Package com.logicaldoc.core.security
Class SessionManager
- All Implemented Interfaces:
Serializable
,ConcurrentMap<String,
,Session> Map<String,
Session>
Repository of all current user sessions.
- Since:
- 4.6
- Author:
- Marco Meschieri - LogicalDOC
- See Also:
-
Nested Class Summary
Nested classes/interfaces inherited from class java.util.concurrent.ConcurrentHashMap
ConcurrentHashMap.KeySetView<K extends Object,
V extends Object> Nested classes/interfaces inherited from class java.util.AbstractMap
AbstractMap.SimpleEntry<K extends Object,
V extends Object>, AbstractMap.SimpleImmutableEntry<K extends Object, V extends Object> -
Field Summary
-
Method Summary
Modifier and TypeMethodDescriptionvoid
addListener
(SessionListener listener) buildClient
(javax.servlet.http.HttpServletRequest req) Create a client identified using a concatenation of Basic authentication credentials and remote IP.int
Counts the total number of opened sessionsint
countOpened
(long tenantId) Counts the total number of opened sessions per tenantcreateSession
(User user, Client client) Creates a new session by authenticated the given user and stores it in the pool of opened sessionsvoid
destroy()
static final SessionManager
get()
getByClientId
(String clientId) Gets the session of the given clientstatic String
Retrieves the session ID of the current thread executionjavax.servlet.http.HttpSession
getServletSession
(String sid) getSession
(javax.servlet.http.HttpServletRequest request) Gets the Session with the identifier returned bygetSessionId(HttpServletRequest)
getSessionId
(javax.servlet.http.HttpServletRequest request) Gets the Session ID specification from the current request following this lookup strategy: Session attributePARAM_SID
Request attributePARAM_SID
Request parameterPARAM_SID
CookieCOOKIE_SID
Spring SecurityContextHolderReturns the list of sessions of the current node ordered by ascending status and creation date.int
boolean
Checks if a session is valid or not.void
Kills an existing sessionnewSession
(String username, String password, Client client) Creates a new session by authenticated the given user and stores it in the pool of opened sessionsnewSession
(String username, String password, String key, Client client) Creates a new session by authenticating the given user and stores it in the pool of opened sessionsvoid
removeListener
(SessionListener listener) void
removeSid
(javax.servlet.http.HttpServletRequest request) Removes the Sid from the http requestvoid
Renews an opened sessionvoid
saveSid
(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, String sid) Saves the session identifier in the request and session attributePARAM_SID
and CookieCOOKIE_SID
void
setAuthenticationChain
(AuthenticationChain authenticationChain) void
setSessionDao
(SessionDAO sessionDao) Methods inherited from class java.util.concurrent.ConcurrentHashMap
clear, compute, computeIfAbsent, computeIfPresent, contains, containsKey, containsValue, elements, entrySet, equals, forEach, forEach, forEach, forEachEntry, forEachEntry, forEachKey, forEachKey, forEachValue, forEachValue, getOrDefault, hashCode, isEmpty, keys, keySet, keySet, mappingCount, merge, newKeySet, newKeySet, put, putAll, putIfAbsent, reduce, reduceEntries, reduceEntries, reduceEntriesToDouble, reduceEntriesToInt, reduceEntriesToLong, reduceKeys, reduceKeys, reduceKeysToDouble, reduceKeysToInt, reduceKeysToLong, reduceToDouble, reduceToInt, reduceToLong, reduceValues, reduceValues, reduceValuesToDouble, reduceValuesToInt, reduceValuesToLong, remove, replace, replace, replaceAll, search, searchEntries, searchKeys, searchValues, size, toString, values
-
Field Details
-
COOKIE_SID
- See Also:
-
PARAM_SID
- See Also:
-
-
Method Details
-
get
-
newSession
public Session newSession(String username, String password, String key, Client client) throws AuthenticationException Creates a new session by authenticating the given user and stores it in the pool of opened sessions- Parameters:
username
- the usernamepassword
- the passowrdkey
- the secret keyclient
- client informations- Returns:
- the session created after the successful login
- Throws:
AuthenticationException
- raised in case of failed login
-
newSession
public Session newSession(String username, String password, Client client) throws AuthenticationException Creates a new session by authenticated the given user and stores it in the pool of opened sessions- Parameters:
username
- the usernamepassword
- the passowrdclient
- client informations- Returns:
- the session created after the successful login
- Throws:
AuthenticationException
- raised in case of failed login
-
createSession
Creates a new session by authenticated the given user and stores it in the pool of opened sessions- Parameters:
user
- the userclient
- client informations- Returns:
- the session created after the successful login
- Throws:
AuthenticationException
-
kill
Kills an existing session- Parameters:
sid
- identifier of the session to kill
-
remove
-
renew
Renews an opened session- Parameters:
sid
- The session to be renewed
-
getStatus
-
isOpen
Checks if a session is valid or not. A valid session is a one that exists and is in state OPEN- Parameters:
sid
- The session identifier- Returns:
- true only if the session exists and is OPEN
-
get
-
getByClientId
Gets the session of the given client- Parameters:
clientId
- identifier of the client- Returns:
- the session
-
countOpened
public int countOpened()Counts the total number of opened sessions- Returns:
- number of opened sessions
-
countOpened
public int countOpened(long tenantId) Counts the total number of opened sessions per tenant- Parameters:
tenantId
- identifier of the tenant- Returns:
- number of opened sessions
-
getSessions
Returns the list of sessions of the current node ordered by ascending status and creation date.- Returns:
- list of sessions
-
getSession
Gets the Session with the identifier returned bygetSessionId(HttpServletRequest)
- Parameters:
request
- the HTTP request- Returns:
- the found session, can be null
-
getSessionId
Gets the Session ID specification from the current request following this lookup strategy:- Session attribute
PARAM_SID
- Request attribute
PARAM_SID
- Request parameter
PARAM_SID
- Cookie
COOKIE_SID
- Spring SecurityContextHolder
- Parameters:
request
- The current request to inspect- Returns:
- The SID if any
- Session attribute
-
saveSid
public void saveSid(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, String sid) Saves the session identifier in the request and session attributePARAM_SID
and CookieCOOKIE_SID
- Parameters:
request
- the HTTP requestresponse
- the HTTP responsesid
- identifier of the session
-
removeSid
public void removeSid(javax.servlet.http.HttpServletRequest request) Removes the Sid from the http request- Parameters:
request
- the HTTP request
-
getCurrentSid
Retrieves the session ID of the current thread execution- Returns:
- the identifier of the session
-
getServletSession
-
buildClient
Create a client identified using a concatenation of Basic authentication credentials and remote IP.- Parameters:
req
- The request to process- Returns:
- The client
-
setAuthenticationChain
-
destroy
public void destroy() -
getSessionDao
-
setSessionDao
-
addListener
-
removeListener
-