Example 11 with NoUserSessionException
use of com.haulmont.cuba.security.global.NoUserSessionException in project cuba by cuba-platform.
the class IdpSessionPingConnector method pingIdpSessionServer.
public void pingIdpSessionServer(String idpSessionId) {
log.debug("Ping IDP session {}", idpSessionId);
String idpBaseURL = webIdpConfig.getIdpBaseURL();
if (!idpBaseURL.endsWith("/")) {
idpBaseURL += "/";
}
String idpSessionPingUrl = idpBaseURL + "service/ping";
HttpPost httpPost = new HttpPost(idpSessionPingUrl);
httpPost.setHeader(HttpHeaders.CONTENT_TYPE, ContentType.APPLICATION_FORM_URLENCODED.getMimeType());
UrlEncodedFormEntity formEntity = new UrlEncodedFormEntity(Arrays.asList(new BasicNameValuePair("idpSessionId", idpSessionId), new BasicNameValuePair("trustedServicePassword", webIdpConfig.getIdpTrustedServicePassword())), StandardCharsets.UTF_8);
httpPost.setEntity(formEntity);
HttpClientConnectionManager connectionManager = new BasicHttpClientConnectionManager();
HttpClient client = HttpClientBuilder.create().setConnectionManager(connectionManager).build();
try {
HttpResponse httpResponse = client.execute(httpPost);
int statusCode = httpResponse.getStatusLine().getStatusCode();
if (statusCode == 410) {
// we have to logout user
log.debug("IDP session is expired {}", idpSessionId);
if (userSessionSource.checkCurrentUserSession()) {
authenticationService.logout();
UserSession userSession = userSessionSource.getUserSession();
throw new NoUserSessionException(userSession.getId());
}
}
if (statusCode != 200) {
log.warn("IDP respond status {} on session ping", statusCode);
}
} catch (IOException e) {
log.warn("Unable to ping IDP {} session {}", idpSessionPingUrl, idpSessionId, e);
} finally {
connectionManager.shutdown();
}
}
Also used :
HttpPost(org.apache.http.client.methods.HttpPost)
BasicNameValuePair(org.apache.http.message.BasicNameValuePair)
HttpClient(org.apache.http.client.HttpClient)
UserSession(com.haulmont.cuba.security.global.UserSession)
HttpResponse(org.apache.http.HttpResponse)
UrlEncodedFormEntity(org.apache.http.client.entity.UrlEncodedFormEntity)
IOException(java.io.IOException)
HttpClientConnectionManager(org.apache.http.conn.HttpClientConnectionManager)
BasicHttpClientConnectionManager(org.apache.http.impl.conn.BasicHttpClientConnectionManager)
BasicHttpClientConnectionManager(org.apache.http.impl.conn.BasicHttpClientConnectionManager)
NoUserSessionException(com.haulmont.cuba.security.global.NoUserSessionException)
Example 12 with NoUserSessionException
use of com.haulmont.cuba.security.global.NoUserSessionException in project cuba by cuba-platform.
the class CubaTimer method handleOnTimerException.
protected void handleOnTimerException(RuntimeException e) {
int reIdx = ExceptionUtils.indexOfType(e, RemoteException.class);
if (reIdx > -1) {
RemoteException re = (RemoteException) ExceptionUtils.getThrowableList(e).get(reIdx);
for (RemoteException.Cause cause : re.getCauses()) {
// noinspection ThrowableResultOfMethodCallIgnored
if (cause.getThrowable() instanceof NoUserSessionException) {
log.warn("NoUserSessionException in timer {}, timer will be stopped", getLoggingTimerId());
stop();
break;
}
}
} else if (ExceptionUtils.indexOfThrowable(e, NoUserSessionException.class) > -1) {
log.warn("NoUserSessionException in timer {}, timer will be stopped", getLoggingTimerId());
stop();
}
throw e;
}
Also used :
RemoteException(com.haulmont.cuba.core.global.RemoteException)
NoUserSessionException(com.haulmont.cuba.security.global.NoUserSessionException)
Example 13 with NoUserSessionException
use of com.haulmont.cuba.security.global.NoUserSessionException in project cuba by cuba-platform.
the class FileDownloadController method getSession.
protected UserSession getSession(HttpServletRequest request, HttpServletResponse response) throws IOException {
UUID sessionId;
try {
sessionId = UUID.fromString(request.getParameter("s"));
} catch (Exception e) {
return null;
}
AppContext.setSecurityContext(new SecurityContext(sessionId));
try {
UserSession userSession = userSessionService.getUserSession(sessionId);
return userSession;
} catch (NoUserSessionException e) {
return null;
} finally {
AppContext.setSecurityContext(null);
}
}
Also used :
UserSession(com.haulmont.cuba.security.global.UserSession)
SecurityContext(com.haulmont.cuba.core.sys.SecurityContext)
UUID(java.util.UUID)
FileStorageException(com.haulmont.cuba.core.global.FileStorageException)
IOException(java.io.IOException)
NoUserSessionException(com.haulmont.cuba.security.global.NoUserSessionException)
NoUserSessionException(com.haulmont.cuba.security.global.NoUserSessionException)
Example 14 with NoUserSessionException
use of com.haulmont.cuba.security.global.NoUserSessionException in project cuba by cuba-platform.
the class NoUserSessionHandler method doHandle.
@Override
protected void doHandle(App app, String className, String message, @Nullable Throwable throwable) {
try {
// we may show two or more dialogs if user pressed F5 and we have no valid user session
// just remove previous dialog and show new
List<Window> noUserSessionDialogs = app.getAppUI().getWindows().stream().filter(w -> w instanceof NoUserSessionExceptionDialog).collect(Collectors.toList());
for (Window dialog : noUserSessionDialogs) {
app.getAppUI().removeWindow(dialog);
}
showNoUserSessionDialog(app);
} catch (Throwable th) {
log.error("Unable to handle NoUserSessionException", throwable);
log.error("Exception in NoUserSessionHandler", th);
}
}
Also used :
CubaWindow(com.haulmont.cuba.web.toolkit.ui.CubaWindow)
Logger(org.slf4j.Logger)
WebComponentsHelper.setClickShortcut(com.haulmont.cuba.web.gui.components.WebComponentsHelper.setClickShortcut)
Type(com.haulmont.cuba.gui.components.DialogAction.Type)
LoggerFactory(org.slf4j.LoggerFactory)
App(com.haulmont.cuba.web.App)
Messages(com.haulmont.cuba.core.global.Messages)
ControllerUtils(com.haulmont.cuba.web.controllers.ControllerUtils)
AppBeans(com.haulmont.cuba.core.global.AppBeans)
Icons(com.haulmont.cuba.gui.icons.Icons)
CubaLabel(com.haulmont.cuba.web.toolkit.ui.CubaLabel)
Collectors(java.util.stream.Collectors)
NoUserSessionException(com.haulmont.cuba.security.global.NoUserSessionException)
IconResolver(com.haulmont.cuba.web.gui.icons.IconResolver)
List(java.util.List)
Configuration(com.haulmont.cuba.core.global.Configuration)
CubaWindow(com.haulmont.cuba.web.toolkit.ui.CubaWindow)
Locale(java.util.Locale)
AppUI(com.haulmont.cuba.web.AppUI)
Page(com.vaadin.server.Page)
WebButton(com.haulmont.cuba.web.gui.components.WebButton)
ClientConfig(com.haulmont.cuba.client.ClientConfig)
Connection(com.haulmont.cuba.web.Connection)
Nullable(javax.annotation.Nullable)
com.vaadin.ui(com.vaadin.ui)
Example 15 with NoUserSessionException
use of com.haulmont.cuba.security.global.NoUserSessionException in project cuba by cuba-platform.
the class SecurityContextHandlerInterceptor method preHandle.
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
// filter resource requests
if (ClassUtils.isAssignableValue(ResourceHttpRequestHandler.class, handler)) {
return true;
}
PortalSecurityContext portalSecurityContext;
HttpSession httpSession = request.getSession();
Connection connection = (Connection) httpSession.getAttribute(Connection.NAME);
if (connection == null || connection.getSession() == null || !connection.isConnected()) {
connection = AppBeans.get(Connection.NAME);
connection.login(request.getLocale(), request.getRemoteAddr(), request.getHeader("User-Agent"));
httpSession.setAttribute(Connection.NAME, connection);
portalSecurityContext = new PortalSecurityContext(connection.getSession());
AppContext.setSecurityContext(portalSecurityContext);
} else {
PortalSession session = connection.getSession();
portalSecurityContext = new PortalSecurityContext(session);
AppContext.setSecurityContext(portalSecurityContext);
// ping only authenticated sessions
if (session != null && session.isAuthenticated()) {
UserSessionService userSessionSource = AppBeans.get(UserSessionService.NAME);
try {
userSessionSource.getMessages();
} catch (NoUserSessionException e) {
httpSession.invalidate();
response.sendRedirect(request.getRequestURI());
return false;
}
}
}
App app = new App(connection, request, response);
portalSecurityContext.setPortalApp(app);
return true;
}
Also used :
App(com.haulmont.cuba.portal.App)
HttpSession(javax.servlet.http.HttpSession)
PortalSession(com.haulmont.cuba.portal.security.PortalSession)
UserSessionService(com.haulmont.cuba.security.app.UserSessionService)
Connection(com.haulmont.cuba.portal.Connection)
NoUserSessionException(com.haulmont.cuba.security.global.NoUserSessionException)
Aggregations
NoUserSessionException (com.haulmont.cuba.security.global.NoUserSessionException)17
UserSession (com.haulmont.cuba.security.global.UserSession)9
SecurityContext (com.haulmont.cuba.core.sys.SecurityContext)6
IOException (java.io.IOException)3
UUID (java.util.UUID)3
FileStorageException (com.haulmont.cuba.core.global.FileStorageException)2
RemoteException (com.haulmont.cuba.core.global.RemoteException)2
UserSessionService (com.haulmont.cuba.security.app.UserSessionService)2
HttpSession (javax.servlet.http.HttpSession)2
ClientConfig (com.haulmont.cuba.client.ClientConfig)1
AppBeans (com.haulmont.cuba.core.global.AppBeans)1
Configuration (com.haulmont.cuba.core.global.Configuration)1
Messages (com.haulmont.cuba.core.global.Messages)1
Connection (com.haulmont.cuba.desktop.Connection)1
Type (com.haulmont.cuba.gui.components.DialogAction.Type)1
IllegalConcurrentAccessException (com.haulmont.cuba.gui.executors.IllegalConcurrentAccessException)1
Icons (com.haulmont.cuba.gui.icons.Icons)1
App (com.haulmont.cuba.portal.App)1
Connection (com.haulmont.cuba.portal.Connection)1
PortalSession (com.haulmont.cuba.portal.security.PortalSession)1
