request - the HTTP request

getCurrentSid

public static String getCurrentSid()

Retrieves the session ID of the current thread execution

Returns:

the identifier of the session

getServletSession

public javax.servlet.http.HttpSession getServletSession(String sid)

buildClient

public Client buildClient(javax.servlet.http.HttpServletRequest req)

Create a client identified using a concatenation of Basic authentication credentials and remote IP.

Parameters:

req - The request to process

Returns:

The client

setAuthenticationChain

public void setAuthenticationChain(AuthenticationChain authenticationChain)

destroy

public void destroy()

getSessionDao

public SessionDAO getSessionDao()

setSessionDao

public void setSessionDao(SessionDAO sessionDao)

addListener

public void addListener(SessionListener listener)

removeListener

public void removeListener(SessionListener listener)