Class SessionManager

All Implemented Interfaces:
Serializable, ConcurrentMap<String,Session>, Map<String,Session>

@Component("sessionManager") public class SessionManager extends ConcurrentHashMap<String,Session>
Repository of all current user sessions.
Since:
4.6
Author:
Marco Meschieri - LogicalDOC
See Also:
  • Field Details

  • Method Details

    • get

      public static final SessionManager get()
    • newSession

      public Session newSession(String username, String password, String key, javax.servlet.http.HttpServletRequest request) throws AuthenticationException
      Creates a new session by authenticating the given user and stores it in the pool of opened sessions
      Parameters:
      username - the username
      password - the passowrd
      key - the secret key
      request - the current request
      Returns:
      the session created after the successful login
      Throws:
      AuthenticationException - raised in case of failed login
    • newSession

      public Session newSession(String username, String password, javax.servlet.http.HttpServletRequest request) throws AuthenticationException
      Creates a new session by authenticating the given user and stores it in the pool of opened sessions
      Parameters:
      username - the username
      password - the passowrd
      request - the current request
      Returns:
      the session created after the successful login
      Throws:
      AuthenticationException - raised in case of failed login
    • newSession

      public Session newSession(String username, String password, Client client) throws AuthenticationException
      Creates a new session by authenticating the given user and stores it in the pool of opened sessions
      Parameters:
      username - the username
      password - the passowrd
      client - client informations
      Returns:
      the session created after the successful login
      Throws:
      AuthenticationException - raised in case of failed login
    • newSession

      public Session newSession(String username, String password, String key, Client client) throws AuthenticationException
      Creates a new session by authenticating the given user and stores it in the pool of opened sessions
      Parameters:
      username - the username
      password - the passowrd
      key - the secret key
      client - client informations
      Returns:
      the session created after the successful login
      Throws:
      AuthenticationException - raised in case of failed login
    • newSession

      public Session newSession(String apikey, Client client) throws AuthenticationException
      Creates a new session by authenticating through an API Key and stores it in the pool of opened sessions
      Parameters:
      apikey - the API Key
      client - client informations
      Returns:
      the session created after the successful login
      Throws:
      AuthenticationException - raised in case of failed login
    • newSession

      public Session newSession(String apikey, javax.servlet.http.HttpServletRequest request) throws AuthenticationException
      Creates a new session by authenticating through an API Key and stores it in the pool of opened sessions
      Parameters:
      apikey - the API Key
      request - the current request
      Returns:
      the session created after the successful login
      Throws:
      AuthenticationException - raised in case of failed login
    • kill

      public void kill(String sid)
      Kills an existing session
      Parameters:
      sid - identifier of the session to kill
    • remove

      public Session remove(Object sid)
      Specified by:
      remove in interface Map<String,Session>
      Overrides:
      remove in class ConcurrentHashMap<String,Session>
    • renew

      public void renew(String sid)
      Renews an opened session
      Parameters:
      sid - The session to be renewed
    • getStatus

      public int getStatus(String sid)
    • isOpen

      public boolean isOpen(String sid)
      Checks if a session is valid or not. A valid session is a one that exists and is in state OPEN
      Parameters:
      sid - The session identifier
      Returns:
      true only if the session exists and is OPEN
    • get

      public Session get(Object sid)
      Specified by:
      get in interface Map<String,Session>
      Overrides:
      get in class ConcurrentHashMap<String,Session>
    • getByClientId

      public Session getByClientId(String clientId)
      Gets the session of the given client
      Parameters:
      clientId - identifier of the client
      Returns:
      the session
    • getByDictionaryValue

      public Session getByDictionaryValue(String key, Object value)
      Gets the session with the specified dictionary value
      Parameters:
      key - identifier of the value in the dictionary
      value - the value to match
      Returns:
      the session
    • countOpened

      public int countOpened()
      Counts the total number of opened sessions
      Returns:
      number of opened sessions
    • countOpened

      public int countOpened(long tenantId)
      Counts the total number of opened sessions per tenant
      Parameters:
      tenantId - identifier of the tenant
      Returns:
      number of opened sessions
    • getSessions

      public List<Session> getSessions()
      Returns the list of sessions of the current node ordered by ascending status and creation date.
      Returns:
      list of sessions
    • getSession

      public Session getSession(javax.servlet.http.HttpServletRequest request)
      Gets the Session with the identifier returned by getSessionId(HttpServletRequest)
      Parameters:
      request - the HTTP request
      Returns:
      the found session, can be null
    • getSessionId

      public String getSessionId(javax.servlet.http.HttpServletRequest request)
      Gets the Session ID specification from the current request following this lookup strategy:
      1. Session attribute PARAM_SID
      2. Request attribute PARAM_SID
      3. Request parameter PARAM_SID
      4. Request header PARAM_SID
      5. Cookie COOKIE_SID
      6. Spring SecurityContextHolder
      7. Client ID
      Parameters:
      request - The current request to inspect
      Returns:
      The SID if any
    • saveSid

      public void saveSid(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, String sid)
      Saves the session identifier in the request and session attribute PARAM_SID and Cookie COOKIE_SID
      Parameters:
      request - the HTTP request
      response - the HTTP response
      sid - identifier of the session
    • removeSid

      public void removeSid(javax.servlet.http.HttpServletRequest request)
      Removes the Sid from the http request
      Parameters:
      request - the HTTP request
    • getCurrentSid

      public static String getCurrentSid()
      Retrieves the session ID of the current thread execution
      Returns:
      the identifier of the session
    • getServletSession

      public javax.servlet.http.HttpSession getServletSession(String sid)
    • buildClient

      public Client buildClient(javax.servlet.http.HttpServletRequest request)
      Create a client identified using a concatenation of Basic authentication credentials and remote IP.
      Parameters:
      request - The request to process
      Returns:
      The client
    • setAuthenticationChain

      public void setAuthenticationChain(AuthenticationChain authenticationChain)
    • destroy

      @PreDestroy public void destroy()
    • getSessionDao

      public SessionDAO getSessionDao()
    • setSessionDao

      public void setSessionDao(SessionDAO sessionDao)
    • addListener

      public void addListener(SessionListener listener)
    • removeListener

      public void removeListener(SessionListener listener)
    • setApiKeyDao

      public void setApiKeyDao(ApiKeyDAO apiKeyDao)
    • setUserDao

      public void setUserDao(UserDAO userDao)