Search in sources :

Example 1 with SessionWrapper

use of org.exist.http.servlets.SessionWrapper in project exist by eXist-db.

the class XMLDBAuthenticate method getSession.

/**
 * Get the HTTP Session. Create it if requested and it doesn't exist.
 *
 * @param createSession true to create a new session if one does not exist.
 *
 * @return the session if we could get or create it.
 */
private Optional<SessionWrapper> getSession(final boolean createSession) throws XPathException {
    final Optional<SessionWrapper> maybeExistingSession = Optional.ofNullable(context.getHttpContext()).map(XQueryContext.HttpContext::getSession);
    if (maybeExistingSession.isPresent() || !createSession) {
        if (!createSession) {
            return maybeExistingSession;
        }
        if (!maybeExistingSession.get().isInvalid()) {
            return maybeExistingSession;
        }
    }
    final RequestWrapper request = Optional.ofNullable(context.getHttpContext()).map(XQueryContext.HttpContext::getRequest).orElseThrow(() -> new XPathException(this, ErrorCodes.XPDY0002, "No request object found in the current XQuery context."));
    final Optional<SessionWrapper> newSession = Optional.ofNullable(request.getSession(true));
    newSession.ifPresent(session -> context.setHttpContext(context.getHttpContext().setSession(session)));
    return newSession;
}
Also used : RequestWrapper(org.exist.http.servlets.RequestWrapper) SessionWrapper(org.exist.http.servlets.SessionWrapper)

Example 2 with SessionWrapper

use of org.exist.http.servlets.SessionWrapper in project exist by eXist-db.

the class GetAttributeNames method eval.

@Override
public Sequence eval(final Sequence[] args, @Nonnull final SessionWrapper session) throws XPathException {
    final Optional<Enumeration<String>> maybeAttributeNames = withValidSession(session, SessionWrapper::getAttributeNames);
    if (!maybeAttributeNames.isPresent()) {
        return Sequence.EMPTY_SEQUENCE;
    }
    final Enumeration<String> attributeNames = maybeAttributeNames.get();
    if (!attributeNames.hasMoreElements()) {
        return Sequence.EMPTY_SEQUENCE;
    }
    final ValueSequence result = new ValueSequence();
    while (attributeNames.hasMoreElements()) {
        final String attributeName = attributeNames.nextElement();
        result.add(new StringValue(attributeName));
    }
    return result;
}
Also used : Enumeration(java.util.Enumeration) ValueSequence(org.exist.xquery.value.ValueSequence) StringValue(org.exist.xquery.value.StringValue) SessionWrapper(org.exist.http.servlets.SessionWrapper)

Example 3 with SessionWrapper

use of org.exist.http.servlets.SessionWrapper in project exist by eXist-db.

the class SetAttribute method eval.

@Override
public Sequence eval(final Sequence[] args, final Optional<SessionWrapper> maybeSession) throws XPathException {
    final SessionWrapper session = getValidOrCreateSession(maybeSession);
    final String attributeName = args[0].getStringValue();
    final Sequence attributeValue = args[1];
    session.setAttribute(attributeName, attributeValue);
    return Sequence.EMPTY_SEQUENCE;
}
Also used : Sequence(org.exist.xquery.value.Sequence) SessionWrapper(org.exist.http.servlets.SessionWrapper)

Example 4 with SessionWrapper

use of org.exist.http.servlets.SessionWrapper in project exist by eXist-db.

the class SetMaxInactiveInterval method eval.

@Override
public Sequence eval(final Sequence[] args, final Optional<SessionWrapper> maybeSession) throws XPathException {
    final SessionWrapper session = getValidOrCreateSession(maybeSession);
    final int interval = ((IntegerValue) args[0].convertTo(Type.INT)).getInt();
    session.setMaxInactiveInterval(interval);
    return Sequence.EMPTY_SEQUENCE;
}
Also used : IntegerValue(org.exist.xquery.value.IntegerValue) SessionWrapper(org.exist.http.servlets.SessionWrapper)

Example 5 with SessionWrapper

use of org.exist.http.servlets.SessionWrapper in project exist by eXist-db.

the class SetCurrentUser method eval.

@Override
public Sequence eval(final Sequence[] args, final Sequence contextSequence) throws XPathException {
    // get the username and password parameters
    final String userName = args[0].getStringValue();
    final String passwd = args[1].getStringValue();
    // try and validate the user and password
    final SecurityManager security = context.getBroker().getBrokerPool().getSecurityManager();
    final Subject user;
    try {
        user = security.authenticate(userName, passwd);
    } catch (final AuthenticationException e) {
        logger.warn("Could not validate user {} [{}]", userName, e.getMessage());
        return BooleanValue.FALSE;
    }
    // switch the user of the current broker
    switchUser(user);
    // validated user, store in session
    final SessionWrapper session = SessionFunction.getValidOrCreateSession(this, context, Optional.ofNullable(context.getHttpContext()).map(XQueryContext.HttpContext::getSession));
    session.setAttribute("user", userName);
    session.setAttribute("password", new StringValue(passwd));
    return BooleanValue.TRUE;
}
Also used : SecurityManager(org.exist.security.SecurityManager) AuthenticationException(org.exist.security.AuthenticationException) StringValue(org.exist.xquery.value.StringValue) Subject(org.exist.security.Subject) SessionWrapper(org.exist.http.servlets.SessionWrapper)

Aggregations

SessionWrapper (org.exist.http.servlets.SessionWrapper)6 RequestWrapper (org.exist.http.servlets.RequestWrapper)2 StringValue (org.exist.xquery.value.StringValue)2 Enumeration (java.util.Enumeration)1 AuthenticationException (org.exist.security.AuthenticationException)1 SecurityManager (org.exist.security.SecurityManager)1 Subject (org.exist.security.Subject)1 IntegerValue (org.exist.xquery.value.IntegerValue)1 Sequence (org.exist.xquery.value.Sequence)1 ValueSequence (org.exist.xquery.value.ValueSequence)1