Examples with SessionInformation org.springframework.security.core.session.SessionInformation used on opensource projects

Search in sources :

Example 16 with SessionInformation

use of org.springframework.security.core.session.SessionInformation in project theskeleton by codenergic.

the class ProfileRestController method findProfileActiveSessions.

@GetMapping("/sessions")
public List<SessionInformation> findProfileActiveSessions(Authentication authentication) {
    if (authentication == null || authentication.getPrincipal() == null)
        return Collections.emptyList();
    List<SessionInformation> sessions = new ArrayList<>();
    for (Object principal : sessionRegistry.getAllPrincipals()) {
        UserEntity user = (UserEntity) principal;
        if (!user.getUsername().equals(authentication.getName()))
            continue;
        sessions.addAll(sessionRegistry.getAllSessions(user, true));
    }
    return sessions.stream().map(i -> new SessionInformation(authentication.getName(), i.getSessionId(), i.getLastRequest())).collect(Collectors.toList());
}
Also used : Valid(javax.validation.Valid) HttpServletRequest(javax.servlet.http.HttpServletRequest) java.util(java.util) UserOAuth2ClientApprovalRestData(org.codenergic.theskeleton.user.UserOAuth2ClientApprovalRestData) UserEntity(org.codenergic.theskeleton.user.UserEntity) org.springframework.web.bind.annotation(org.springframework.web.bind.annotation) SessionInformation(org.springframework.security.core.session.SessionInformation) Authentication(org.springframework.security.core.Authentication) SessionRegistry(org.springframework.security.core.session.SessionRegistry) Collectors(java.util.stream.Collectors) InputStream(java.io.InputStream) SessionInformation(org.springframework.security.core.session.SessionInformation) UserEntity(org.codenergic.theskeleton.user.UserEntity)

Example 17 with SessionInformation

use of org.springframework.security.core.session.SessionInformation in project ma-modules-public by infiniteautomation.

the class ServerRestV2Controller method listSessions.

@PreAuthorize("isAdmin()")
@ApiOperation(value = "List session information for all sessions", notes = "Admin only")
@RequestMapping(method = RequestMethod.GET, value = "/http-sessions")
public ResponseEntity<List<SessionInformation>> listSessions(@AuthenticationPrincipal User user, HttpServletRequest request, HttpServletResponse response) throws IOException {
    List<SessionInformation> sessions = new ArrayList<SessionInformation>();
    final List<Object> allPrincipals = MangoSecurityConfiguration.sessionRegistry().getAllPrincipals();
    for (final Object principal : allPrincipals) {
        List<SessionInformation> sessionInfo = MangoSecurityConfiguration.sessionRegistry().getAllSessions(principal, true);
        // Expire sessions, the user was deleted
        for (SessionInformation info : sessionInfo) {
            sessions.add(info);
        }
    }
    return new ResponseEntity<>(sessions, HttpStatus.OK);
}
Also used : SessionInformation(org.springframework.security.core.session.SessionInformation) ResponseEntity(org.springframework.http.ResponseEntity) ArrayList(java.util.ArrayList) ApiOperation(com.wordnik.swagger.annotations.ApiOperation) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 18 with SessionInformation

use of org.springframework.security.core.session.SessionInformation in project ma-modules-public by infiniteautomation.

the class ServerRestController method listSessions.

@PreAuthorize("isAdmin()")
@ApiOperation(value = "List session information for all sessions", notes = "Admin only")
@RequestMapping(method = RequestMethod.GET, value = "/http-sessions", produces = { "application/json" })
public ResponseEntity<List<SessionInformation>> listSessions(@AuthenticationPrincipal User user, HttpServletRequest request, HttpServletResponse response) throws IOException {
    List<SessionInformation> sessions = new ArrayList<SessionInformation>();
    final List<Object> allPrincipals = MangoSecurityConfiguration.sessionRegistry().getAllPrincipals();
    for (final Object principal : allPrincipals) {
        List<SessionInformation> sessionInfo = MangoSecurityConfiguration.sessionRegistry().getAllSessions(principal, true);
        // Expire sessions, the user was deleted
        for (SessionInformation info : sessionInfo) {
            sessions.add(info);
        }
    }
    return new ResponseEntity<>(sessions, HttpStatus.OK);
}
Also used : SessionInformation(org.springframework.security.core.session.SessionInformation) ResponseEntity(org.springframework.http.ResponseEntity) ArrayList(java.util.ArrayList) ApiOperation(com.wordnik.swagger.annotations.ApiOperation) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 19 with SessionInformation

use of org.springframework.security.core.session.SessionInformation in project spring-session by spring-projects.

the class SpringSessionBackedSessionRegistryTest method sessionInformationForExpiredSession.

@Test
public void sessionInformationForExpiredSession() {
    Session session = createSession(SESSION_ID, USER_NAME, NOW);
    session.setAttribute(SpringSessionBackedSessionInformation.EXPIRED_ATTR, Boolean.TRUE);
    when(this.sessionRepository.findById(SESSION_ID)).thenReturn(session);
    SessionInformation sessionInfo = this.sessionRegistry.getSessionInformation(SESSION_ID);
    assertThat(sessionInfo.getSessionId()).isEqualTo(SESSION_ID);
    assertThat(sessionInfo.getLastRequest().toInstant()).isEqualTo(NOW);
    assertThat(sessionInfo.getPrincipal()).isEqualTo(USER_NAME);
    assertThat(sessionInfo.isExpired()).isTrue();
}
Also used : SessionInformation(org.springframework.security.core.session.SessionInformation) Session(org.springframework.session.Session) MapSession(org.springframework.session.MapSession) Test(org.junit.Test)

Example 20 with SessionInformation

use of org.springframework.security.core.session.SessionInformation in project spring-session by spring-projects.

the class SpringSessionBackedSessionRegistryTest method sessionInformationForExistingSession.

@Test
public void sessionInformationForExistingSession() {
    Session session = createSession(SESSION_ID, USER_NAME, NOW);
    when(this.sessionRepository.findById(SESSION_ID)).thenReturn(session);
    SessionInformation sessionInfo = this.sessionRegistry.getSessionInformation(SESSION_ID);
    assertThat(sessionInfo.getSessionId()).isEqualTo(SESSION_ID);
    assertThat(sessionInfo.getLastRequest().toInstant()).isEqualTo(NOW);
    assertThat(sessionInfo.getPrincipal()).isEqualTo(USER_NAME);
    assertThat(sessionInfo.isExpired()).isFalse();
}
Also used : SessionInformation(org.springframework.security.core.session.SessionInformation) Session(org.springframework.session.Session) MapSession(org.springframework.session.MapSession) Test(org.junit.Test)

Aggregations

SessionInformation (org.springframework.security.core.session.SessionInformation)29 Date (java.util.Date)12 Test (org.junit.jupiter.api.Test)8 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)8 Test (org.junit.Test)7 SessionRegistry (org.springframework.security.core.session.SessionRegistry)7 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)6 MockFilterChain (org.springframework.mock.web.MockFilterChain)5 MockHttpSession (org.springframework.mock.web.MockHttpSession)5 ConcurrentSessionFilter (org.springframework.security.web.session.ConcurrentSessionFilter)5 ArrayList (java.util.ArrayList)3 ArgumentMatchers.anyString (org.mockito.ArgumentMatchers.anyString)3 Authentication (org.springframework.security.core.Authentication)3 RedirectStrategy (org.springframework.security.web.RedirectStrategy)3 MapSession (org.springframework.session.MapSession)3 Session (org.springframework.session.Session)3 GuiProfiledPrincipal (com.evolveum.midpoint.model.api.authentication.GuiProfiledPrincipal)2 PrismObject (com.evolveum.midpoint.prism.PrismObject)2 PolyString (com.evolveum.midpoint.prism.polystring.PolyString)2 User (com.serotonin.m2m2.vo.User)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial