Example 6 with AuthenticatedSession
use of io.undertow.security.api.AuthenticatedSessionManager.AuthenticatedSession in project wildfly by wildfly.
the class DistributableSession method getAttribute.
@Override
public Object getAttribute(String name) {
Session<LocalSessionContext> session = this.entry.getKey();
validate(session);
try (BatchContext context = this.manager.getSessionManager().getBatcher().resumeBatch(this.batch)) {
if (CachedAuthenticatedSessionHandler.ATTRIBUTE_NAME.equals(name)) {
AuthenticatedSession auth = (AuthenticatedSession) session.getAttributes().getAttribute(name);
return (auth != null) ? auth : session.getLocalContext().getAuthenticatedSession();
}
return session.getAttributes().getAttribute(name);
}
}
Also used :
AuthenticatedSession(io.undertow.security.api.AuthenticatedSessionManager.AuthenticatedSession)
BatchContext(org.wildfly.clustering.ee.BatchContext)
Example 7 with AuthenticatedSession
use of io.undertow.security.api.AuthenticatedSessionManager.AuthenticatedSession in project wildfly by wildfly.
the class DistributableSessionTestCase method getAuthenticatedSessionAttribute.
@Test
public void getAuthenticatedSessionAttribute() {
when(this.session.getMetaData()).thenReturn(this.metaData);
when(this.metaData.isNew()).thenReturn(false);
io.undertow.server.session.Session session = new DistributableSession(this.manager, this.session, this.config, this.batch, this.closeTask);
String name = CachedAuthenticatedSessionHandler.class.getName() + ".AuthenticatedSession";
SessionManager<Map<String, Object>, Batch> manager = mock(SessionManager.class);
Batcher<Batch> batcher = mock(Batcher.class);
BatchContext context = mock(BatchContext.class);
SessionAttributes attributes = mock(SessionAttributes.class);
Account account = mock(Account.class);
AuthenticatedSession auth = new AuthenticatedSession(account, HttpServletRequest.FORM_AUTH);
when(this.manager.getSessionManager()).thenReturn(manager);
when(manager.getBatcher()).thenReturn(batcher);
when(batcher.resumeBatch(this.batch)).thenReturn(context);
when(this.session.getAttributes()).thenReturn(attributes);
when(attributes.getAttribute(name)).thenReturn(auth);
AuthenticatedSession result = (AuthenticatedSession) session.getAttribute(name);
assertSame(account, result.getAccount());
assertSame(HttpServletRequest.FORM_AUTH, result.getMechanism());
verify(context).close();
verify(this.session, never()).close();
verify(this.closeTask, never()).accept(null);
reset(context);
AuthenticatedSession expected = new AuthenticatedSession(account, HttpServletRequest.BASIC_AUTH);
Map<String, Object> localContext = Collections.singletonMap(name, expected);
when(attributes.getAttribute(name)).thenReturn(null);
when(this.session.getLocalContext()).thenReturn(localContext);
result = (AuthenticatedSession) session.getAttribute(name);
assertSame(expected, result);
verify(context).close();
verify(this.session, never()).close();
verify(this.closeTask, never()).accept(null);
reset(context);
doThrow(IllegalStateException.class).when(this.session).getAttributes();
assertThrows(IllegalStateException.class, () -> session.getAttribute(name));
verify(context).close();
verify(this.session).close();
verify(this.closeTask).accept(null);
}
Also used :
Account(io.undertow.security.idm.Account)
AuthenticatedSession(io.undertow.security.api.AuthenticatedSessionManager.AuthenticatedSession)
BatchContext(org.wildfly.clustering.ee.BatchContext)
CachedAuthenticatedSessionHandler(io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler)
Batch(org.wildfly.clustering.ee.Batch)
SessionAttributes(org.wildfly.clustering.web.session.SessionAttributes)
OptionMap(org.xnio.OptionMap)
Map(java.util.Map)
HashMap(java.util.HashMap)
Test(org.junit.Test)
Example 8 with AuthenticatedSession
use of io.undertow.security.api.AuthenticatedSessionManager.AuthenticatedSession in project wildfly by wildfly.
the class DistributableSessionTestCase method removeAuthenticatedSessionAttribute.
@Test
public void removeAuthenticatedSessionAttribute() {
when(this.session.getMetaData()).thenReturn(this.metaData);
when(this.metaData.isNew()).thenReturn(false);
io.undertow.server.session.Session session = new DistributableSession(this.manager, this.session, this.config, this.batch, this.closeTask);
String name = CachedAuthenticatedSessionHandler.class.getName() + ".AuthenticatedSession";
SessionManager<Map<String, Object>, Batch> manager = mock(SessionManager.class);
Batcher<Batch> batcher = mock(Batcher.class);
BatchContext context = mock(BatchContext.class);
SessionAttributes attributes = mock(SessionAttributes.class);
Account oldAccount = mock(Account.class);
AuthenticatedSession oldAuth = new AuthenticatedSession(oldAccount, HttpServletRequest.FORM_AUTH);
when(this.manager.getSessionManager()).thenReturn(manager);
when(manager.getBatcher()).thenReturn(batcher);
when(batcher.resumeBatch(this.batch)).thenReturn(context);
when(this.session.getAttributes()).thenReturn(attributes);
when(attributes.removeAttribute(same(name))).thenReturn(oldAuth);
AuthenticatedSession result = (AuthenticatedSession) session.removeAttribute(name);
assertSame(oldAccount, result.getAccount());
assertSame(HttpServletRequest.FORM_AUTH, result.getMechanism());
verify(context).close();
reset(context, attributes);
Map<String, Object> localContext = new HashMap<>();
AuthenticatedSession oldSession = new AuthenticatedSession(oldAccount, HttpServletRequest.BASIC_AUTH);
localContext.put(name, oldSession);
when(attributes.removeAttribute(same(name))).thenReturn(null);
when(this.session.getLocalContext()).thenReturn(localContext);
result = (AuthenticatedSession) session.removeAttribute(name);
assertSame(result, oldSession);
assertNull(localContext.get(name));
verify(context).close();
reset(context, attributes);
result = (AuthenticatedSession) session.removeAttribute(name);
assertNull(result);
verify(context).close();
verify(this.session, never()).close();
verify(this.closeTask, never()).accept(null);
reset(context);
doThrow(IllegalStateException.class).when(this.session).getAttributes();
assertThrows(IllegalStateException.class, () -> session.removeAttribute(name));
verify(context).close();
verify(this.session).close();
verify(this.closeTask).accept(null);
}
Also used :
Account(io.undertow.security.idm.Account)
AuthenticatedSession(io.undertow.security.api.AuthenticatedSessionManager.AuthenticatedSession)
HashMap(java.util.HashMap)
BatchContext(org.wildfly.clustering.ee.BatchContext)
CachedAuthenticatedSessionHandler(io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler)
Batch(org.wildfly.clustering.ee.Batch)
SessionAttributes(org.wildfly.clustering.web.session.SessionAttributes)
OptionMap(org.xnio.OptionMap)
Map(java.util.Map)
HashMap(java.util.HashMap)
Test(org.junit.Test)
Example 9 with AuthenticatedSession
use of io.undertow.security.api.AuthenticatedSessionManager.AuthenticatedSession in project wildfly by wildfly.
the class DistributableSingleSignOnManager method findSingleSignOn.
@Override
public SingleSignOn findSingleSignOn(String id) {
// If requested id contains invalid characters, then sso cannot exist and would otherwise cause sso lookup to fail
try {
Base64.getUrlDecoder().decode(id);
} catch (IllegalArgumentException e) {
return null;
}
Batcher<Batch> batcher = this.manager.getBatcher();
// Batch will be closed when SSO is closed
@SuppressWarnings("resource") Batch batch = batcher.createBatch();
try {
SSO<AuthenticatedSession, String, String, Void> sso = this.manager.findSSO(id);
if (sso == null) {
if (log.isTraceEnabled()) {
log.tracef("SSO ID %s not found on the session manager.", id);
}
batch.close();
return null;
}
if (log.isTraceEnabled()) {
log.tracef("SSO ID %s found on the session manager.", id);
}
return new DistributableSingleSignOn(sso, this.registry, batcher, batcher.suspendBatch());
} catch (RuntimeException | Error e) {
batch.discard();
batch.close();
throw e;
}
}
Also used :
AuthenticatedSession(io.undertow.security.api.AuthenticatedSessionManager.AuthenticatedSession)
Batch(org.wildfly.clustering.ee.Batch)
Example 10 with AuthenticatedSession
use of io.undertow.security.api.AuthenticatedSessionManager.AuthenticatedSession in project wildfly by wildfly.
the class DistributableSession method removeAttribute.
@Override
public Object removeAttribute(String name) {
Session<LocalSessionContext> session = this.entry.getKey();
validate(session);
try (BatchContext context = this.manager.getSessionManager().getBatcher().resumeBatch(this.batch)) {
if (CachedAuthenticatedSessionHandler.ATTRIBUTE_NAME.equals(name)) {
AuthenticatedSession auth = (AuthenticatedSession) session.getAttributes().removeAttribute(name);
return (auth != null) ? auth : this.setLocalContext(null);
}
Object old = session.getAttributes().removeAttribute(name);
if (old != null) {
this.manager.getSessionListeners().attributeRemoved(this, name, old);
}
return old;
}
}
Also used :
AuthenticatedSession(io.undertow.security.api.AuthenticatedSessionManager.AuthenticatedSession)
BatchContext(org.wildfly.clustering.ee.BatchContext)
Aggregations
AuthenticatedSession (io.undertow.security.api.AuthenticatedSessionManager.AuthenticatedSession)14
Batch (org.wildfly.clustering.ee.Batch)8
BatchContext (org.wildfly.clustering.ee.BatchContext)8
Test (org.junit.Test)7
Account (io.undertow.security.idm.Account)6
CachedAuthenticatedSessionHandler (io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler)3
HashMap (java.util.HashMap)3
Map (java.util.Map)3
SessionAttributes (org.wildfly.clustering.web.session.SessionAttributes)3
OptionMap (org.xnio.OptionMap)3
SingleSignOn (io.undertow.security.impl.SingleSignOn)2
