use of com.iplanet.dpro.session.SessionException in project OpenAM by OpenRock.
the class StatelessSessionFactory method getSessionInfo.
/**
* Will create the SessionInfo from the JWT contained within the
* SessionID.
*
* Side Effect: Will cache the generated JWT and SessionInfo combination.
*
* @param sessionID Maybe null SessionID.
*
* @return SessionInfo Non null SessionInfo which corresponds to the SessionID.
*
* @throws SessionException If there was any problem with getting the SessionInfo
* from the JWT within with SessionID
*/
public SessionInfo getSessionInfo(SessionID sessionID) throws SessionException {
String jwt = getJWTFromSessionID(sessionID, true);
if (cache.contains(jwt)) {
return cache.getSessionInfo(jwt);
}
SessionInfo sessionInfo;
try {
sessionInfo = getJwtSessionMapper().fromJwt(jwt);
} catch (JwtRuntimeException e) {
throw new SessionException(e);
}
cache.cache(sessionInfo, jwt);
return sessionInfo;
}
use of com.iplanet.dpro.session.SessionException in project OpenAM by OpenRock.
the class DestroyNextExpiringAction method action.
@Override
public boolean action(InternalSession is, Map<String, Long> sessions) {
String nextExpiringSessionID = null;
long smallestExpTime = Long.MAX_VALUE;
for (Map.Entry<String, Long> entry : sessions.entrySet()) {
String sid = entry.getKey();
long expirationTime = entry.getValue();
if (expirationTime < smallestExpTime) {
smallestExpTime = expirationTime;
nextExpiringSessionID = sid;
}
}
if (nextExpiringSessionID != null) {
SessionID sessID = new SessionID(nextExpiringSessionID);
try {
Session s = sessionCache.getSession(sessID);
s.destroySession(s);
} catch (SessionException e) {
if (debug.messageEnabled()) {
debug.message("Failed to destroy the next " + "expiring session.", e);
}
// in this case
return true;
}
}
return false;
}
use of com.iplanet.dpro.session.SessionException in project OpenAM by OpenRock.
the class DestroyOldestAction method action.
@Override
public boolean action(InternalSession is, Map<String, Long> sessions) {
long smallestExpTime = Long.MAX_VALUE;
String oldestSessionID = null;
for (Map.Entry<String, Long> entry : sessions.entrySet()) {
try {
Session session = sessionCache.getSession(new SessionID(entry.getKey()));
session.refresh(false);
long expTime = session.getTimeLeft();
if (expTime < smallestExpTime) {
smallestExpTime = expTime;
oldestSessionID = entry.getKey();
}
} catch (SessionException ssoe) {
if (debug.warningEnabled()) {
debug.warning("Failed to create SSOToken", ssoe);
}
// in this case
return true;
}
}
if (oldestSessionID != null) {
SessionID sessID = new SessionID(oldestSessionID);
try {
Session s = sessionCache.getSession(sessID);
s.destroySession(s);
} catch (SessionException e) {
if (debug.messageEnabled()) {
debug.message("Failed to destroy the next expiring session.", e);
}
// in this case
return true;
}
}
return false;
}
use of com.iplanet.dpro.session.SessionException in project OpenAM by OpenRock.
the class StatelessSSOProvider method createSSOToken.
private SSOToken createSSOToken(SessionID sessionId) throws SSOException {
StatelessSession session;
try {
session = statelessSessionFactory.generate(sessionId);
} catch (SessionException e) {
throw new SSOException(e);
}
final StatelessSSOToken ssoToken = new StatelessSSOToken(session);
if (isValidToken(ssoToken, false)) {
return ssoToken;
} else {
Principal principal = null;
try {
principal = ssoToken.getPrincipal();
} catch (SSOException e) {
debug.warning("Could not obtain token principal for invalid token: " + e.getMessage(), e);
}
throw new SSOException("Token for principal " + (principal != null ? principal.getName() : null) + " invalid.");
}
}
use of com.iplanet.dpro.session.SessionException in project OpenAM by OpenRock.
the class GetHttpSession method doGet.
public void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException {
if (!validateRequest(request)) {
response.setStatus(HttpServletResponse.SC_FORBIDDEN);
return;
}
String op = request.getParameter(OP);
if (op.equals(RECOVER_OP)) {
HttpSession httpSession = request.getSession(false);
if (httpSession != null) {
if (sessionDebug.messageEnabled()) {
sessionDebug.message("GetHttpSession.recover: Old HttpSession is obtained");
}
SessionID sid = new SessionID(request);
if (!sid.isNull()) {
sessionService.retrieveSession(sid, httpSession);
}
} else {
sessionDebug.error("GetHttpSession.recover: Old HttpSession is not obtained");
}
} else if (op.equals(SAVE_OP)) {
HttpSession httpSession = request.getSession(false);
if (httpSession != null) {
if (sessionDebug.messageEnabled()) {
sessionDebug.message("GetHttpSession.save: HttpSession is obtained");
}
SessionID sid = new SessionID(request);
if (!sid.isNull()) {
int status = sessionService.handleSaveSession(sid, httpSession);
response.setStatus(status);
}
} else {
sessionDebug.error("GetHttpSession.save: HttpSession is not obtained");
response.setStatus(HttpServletResponse.SC_NOT_FOUND);
}
} else if (op.equals(CREATE_OP)) {
HttpSession httpSession = request.getSession(true);
String domain = request.getParameter(DOMAIN);
InternalSession is = sessionService.newInternalSession(domain, httpSession, false);
if (sessionDebug.messageEnabled()) {
sessionDebug.message("GetHttpSession.create: Created new session=" + is.getID());
}
DataOutputStream out = new DataOutputStream(response.getOutputStream());
out.writeUTF(is.getID().toString());
out.flush();
out.close();
} else if (op.equals(INVALIDATE_OP)) {
HttpSession httpSession = request.getSession(false);
if (httpSession != null) {
if (sessionDebug.messageEnabled()) {
sessionDebug.message("GetHttpSession.invalidate: HttpSession is obtained");
}
try {
httpSession.invalidate();
} catch (IllegalStateException ise) {
if (sessionDebug.messageEnabled()) {
sessionDebug.message("Exception:invalidateSession: the web containers session timeout could be " + "shorter than the OpenSSO session timeout", ise);
}
}
} else {
if (sessionDebug.warningEnabled()) {
sessionDebug.warning("GetHttpSession.invalidate: session is not obtained");
}
}
} else if (op.equals(RELEASE_OP)) {
SessionID sid = new SessionID(request);
if (!sid.isNull()) {
if (sessionDebug.messageEnabled()) {
sessionDebug.message("GetHttpSession.release: releasing session=" + sid);
}
int status = sessionService.handleReleaseSession(sid);
response.setStatus(status);
} else {
if (sessionDebug.messageEnabled()) {
sessionDebug.message("GetHttpSession.release: missing session id");
}
}
} else if (op.equals(GET_RESTRICTED_TOKEN_OP)) {
DataInputStream in = null;
DataOutputStream out = null;
SessionID sid = new SessionID(request);
try {
in = new DataInputStream(request.getInputStream());
TokenRestriction restriction = TokenRestrictionFactory.unmarshal(in.readUTF());
String token = sessionService.handleGetRestrictedTokenIdRemotely(sid, restriction);
if (token != null) {
if (sessionDebug.messageEnabled()) {
sessionDebug.message("GetHttpSession.get_restricted_token: Created new session=" + token);
}
response.setStatus(HttpServletResponse.SC_OK);
out = new DataOutputStream(response.getOutputStream());
out.writeUTF(token);
out.flush();
} else {
sessionDebug.error("GetHttpSession.get_restricted_token: failed to create token");
response.setStatus(HttpServletResponse.SC_NOT_FOUND);
}
} catch (Exception ex) {
sessionDebug.error("GetHttpSession.get_restricted_token: exception occured while create token", ex);
response.setStatus(HttpServletResponse.SC_NOT_FOUND);
} finally {
IOUtils.closeIfNotNull(in);
IOUtils.closeIfNotNull(out);
}
} else if (op.equals(DEREFERENCE_RESTRICTED_TOKEN_ID)) {
DataInputStream in = null;
DataOutputStream out = null;
String cookieValue = CookieUtils.getCookieValueFromReq(request, CookieUtils.getAmCookieName());
if ((cookieValue != null) && (cookieValue.indexOf("%") != -1)) {
cookieValue = URLEncDec.decode(cookieValue);
}
SessionID sid = new SessionID(cookieValue);
try {
in = new DataInputStream(request.getInputStream());
String restrictedID = in.readUTF();
try {
String masterSID = sessionService.deferenceRestrictedID(sessionCache.getSession(sid), restrictedID);
response.setStatus(HttpServletResponse.SC_OK);
out = new DataOutputStream(response.getOutputStream());
out.writeUTF(masterSID);
out.flush();
if (sessionDebug.messageEnabled()) {
sessionDebug.message("GetHttpSession.dereference_restricted_token_id: master sid=" + masterSID);
}
} catch (SessionException se) {
sessionDebug.message("GetHttpSession.dereference_restricted_token_id: unable to find master sid", se);
response.setStatus(HttpServletResponse.SC_OK);
out = new DataOutputStream(response.getOutputStream());
out.writeUTF("ERROR");
out.flush();
}
} catch (Exception ex) {
sessionDebug.error("GetHttpSession.dereference_restricted_token_id: exception occured while finding master sid", ex);
response.setStatus(HttpServletResponse.SC_NOT_FOUND);
} finally {
IOUtils.closeIfNotNull(in);
IOUtils.closeIfNotNull(out);
}
} else {
sessionDebug.error("GetHttpSession: unknown operation requested");
response.setStatus(HttpServletResponse.SC_NOT_IMPLEMENTED);
}
}
Aggregations