Package com.logicaldoc.core.security

Class SessionManager

    • Method Detail

      • newSession

        public Session newSession​(String username,
                          String password,
                          String key,
                          Client client)
                   throws AuthenticationException
        Creates a new session by authenticating the given user and stores it in the pool of opened sessions
        Parameters:
        username - the username
        password - the passowrd
        key - the secret key
        client - client informations
        Returns:
        the session created after the successful login
        Throws:
        AuthenticationException - raised in case of failed login

      • newSession

        public Session newSession​(String username,
                          String password,
                          Client client)
                   throws AuthenticationException
        Creates a new session by authenticated the given user and stores it in the pool of opened sessions
        Parameters:
        username - the username
        password - the passowrd
        client - client informations
        Returns:
        the session created after the successful login
        Throws:
        AuthenticationException - raised in case of failed login

      • createSession

        public Session createSession​(User user,
                             Client client)
                      throws AuthenticationException
        Creates a new session by authenticated the given user and stores it in the pool of opened sessions
        Parameters:
        user - the user
        client - client informations
        Returns:
        the session created after the successful login
        Throws:
        AuthenticationException

      • kill

        public void kill​(String sid)
        Kills an existing session
        Parameters:
        sid - identifier of the session to kill

      • renew

        public void renew​(String sid)
        Renews an opened session
        Parameters:
        sid - The session to be renewed

      • getStatus

        public int getStatus​(String sid)

      • isOpen

        public boolean isOpen​(String sid)
        Checks if a session is valid or not. A valid session is a one that exists and is in state OPEN
        Parameters:
        sid - The session identifier
        Returns:
        true only if the session exists and is OPEN

      • getByClientId

        public Session getByClientId​(String clientId)
        Gets the session of the given client
        Parameters:
        clientId - identifier of the client
        Returns:
        the session

      • countOpened

        public int countOpened()
        Counts the total number of opened sessions
        Returns:
        number of opened sessions

      • countOpened

        public int countOpened​(long tenantId)
        Counts the total number of opened sessions per tenant
        Parameters:
        tenantId - identifier of the tenant
        Returns:
        number of opened sessions

      • getSessions

        public List<Session> getSessions()
        Returns the list of sessions of the current node ordered by ascending status and creation date.
        Returns:
        list of sessions

      • getSession

        public Session getSession​(javax.servlet.http.HttpServletRequest request)
        Gets the Session with the identifier returned by getSessionId(HttpServletRequest)
        Parameters:
        request - the HTTP request
        Returns:
        the found session, can be null

      • getSessionId

        public String getSessionId​(javax.servlet.http.HttpServletRequest request)
        Gets the Session ID specification from the current request following this lookup strategy:
        1. Session attribute PARAM_SID
        2. Request attribute PARAM_SID
        3. Request parameter PARAM_SID
        4. Cookie COOKIE_SID
        5. Spring SecurityContextHolder
        Parameters:
        request - The current request to inspect
        Returns:
        The SID if any

      • saveSid

        public void saveSid​(javax.servlet.http.HttpServletRequest request,
                    javax.servlet.http.HttpServletResponse response,
                    String sid)
        Saves the session identifier in the request and session attribute PARAM_SID and Cookie COOKIE_SID
        Parameters:
        request - the HTTP request
        response - the HTTP response
        sid - identifier of the session

      • removeSid

        public void removeSid​(javax.servlet.http.HttpServletRequest request)
        Removes the Sid from the http request
        Parameters:
        request - the HTTP request

      • getCurrentSid

        public static String getCurrentSid()
        Retrieves the session ID of the current thread execution
        Returns:
        the identifier of the session

      • getServletSession

        public javax.servlet.http.HttpSession getServletSession​(String sid)

      • buildClient

        public Client buildClient​(javax.servlet.http.HttpServletRequest req)
        Create a client identified using a concatenation of Basic authentication credentials and remote IP.
        Parameters:
        req - The request to process
        Returns:
        The client

      • setAuthenticationChain

        public void setAuthenticationChain​(AuthenticationChain authenticationChain)

      • destroy

        public void destroy()

      • getSessionDao

        public SessionDAO getSessionDao()

      • setSessionDao

        public void setSessionDao​(SessionDAO sessionDao)

      • removeListener

        public void removeListener​(SessionListener listener)