use of com.iplanet.dpro.session.SessionID in project OpenAM by OpenRock.
the class CTSOperations method destroy.
/**
* Perform a remote destroy operation on the SessionID, because we know this is a remote session.
*
* @param requester {@inheritDoc}
* @param session {@inheritDoc}
* @throws SessionException if we somehow passed a local session into this function
*/
@Override
public void destroy(Session requester, Session session) throws SessionException {
// Comments as for logout. The check for a local session should be removed if it proves to be a performance
// bottleneck.
//
SessionID sessionID = session.getID();
if (sessionService.checkSessionLocal(sessionID)) {
throw new SessionException("CTSOperations received a local session (only remote sessions expected)");
}
remote.destroy(requester, session);
}
use of com.iplanet.dpro.session.SessionID in project OpenAM by OpenRock.
the class AuthXMLHandler method processRequest.
/* process the request */
private Response processRequest(PLLAuditor auditor, Request req, HttpServletRequest servletReq, HttpServletResponse servletRes) {
// this call is to create a http session so that the JSESSIONID cookie
// is created. The appserver(8.1) load balancer plugin relies on the
// JSESSIONID cookie to set its JROUTE sticky cookie.
debug.message("=======================Entering processRequest");
servletReq.getSession(true);
String content = req.getContent();
AuthXMLResponse authResponse = null;
// Check for mis-routed requests
String cookieURL = null;
int index = content.indexOf(AuthXMLTags.AUTH_ID_HANDLE);
if (index != -1) {
// Check for mis-routed requests, get server URL for
// AuthIdentifier
int beginIndex = content.indexOf('"', index);
int endIndex = content.indexOf('"', beginIndex + 1);
String authIdentifier = content.substring(beginIndex + 1, endIndex);
if (debug.messageEnabled()) {
debug.message("authIdentifier = " + authIdentifier + "beginIndex = " + beginIndex + "endIndex =" + endIndex);
}
if (!authIdentifier.equals("0")) {
try {
SessionID sessionID = new SessionID(authIdentifier);
URL sessionServerURL = SESSION_SERVICE_URL_SERVICE.getSessionServiceURL(sessionID);
StringBuilder srtBuff = new StringBuilder(100);
srtBuff.append(sessionServerURL.getProtocol()).append("://").append(sessionServerURL.getHost()).append(":").append(Integer.toString(sessionServerURL.getPort())).append(serviceURI);
cookieURL = srtBuff.toString();
} catch (Exception exp) {
debug.error("Error in getting URL from session", exp);
cookieURL = null;
}
}
}
if ((cookieURL != null) && (cookieURL.trim().length() != 0) && !(AuthUtils.isLocalServer(cookieURL, serviceURI))) {
// Routing to the correct server, the looks like a mis-routed
// requested.
HashMap cookieTable = new HashMap();
Map headers = new HashMap();
Enumeration headerNames = servletReq.getHeaderNames();
while (headerNames.hasMoreElements()) {
String headerName = (String) headerNames.nextElement();
List headerValues = new ArrayList();
Enumeration enum1 = servletReq.getHeaders(headerName);
while (enum1.hasMoreElements()) {
headerValues.add(enum1.nextElement());
}
headers.put(headerName, headerValues);
}
if (debug.messageEnabled()) {
debug.message("Headers: " + headers);
}
PLLClient.parseCookies(headers, cookieTable);
if (debug.messageEnabled()) {
debug.message("Cookies: " + cookieTable);
}
RequestSet set = new RequestSet(AuthXMLTags.AUTH_SERVICE);
set.addRequest(req);
try {
Vector responses = PLLClient.send(new URL(cookieURL), set, cookieTable);
if (!responses.isEmpty()) {
auditor.auditAccessAttempt();
// Just record result as success here to avoid parsing response
auditor.auditAccessSuccess();
debug.message("=====================Returning redirected");
return ((Response) responses.elementAt(0));
}
} catch (Exception e) {
debug.error("Error in misrouted ", e);
// Attempt to contact server failed
authResponse = new AuthXMLResponse(AuthXMLRequest.NewAuthContext);
setErrorCode(authResponse, e);
auditor.auditAccessAttempt();
auditor.auditAccessFailure(authResponse.errorCode, authResponse.authErrorMessage);
return new Response(authResponse.toXMLString());
}
}
// Either local request or new request, handle it locally
try {
AuthXMLRequest sreq = AuthXMLRequest.parseXML(content, servletReq);
sreq.setHttpServletRequest(servletReq);
authResponse = processAuthXMLRequest(content, auditor, sreq, servletReq, servletRes);
} catch (AuthException e) {
debug.error("Got Auth Exception", e);
authResponse = new AuthXMLResponse(AuthXMLRequest.NewAuthContext);
authResponse.setErrorCode(e.getErrorCode());
} catch (Exception ex) {
debug.error("Error while processing xml request", ex);
authResponse = new AuthXMLResponse(AuthXMLRequest.NewAuthContext);
setErrorCode(authResponse, ex);
}
debug.message("=======================Returning");
if (authResponse.isException) {
auditor.auditAccessFailure(authResponse.errorCode, authResponse.authErrorMessage);
} else {
auditor.auditAccessSuccess();
}
return new Response(authResponse.toXMLString());
}
use of com.iplanet.dpro.session.SessionID in project OpenAM by OpenRock.
the class NoSessionActivatorTest method shouldDestroyAuthSession.
@Test
public void shouldDestroyAuthSession() throws AuthException {
// Given
final SessionID sid = new SessionID();
given(mockSession.getID()).willReturn(sid);
// When
NoSessionActivator.INSTANCE.activateSession(null, mockSessionService, mockSession, null, null);
// Then
verify(mockSessionService).destroyInternalSession(sid);
}
use of com.iplanet.dpro.session.SessionID in project OpenAM by OpenRock.
the class StatelessSessionActivatorTest method shouldGenerateStatelessSessionId.
@Test
public void shouldGenerateStatelessSessionId() throws Exception {
// Given
InternalSession mockSession = mock(InternalSession.class);
String userDn = "fred";
given(mockLoginState.getUserDN()).willReturn(userDn);
given(mockSession.activate(userDn, true)).willReturn(true);
StatelessSession mockStatelessSession = mock(StatelessSession.class);
given(mockSessionFactory.generate(mockSession)).willReturn(mockStatelessSession);
SessionID statelessSessionId = new SessionID("stateless");
given(mockStatelessSession.getID()).willReturn(statelessSessionId);
// When
testActivator.activateSession(mockSession, mockLoginState);
// Then
verify(mockSessionFactory).generate(mockSession);
verify(mockLoginState).setSessionID(statelessSessionId);
}
use of com.iplanet.dpro.session.SessionID in project OpenAM by OpenRock.
the class KeyConversionTest method shouldNotFailToEncryptKey.
@Test
public void shouldNotFailToEncryptKey() {
// Given
SessionID key = mock(SessionID.class);
SessionIDExtensions extensions = mock(SessionIDExtensions.class);
given(key.getExtension()).willReturn(extensions);
given(extensions.getStorageKey()).willReturn("badger");
KeyConversion conversion = new KeyConversion();
// When
String result = conversion.encryptKey(key);
// Then
assertNotNull(result);
}
Aggregations