Package com.logicaldoc.core.security
Class SessionManager
- All Implemented Interfaces:
Serializable
,ConcurrentMap<String,
,Session> Map<String,
Session>
Repository of all current user sessions.
- Since:
- 4.6
- Author:
- Marco Meschieri - LogicalDOC
- See Also:
-
Nested Class Summary
Nested classes/interfaces inherited from class java.util.concurrent.ConcurrentHashMap
ConcurrentHashMap.KeySetView<K,
V> Nested classes/interfaces inherited from class java.util.AbstractMap
AbstractMap.SimpleEntry<K,
V>, AbstractMap.SimpleImmutableEntry<K, V> -
Field Summary
-
Method Summary
Modifier and TypeMethodDescriptionvoid
addListener
(SessionListener listener) buildClient
(javax.servlet.http.HttpServletRequest request) Create a client identified using a concatenation of Basic authentication credentials and remote IP.int
Counts the total number of opened sessionsint
countOpened
(long tenantId) Counts the total number of opened sessions per tenantvoid
destroy()
static final SessionManager
get()
getByClientId
(String clientId) Gets the session of the given clientgetByDictionaryValue
(String key, Object value) Gets the session with the specified dictionary valuestatic String
Retrieves the session ID of the current thread executionjavax.servlet.http.HttpSession
getServletSession
(String sid) getSession
(javax.servlet.http.HttpServletRequest request) Gets the Session with the identifier returned bygetSessionId(HttpServletRequest)
getSessionId
(javax.servlet.http.HttpServletRequest request) Gets the Session ID specification from the current request following this lookup strategy: Request parameterPARAM_SID
Request headerPARAM_SID
Request attributePARAM_SID
Session attributePARAM_SID
CookieCOOKIE_SID
Spring SecurityContextHolder Client IDReturns the list of sessions of the current node ordered by ascending status and creation date.int
boolean
Checks if a session is valid or not.void
Kills an existing sessionnewSession
(String apikey, Client client) Creates a new session by authenticating through an API Key and stores it in the pool of opened sessionsnewSession
(String username, String password, Client client) Creates a new session by authenticating the given user and stores it in the pool of opened sessionsnewSession
(String username, String password, String key, Client client) Creates a new session by authenticating the given user and stores it in the pool of opened sessionsnewSession
(String username, String password, String key, javax.servlet.http.HttpServletRequest request) Creates a new session by authenticating the given user and stores it in the pool of opened sessionsnewSession
(String username, String password, javax.servlet.http.HttpServletRequest request) Creates a new session by authenticating the given user and stores it in the pool of opened sessionsnewSession
(String apikey, javax.servlet.http.HttpServletRequest request) Creates a new session by authenticating through an API Key and stores it in the pool of opened sessionsvoid
removeListener
(SessionListener listener) void
removeSid
(javax.servlet.http.HttpServletRequest request) Removes the Sid from the http requestvoid
Renews an opened sessionvoid
saveSid
(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, String sid) Saves the session identifier in the request and session attributePARAM_SID
and CookieCOOKIE_SID
void
setApiKeyDao
(ApiKeyDAO apiKeyDao) void
setAuthenticationChain
(AuthenticationChain authenticationChain) void
setSessionDao
(SessionDAO sessionDao) void
setUserDao
(UserDAO userDao) Methods inherited from class java.util.concurrent.ConcurrentHashMap
clear, compute, computeIfAbsent, computeIfPresent, contains, containsKey, containsValue, elements, entrySet, equals, forEach, forEach, forEach, forEachEntry, forEachEntry, forEachKey, forEachKey, forEachValue, forEachValue, getOrDefault, hashCode, isEmpty, keys, keySet, keySet, mappingCount, merge, newKeySet, newKeySet, put, putAll, putIfAbsent, reduce, reduceEntries, reduceEntries, reduceEntriesToDouble, reduceEntriesToInt, reduceEntriesToLong, reduceKeys, reduceKeys, reduceKeysToDouble, reduceKeysToInt, reduceKeysToLong, reduceToDouble, reduceToInt, reduceToLong, reduceValues, reduceValues, reduceValuesToDouble, reduceValuesToInt, reduceValuesToLong, remove, replace, replace, replaceAll, search, searchEntries, searchKeys, searchValues, size, toString, values
-
Field Details
-
COOKIE_SID
- See Also:
-
PARAM_SID
- See Also:
-
HEADER_APIKEY
- See Also:
-
-
Method Details
-
get
-
newSession
public Session newSession(String username, String password, String key, javax.servlet.http.HttpServletRequest request) throws AuthenticationException Creates a new session by authenticating the given user and stores it in the pool of opened sessions- Parameters:
username
- the usernamepassword
- the passowrdkey
- the secret keyrequest
- the current request- Returns:
- the session created after the successful login
- Throws:
AuthenticationException
- raised in case of failed login
-
newSession
public Session newSession(String username, String password, javax.servlet.http.HttpServletRequest request) throws AuthenticationException Creates a new session by authenticating the given user and stores it in the pool of opened sessions- Parameters:
username
- the usernamepassword
- the passowrdrequest
- the current request- Returns:
- the session created after the successful login
- Throws:
AuthenticationException
- raised in case of failed login
-
newSession
public Session newSession(String username, String password, Client client) throws AuthenticationException Creates a new session by authenticating the given user and stores it in the pool of opened sessions- Parameters:
username
- the usernamepassword
- the passowrdclient
- client informations- Returns:
- the session created after the successful login
- Throws:
AuthenticationException
- raised in case of failed login
-
newSession
public Session newSession(String username, String password, String key, Client client) throws AuthenticationException Creates a new session by authenticating the given user and stores it in the pool of opened sessions- Parameters:
username
- the usernamepassword
- the passowrdkey
- the secret keyclient
- client informations- Returns:
- the session created after the successful login
- Throws:
AuthenticationException
- raised in case of failed login
-
newSession
Creates a new session by authenticating through an API Key and stores it in the pool of opened sessions- Parameters:
apikey
- the API Keyclient
- client informations- Returns:
- the session created after the successful login
- Throws:
AuthenticationException
- raised in case of failed login
-
newSession
public Session newSession(String apikey, javax.servlet.http.HttpServletRequest request) throws AuthenticationException Creates a new session by authenticating through an API Key and stores it in the pool of opened sessions- Parameters:
apikey
- the API Keyrequest
- the current request- Returns:
- the session created after the successful login
- Throws:
AuthenticationException
- raised in case of failed login
-
kill
Kills an existing session- Parameters:
sid
- identifier of the session to kill
-
remove
-
renew
Renews an opened session- Parameters:
sid
- The session to be renewed
-
getStatus
-
isOpen
Checks if a session is valid or not. A valid session is a one that exists and is in state OPEN- Parameters:
sid
- The session identifier- Returns:
- true only if the session exists and is OPEN
-
get
-
getByClientId
Gets the session of the given client- Parameters:
clientId
- identifier of the client- Returns:
- the session
-
getByDictionaryValue
Gets the session with the specified dictionary value- Parameters:
key
- identifier of the value in the dictionaryvalue
- the value to match- Returns:
- the session
-
countOpened
public int countOpened()Counts the total number of opened sessions- Returns:
- number of opened sessions
-
countOpened
public int countOpened(long tenantId) Counts the total number of opened sessions per tenant- Parameters:
tenantId
- identifier of the tenant- Returns:
- number of opened sessions
-
getSessions
Returns the list of sessions of the current node ordered by ascending status and creation date.- Returns:
- list of sessions
-
getSession
Gets the Session with the identifier returned bygetSessionId(HttpServletRequest)
- Parameters:
request
- the HTTP request- Returns:
- the found session, can be null
-
getSessionId
Gets the Session ID specification from the current request following this lookup strategy:- Request parameter
PARAM_SID
- Request header
PARAM_SID
- Request attribute
PARAM_SID
- Session attribute
PARAM_SID
- Cookie
COOKIE_SID
- Spring SecurityContextHolder
- Client ID
- Parameters:
request
- The current request to inspect- Returns:
- The SID if any
- Request parameter
-
saveSid
public void saveSid(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, String sid) Saves the session identifier in the request and session attributePARAM_SID
and CookieCOOKIE_SID
- Parameters:
request
- the HTTP requestresponse
- the HTTP responsesid
- identifier of the session
-
removeSid
public void removeSid(javax.servlet.http.HttpServletRequest request) Removes the Sid from the http request- Parameters:
request
- the HTTP request
-
getCurrentSid
Retrieves the session ID of the current thread execution- Returns:
- the identifier of the session
-
getServletSession
-
buildClient
Create a client identified using a concatenation of Basic authentication credentials and remote IP.- Parameters:
request
- The request to process- Returns:
- The client
-
setAuthenticationChain
-
destroy
@PreDestroy public void destroy() -
getSessionDao
-
setSessionDao
-
addListener
-
removeListener
-
setApiKeyDao
-
setUserDao
-