Package com.logicaldoc.core.security
Class SessionManager
- java.lang.Object
-
- java.util.AbstractMap<K,V>
-
- java.util.concurrent.ConcurrentHashMap<String,Session>
-
- com.logicaldoc.core.security.SessionManager
-
- All Implemented Interfaces:
Serializable
,ConcurrentMap<String,Session>
,Map<String,Session>
public class SessionManager extends ConcurrentHashMap<String,Session>
Repository of all current user sessions.- Since:
- 4.6
- Author:
- Marco Meschieri - LogicalDOC
- See Also:
- Serialized Form
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from class java.util.concurrent.ConcurrentHashMap
ConcurrentHashMap.KeySetView<K extends Object,V extends Object>
-
Nested classes/interfaces inherited from class java.util.AbstractMap
AbstractMap.SimpleEntry<K extends Object,V extends Object>, AbstractMap.SimpleImmutableEntry<K extends Object,V extends Object>
-
-
Field Summary
Fields Modifier and Type Field Description static String
COOKIE_SID
static String
PARAM_SID
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description void
addListener(SessionListener listener)
Client
buildClient(javax.servlet.http.HttpServletRequest req)
Create a client identified using a concatenation of Basic authentication credentials and remote IP.int
countOpened()
Counts the total number of opened sessionsint
countOpened(long tenantId)
Counts the total number of opened sessions per tenantSession
createSession(User user, Client client)
Creates a new session by authenticated the given user and stores it in the pool of opened sessionsvoid
destroy()
static SessionManager
get()
Session
get(Object sid)
Session
getByClientId(String clientId)
Gets the session of the given clientstatic String
getCurrentSid()
Retrieves the session ID of the current thread executionjavax.servlet.http.HttpSession
getServletSession(String sid)
Session
getSession(javax.servlet.http.HttpServletRequest request)
Gets the Session with the identifier returned bygetSessionId(HttpServletRequest)
SessionDAO
getSessionDao()
String
getSessionId(javax.servlet.http.HttpServletRequest request)
Gets the Session ID specification from the current request following this lookup strategy: Session attributePARAM_SID
Request attributePARAM_SID
Request parameterPARAM_SID
CookieCOOKIE_SID
Spring SecurityContextHolderList<Session>
getSessions()
Returns the list of sessions of the current node ordered by ascending status and creation date.int
getStatus(String sid)
boolean
isOpen(String sid)
Checks if a session is valid or not.void
kill(String sid)
Kills an existing sessionSession
newSession(String username, String password, Client client)
Creates a new session by authenticated the given user and stores it in the pool of opened sessionsSession
newSession(String username, String password, String key, Client client)
Creates a new session by authenticating the given user and stores it in the pool of opened sessionsSession
remove(Object sid)
void
removeListener(SessionListener listener)
void
removeSid(javax.servlet.http.HttpServletRequest request)
Removes the Sid from the http requestvoid
renew(String sid)
Renews an opened sessionvoid
saveSid(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, String sid)
Saves the session identifier in the request and session attributePARAM_SID
and CookieCOOKIE_SID
void
setAuthenticationChain(AuthenticationChain authenticationChain)
void
setSessionDao(SessionDAO sessionDao)
-
Methods inherited from class java.util.concurrent.ConcurrentHashMap
clear, compute, computeIfAbsent, computeIfPresent, contains, containsKey, containsValue, elements, entrySet, equals, forEach, forEach, forEach, forEachEntry, forEachEntry, forEachKey, forEachKey, forEachValue, forEachValue, getOrDefault, hashCode, isEmpty, keys, keySet, keySet, mappingCount, merge, newKeySet, newKeySet, put, putAll, putIfAbsent, reduce, reduceEntries, reduceEntries, reduceEntriesToDouble, reduceEntriesToInt, reduceEntriesToLong, reduceKeys, reduceKeys, reduceKeysToDouble, reduceKeysToInt, reduceKeysToLong, reduceToDouble, reduceToInt, reduceToLong, reduceValues, reduceValues, reduceValuesToDouble, reduceValuesToInt, reduceValuesToLong, remove, replace, replace, replaceAll, search, searchEntries, searchKeys, searchValues, size, toString, values
-
-
-
-
Field Detail
-
COOKIE_SID
public static final String COOKIE_SID
- See Also:
- Constant Field Values
-
PARAM_SID
public static final String PARAM_SID
- See Also:
- Constant Field Values
-
-
Method Detail
-
get
public static final SessionManager get()
-
newSession
public Session newSession(String username, String password, String key, Client client) throws AuthenticationException
Creates a new session by authenticating the given user and stores it in the pool of opened sessions- Parameters:
username
- the usernamepassword
- the passowrdkey
- the secret keyclient
- client informations- Returns:
- the session created after the successful login
- Throws:
AuthenticationException
- raised in case of failed login
-
newSession
public Session newSession(String username, String password, Client client) throws AuthenticationException
Creates a new session by authenticated the given user and stores it in the pool of opened sessions- Parameters:
username
- the usernamepassword
- the passowrdclient
- client informations- Returns:
- the session created after the successful login
- Throws:
AuthenticationException
- raised in case of failed login
-
createSession
public Session createSession(User user, Client client) throws AuthenticationException
Creates a new session by authenticated the given user and stores it in the pool of opened sessions- Parameters:
user
- the userclient
- client informations- Returns:
- the session created after the successful login
- Throws:
AuthenticationException
-
kill
public void kill(String sid)
Kills an existing session- Parameters:
sid
- identifier of the session to kill
-
renew
public void renew(String sid)
Renews an opened session- Parameters:
sid
- The session to be renewed
-
getStatus
public int getStatus(String sid)
-
isOpen
public boolean isOpen(String sid)
Checks if a session is valid or not. A valid session is a one that exists and is in state OPEN- Parameters:
sid
- The session identifier- Returns:
- true only if the session exists and is OPEN
-
getByClientId
public Session getByClientId(String clientId)
Gets the session of the given client- Parameters:
clientId
- identifier of the client- Returns:
- the session
-
countOpened
public int countOpened()
Counts the total number of opened sessions- Returns:
- number of opened sessions
-
countOpened
public int countOpened(long tenantId)
Counts the total number of opened sessions per tenant- Parameters:
tenantId
- identifier of the tenant- Returns:
- number of opened sessions
-
getSessions
public List<Session> getSessions()
Returns the list of sessions of the current node ordered by ascending status and creation date.- Returns:
- list of sessions
-
getSession
public Session getSession(javax.servlet.http.HttpServletRequest request)
Gets the Session with the identifier returned bygetSessionId(HttpServletRequest)
- Parameters:
request
- the HTTP request- Returns:
- the found session, can be null
-
getSessionId
public String getSessionId(javax.servlet.http.HttpServletRequest request)
Gets the Session ID specification from the current request following this lookup strategy:- Session attribute
PARAM_SID
- Request attribute
PARAM_SID
- Request parameter
PARAM_SID
- Cookie
COOKIE_SID
- Spring SecurityContextHolder
- Parameters:
request
- The current request to inspect- Returns:
- The SID if any
- Session attribute
-
saveSid
public void saveSid(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, String sid)
Saves the session identifier in the request and session attributePARAM_SID
and CookieCOOKIE_SID
- Parameters:
request
- the HTTP requestresponse
- the HTTP responsesid
- identifier of the session
-
removeSid
public void removeSid(javax.servlet.http.HttpServletRequest request)
Removes the Sid from the http request- Parameters:
request
- the HTTP request
-
getCurrentSid
public static String getCurrentSid()
Retrieves the session ID of the current thread execution- Returns:
- the identifier of the session
-
getServletSession
public javax.servlet.http.HttpSession getServletSession(String sid)
-
buildClient
public Client buildClient(javax.servlet.http.HttpServletRequest req)
Create a client identified using a concatenation of Basic authentication credentials and remote IP.- Parameters:
req
- The request to process- Returns:
- The client
-
setAuthenticationChain
public void setAuthenticationChain(AuthenticationChain authenticationChain)
-
destroy
public void destroy()
-
getSessionDao
public SessionDAO getSessionDao()
-
setSessionDao
public void setSessionDao(SessionDAO sessionDao)
-
addListener
public void addListener(SessionListener listener)
-
removeListener
public void removeListener(SessionListener listener)
-
-