Example 11 with UserRequestImpl
use of org.olat.core.gui.UserRequestImpl in project openolat by klemens.
the class RestApiLoginFilter method followForAuthentication.
private void followForAuthentication(String requestURI, UserSession uress, HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException {
// create a session for login without security check
if (uress == null) {
uress = CoreSpringFactory.getImpl(UserSessionManager.class).getUserSession(request);
}
UserRequest ureq = null;
try {
// upon creation URL is checked for
ureq = new UserRequestImpl(requestURI, request, response);
} catch (NumberFormatException nfe) {
response.sendError(401);
return;
}
request.setAttribute(RestSecurityHelper.SEC_USER_REQUEST, ureq);
chain.doFilter(request, response);
}
Also used :
UserRequest(org.olat.core.gui.UserRequest)
UserRequestImpl(org.olat.core.gui.UserRequestImpl)
Example 12 with UserRequestImpl
use of org.olat.core.gui.UserRequestImpl in project openolat by klemens.
the class RestApiLoginFilter method followToken.
private void followToken(String token, HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpSession session = request.getSession(true);
session.setMaxInactiveInterval(TOKEN_BASED_SESSION_TIMEOUT);
UserSession uress = CoreSpringFactory.getImpl(UserSessionManager.class).getUserSession(session);
if (uress != null) {
UserRequest ureq = null;
try {
// upon creation URL is checked for
String requestURI = request.getRequestURI();
ureq = new UserRequestImpl(requestURI, request, response);
} catch (Exception e) {
response.sendError(500);
return;
}
request.setAttribute(RestSecurityHelper.SEC_USER_REQUEST, ureq);
RestSecurityBean securityBean = (RestSecurityBean) CoreSpringFactory.getBean(RestSecurityBean.class);
Identity identity = securityBean.getIdentity(token);
int loginStatus = AuthHelper.doHeadlessLogin(identity, BaseSecurityModule.getDefaultAuthProviderIdentifier(), ureq, true);
if (loginStatus == AuthHelper.LOGIN_OK) {
String renewedToken = securityBean.renewToken(token);
if (renewedToken != null) {
response.setHeader(RestSecurityHelper.SEC_TOKEN, renewedToken);
synchronized (uress) {
chain.doFilter(request, response);
}
} else
response.sendError(401);
} else
response.sendError(401);
} else
response.sendError(401);
}
Also used :
UserSessionManager(org.olat.core.util.session.UserSessionManager)
HttpSession(javax.servlet.http.HttpSession)
UserSession(org.olat.core.util.UserSession)
Identity(org.olat.core.id.Identity)
UserRequest(org.olat.core.gui.UserRequest)
UserRequestImpl(org.olat.core.gui.UserRequestImpl)
ServletException(javax.servlet.ServletException)
IOException(java.io.IOException)
UnknownHostException(java.net.UnknownHostException)
Example 13 with UserRequestImpl
use of org.olat.core.gui.UserRequestImpl in project openolat by klemens.
the class ShibbolethDispatcher method authorization.
private boolean authorization(HttpServletRequest req, HttpServletResponse resp, ShibbolethAttributes shibbolethAttibutes) {
boolean authorized = false;
if (shibbolethModule.isAccessControlByAttributes()) {
if (StringHelper.containsNonWhitespace(shibbolethModule.getAttribute1()) && StringHelper.containsNonWhitespace(shibbolethModule.getAttribute1Values())) {
authorized |= authorization(shibbolethModule.getAttribute1(), shibbolethModule.getAttribute1Values(), shibbolethAttibutes);
}
if (StringHelper.containsNonWhitespace(shibbolethModule.getAttribute2()) && StringHelper.containsNonWhitespace(shibbolethModule.getAttribute2Values())) {
authorized |= authorization(shibbolethModule.getAttribute2(), shibbolethModule.getAttribute2Values(), shibbolethAttibutes);
}
} else {
authorized = true;
}
if (!authorized) {
UserRequest ureq = new UserRequestImpl(ShibbolethDispatcher.PATH_SHIBBOLETH, req, resp);
String userMsg = translator.translate("error.shibboleth.not.authorized");
ChiefController msgcc = MessageWindowController.createMessageChiefController(ureq, null, userMsg, null);
msgcc.getWindow().dispatchRequest(ureq, true);
}
return authorized;
}
Also used :
ChiefController(org.olat.core.gui.control.ChiefController)
UserRequest(org.olat.core.gui.UserRequest)
UserRequestImpl(org.olat.core.gui.UserRequestImpl)
Example 14 with UserRequestImpl
use of org.olat.core.gui.UserRequestImpl in project openolat by klemens.
the class AuthenticatedDispatcher method execute.
/**
* Main method called by OpenOLATServlet. This processess all requests for
* authenticated users.
*
* @param request
* @param response
* @param uriPrefix
*/
@Override
public void execute(HttpServletRequest request, HttpServletResponse response) {
String uriPrefix = DispatcherModule.getLegacyUriPrefix(request);
UserSession usess = CoreSpringFactory.getImpl(UserSessionManager.class).getUserSession(request);
UserRequest ureq = null;
try {
// upon creation URL is checked for
ureq = new UserRequestImpl(uriPrefix, request, response);
} catch (NumberFormatException nfe) {
// a 404 message must be shown -> e.g. robots correct their links.
if (log.isDebug()) {
log.debug("Bad Request " + request.getPathInfo());
}
}
boolean auth = usess.isAuthenticated();
if (!auth) {
String guestAccess = ureq.getParameter(GUEST);
if (guestAccess == null || !CoreSpringFactory.getImpl(LoginModule.class).isGuestLoginEnabled()) {
String businessPath = extractBusinessPath(ureq, request, uriPrefix);
if (businessPath != null) {
usess.putEntryInNonClearedStore(AUTHDISPATCHER_BUSINESSPATH, businessPath);
}
redirectToDefaultDispatcher(request, response);
return;
} else if (guestAccess.equals(TRUE)) {
// try to log in as anonymous
// use the language from the lang parameter if available, otherwise use the system default locale
String guestLang = ureq.getParameter("language");
if (guestLang == null) {
// support for legacy lang parameter
guestLang = ureq.getParameter("lang");
}
Locale guestLoc;
if (guestLang == null) {
guestLoc = I18nModule.getDefaultLocale();
} else {
guestLoc = I18nManager.getInstance().getLocaleOrDefault(guestLang);
}
int loginStatus = AuthHelper.doAnonymousLogin(ureq, guestLoc);
if (loginStatus != AuthHelper.LOGIN_OK) {
if (loginStatus == AuthHelper.LOGIN_NOTAVAILABLE) {
DispatcherModule.redirectToServiceNotAvailable(response);
}
// error, redirect to login screen
redirectToDefaultDispatcher(request, response);
return;
}
// else now logged in as anonymous user, continue
}
}
// authenticated!
try {
// kill session if not secured via SSL
if (forceSecureAccessOnly && !request.isSecure()) {
SessionInfo sessionInfo = usess.getSessionInfo();
if (sessionInfo != null) {
HttpSession session = sessionInfo.getSession();
if (session != null) {
try {
session.invalidate();
} catch (IllegalStateException ise) {
// thrown when session already invalidated. fine. ignore.
}
}
}
redirectToDefaultDispatcher(request, response);
return;
}
SessionInfo sessionInfo = usess.getSessionInfo();
if (sessionInfo == null) {
redirectToDefaultDispatcher(request, response);
return;
}
if (userBasedLogLevelManager != null) {
userBasedLogLevelManager.activateUsernameBasedLogLevel(sessionInfo.getLogin());
}
sessionInfo.setLastClickTime();
String businessPath = (String) usess.removeEntryFromNonClearedStore(AUTHDISPATCHER_BUSINESSPATH);
if (businessPath != null) {
processBusinessPath(businessPath, ureq, usess);
} else if (ureq.isValidDispatchURI()) {
// valid uri for dispatching (has timestamp, componentid and windowid)
processValidDispatchURI(ureq, usess, request, response);
} else {
businessPath = extractBusinessPath(ureq, request, uriPrefix);
if (businessPath == null) {
processBusinessPath("", ureq, usess);
} else {
processBusinessPath(businessPath, ureq, usess);
}
}
} catch (InvalidRequestParameterException e) {
try {
response.sendError(HttpServletResponse.SC_BAD_REQUEST);
} catch (IOException e1) {
log.error("An exception occured while handling the invalid request parameter exception...", e1);
}
} catch (Throwable th) {
// Do not log as Warn or Error here, log as ERROR in MsgFactory => ExceptionWindowController throws an OLATRuntimeException
log.debug("handleError in AuthenticatedDispatcher throwable=" + th);
DispatcherModule.handleError();
ChiefController msgcc = MsgFactory.createMessageChiefController(ureq, th);
// the controller's window must be failsafe also
msgcc.getWindow().dispatchRequest(ureq, true);
// do not dispatch (render only), since this is a new Window created as
// a result of another window's click.
} finally {
if (userBasedLogLevelManager != null) {
userBasedLogLevelManager.deactivateUsernameBasedLogLevel();
}
}
}
Also used :
Locale(java.util.Locale)
HttpSession(javax.servlet.http.HttpSession)
SessionInfo(org.olat.core.util.SessionInfo)
LoginModule(org.olat.login.LoginModule)
IOException(java.io.IOException)
ChiefController(org.olat.core.gui.control.ChiefController)
UserSessionManager(org.olat.core.util.session.UserSessionManager)
InvalidRequestParameterException(org.olat.core.gui.components.form.flexible.impl.InvalidRequestParameterException)
UserSession(org.olat.core.util.UserSession)
UserRequest(org.olat.core.gui.UserRequest)
UserRequestImpl(org.olat.core.gui.UserRequestImpl)
Example 15 with UserRequestImpl
use of org.olat.core.gui.UserRequestImpl in project openolat by klemens.
the class DMZDispatcher method execute.
/**
* Main method called by OpenOLATServlet. This processess all requests for
* users who are not authenticated.
*
* @param request
* @param response
* @param uriPrefix
*/
@Override
public void execute(HttpServletRequest request, HttpServletResponse response) {
if (rejectRequest(request, response)) {
return;
}
UserRequest ureq = null;
String uriPrefix = DispatcherModule.getLegacyUriPrefix(request);
try {
// upon creation URL is checked for
ureq = new UserRequestImpl(uriPrefix, request, response);
} catch (NumberFormatException nfe) {
// a 404 message must be shown -> e.g. robots correct their links.
if (log.isDebug()) {
log.debug("Bad Request " + request.getPathInfo());
}
DispatcherModule.sendBadRequest(request.getPathInfo(), response);
return;
}
try {
// find out about which subdispatcher is meant
// e.g. got here because of /dmz/...
// maybe something like /dmz/registration/
//
// add the context path to align with uriPrefix e.g. /olat/dmz/
String pathInfo = request.getContextPath() + request.getPathInfo();
ChiefControllerCreator subPathccc = null;
// if /olat/dmz/
boolean dmzOnly = pathInfo.equals(uriPrefix);
if (!dmzOnly) {
int sl = pathInfo.indexOf('/', uriPrefix.length());
String sub;
if (sl > 1) {
// e.g. something like /registration/ or /pwchange/
sub = pathInfo.substring(uriPrefix.length() - 1, sl + 1);
} else {
// e.g. something like /info.html from (/dmz/info.html)
sub = pathInfo;
}
// chief controller creator for sub path, e.g.
subPathccc = dmzServicesByPath.get(sub);
if (subPathccc != null) {
UserSession usess = ureq.getUserSession();
Windows ws = Windows.getWindows(usess);
synchronized (ws) {
// o_clusterOK by:fj per user session
ChiefController occ = subPathccc.createChiefController(ureq);
Window window = occ.getWindow();
window.setUriPrefix(uriPrefix);
ws.registerWindow(window);
window.dispatchRequest(ureq, true);
return;
}
}
}
// else a /olat/dmz/ request
UserSession usess = ureq.getUserSession();
Windows ws = Windows.getWindows(usess);
// and make it useless under heavily load or 2 concurrent requests
synchronized (usess) {
// o_clusterOK by:fj per user session
Window window;
boolean windowHere = ws.isExisting(uriPrefix, ureq.getWindowID());
boolean validDispatchUri = ureq.isValidDispatchURI();
if (validDispatchUri && !windowHere) {
// probably valid framework link from previous user && new Session(no window):
// when a previous user logged off, and 30min later (when the httpsession is invalidated), the next user clicks e.g. on
// the log-in link in the -same- browser window ->
// -> there is no window -> create a new one
window = null;
CoreSpringFactory.getImpl(UserSessionManager.class).signOffAndClear(usess);
usess.setLocale(LocaleNegotiator.getPreferedLocale(ureq));
// update locale infos
I18nManager.updateLocaleInfoToThread(usess);
// request new windows since it is a new usersession, the old one was purged
ws = Windows.getWindows(usess);
} else if (validDispatchUri) {
window = ws.getWindow(ureq);
} else if (dmzOnly) {
// e.g. /dmz/ -> start screen, clear previous session data
window = null;
CoreSpringFactory.getImpl(UserSessionManager.class).signOffAndClear(usess);
usess.setLocale(LocaleNegotiator.getPreferedLocale(ureq));
// update locale infos
I18nManager.updateLocaleInfoToThread(usess);
OAuthLoginModule oauthModule = CoreSpringFactory.getImpl(OAuthLoginModule.class);
if (canRedirectConfigurableOAuth(request, response, oauthModule)) {
return;
} else if (canRedirectOAuth(request, oauthModule)) {
OAuthSPI oauthSpi = oauthModule.getRootProvider();
HttpSession session = request.getSession();
OAuthResource.redirect(oauthSpi, response, session);
return;
}
// request new windows since it is a new usersession, the old one was purged
ws = Windows.getWindows(usess);
} else {
response.sendError(HttpServletResponse.SC_BAD_REQUEST);
return;
}
if (window == null) {
// no window found, -> start a new WorkFlow/Controller and obtain the window
// main controller which also implements the windowcontroller for pagestatus and modal dialogs
Object wSettings = usess.getEntry(WINDOW_SETTINGS);
ChiefController occ = chiefControllerCreator.createChiefController(ureq);
window = occ.getWindow();
window.setUriPrefix(uriPrefix);
ws.registerWindow(window);
String businessPath = (String) usess.removeEntryFromNonClearedStore(DMZDISPATCHER_BUSINESSPATH);
if (businessPath != null) {
List<ContextEntry> ces = BusinessControlFactory.getInstance().createCEListFromString(businessPath);
window.getDTabs().activate(ureq, null, ces);
}
// apply the settings forward
usess.putEntryInNonClearedStore(WINDOW_SETTINGS, wSettings);
}
window.dispatchRequest(ureq);
}
} catch (InvalidRequestParameterException e) {
try {
response.sendError(HttpServletResponse.SC_BAD_REQUEST);
} catch (IOException e1) {
log.error("An exception occured while handling the invalid request parameter exception...", e1);
}
} catch (Throwable th) {
try {
ChiefController msgcc = MsgFactory.createMessageChiefController(ureq, th);
// the controller's window must be failsafe also
msgcc.getWindow().dispatchRequest(ureq, true);
// do not dispatch (render only), since this is a new Window created as
// a result of another window's click.
} catch (Throwable t) {
log.error("An exception occured while handling the exception...", t);
}
}
}
Also used :
Window(org.olat.core.gui.components.Window)
OAuthLoginModule(org.olat.login.oauth.OAuthLoginModule)
HttpSession(javax.servlet.http.HttpSession)
Windows(org.olat.core.gui.Windows)
ChiefController(org.olat.core.gui.control.ChiefController)
IOException(java.io.IOException)
ContextEntry(org.olat.core.id.context.ContextEntry)
UserSessionManager(org.olat.core.util.session.UserSessionManager)
InvalidRequestParameterException(org.olat.core.gui.components.form.flexible.impl.InvalidRequestParameterException)
ChiefControllerCreator(org.olat.core.gui.control.ChiefControllerCreator)
UserSession(org.olat.core.util.UserSession)
OAuthSPI(org.olat.login.oauth.OAuthSPI)
UserRequest(org.olat.core.gui.UserRequest)
UserRequestImpl(org.olat.core.gui.UserRequestImpl)
Aggregations
UserRequest (org.olat.core.gui.UserRequest)30
UserRequestImpl (org.olat.core.gui.UserRequestImpl)30
UserSession (org.olat.core.util.UserSession)16
UserSessionManager (org.olat.core.util.session.UserSessionManager)14
Identity (org.olat.core.id.Identity)12
IOException (java.io.IOException)10
ChiefController (org.olat.core.gui.control.ChiefController)10
HttpSession (javax.servlet.http.HttpSession)8
UnsupportedEncodingException (java.io.UnsupportedEncodingException)6
UnknownHostException (java.net.UnknownHostException)4
Locale (java.util.Locale)4
ServletException (javax.servlet.ServletException)4
Windows (org.olat.core.gui.Windows)4
Window (org.olat.core.gui.components.Window)4
InvalidRequestParameterException (org.olat.core.gui.components.form.flexible.impl.InvalidRequestParameterException)4
MediaResource (org.olat.core.gui.media.MediaResource)4
RedirectMediaResource (org.olat.core.gui.media.RedirectMediaResource)4
SessionInfo (org.olat.core.util.SessionInfo)4
LoginModule (org.olat.login.LoginModule)4
OLATAuthManager (org.olat.login.auth.OLATAuthManager)4
