use of com.haulmont.cuba.core.sys.SecurityContext in project cuba by cuba-platform.
the class FreeMarkerView method buildTemplateModel.
@Override
protected SimpleHash buildTemplateModel(Map<String, Object> model, HttpServletRequest request, HttpServletResponse response) {
PortalConfig config = AppBeans.get(Configuration.class).getConfig(PortalConfig.class);
SimpleHash context = super.buildTemplateModel(model, request, response);
SecurityContext securityContext = AppContext.getSecurityContext();
if (securityContext != null)
context.put("userSession", securityContext.getSession());
context.put("messages", messages);
context.put("message", new MessageMethod());
context.put("theme", config.getTheme());
return context;
}
use of com.haulmont.cuba.core.sys.SecurityContext in project cuba by cuba-platform.
the class DynamicAttributesCacheStrategy method init.
@Override
public void init() {
clientCacheManager.getExecutorService().scheduleWithFixedDelay(() -> {
if (needToValidateCache) {
UserSession userSession = cacheUserSessionProvider.getUserSession();
if (userSession == null) {
// cache user session unavailable
return;
}
try {
AppContext.setSecurityContext(new SecurityContext(userSession));
loadObject();
} catch (NoUserSessionException e) {
log.warn("Cache user session expired", e);
} catch (Exception e) {
log.error("Unable to update dynamic attributes cache", e);
}
}
}, 0, 10, TimeUnit.SECONDS);
}
use of com.haulmont.cuba.core.sys.SecurityContext in project cuba by cuba-platform.
the class ConfigStorageCommon method getConfigValue.
/**
* Method returns a result of config method invocation
* @param classFQN fully qualified configuration interface name
* @param methodName config getter method name
* @param userLogin parameter is used for authentication if there is no security context bound to the current thread
* and configuration method source is DATABASE
* @param userPassword see userLogin parameter description
* @return configuration method invocation result
*/
public String getConfigValue(String classFQN, String methodName, String userLogin, String userPassword) {
Class<?> aClass;
try {
aClass = Class.forName(classFQN);
} catch (ClassNotFoundException e) {
return String.format("Class %s not found.\nPlease ensure that you entered a fully qualified class name and " + "that you class is in a proper application module (core, web or portal).", classFQN);
}
if (Config.class.isAssignableFrom(aClass)) {
Config config = configuration.getConfig((Class<? extends Config>) aClass);
Method method;
boolean logoutRequired = false;
try {
method = aClass.getMethod(methodName);
// DATABASE, then login attempt with 'userLogin' and 'userPassword' will be made
if (AppContext.getSecurityContext() == null) {
SourceType sourceType;
Source methodSourceAnnotation = method.getAnnotation(Source.class);
if (methodSourceAnnotation != null) {
sourceType = methodSourceAnnotation.type();
} else {
Source classSourceAnnotation = aClass.getAnnotation(Source.class);
sourceType = classSourceAnnotation.type();
}
if (sourceType != null && sourceType == SourceType.DATABASE) {
if (Strings.isNullOrEmpty(userLogin)) {
return "No security context bound to the current thread. Please specify the user name.";
} else {
try {
Map<String, Locale> availableLocales = configuration.getConfig(GlobalConfig.class).getAvailableLocales();
Locale defaultLocale = availableLocales.values().iterator().next();
TrustedClientCredentials credentials = new TrustedClientCredentials(userLogin, userPassword, defaultLocale);
UserSession session = authenticationService.login(credentials).getSession();
AppContext.setSecurityContext(new SecurityContext(session));
logoutRequired = true;
} catch (LoginException e) {
log.error(ExceptionUtils.getStackTrace(e));
return "Login error: " + e.getMessage();
}
}
}
}
Object result = method.invoke(config);
return result == null ? null : result.toString();
} catch (NoSuchMethodException e) {
return String.format("Method %s() not found in class %s", methodName, classFQN);
} catch (InvocationTargetException | IllegalAccessException e) {
return ExceptionUtils.getStackTrace(e);
} finally {
if (logoutRequired) {
try {
authenticationService.logout();
} finally {
AppContext.setSecurityContext(null);
}
}
}
} else {
return String.format("Class %s is not an implementation of Config interface", classFQN);
}
}
use of com.haulmont.cuba.core.sys.SecurityContext in project cuba by cuba-platform.
the class CubaRemoteInvocationFactory method createRemoteInvocation.
@Override
public RemoteInvocation createRemoteInvocation(MethodInvocation methodInvocation) {
SecurityContext securityContext = AppContext.getSecurityContext();
CubaRemoteInvocation remoteInvocation = new CubaRemoteInvocation(methodInvocation, securityContext == null ? null : securityContext.getSessionId());
if (securityContext != null) {
UserSession session = securityContext.getSession();
if (session instanceof ClientBasedSession && ((ClientBasedSession) session).hasRequestScopedInfo()) {
remoteInvocation.setLocale(session.getLocale() != null ? session.getLocale().toLanguageTag() : null);
remoteInvocation.setTimeZone(session.getTimeZone());
remoteInvocation.setAddress(session.getAddress());
remoteInvocation.setClientInfo(session.getClientInfo());
}
}
return remoteInvocation;
}
use of com.haulmont.cuba.core.sys.SecurityContext in project cuba by cuba-platform.
the class StickySessionServerSelector method getSessionUrlsHolder.
@Nullable
protected SessionUrlsHolder getSessionUrlsHolder() {
SecurityContext securityContext = AppContext.getSecurityContext();
if (securityContext == null)
return null;
UserSession session = securityContext.getSession();
if (session == null || session instanceof ClientBasedSession && ((ClientBasedSession) session).hasRequestScopedInfo())
return anonymousSessionUrlsHolder;
return new UserSessionUrlsHolder(session);
}
Aggregations