Search in sources :

Example 6 with AuthenticatedSession

use of io.undertow.security.api.AuthenticatedSessionManager.AuthenticatedSession in project wildfly by wildfly.

the class DistributableSession method getAttribute.

@Override
public Object getAttribute(String name) {
    Session<LocalSessionContext> session = this.entry.getKey();
    validate(session);
    try (BatchContext context = this.manager.getSessionManager().getBatcher().resumeBatch(this.batch)) {
        if (CachedAuthenticatedSessionHandler.ATTRIBUTE_NAME.equals(name)) {
            AuthenticatedSession auth = (AuthenticatedSession) session.getAttributes().getAttribute(name);
            return (auth != null) ? auth : session.getLocalContext().getAuthenticatedSession();
        }
        return session.getAttributes().getAttribute(name);
    }
}
Also used : AuthenticatedSession(io.undertow.security.api.AuthenticatedSessionManager.AuthenticatedSession) BatchContext(org.wildfly.clustering.ee.BatchContext)

Example 7 with AuthenticatedSession

use of io.undertow.security.api.AuthenticatedSessionManager.AuthenticatedSession in project wildfly by wildfly.

the class DistributableSessionTestCase method getAuthenticatedSessionAttribute.

@Test
public void getAuthenticatedSessionAttribute() {
    when(this.session.getMetaData()).thenReturn(this.metaData);
    when(this.metaData.isNew()).thenReturn(false);
    io.undertow.server.session.Session session = new DistributableSession(this.manager, this.session, this.config, this.batch, this.closeTask);
    String name = CachedAuthenticatedSessionHandler.class.getName() + ".AuthenticatedSession";
    SessionManager<Map<String, Object>, Batch> manager = mock(SessionManager.class);
    Batcher<Batch> batcher = mock(Batcher.class);
    BatchContext context = mock(BatchContext.class);
    SessionAttributes attributes = mock(SessionAttributes.class);
    Account account = mock(Account.class);
    AuthenticatedSession auth = new AuthenticatedSession(account, HttpServletRequest.FORM_AUTH);
    when(this.manager.getSessionManager()).thenReturn(manager);
    when(manager.getBatcher()).thenReturn(batcher);
    when(batcher.resumeBatch(this.batch)).thenReturn(context);
    when(this.session.getAttributes()).thenReturn(attributes);
    when(attributes.getAttribute(name)).thenReturn(auth);
    AuthenticatedSession result = (AuthenticatedSession) session.getAttribute(name);
    assertSame(account, result.getAccount());
    assertSame(HttpServletRequest.FORM_AUTH, result.getMechanism());
    verify(context).close();
    verify(this.session, never()).close();
    verify(this.closeTask, never()).accept(null);
    reset(context);
    AuthenticatedSession expected = new AuthenticatedSession(account, HttpServletRequest.BASIC_AUTH);
    Map<String, Object> localContext = Collections.singletonMap(name, expected);
    when(attributes.getAttribute(name)).thenReturn(null);
    when(this.session.getLocalContext()).thenReturn(localContext);
    result = (AuthenticatedSession) session.getAttribute(name);
    assertSame(expected, result);
    verify(context).close();
    verify(this.session, never()).close();
    verify(this.closeTask, never()).accept(null);
    reset(context);
    doThrow(IllegalStateException.class).when(this.session).getAttributes();
    assertThrows(IllegalStateException.class, () -> session.getAttribute(name));
    verify(context).close();
    verify(this.session).close();
    verify(this.closeTask).accept(null);
}
Also used : Account(io.undertow.security.idm.Account) AuthenticatedSession(io.undertow.security.api.AuthenticatedSessionManager.AuthenticatedSession) BatchContext(org.wildfly.clustering.ee.BatchContext) CachedAuthenticatedSessionHandler(io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler) Batch(org.wildfly.clustering.ee.Batch) SessionAttributes(org.wildfly.clustering.web.session.SessionAttributes) OptionMap(org.xnio.OptionMap) Map(java.util.Map) HashMap(java.util.HashMap) Test(org.junit.Test)

Example 8 with AuthenticatedSession

use of io.undertow.security.api.AuthenticatedSessionManager.AuthenticatedSession in project wildfly by wildfly.

the class DistributableSessionTestCase method removeAuthenticatedSessionAttribute.

@Test
public void removeAuthenticatedSessionAttribute() {
    when(this.session.getMetaData()).thenReturn(this.metaData);
    when(this.metaData.isNew()).thenReturn(false);
    io.undertow.server.session.Session session = new DistributableSession(this.manager, this.session, this.config, this.batch, this.closeTask);
    String name = CachedAuthenticatedSessionHandler.class.getName() + ".AuthenticatedSession";
    SessionManager<Map<String, Object>, Batch> manager = mock(SessionManager.class);
    Batcher<Batch> batcher = mock(Batcher.class);
    BatchContext context = mock(BatchContext.class);
    SessionAttributes attributes = mock(SessionAttributes.class);
    Account oldAccount = mock(Account.class);
    AuthenticatedSession oldAuth = new AuthenticatedSession(oldAccount, HttpServletRequest.FORM_AUTH);
    when(this.manager.getSessionManager()).thenReturn(manager);
    when(manager.getBatcher()).thenReturn(batcher);
    when(batcher.resumeBatch(this.batch)).thenReturn(context);
    when(this.session.getAttributes()).thenReturn(attributes);
    when(attributes.removeAttribute(same(name))).thenReturn(oldAuth);
    AuthenticatedSession result = (AuthenticatedSession) session.removeAttribute(name);
    assertSame(oldAccount, result.getAccount());
    assertSame(HttpServletRequest.FORM_AUTH, result.getMechanism());
    verify(context).close();
    reset(context, attributes);
    Map<String, Object> localContext = new HashMap<>();
    AuthenticatedSession oldSession = new AuthenticatedSession(oldAccount, HttpServletRequest.BASIC_AUTH);
    localContext.put(name, oldSession);
    when(attributes.removeAttribute(same(name))).thenReturn(null);
    when(this.session.getLocalContext()).thenReturn(localContext);
    result = (AuthenticatedSession) session.removeAttribute(name);
    assertSame(result, oldSession);
    assertNull(localContext.get(name));
    verify(context).close();
    reset(context, attributes);
    result = (AuthenticatedSession) session.removeAttribute(name);
    assertNull(result);
    verify(context).close();
    verify(this.session, never()).close();
    verify(this.closeTask, never()).accept(null);
    reset(context);
    doThrow(IllegalStateException.class).when(this.session).getAttributes();
    assertThrows(IllegalStateException.class, () -> session.removeAttribute(name));
    verify(context).close();
    verify(this.session).close();
    verify(this.closeTask).accept(null);
}
Also used : Account(io.undertow.security.idm.Account) AuthenticatedSession(io.undertow.security.api.AuthenticatedSessionManager.AuthenticatedSession) HashMap(java.util.HashMap) BatchContext(org.wildfly.clustering.ee.BatchContext) CachedAuthenticatedSessionHandler(io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler) Batch(org.wildfly.clustering.ee.Batch) SessionAttributes(org.wildfly.clustering.web.session.SessionAttributes) OptionMap(org.xnio.OptionMap) Map(java.util.Map) HashMap(java.util.HashMap) Test(org.junit.Test)

Example 9 with AuthenticatedSession

use of io.undertow.security.api.AuthenticatedSessionManager.AuthenticatedSession in project wildfly by wildfly.

the class DistributableSingleSignOnManager method findSingleSignOn.

@Override
public SingleSignOn findSingleSignOn(String id) {
    // If requested id contains invalid characters, then sso cannot exist and would otherwise cause sso lookup to fail
    try {
        Base64.getUrlDecoder().decode(id);
    } catch (IllegalArgumentException e) {
        return null;
    }
    Batcher<Batch> batcher = this.manager.getBatcher();
    // Batch will be closed when SSO is closed
    @SuppressWarnings("resource") Batch batch = batcher.createBatch();
    try {
        SSO<AuthenticatedSession, String, String, Void> sso = this.manager.findSSO(id);
        if (sso == null) {
            if (log.isTraceEnabled()) {
                log.tracef("SSO ID %s not found on the session manager.", id);
            }
            batch.close();
            return null;
        }
        if (log.isTraceEnabled()) {
            log.tracef("SSO ID %s found on the session manager.", id);
        }
        return new DistributableSingleSignOn(sso, this.registry, batcher, batcher.suspendBatch());
    } catch (RuntimeException | Error e) {
        batch.discard();
        batch.close();
        throw e;
    }
}
Also used : AuthenticatedSession(io.undertow.security.api.AuthenticatedSessionManager.AuthenticatedSession) Batch(org.wildfly.clustering.ee.Batch)

Example 10 with AuthenticatedSession

use of io.undertow.security.api.AuthenticatedSessionManager.AuthenticatedSession in project wildfly by wildfly.

the class DistributableSession method removeAttribute.

@Override
public Object removeAttribute(String name) {
    Session<LocalSessionContext> session = this.entry.getKey();
    validate(session);
    try (BatchContext context = this.manager.getSessionManager().getBatcher().resumeBatch(this.batch)) {
        if (CachedAuthenticatedSessionHandler.ATTRIBUTE_NAME.equals(name)) {
            AuthenticatedSession auth = (AuthenticatedSession) session.getAttributes().removeAttribute(name);
            return (auth != null) ? auth : this.setLocalContext(null);
        }
        Object old = session.getAttributes().removeAttribute(name);
        if (old != null) {
            this.manager.getSessionListeners().attributeRemoved(this, name, old);
        }
        return old;
    }
}
Also used : AuthenticatedSession(io.undertow.security.api.AuthenticatedSessionManager.AuthenticatedSession) BatchContext(org.wildfly.clustering.ee.BatchContext)

Aggregations

AuthenticatedSession (io.undertow.security.api.AuthenticatedSessionManager.AuthenticatedSession)14 Batch (org.wildfly.clustering.ee.Batch)8 BatchContext (org.wildfly.clustering.ee.BatchContext)8 Test (org.junit.Test)7 Account (io.undertow.security.idm.Account)6 CachedAuthenticatedSessionHandler (io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler)3 HashMap (java.util.HashMap)3 Map (java.util.Map)3 SessionAttributes (org.wildfly.clustering.web.session.SessionAttributes)3 OptionMap (org.xnio.OptionMap)3 SingleSignOn (io.undertow.security.impl.SingleSignOn)2