use of org.apache.shiro.session.Session in project graylog2-server by Graylog2.
the class SessionAuthenticator method doGetAuthenticationInfo.
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
SessionIdToken sessionIdToken = (SessionIdToken) token;
final Subject subject = new Subject.Builder().sessionId(sessionIdToken.getSessionId()).buildSubject();
final Session session = subject.getSession(false);
if (session == null) {
LOG.debug("Invalid session {}. Either it has expired or did not exist.", sessionIdToken.getSessionId());
return null;
}
final Object username = subject.getPrincipal();
final User user = userService.load(String.valueOf(username));
if (user == null) {
LOG.debug("No user named {} found for session {}", username, sessionIdToken.getSessionId());
return null;
}
if (LOG.isDebugEnabled()) {
LOG.debug("Found session {} for user name {}", session.getId(), username);
}
@SuppressWarnings("unchecked") final MultivaluedMap<String, String> requestHeaders = (MultivaluedMap<String, String>) ThreadContext.get(ShiroSecurityContextFilter.REQUEST_HEADERS);
// extend session unless the relevant header was passed.
if (requestHeaders != null && !"true".equalsIgnoreCase(requestHeaders.getFirst(X_GRAYLOG_NO_SESSION_EXTENSION))) {
session.touch();
} else {
LOG.debug("Not extending session because the request indicated not to.");
}
ThreadContext.bind(subject);
return new SimpleAccount(user.getName(), null, "session authenticator");
}
use of org.apache.shiro.session.Session in project tesla by linking12.
the class SessionService method list.
public List<UserOnline> list() {
List<UserOnline> list = new ArrayList<>();
Collection<Session> sessions = sessionDAO.getActiveSessions();
for (Session session : sessions) {
UserOnline userOnline = new UserOnline();
if (session.getAttribute(DefaultSubjectContext.PRINCIPALS_SESSION_KEY) == null) {
continue;
} else {
SimplePrincipalCollection principalCollection = (SimplePrincipalCollection) session.getAttribute(DefaultSubjectContext.PRINCIPALS_SESSION_KEY);
String userName = principalCollection.getRealmNames().iterator().next();
userOnline.setUsername(userName);
}
userOnline.setId((String) session.getId());
userOnline.setHost(session.getHost());
userOnline.setStartTimestamp(session.getStartTimestamp());
userOnline.setLastAccessTime(session.getLastAccessTime());
userOnline.setTimeout(session.getTimeout());
list.add(userOnline);
}
return list;
}
Aggregations