Package com.logicaldoc.core.security

Class SessionManager

java.lang.Object
java.util.AbstractMap<K,V>
java.util.concurrent.ConcurrentHashMap<String,Session>
com.logicaldoc.core.security.SessionManager
All Implemented Interfaces:
Serializable, ConcurrentMap<String,Session>, Map<String,Session>
public class SessionManager extends ConcurrentHashMap<String,Session>
Repository of all current user sessions.
Since:
4.6
Author:
Marco Meschieri - LogicalDOC
See Also:

  • Field Details

  • Method Details

    • get

      public static final SessionManager get()

    • newSession

      public Session newSession(String username, String password, String key, Client client) throws AuthenticationException
      Creates a new session by authenticating the given user and stores it in the pool of opened sessions
      Parameters:
      username - the username
      password - the passowrd
      key - the secret key
      client - client informations
      Returns:
      the session created after the successful login
      Throws:
      AuthenticationException - raised in case of failed login

    • newSession

      public Session newSession(String username, String password, Client client) throws AuthenticationException
      Creates a new session by authenticated the given user and stores it in the pool of opened sessions
      Parameters:
      username - the username
      password - the passowrd
      client - client informations
      Returns:
      the session created after the successful login
      Throws:
      AuthenticationException - raised in case of failed login

    • createSession

      public Session createSession(User user, Client client) throws AuthenticationException
      Creates a new session by authenticated the given user and stores it in the pool of opened sessions
      Parameters:
      user - the user
      client - client informations
      Returns:
      the session created after the successful login
      Throws:
      AuthenticationException

    • kill

      public void kill(String sid)
      Kills an existing session
      Parameters:
      sid - identifier of the session to kill

    • remove

      public Session remove(Object sid)
      Specified by:
      remove in interface Map<String,Session>
      Overrides:
      remove in class ConcurrentHashMap<String,Session>

    • renew

      public void renew(String sid)
      Renews an opened session
      Parameters:
      sid - The session to be renewed

    • getStatus

      public int getStatus(String sid)

    • isOpen

      public boolean isOpen(String sid)
      Checks if a session is valid or not. A valid session is a one that exists and is in state OPEN
      Parameters:
      sid - The session identifier
      Returns:
      true only if the session exists and is OPEN

    • get

      public Session get(Object sid)
      Specified by:
      get in interface Map<String,Session>
      Overrides:
      get in class ConcurrentHashMap<String,Session>

    • getByClientId

      public Session getByClientId(String clientId)
      Gets the session of the given client
      Parameters:
      clientId - identifier of the client
      Returns:
      the session

    • countOpened

      public int countOpened()
      Counts the total number of opened sessions
      Returns:
      number of opened sessions

    • countOpened

      public int countOpened(long tenantId)
      Counts the total number of opened sessions per tenant
      Parameters:
      tenantId - identifier of the tenant
      Returns:
      number of opened sessions

    • getSessions

      public List<Session> getSessions()
      Returns the list of sessions of the current node ordered by ascending status and creation date.
      Returns:
      list of sessions

    • getSession

      public Session getSession(javax.servlet.http.HttpServletRequest request)
      Gets the Session with the identifier returned by getSessionId(HttpServletRequest)
      Parameters:
      request - the HTTP request
      Returns:
      the found session, can be null

    • getSessionId

      public String getSessionId(javax.servlet.http.HttpServletRequest request)
      Gets the Session ID specification from the current request following this lookup strategy:
      1. Session attribute PARAM_SID
      2. Request attribute PARAM_SID
      3. Request parameter PARAM_SID
      4. Cookie COOKIE_SID
      5. Spring SecurityContextHolder
      Parameters:
      request - The current request to inspect
      Returns:
      The SID if any

    • saveSid

      public void saveSid(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, String sid)
      Saves the session identifier in the request and session attribute PARAM_SID and Cookie COOKIE_SID
      Parameters:
      request - the HTTP request
      response - the HTTP response
      sid - identifier of the session

    • removeSid

      public void removeSid(javax.servlet.http.HttpServletRequest request)
      Removes the Sid from the http request
      Parameters:
      request - the HTTP request

    • getCurrentSid

      public static String getCurrentSid()
      Retrieves the session ID of the current thread execution
      Returns:
      the identifier of the session

    • getServletSession

      public javax.servlet.http.HttpSession getServletSession(String sid)

    • buildClient

      public Client buildClient(javax.servlet.http.HttpServletRequest req)
      Create a client identified using a concatenation of Basic authentication credentials and remote IP.
      Parameters:
      req - The request to process
      Returns:
      The client

    • setAuthenticationChain

      public void setAuthenticationChain(AuthenticationChain authenticationChain)

    • destroy

      public void destroy()

    • getSessionDao

      public SessionDAO getSessionDao()

    • setSessionDao

      public void setSessionDao(SessionDAO sessionDao)

    • addListener

      public void addListener(SessionListener listener)

    • removeListener

      public void removeListener(SessionListener listener)