Search in sources :

Example 21 with SessionInfo

use of org.olat.core.util.SessionInfo in project openolat by klemens.

the class AuthHelper method setSessionInfoFor.

/**
 * Build session info
 * @param identity
 * @param authProvider
 * @param ureq
 */
public static void setSessionInfoFor(Identity identity, String authProvider, UserRequest ureq, boolean rest) {
    HttpSession session = ureq.getHttpReq().getSession();
    SessionInfo sinfo = new SessionInfo(identity.getKey(), identity.getName(), session);
    sinfo.setFirstname(identity.getUser().getProperty(UserConstants.FIRSTNAME, ureq.getLocale()));
    sinfo.setLastname(identity.getUser().getProperty(UserConstants.LASTNAME, ureq.getLocale()));
    sinfo.setFromIP(ureq.getHttpReq().getRemoteAddr());
    sinfo.setFromFQN(ureq.getHttpReq().getRemoteAddr());
    try {
        InetAddress[] iaddr = InetAddress.getAllByName(ureq.getHttpReq().getRemoteAddr());
        if (iaddr.length > 0)
            sinfo.setFromFQN(iaddr[0].getHostName());
    } catch (UnknownHostException e) {
    // ok, already set IP as FQDN
    }
    sinfo.setAuthProvider(authProvider);
    sinfo.setUserAgent(ureq.getHttpReq().getHeader("User-Agent"));
    sinfo.setSecure(ureq.getHttpReq().isSecure());
    sinfo.setLastClickTime();
    sinfo.setREST(rest);
    // set session info for this session
    UserSession usess = ureq.getUserSession();
    usess.setSessionInfo(sinfo);
    // For Usertracking, let the User object know about some desired/specified infos from the sessioninfo
    Map<String, String> sessionInfoForUsertracking = new HashMap<String, String>();
    sessionInfoForUsertracking.put(ATTRIBUTE_LANGUAGE, usess.getLocale().toString());
    sessionInfoForUsertracking.put(ATTRIBUTE_AUTHPROVIDER, authProvider);
    sessionInfoForUsertracking.put(ATTRIBUTE_IS_WEBDAV, String.valueOf(sinfo.isWebDAV()));
    sessionInfoForUsertracking.put(ATTRIBUTE_IS_REST, String.valueOf(sinfo.isREST()));
    usess.getIdentityEnvironment().setAttributes(sessionInfoForUsertracking);
}
Also used : UnknownHostException(java.net.UnknownHostException) HashMap(java.util.HashMap) HttpSession(javax.servlet.http.HttpSession) UserSession(org.olat.core.util.UserSession) SessionInfo(org.olat.core.util.SessionInfo) InetAddress(java.net.InetAddress)

Example 22 with SessionInfo

use of org.olat.core.util.SessionInfo in project openolat by klemens.

the class WebDAVManagerImpl method afterAuthorization.

private UserSession afterAuthorization(Identity identity, HttpServletRequest request) {
    UserSession usess = sessionManager.getUserSession(request);
    synchronized (usess) {
        // double check to prevent severals concurrent login
        if (usess.isAuthenticated()) {
            return usess;
        }
        sessionManager.signOffAndClear(usess);
        usess.setIdentity(identity);
        UserDeletionManager.getInstance().setIdentityAsActiv(identity);
        // set the roles (admin, author, guest)
        Roles roles = BaseSecurityManager.getInstance().getRoles(identity);
        usess.setRoles(roles);
        // set session info
        SessionInfo sinfo = new SessionInfo(identity.getKey(), identity.getName(), request.getSession());
        User usr = identity.getUser();
        sinfo.setFirstname(usr.getProperty(UserConstants.FIRSTNAME, null));
        sinfo.setLastname(usr.getProperty(UserConstants.LASTNAME, null));
        String remoteAddr = request.getRemoteAddr();
        sinfo.setFromIP(remoteAddr);
        sinfo.setFromFQN(remoteAddr);
        try {
            InetAddress[] iaddr = InetAddress.getAllByName(request.getRemoteAddr());
            if (iaddr.length > 0)
                sinfo.setFromFQN(iaddr[0].getHostName());
        } catch (UnknownHostException e) {
        // ok, already set IP as FQDN
        }
        sinfo.setAuthProvider(BaseSecurityModule.getDefaultAuthProviderIdentifier());
        sinfo.setUserAgent(request.getHeader("User-Agent"));
        sinfo.setSecure(request.isSecure());
        sinfo.setWebDAV(true);
        sinfo.setWebModeFromUreq(null);
        // set session info for this session
        usess.setSessionInfo(sinfo);
        // 
        sessionManager.signOn(usess);
        return usess;
    }
}
Also used : User(org.olat.core.id.User) UnknownHostException(java.net.UnknownHostException) UserSession(org.olat.core.util.UserSession) SessionInfo(org.olat.core.util.SessionInfo) Roles(org.olat.core.id.Roles) InetAddress(java.net.InetAddress)

Example 23 with SessionInfo

use of org.olat.core.util.SessionInfo in project openolat by klemens.

the class UserSessionManager method signOn.

/**
 * prior to calling this method, all instance vars must be set.
 */
public void signOn(UserSession usess) {
    boolean isDebug = log.isDebug();
    // fix a possible dead-lock see also OLAT-3390
    synchronized (usess) {
        if (isDebug)
            log.debug("signOn() START");
        if (usess.isAuthenticated()) {
            throw new AssertException("sign on: already signed on!");
        }
        IdentityEnvironment identityEnvironment = usess.getIdentityEnvironment();
        Identity identity = identityEnvironment.getIdentity();
        if (identity == null) {
            throw new AssertException("identity is null in identityEnvironment!");
        }
        SessionInfo sessionInfo = usess.getSessionInfo();
        if (sessionInfo == null) {
            throw new AssertException("sessionInfo was null for identity " + identity);
        }
        usess.setAuthenticated(true);
        if (sessionInfo.isWebDAV()) {
            // load user prefs
            usess.reloadPreferences();
            // we're only adding this webdav session to the authUserSessions - not to the userNameToIdentity.
            // userNameToIdentity is only needed for IM which can't do anything with a webdav session
            authUserSessions.add(usess);
            log.audit("Logged on [via webdav]: " + sessionInfo.toString());
        } else {
            UserSession invalidatedSession = null;
            if (isDebug) {
                log.debug("signOn() authUsersNamesOtherNodes.contains " + identity.getName() + ": " + authUsersNamesOtherNodes.contains(identity.getKey()));
            }
            // check if already a session exist for this user
            if ((userNameToIdentity.contains(identity.getKey()) || userSessionCache.containsKey(identity.getKey())) && !sessionInfo.isWebDAV() && !sessionInfo.isREST() && !usess.getRoles().isGuestOnly()) {
                log.info("Loggin-process II: User has already a session => signOffAndClear existing session");
                invalidatedSession = getUserSessionForGui(identity.getKey());
                // signOffAndClear does not remove the identity.getName().toLowerCase() from the userNameToIdentity
                if (invalidatedSession != null) {
                    authUserSessions.remove(invalidatedSession);
                }
            }
            authUserSessions.add(usess);
            // characters -> map stores values as such
            if (isDebug)
                log.debug("signOn() adding to userNameToIdentity: " + identity.getName().toLowerCase());
            userNameToIdentity.add(identity.getKey());
            userSessionCache.put(identity.getKey(), new Integer(Settings.getNodeId()));
            // reload user prefs
            usess.reloadPreferences();
            log.audit("Logged on: " + sessionInfo.toString());
            CoordinatorManager.getInstance().getCoordinator().getEventBus().fireEventToListenersOf(new SignOnOffEvent(identity, true), ORES_USERSESSION);
            // check if a session from any browser was invalidated (IE has a cookie set per Browserinstance!!)
            if (invalidatedSession != null || authUsersNamesOtherNodes.contains(identity.getKey())) {
                // put flag killed-existing-session into session-store to show info-message 'only one session for each user' on user-home screen
                usess.putEntry(STORE_KEY_KILLED_EXISTING_SESSION, Boolean.TRUE);
                if (isDebug)
                    log.debug("signOn() removing from authUsersNamesOtherNodes: " + identity.getName());
                authUsersNamesOtherNodes.remove(identity.getKey());
                // OLAT-3381 & OLAT-3382
                if (invalidatedSession != null) {
                    signOffAndClear(invalidatedSession);
                }
            }
            if (isDebug)
                log.debug("signOn() END");
        }
        // update logged in users counters
        if (sessionInfo.isREST()) {
            sessionCountRest.incrementAndGet();
        } else if (sessionInfo.isWebDAV()) {
            sessionCountDav.incrementAndGet();
        } else {
            sessionCountWeb.incrementAndGet();
        }
    }
}
Also used : AtomicInteger(java.util.concurrent.atomic.AtomicInteger) AssertException(org.olat.core.logging.AssertException) UserSession(org.olat.core.util.UserSession) SignOnOffEvent(org.olat.core.util.SignOnOffEvent) SessionInfo(org.olat.core.util.SessionInfo) Identity(org.olat.core.id.Identity) IdentityEnvironment(org.olat.core.id.IdentityEnvironment)

Example 24 with SessionInfo

use of org.olat.core.util.SessionInfo in project openolat by klemens.

the class UserSessionManager method signOffAndClearWithout.

/**
 * called from signOffAndClear()
 * called from event -> MUEvent
 * the real work to do during sign off but without sending the multiuserevent
 * this is used in case the user logs in to node1 and was logged in on node2 =>
 * node2 catches the sign on event and invalidates the user on node2 "silently", e.g.
 * without firing an event.
 */
private void signOffAndClearWithout(final UserSession usess) {
    boolean isDebug = log.isDebug();
    if (isDebug)
        log.debug("signOffAndClearWithout() START");
    final IdentityEnvironment identityEnvironment = usess.getIdentityEnvironment();
    final SessionInfo sessionInfo = usess.getSessionInfo();
    final Identity ident = identityEnvironment.getIdentity();
    if (isDebug)
        log.debug("UserSession:::logging off: " + sessionInfo);
    if (usess.isAuthenticated() && usess.getLastHistoryPoint() != null && !usess.getRoles().isGuestOnly()) {
        historyManager.persistHistoryPoint(ident, usess.getLastHistoryPoint());
    }
    /**
     * use not RunnableWithException, as exceptionHandlng is inside the run
     */
    Runnable run = new Runnable() {

        @Override
        public void run() {
            Object obj = null;
            try {
                // do logging
                if (ident != null) {
                    ThreadLocalUserActivityLogger.log(OlatLoggingAction.OLAT_LOGOUT, UserSession.class, CoreLoggingResourceable.wrap(ident));
                }
                // notify all variables in the store (the values) about the disposal
                // if
                // Disposable
                List<Object> storeList = usess.getStoreValues();
                for (Iterator<Object> it_storevals = storeList.iterator(); it_storevals.hasNext(); ) {
                    obj = it_storevals.next();
                    if (obj instanceof Disposable) {
                        // synchronous, since triggered by tomcat session timeout or user
                        // click and
                        // asynchronous, if kicked out by administrator.
                        // we assume synchronous
                        // !!!!
                        // As a reminder, this .dispose() calls dispose on
                        // DefaultController which is synchronized.
                        // (Windows/WindowManagerImpl/WindowBackOfficeImpl/BaseChiefController/../
                        // dispose()
                        // !!!! was important for bug OLAT-3390
                        ((Disposable) obj).dispose();
                    }
                }
            } catch (Exception e) {
                String objtostr = "n/a";
                try {
                    objtostr = obj.toString();
                } catch (Exception ee) {
                // ignore
                }
                log.error("exception in signOffAndClear: while disposing object:" + objtostr, e);
            }
        }
    };
    ThreadLocalUserActivityLoggerInstaller.runWithUserActivityLogger(run, UserActivityLoggerImpl.newLoggerForValueUnbound(usess));
    if (authUserSessions.remove(usess)) {
        // remove only from identityEnvironment if found in sessions.
        // see also SIDEEFFECT!! line in signOn(..)
        Identity previousSignedOn = identityEnvironment.getIdentity();
        if (previousSignedOn != null && previousSignedOn.getKey() != null) {
            if (isDebug)
                log.debug("signOffAndClearWithout() removing from userNameToIdentity: " + previousSignedOn.getName().toLowerCase());
            userNameToIdentity.remove(previousSignedOn.getKey());
            userSessionCache.remove(previousSignedOn.getKey());
        }
    } else if (isDebug) {
        log.info("UserSession already removed! for [" + ident + "]");
    }
    // update logged in users counters
    if (sessionInfo != null) {
        if (sessionInfo.isREST()) {
            sessionCountRest.decrementAndGet();
        } else if (sessionInfo.isWebDAV()) {
            sessionCountDav.decrementAndGet();
        } else {
            sessionCountWeb.decrementAndGet();
        }
    }
    if (isDebug)
        log.debug("signOffAndClearWithout() END");
}
Also used : Disposable(org.olat.core.gui.control.Disposable) SessionInfo(org.olat.core.util.SessionInfo) Identity(org.olat.core.id.Identity) IdentityEnvironment(org.olat.core.id.IdentityEnvironment) AssertException(org.olat.core.logging.AssertException)

Aggregations

SessionInfo (org.olat.core.util.SessionInfo)24 UserSession (org.olat.core.util.UserSession)18 HttpSession (javax.servlet.http.HttpSession)8 UserSessionManager (org.olat.core.util.session.UserSessionManager)8 InetAddress (java.net.InetAddress)6 UnknownHostException (java.net.UnknownHostException)6 Identity (org.olat.core.id.Identity)6 IdentityEnvironment (org.olat.core.id.IdentityEnvironment)6 AssertException (org.olat.core.logging.AssertException)6 IOException (java.io.IOException)4 SessionStatsManager (org.olat.admin.sysinfo.manager.SessionStatsManager)4 UserRequest (org.olat.core.gui.UserRequest)4 UserRequestImpl (org.olat.core.gui.UserRequestImpl)4 Roles (org.olat.core.id.Roles)4 SignOnOffEvent (org.olat.core.util.SignOnOffEvent)4 File (java.io.File)2 FileNotFoundException (java.io.FileNotFoundException)2 ArrayList (java.util.ArrayList)2 HashMap (java.util.HashMap)2 Locale (java.util.Locale)2