Search in sources :

Example 71 with UserSession

use of org.olat.core.util.UserSession in project openolat by klemens.

the class WebDAVManagerImpl method getWebDAVRoot.

@Override
public WebResourceRoot getWebDAVRoot(HttpServletRequest req) {
    UserSession usess = getUserSession(req);
    if (usess == null || usess.getIdentity() == null) {
        return createEmptyRoot(usess);
    }
    usess.getSessionInfo().setLastClickTime();
    VFSResourceRoot fdc = (VFSResourceRoot) usess.getEntry("_DIRCTX");
    if (fdc != null) {
        return fdc;
    }
    IdentityEnvironment identityEnv = usess.getIdentityEnvironment();
    VFSContainer webdavContainer = getMountableRoot(identityEnv);
    // create the / folder
    VirtualContainer rootContainer = new VirtualContainer("");
    rootContainer.addItem(webdavContainer);
    rootContainer.setLocalSecurityCallback(new ReadOnlyCallback());
    fdc = new VFSResourceRoot(identityEnv.getIdentity(), rootContainer);
    usess.putEntry("_DIRCTX", fdc);
    return fdc;
}
Also used : ReadOnlyCallback(org.olat.core.util.vfs.callbacks.ReadOnlyCallback) UserSession(org.olat.core.util.UserSession) VFSContainer(org.olat.core.util.vfs.VFSContainer) IdentityEnvironment(org.olat.core.id.IdentityEnvironment) VirtualContainer(org.olat.core.util.vfs.VirtualContainer)

Example 72 with UserSession

use of org.olat.core.util.UserSession in project openolat by klemens.

the class WebDAVManagerImpl method handleAuthentication.

/**
 * @see org.olat.core.commons.services.webdav.WebDAVManager#handleAuthentication(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
 */
@Override
public boolean handleAuthentication(HttpServletRequest req, HttpServletResponse resp) {
    // manger not started
    if (timedSessionCache == null) {
        return false;
    }
    UserSession usess = sessionManager.getUserSession(req);
    if (usess != null && usess.isAuthenticated()) {
        req.setAttribute(REQUEST_USERSESSION_KEY, usess);
        return true;
    }
    usess = doAuthentication(req, resp);
    if (usess == null) {
        return false;
    }
    // register usersession in REQUEST, not session !!
    // see SecureWebDAVServlet.setAuthor() and checkQuota()
    req.setAttribute(REQUEST_USERSESSION_KEY, usess);
    return true;
}
Also used : UserSession(org.olat.core.util.UserSession)

Example 73 with UserSession

use of org.olat.core.util.UserSession in project openolat by klemens.

the class MapperDispatcher method execute.

/**
 * @param hreq
 * @param hres
 */
@Override
public void execute(HttpServletRequest hreq, HttpServletResponse hres) throws IOException {
    String pathInfo = DispatcherModule.subtractContextPath(hreq);
    // e.g. non-cacheable: 	23423/bla/blu.html
    // e.g. cacheable: 		my.mapper.path/bla/blu.html
    String subInfo = pathInfo.substring(DispatcherModule.PATH_MAPPED.length());
    int slashPos = subInfo.indexOf('/');
    String smappath;
    if (slashPos == -1) {
        smappath = subInfo;
    } else {
        smappath = subInfo.substring(0, slashPos);
    }
    // legacy???
    DBFactory.getInstance().commitAndCloseSession();
    // e.g. non-cacheable: 	23423
    // e.g. cacheable: 		my.mapper.path
    UserSession usess = CoreSpringFactory.getImpl(UserSessionManager.class).getUserSession(hreq);
    Mapper m = CoreSpringFactory.getImpl(MapperService.class).getMapperById(usess, smappath);
    if (m == null) {
        // an anonymous mapper?
        m = CoreSpringFactory.getImpl(MapperService.class).getMapperById(null, smappath);
        if (m == null) {
            logWarn("Call to mapped resource, but mapper does not exist for path::" + smappath, null);
            DispatcherModule.sendNotFound(pathInfo, hres);
            return;
        }
    }
    String mod = slashPos > 0 ? subInfo.substring(slashPos) : "";
    if (mod.indexOf("..") != -1) {
        logWarn("Illegal mapper path::" + mod + " contains '..'", null);
        DispatcherModule.sendForbidden(pathInfo, hres);
        return;
    }
    // /bla/blu.html
    MediaResource mr = m.handle(mod, hreq);
    ServletUtil.serveResource(hreq, hres, mr);
}
Also used : UserSessionManager(org.olat.core.util.session.UserSessionManager) UserSession(org.olat.core.util.UserSession) MediaResource(org.olat.core.gui.media.MediaResource)

Example 74 with UserSession

use of org.olat.core.util.UserSession in project openolat by klemens.

the class AuthHelper method doLogout.

/**
 * This is a convenience method to log out. IMPORTANT: This method initiates a
 * redirect and RETURN. Make sure you return the call hierarchy gracefully.
 * Most of all, don't touch HttpServletRequest or the Session after you call
 * this method.
 *
 * @param ureq
 */
public static void doLogout(UserRequest ureq) {
    if (ureq == null)
        return;
    boolean wasGuest = false;
    UserSession usess = ureq.getUserSession();
    if (usess != null && usess.getRoles() != null) {
        wasGuest = usess.getRoles().isGuestOnly();
    }
    String lang = CoreSpringFactory.getImpl(I18nModule.class).getLocaleKey(ureq.getLocale());
    HttpSession session = ureq.getHttpReq().getSession(false);
    // stuff on logout
    if (session != null) {
        try {
            session.invalidate();
            deleteShibsessionCookie(ureq);
        } catch (IllegalStateException ise) {
        // thrown when session already invalidated. fine. ignore.
        }
    }
    // redirect to logout page in dmz realm, set info that DMZ is shown because of logout
    // if it was a guest user, do not set logout=true. The parameter must be evaluated
    // by the implementation of the AuthenticationProvider.
    String setWarning = wasGuest ? "" : "&logout=true";
    ureq.getDispatchResult().setResultingMediaResource(new RedirectMediaResource(WebappHelper.getServletContextPath() + "/dmz/?lang=" + lang + setWarning));
}
Also used : I18nModule(org.olat.core.util.i18n.I18nModule) HttpSession(javax.servlet.http.HttpSession) UserSession(org.olat.core.util.UserSession) RedirectMediaResource(org.olat.core.gui.media.RedirectMediaResource)

Example 75 with UserSession

use of org.olat.core.util.UserSession in project openolat by klemens.

the class AuthHelper method doHeadlessLogin.

/**
 * @param identity
 * @param authProvider
 * @param ureq
 * @param Is login via REST API?
 * @return
 */
public static int doHeadlessLogin(Identity identity, String authProvider, UserRequest ureq, boolean rest) {
    int initializeStatus = initializeLogin(identity, authProvider, ureq, rest);
    if (initializeStatus != LOGIN_OK) {
        // login not successful
        return initializeStatus;
    }
    // Set session info to reflect the REST headless login
    UserSession usess = ureq.getUserSession();
    usess.getSessionInfo().setREST(true);
    usess.getIdentityEnvironment().getAttributes().put(ATTRIBUTE_IS_REST, "true");
    // 
    ThreadLocalUserActivityLogger.log(OlatLoggingAction.OLAT_LOGIN, AuthHelper.class, LoggingResourceable.wrap(identity));
    return LOGIN_OK;
}
Also used : UserSession(org.olat.core.util.UserSession)

Aggregations

UserSession (org.olat.core.util.UserSession)146 UserSessionManager (org.olat.core.util.session.UserSessionManager)26 Identity (org.olat.core.id.Identity)22 Roles (org.olat.core.id.Roles)20 SessionInfo (org.olat.core.util.SessionInfo)20 HttpSession (javax.servlet.http.HttpSession)18 UserRequest (org.olat.core.gui.UserRequest)18 Test (org.junit.Test)16 MapperKey (org.olat.core.dispatcher.mapper.manager.MapperKey)16 UserRequestImpl (org.olat.core.gui.UserRequestImpl)16 ContextEntry (org.olat.core.id.context.ContextEntry)14 IOException (java.io.IOException)12 AssertException (org.olat.core.logging.AssertException)12 HttpServletRequest (javax.servlet.http.HttpServletRequest)10 Window (org.olat.core.gui.components.Window)10 UnknownHostException (java.net.UnknownHostException)8 ArrayList (java.util.ArrayList)8 ChiefController (org.olat.core.gui.control.ChiefController)8 Preferences (org.olat.core.util.prefs.Preferences)8 InetAddress (java.net.InetAddress)6