Examples with SessionInformation - org.springframework.security.core.session.SessionInformation

Example 21 with SessionInformation

use of org.springframework.security.core.session.SessionInformation in project OpenClinica by OpenClinica.

the class OpenClinicaSessionRegistryImpl method removeSessionInformation.

@Override
public void removeSessionInformation(String sessionId) {
    SessionInformation info = getSessionInformation(sessionId);
    if (info != null) {
        User u = (User) info.getPrincipal();
        auditLogout(u.getUsername());
    }
    super.removeSessionInformation(sessionId);
}

Also used : SessionInformation(org.springframework.security.core.session.SessionInformation) User(org.springframework.security.core.userdetails.User)

Example 22 with SessionInformation

use of org.springframework.security.core.session.SessionInformation in project midpoint by Evolveum.

the class GuiProfiledPrincipalManagerImpl method terminateLocalSessions.

@Override
public void terminateLocalSessions(TerminateSessionEvent terminateSessionEvent) {
    List<String> principalOids = terminateSessionEvent.getPrincipalOids();
    if (sessionRegistry != null && CollectionUtils.isNotEmpty(principalOids)) {
        List<Object> loggedInUsers = sessionRegistry.getAllPrincipals();
        for (Object principal : loggedInUsers) {
            if (!(principal instanceof GuiProfiledPrincipal)) {
                continue;
            }
            GuiProfiledPrincipal midPointPrincipal = (GuiProfiledPrincipal) principal;
            if (!principalOids.contains(midPointPrincipal.getOid())) {
                continue;
            }
            List<SessionInformation> sessionInfos = sessionRegistry.getAllSessions(principal, false);
            if (sessionInfos == null || sessionInfos.isEmpty()) {
                continue;
            }
            for (SessionInformation sessionInfo : sessionInfos) {
                sessionInfo.expireNow();
            }
        }
    }
}

Also used : SessionInformation(org.springframework.security.core.session.SessionInformation) GuiProfiledPrincipal(com.evolveum.midpoint.model.api.authentication.GuiProfiledPrincipal) PrismObject(com.evolveum.midpoint.prism.PrismObject) PolyString(com.evolveum.midpoint.prism.polystring.PolyString)

Example 23 with SessionInformation

use of org.springframework.security.core.session.SessionInformation in project midpoint by Evolveum.

the class GuiProfiledPrincipalManagerImpl method getLocalLoggedInPrincipals.

@Override
public List<UserSessionManagementType> getLocalLoggedInPrincipals() {
    String currentNodeId = taskManager.getNodeId();
    if (sessionRegistry != null) {
        List<Object> loggedInUsers = sessionRegistry.getAllPrincipals();
        List<UserSessionManagementType> loggedPrincipals = new ArrayList<>();
        for (Object principal : loggedInUsers) {
            if (!(principal instanceof GuiProfiledPrincipal)) {
                continue;
            }
            List<SessionInformation> sessionInfos = sessionRegistry.getAllSessions(principal, false);
            if (sessionInfos == null || sessionInfos.isEmpty()) {
                continue;
            }
            GuiProfiledPrincipal midPointPrincipal = (GuiProfiledPrincipal) principal;
            UserSessionManagementType userSessionManagementType = new UserSessionManagementType();
            userSessionManagementType.setFocus(midPointPrincipal.getFocus());
            userSessionManagementType.setActiveSessions(sessionInfos.size());
            userSessionManagementType.getNode().add(currentNodeId);
            loggedPrincipals.add(userSessionManagementType);
        }
        return loggedPrincipals;
    } else {
        return emptyList();
    }
}

Also used : SessionInformation(org.springframework.security.core.session.SessionInformation) UserSessionManagementType(com.evolveum.midpoint.xml.ns._public.common.api_types_3.UserSessionManagementType) GuiProfiledPrincipal(com.evolveum.midpoint.model.api.authentication.GuiProfiledPrincipal) ArrayList(java.util.ArrayList) PrismObject(com.evolveum.midpoint.prism.PrismObject) PolyString(com.evolveum.midpoint.prism.polystring.PolyString)

Example 24 with SessionInformation

use of org.springframework.security.core.session.SessionInformation in project spring-security by spring-projects.

the class ConcurrentSessionControlAuthenticationStrategyTests method maxSessionsExpireLeastRecentExistingUser.

@Test
public void maxSessionsExpireLeastRecentExistingUser() {
    SessionInformation moreRecentSessionInfo = new SessionInformation(this.authentication.getPrincipal(), "unique", new Date(1374766999999L));
    given(this.sessionRegistry.getAllSessions(any(), anyBoolean())).willReturn(Arrays.<SessionInformation>asList(moreRecentSessionInfo, this.sessionInformation));
    this.strategy.setMaximumSessions(2);
    this.strategy.onAuthentication(this.authentication, this.request, this.response);
    assertThat(this.sessionInformation.isExpired()).isTrue();
}

Also used : SessionInformation(org.springframework.security.core.session.SessionInformation) Date(java.util.Date) Test(org.junit.jupiter.api.Test)

Example 25 with SessionInformation

use of org.springframework.security.core.session.SessionInformation in project spring-security by spring-projects.

the class ConcurrentSessionControlAuthenticationStrategyTests method setup.

@BeforeEach
public void setup() {
    this.authentication = new TestingAuthenticationToken("user", "password", "ROLE_USER");
    this.request = new MockHttpServletRequest();
    this.response = new MockHttpServletResponse();
    this.sessionInformation = new SessionInformation(this.authentication.getPrincipal(), "unique", new Date(1374766134216L));
    this.strategy = new ConcurrentSessionControlAuthenticationStrategy(this.sessionRegistry);
}

Also used : SessionInformation(org.springframework.security.core.session.SessionInformation) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Date(java.util.Date) BeforeEach(org.junit.jupiter.api.BeforeEach)

Aggregations

SessionInformation (org.springframework.security.core.session.SessionInformation)29 Date (java.util.Date)12 Test (org.junit.jupiter.api.Test)8 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)8 Test (org.junit.Test)7 SessionRegistry (org.springframework.security.core.session.SessionRegistry)7 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)6 MockFilterChain (org.springframework.mock.web.MockFilterChain)5 MockHttpSession (org.springframework.mock.web.MockHttpSession)5 ConcurrentSessionFilter (org.springframework.security.web.session.ConcurrentSessionFilter)5 ArrayList (java.util.ArrayList)3 ArgumentMatchers.anyString (org.mockito.ArgumentMatchers.anyString)3 Authentication (org.springframework.security.core.Authentication)3 RedirectStrategy (org.springframework.security.web.RedirectStrategy)3 MapSession (org.springframework.session.MapSession)3 Session (org.springframework.session.Session)3 GuiProfiledPrincipal (com.evolveum.midpoint.model.api.authentication.GuiProfiledPrincipal)2 PrismObject (com.evolveum.midpoint.prism.PrismObject)2 PolyString (com.evolveum.midpoint.prism.polystring.PolyString)2 User (com.serotonin.m2m2.vo.User)2