use of com.iplanet.dpro.session.SessionException in project OpenAM by OpenRock.
the class SessionResponseParser method parseXML.
/**
* Parses the session reponse element. Please see file
* <code>SessionResponse.dtd</code> for the corresponding DTD of the
* SessionResponse.
*
* @return a <code>SessionResponse</code> object.
*/
public SessionResponse parseXML() throws SessionException {
if (document == null) {
return null;
}
// get document element
Element elem = document.getDocumentElement();
sessionResponse = new SessionResponse();
// set session response attribute
String temp = elem.getAttribute("vers");
sessionResponse.setResponseVersion(temp);
// set session reqid
temp = elem.getAttribute("reqid");
sessionResponse.setRequestID(temp);
// check GetSession element
NodeList nodelist = elem.getElementsByTagName("GetSession");
if (nodelist != null && nodelist.getLength() != 0) {
sessionResponse.setMethodID(SessionRequest.GetSession);
}
// check GetActiveSessions element
nodelist = elem.getElementsByTagName("GetActiveSessions");
if (nodelist != null && nodelist.getLength() != 0) {
sessionResponse.setMethodID(SessionRequest.GetValidSessions);
}
// check DestroySession element
nodelist = elem.getElementsByTagName("DestroySession");
if (nodelist != null && nodelist.getLength() != 0) {
sessionResponse.setMethodID(SessionRequest.DestroySession);
}
// check Logout element
nodelist = elem.getElementsByTagName("Logout");
if (nodelist != null && nodelist.getLength() != 0) {
sessionResponse.setMethodID(SessionRequest.Logout);
}
// check AddSessionListener element
nodelist = elem.getElementsByTagName("AddSessionListener");
if (nodelist != null && nodelist.getLength() != 0) {
sessionResponse.setMethodID(SessionRequest.AddSessionListener);
}
// check AddSessionListenerOnAllSessions element
nodelist = elem.getElementsByTagName("AddSessionListenerOnAllSessions");
if (nodelist != null && nodelist.getLength() != 0) {
sessionResponse.setMethodID(SessionRequest.AddSessionListenerOnAllSessions);
}
// check SetProperty element
nodelist = elem.getElementsByTagName("SetProperty");
if (nodelist != null && nodelist.getLength() != 0) {
sessionResponse.setMethodID(SessionRequest.SetProperty);
}
// check GetSessionCount element
nodelist = elem.getElementsByTagName("GetSessionCount");
if (nodelist != null && nodelist.getLength() != 0) {
sessionResponse.setMethodID(SessionRequest.GetSessionCount);
}
// check COUNT element
nodelist = elem.getElementsByTagName("SessionExpirationTimeInfo");
if (nodelist != null && nodelist.getLength() != 0) {
parseAllSessionsGivenUUIDElements(nodelist);
}
// check Session element
nodelist = elem.getElementsByTagName("Session");
if (nodelist != null && nodelist.getLength() != 0) {
parseSessionElements(nodelist);
}
// check OK element
nodelist = elem.getElementsByTagName("OK");
if (nodelist != null && nodelist.getLength() != 0) {
sessionResponse.setBooleanFlag(true);
}
// check Exception element
nodelist = elem.getElementsByTagName("Exception");
if (nodelist != null && nodelist.getLength() != 0) {
Element exception = (Element) nodelist.item(0);
sessionResponse.setException(SessionRequestParser.parseCDATA(exception));
}
// check Status element
nodelist = elem.getElementsByTagName("Status");
if (nodelist != null && nodelist.getLength() != 0) {
String status = SessionRequestParser.parseCDATA((Element) nodelist.item(0));
try {
sessionResponse.setStatus(Integer.parseInt(status));
} catch (NumberFormatException e) {
SessionRequestParser.debug.error("SessionResponseParse : ", e);
throw new SessionException(e.getMessage());
}
}
// return session reponse
return sessionResponse;
}
use of com.iplanet.dpro.session.SessionException in project OpenAM by OpenRock.
the class SessionInfoFactory method makeSessionInfo.
/**
* Generates a SessionInfo object from the given InternalSession.
*
* @param internalSession Non null InternalSession to use.
* @param sid Session ID for the user performing the action.
* @return A non null SessionInfo instance if valid.
*
* @throws SessionException If there was an error storing the TokenRestriction on the SessionInfo.
*
* @throws IllegalAccessException If this method has not been called in-conjunction with
* SessionInfoFactory#validateSession
*/
public SessionInfo makeSessionInfo(InternalSession internalSession, SessionID sid) throws SessionException {
SessionInfo info = internalSession.toSessionInfo();
TokenRestriction restriction = internalSession.getRestrictionForToken(sid);
if (restriction != null) {
try {
info.getProperties().put(TOKEN_RESTRICTION_PROP, TokenRestrictionFactory.marshal(restriction));
} catch (Exception e) {
throw new SessionException(e);
}
} else if (!sid.equals(internalSession.getID())) {
throw new IllegalArgumentException("Session id mismatch");
}
// replace master sid with the sid from the request (either master or
// restricted) in order not to leak the master sid
info.setSessionID(sid.toString());
return info;
}
use of com.iplanet.dpro.session.SessionException in project OpenAM by OpenRock.
the class SessionCount method getSessionResponse.
private static SessionResponse getSessionResponse(URL svcurl, SessionRequest sreq) throws SessionException {
try {
Object context = RestrictedTokenContext.getCurrent();
if (context != null) {
sreq.setRequester(RestrictedTokenContext.marshal(context));
}
SessionResponse sres = sessionPLLSender.sendPLLRequest(svcurl, sreq);
if (sres.getException() != null) {
throw new SessionException(sres.getException());
}
return sres;
} catch (SessionException se) {
throw se;
} catch (Exception e) {
throw new SessionException(e);
}
}
use of com.iplanet.dpro.session.SessionException in project OpenAM by OpenRock.
the class AuthUtils method getAuthContext.
/**
* Returns the authentication context for a request.
*
* @param request HTTP Servlet Request.
* @param response HTTP Servlet Response.
* @param sid SessionID for this request.
* @param isSessionUpgrade <code>true</code> if session upgrade.
* @param isBackPost <code>true</code> if back posting.
* @param isLogout <code>true</code> for logout.
* @return authentication context.
*/
public static AuthContextLocal getAuthContext(HttpServletRequest request, HttpServletResponse response, SessionID sid, boolean isSessionUpgrade, boolean isBackPost, boolean isLogout) throws AuthException {
utilDebug.message("In AuthUtils:getAuthContext");
Hashtable dataHash;
AuthContextLocal authContext = null;
LoginState loginState = null;
// initialize auth service.
AuthD ad = AuthD.getAuth();
try {
dataHash = parseRequestParameters(request);
authContext = retrieveAuthContext(request, sid);
if (utilDebug.messageEnabled()) {
utilDebug.message("AuthUtil:getAuthContext:sid is.. .: " + sid);
utilDebug.message("AuthUtil:getAuthContext:authContext is..: " + authContext);
}
if (!sid.isNull() && authContext == null && !isSessionUpgrade) {
String authCookieValue = getAuthCookieValue(request);
if ((authCookieValue != null) && (!authCookieValue.isEmpty()) && (!authCookieValue.equalsIgnoreCase("LOGOUT"))) {
String cookieURL = null;
try {
SessionID sessionID = new SessionID(authCookieValue);
URL sessionServerURL = SESSION_SERVICE_URL_SERVICE.getSessionServiceURL(sessionID);
cookieURL = sessionServerURL.getProtocol() + "://" + sessionServerURL.getHost() + ":" + Integer.toString(sessionServerURL.getPort()) + serviceURI;
} catch (SessionException e) {
if (utilDebug.messageEnabled()) {
utilDebug.message("AuthUtils:getAuthContext():" + e.toString());
}
}
if (utilDebug.messageEnabled()) {
utilDebug.message("AuthUtils:getAuthContext():" + "cookieURL : " + cookieURL);
}
if ((cookieURL != null) && (!cookieURL.isEmpty()) && (isLocalServer(cookieURL, true))) {
utilDebug.error("AuthUtils:getAuthContext(): " + "Invalid Session Timed out");
clearAllCookies(request, response);
throw new AuthException(AMAuthErrorCode.AUTH_TIMEOUT, null);
}
}
}
if (utilDebug.messageEnabled()) {
utilDebug.message("isSessionUpgrade :" + isSessionUpgrade);
utilDebug.message("BACK with Request method POST : " + isBackPost);
}
if ((authContext == null) && (isLogout)) {
return null;
}
if ((authContext == null) || (isSessionUpgrade) || (isBackPost)) {
try {
loginState = new LoginState();
InternalSession oldSession = null;
if (sid != null) {
oldSession = AuthD.getSession(sid);
loginState.setOldSession(oldSession);
}
if (isSessionUpgrade) {
loginState.setOldSession(oldSession);
loginState.setSessionUpgrade(isSessionUpgrade);
} else if (isBackPost) {
loginState.setOldSession(oldSession);
}
authContext = loginState.createAuthContext(request, response, sid, dataHash);
loginState.setForceAuth(Boolean.parseBoolean(request.getParameter(FORCE_AUTH)));
authContext.setLoginState(loginState);
String queryOrg = getQueryOrgName(request, getOrgParam(dataHash));
if (utilDebug.messageEnabled()) {
utilDebug.message("query org is .. : " + queryOrg);
}
loginState.setQueryOrg(queryOrg);
} catch (AuthException ae) {
utilDebug.message("Error creating AuthContextLocal : ");
if (utilDebug.messageEnabled()) {
utilDebug.message("Exception ", ae);
}
throw new AuthException(ae);
}
} else {
utilDebug.message("getAuthContext: found existing request.");
authContext = processAuthContext(authContext, request, response, dataHash, sid);
loginState = getLoginState(authContext);
loginState.setNewRequest(false);
}
} catch (Exception ee) {
if (utilDebug.messageEnabled()) {
utilDebug.message("Error creating AuthContextLocal : " + ee.getMessage());
}
throw new AuthException(ee);
}
return authContext;
}
use of com.iplanet.dpro.session.SessionException in project OpenAM by OpenRock.
the class StatelessSessionActivator method activateSession.
@Override
public boolean activateSession(final LoginState loginState, final SessionService sessionService, final InternalSession authSession, final Subject subject, final Object loginContext) throws AuthException {
if (loginState.getForceFlag()) {
if (DEBUG.messageEnabled()) {
DEBUG.message("Cannot force auth stateless sessions.");
}
throw new AuthException(AMAuthErrorCode.STATELESS_FORCE_FAILED, null);
}
if (loginState.isSessionUpgrade()) {
//set our old session -- necessary as if the currently owned token is stateless this won't be set
SessionID sid = new SessionID(loginState.getHttpServletRequest());
try {
SessionInfo info = getStatelessSessionFactory().getSessionInfo(sid);
oldSession = getStatelessSessionFactory().generate(info);
loginState.setOldStatelessSession(oldSession);
} catch (SessionException e) {
throw new AuthException(AMAuthErrorCode.SESSION_UPGRADE_FAILED, null);
}
}
//create our new session - the loginState needs this session as it's the one we'll be passing back to the user
final InternalSession session = createSession(sessionService, loginState);
loginState.setSession(session);
return updateSessions(session, loginState, session, authSession, sessionService, subject, loginContext);
}
Aggregations