Examples with UserSession org.olat.core.util.UserSession used on opensource projects

Search in sources :

Example 6 with UserSession

use of org.olat.core.util.UserSession in project OpenOLAT by OpenOLAT.

the class PaypalMapper method handle.

@Override
public MediaResource handle(String relPath, HttpServletRequest request) {
    List<ContextEntry> entries = null;
    UserSession usess = CoreSpringFactory.getImpl(UserSessionManager.class).getUserSession(request);
    try {
        entries = BusinessControlFactory.getInstance().createCEListFromString(businessPath);
        if (relPath.indexOf(';') > 0) {
            relPath = relPath.substring(0, relPath.indexOf(';'));
        }
        if (relPath.indexOf('?') > 0) {
            relPath = relPath.substring(0, relPath.indexOf('?'));
        }
        String uuid = relPath.substring(1, relPath.length() - 5);
        paypalManager.updateTransaction(uuid);
        usess.putEntryInNonClearedStore("paypal-uuid", uuid);
    } catch (Exception e) {
        log.error("", e);
        usess.putEntryInNonClearedStore("paypal-mapper-error", Boolean.TRUE);
    }
    String resourceUrl = BusinessControlFactory.getInstance().getBusinessPathAsURIFromCEList(entries);
    MediaResource redirect = new RedirectMediaResource(Settings.getServerContextPathURI() + "/auth/" + resourceUrl);
    return redirect;
}
Also used : UserSessionManager(org.olat.core.util.session.UserSessionManager) UserSession(org.olat.core.util.UserSession) RedirectMediaResource(org.olat.core.gui.media.RedirectMediaResource) MediaResource(org.olat.core.gui.media.MediaResource) RedirectMediaResource(org.olat.core.gui.media.RedirectMediaResource) ContextEntry(org.olat.core.id.context.ContextEntry)

Example 7 with UserSession

use of org.olat.core.util.UserSession in project OpenOLAT by OpenOLAT.

the class RestApiLoginFilter method followSession.

private void followSession(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException {
    UserSession uress = CoreSpringFactory.getImpl(UserSessionManager.class).getUserSessionIfAlreadySet(request);
    if (uress != null && uress.isAuthenticated()) {
        UserRequest ureq = null;
        try {
            // upon creation URL is checked for
            String requestURI = request.getRequestURI();
            ureq = new UserRequestImpl(requestURI, request, response);
        } catch (NumberFormatException nfe) {
            response.sendError(401);
            return;
        }
        request.setAttribute(RestSecurityHelper.SEC_USER_REQUEST, ureq);
        synchronized (uress) {
            chain.doFilter(request, response);
        }
    } else {
        response.sendError(401);
    }
}
Also used : UserSessionManager(org.olat.core.util.session.UserSessionManager) UserSession(org.olat.core.util.UserSession) UserRequest(org.olat.core.gui.UserRequest) UserRequestImpl(org.olat.core.gui.UserRequestImpl)

Example 8 with UserSession

use of org.olat.core.util.UserSession in project OpenOLAT by OpenOLAT.

the class RestApiLoginFilter method doFilter.

@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws ServletException {
    if (request instanceof HttpServletRequest) {
        try {
            HttpServletRequest httpRequest = (HttpServletRequest) request;
            HttpServletResponse httpResponse = (HttpServletResponse) response;
            String requestURI = httpRequest.getRequestURI();
            RestModule restModule = (RestModule) CoreSpringFactory.getBean("restModule");
            if (restModule == null || !restModule.isEnabled() && !isRequestURIAlwaysEnabled(requestURI)) {
                httpResponse.sendError(403);
                return;
            }
            // initialize tracing with request, this allows debugging information as IP, User-Agent.
            Tracing.setUreq(httpRequest);
            I18nManager.attachI18nInfoToThread(httpRequest);
            ThreadLocalUserActivityLoggerInstaller.initUserActivityLogger(httpRequest);
            UserSession uress = CoreSpringFactory.getImpl(UserSessionManager.class).getUserSessionIfAlreadySet(httpRequest);
            if (uress != null && uress.isAuthenticated()) {
                // use the available session
                followSession(httpRequest, httpResponse, chain);
            } else {
                if (isRequestURIInLoginSpace(requestURI)) {
                    followForAuthentication(requestURI, uress, httpRequest, httpResponse, chain);
                } else if (isRequestURIInOpenSpace(requestURI)) {
                    followWithoutAuthentication(httpRequest, httpResponse, chain);
                } else if (isRequestURIInIPProtectedSpace(requestURI, httpRequest, restModule)) {
                    upgradeIpAuthentication(httpRequest, httpResponse);
                    followWithoutAuthentication(httpRequest, httpResponse, chain);
                } else if (isRequestTokenValid(httpRequest)) {
                    String token = httpRequest.getHeader(RestSecurityHelper.SEC_TOKEN);
                    followToken(token, httpRequest, httpResponse, chain);
                } else if (isBasicAuthenticated(httpRequest, httpResponse, requestURI)) {
                    followBasicAuthenticated(request, response, chain);
                } else {
                    httpResponse.setHeader("WWW-Authenticate", "Basic realm=\"" + BASIC_AUTH_REALM + "\"");
                    httpResponse.sendError(401);
                }
            }
        } catch (Exception e) {
            log.error("", e);
            try {
                HttpServletResponse httpResponse = (HttpServletResponse) response;
                httpResponse.sendError(500);
            } catch (Exception ex) {
                log.error("", ex);
            }
        } finally {
            ThreadLocalUserActivityLoggerInstaller.resetUserActivityLogger();
            I18nManager.remove18nInfoFromThread();
            Tracing.setUreq(null);
            DBFactory.getInstance().commitAndCloseSession();
        }
    } else {
        throw new ServletException("Only accept HTTP Request");
    }
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) RestModule(org.olat.restapi.RestModule) UserSessionManager(org.olat.core.util.session.UserSessionManager) ServletException(javax.servlet.ServletException) UserSession(org.olat.core.util.UserSession) HttpServletResponse(javax.servlet.http.HttpServletResponse) ServletException(javax.servlet.ServletException) IOException(java.io.IOException) UnknownHostException(java.net.UnknownHostException)

Example 9 with UserSession

use of org.olat.core.util.UserSession in project OpenOLAT by OpenOLAT.

the class RestApiLoginFilter method followWithoutAuthentication.

private void followWithoutAuthentication(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException {
    UserSession uress = CoreSpringFactory.getImpl(UserSessionManager.class).getUserSessionIfAlreadySet(request);
    if (uress != null && uress.isAuthenticated()) {
        // is authenticated by session cookie, follow its current session
        followSession(request, response, chain);
        return;
    }
    String token = request.getHeader(RestSecurityHelper.SEC_TOKEN);
    RestSecurityBean securityBean = (RestSecurityBean) CoreSpringFactory.getBean(RestSecurityBean.class);
    if (StringHelper.containsNonWhitespace(token) && securityBean.isTokenRegistrated(token, request.getSession(true))) {
        // is authenticated by token, follow its current token
        followToken(token, request, response, chain);
        return;
    }
    // fxdiff FXOLAT-113: business path in DMZ
    UserRequest ureq = null;
    try {
        // upon creation URL is checked for
        String requestURI = request.getRequestURI();
        ureq = new UserRequestImpl(requestURI, request, response);
    } catch (NumberFormatException nfe) {
        response.sendError(401);
        return;
    }
    request.setAttribute(RestSecurityHelper.SEC_USER_REQUEST, ureq);
    // no authentication, but no authentication needed, go further
    chain.doFilter(request, response);
}
Also used : UserSessionManager(org.olat.core.util.session.UserSessionManager) UserSession(org.olat.core.util.UserSession) UserRequest(org.olat.core.gui.UserRequest) UserRequestImpl(org.olat.core.gui.UserRequestImpl)

Example 10 with UserSession

use of org.olat.core.util.UserSession in project OpenOLAT by OpenOLAT.

the class StatusWebservice method getSystemSummaryVO.

/**
 * Return the statistics about runtime: uptime, classes loaded, memory
 * summary, threads count...
 *
 * @response.representation.200.qname {http://www.example.com}runtimeVO
 * @response.representation.200.mediaType application/xml, application/json
 * @response.representation.200.doc The version of the instance
 * @response.representation.200.example {@link org.olat.restapi.system.vo.Examples#SAMPLE_RUNTIMEVO}
 * @response.representation.401.doc The roles of the authenticated user are not sufficient
 * @param request The HTTP request
 * @return The informations about runtime, uptime, classes loaded, memory summary...
 */
@GET
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
public Response getSystemSummaryVO() {
    StatusVO stats = new StatusVO();
    // File
    try {
        long startFile = System.nanoTime();
        File infoFile = setInfoFiles("ping");
        WorkThreadInformations.unset();
        stats.setWriteFileInMilliseconds(CodeHelper.nanoToMilliTime(startFile));
        stats.setWriteFile(infoFile.exists());
        infoFile.delete();
    } catch (Exception e) {
        stats.setWriteFile(false);
        stats.setWriteFileInMilliseconds(-1l);
        log.error("", e);
    }
    // Datebase
    try {
        stats.setWriteDb(true);
        PropertyManager propertyManager = CoreSpringFactory.getImpl(PropertyManager.class);
        List<Property> props = propertyManager.findProperties((Identity) null, (BusinessGroup) null, PING_RESOURCE, PING_REF, PING_REF);
        if (props != null && props.size() > 0) {
            for (Property prop : props) {
                propertyManager.deleteProperty(prop);
            }
            DBFactory.getInstance().commit();
        }
        long startDB = System.nanoTime();
        Property prop = propertyManager.createPropertyInstance(null, null, PING_RESOURCE, PING_REF, PING_REF, 0f, 0l, "-", "-");
        DBFactory.getInstance().commit();
        stats.setWriteDbInMilliseconds(CodeHelper.nanoToMilliTime(startDB));
        propertyManager.deleteProperty(prop);
        DBFactory.getInstance().commit();
    } catch (Exception e) {
        stats.setWriteDb(false);
        stats.setWriteDbInMilliseconds(-1l);
        log.error("", e);
    }
    // Secure authenticated user
    UserSessionManager sessionManager = CoreSpringFactory.getImpl(UserSessionManager.class);
    Set<UserSession> userSessions = sessionManager.getAuthenticatedUserSessions();
    int secureAuthenticatedCount = 0;
    for (UserSession usess : userSessions) {
        SessionInfo sessInfo = usess.getSessionInfo();
        if (sessInfo.isWebDAV() || sessInfo.isREST()) {
        // 
        } else if (sessInfo.isSecure()) {
            secureAuthenticatedCount++;
        }
    }
    stats.setSecureAuthenticatedCount(secureAuthenticatedCount);
    // Concurrent dispatch threads
    SessionStatsManager sessionStatsManager = CoreSpringFactory.getImpl(SessionStatsManager.class);
    stats.setConcurrentDispatchThreads(sessionStatsManager.getConcurrentCounter());
    return Response.ok(stats).build();
}
Also used : PropertyManager(org.olat.properties.PropertyManager) SessionInfo(org.olat.core.util.SessionInfo) SessionStatsManager(org.olat.admin.sysinfo.manager.SessionStatsManager) IOException(java.io.IOException) UserSessionManager(org.olat.core.util.session.UserSessionManager) UserSession(org.olat.core.util.UserSession) File(java.io.File) Property(org.olat.properties.Property) StatusVO(org.olat.restapi.system.vo.StatusVO) Produces(javax.ws.rs.Produces) GET(javax.ws.rs.GET)

Aggregations

UserSession (org.olat.core.util.UserSession)146 UserSessionManager (org.olat.core.util.session.UserSessionManager)26 Identity (org.olat.core.id.Identity)22 Roles (org.olat.core.id.Roles)20 SessionInfo (org.olat.core.util.SessionInfo)20 HttpSession (javax.servlet.http.HttpSession)18 UserRequest (org.olat.core.gui.UserRequest)18 Test (org.junit.Test)16 MapperKey (org.olat.core.dispatcher.mapper.manager.MapperKey)16 UserRequestImpl (org.olat.core.gui.UserRequestImpl)16 ContextEntry (org.olat.core.id.context.ContextEntry)14 IOException (java.io.IOException)12 AssertException (org.olat.core.logging.AssertException)12 HttpServletRequest (javax.servlet.http.HttpServletRequest)10 Window (org.olat.core.gui.components.Window)10 UnknownHostException (java.net.UnknownHostException)8 ArrayList (java.util.ArrayList)8 ChiefController (org.olat.core.gui.control.ChiefController)8 Preferences (org.olat.core.util.prefs.Preferences)8 InetAddress (java.net.InetAddress)6
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial