use of org.olat.core.util.UserSession in project openolat by klemens.
the class WebDAVManagerImpl method getWebDAVRoot.
@Override
public WebResourceRoot getWebDAVRoot(HttpServletRequest req) {
UserSession usess = getUserSession(req);
if (usess == null || usess.getIdentity() == null) {
return createEmptyRoot(usess);
}
usess.getSessionInfo().setLastClickTime();
VFSResourceRoot fdc = (VFSResourceRoot) usess.getEntry("_DIRCTX");
if (fdc != null) {
return fdc;
}
IdentityEnvironment identityEnv = usess.getIdentityEnvironment();
VFSContainer webdavContainer = getMountableRoot(identityEnv);
// create the / folder
VirtualContainer rootContainer = new VirtualContainer("");
rootContainer.addItem(webdavContainer);
rootContainer.setLocalSecurityCallback(new ReadOnlyCallback());
fdc = new VFSResourceRoot(identityEnv.getIdentity(), rootContainer);
usess.putEntry("_DIRCTX", fdc);
return fdc;
}
use of org.olat.core.util.UserSession in project openolat by klemens.
the class WebDAVManagerImpl method handleAuthentication.
/**
* @see org.olat.core.commons.services.webdav.WebDAVManager#handleAuthentication(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
*/
@Override
public boolean handleAuthentication(HttpServletRequest req, HttpServletResponse resp) {
// manger not started
if (timedSessionCache == null) {
return false;
}
UserSession usess = sessionManager.getUserSession(req);
if (usess != null && usess.isAuthenticated()) {
req.setAttribute(REQUEST_USERSESSION_KEY, usess);
return true;
}
usess = doAuthentication(req, resp);
if (usess == null) {
return false;
}
// register usersession in REQUEST, not session !!
// see SecureWebDAVServlet.setAuthor() and checkQuota()
req.setAttribute(REQUEST_USERSESSION_KEY, usess);
return true;
}
use of org.olat.core.util.UserSession in project openolat by klemens.
the class MapperDispatcher method execute.
/**
* @param hreq
* @param hres
*/
@Override
public void execute(HttpServletRequest hreq, HttpServletResponse hres) throws IOException {
String pathInfo = DispatcherModule.subtractContextPath(hreq);
// e.g. non-cacheable: 23423/bla/blu.html
// e.g. cacheable: my.mapper.path/bla/blu.html
String subInfo = pathInfo.substring(DispatcherModule.PATH_MAPPED.length());
int slashPos = subInfo.indexOf('/');
String smappath;
if (slashPos == -1) {
smappath = subInfo;
} else {
smappath = subInfo.substring(0, slashPos);
}
// legacy???
DBFactory.getInstance().commitAndCloseSession();
// e.g. non-cacheable: 23423
// e.g. cacheable: my.mapper.path
UserSession usess = CoreSpringFactory.getImpl(UserSessionManager.class).getUserSession(hreq);
Mapper m = CoreSpringFactory.getImpl(MapperService.class).getMapperById(usess, smappath);
if (m == null) {
// an anonymous mapper?
m = CoreSpringFactory.getImpl(MapperService.class).getMapperById(null, smappath);
if (m == null) {
logWarn("Call to mapped resource, but mapper does not exist for path::" + smappath, null);
DispatcherModule.sendNotFound(pathInfo, hres);
return;
}
}
String mod = slashPos > 0 ? subInfo.substring(slashPos) : "";
if (mod.indexOf("..") != -1) {
logWarn("Illegal mapper path::" + mod + " contains '..'", null);
DispatcherModule.sendForbidden(pathInfo, hres);
return;
}
// /bla/blu.html
MediaResource mr = m.handle(mod, hreq);
ServletUtil.serveResource(hreq, hres, mr);
}
use of org.olat.core.util.UserSession in project openolat by klemens.
the class AuthHelper method doLogout.
/**
* This is a convenience method to log out. IMPORTANT: This method initiates a
* redirect and RETURN. Make sure you return the call hierarchy gracefully.
* Most of all, don't touch HttpServletRequest or the Session after you call
* this method.
*
* @param ureq
*/
public static void doLogout(UserRequest ureq) {
if (ureq == null)
return;
boolean wasGuest = false;
UserSession usess = ureq.getUserSession();
if (usess != null && usess.getRoles() != null) {
wasGuest = usess.getRoles().isGuestOnly();
}
String lang = CoreSpringFactory.getImpl(I18nModule.class).getLocaleKey(ureq.getLocale());
HttpSession session = ureq.getHttpReq().getSession(false);
// stuff on logout
if (session != null) {
try {
session.invalidate();
deleteShibsessionCookie(ureq);
} catch (IllegalStateException ise) {
// thrown when session already invalidated. fine. ignore.
}
}
// redirect to logout page in dmz realm, set info that DMZ is shown because of logout
// if it was a guest user, do not set logout=true. The parameter must be evaluated
// by the implementation of the AuthenticationProvider.
String setWarning = wasGuest ? "" : "&logout=true";
ureq.getDispatchResult().setResultingMediaResource(new RedirectMediaResource(WebappHelper.getServletContextPath() + "/dmz/?lang=" + lang + setWarning));
}
use of org.olat.core.util.UserSession in project openolat by klemens.
the class AuthHelper method doHeadlessLogin.
/**
* @param identity
* @param authProvider
* @param ureq
* @param Is login via REST API?
* @return
*/
public static int doHeadlessLogin(Identity identity, String authProvider, UserRequest ureq, boolean rest) {
int initializeStatus = initializeLogin(identity, authProvider, ureq, rest);
if (initializeStatus != LOGIN_OK) {
// login not successful
return initializeStatus;
}
// Set session info to reflect the REST headless login
UserSession usess = ureq.getUserSession();
usess.getSessionInfo().setREST(true);
usess.getIdentityEnvironment().getAttributes().put(ATTRIBUTE_IS_REST, "true");
//
ThreadLocalUserActivityLogger.log(OlatLoggingAction.OLAT_LOGIN, AuthHelper.class, LoggingResourceable.wrap(identity));
return LOGIN_OK;
}
Aggregations