Examples with ServerSessionManagementService org.wso2.carbon.identity.application.authentication.framework.ServerSessionManagementService used on opensource projects

Search in sources :

Example 1 with ServerSessionManagementService

use of org.wso2.carbon.identity.application.authentication.framework.ServerSessionManagementService in project carbon-identity-framework by wso2.

the class FrameworkServiceComponent method activate.

@SuppressWarnings("unchecked")
@Activate
protected void activate(ComponentContext ctxt) {
    FrameworkServiceDataHolder dataHolder = FrameworkServiceDataHolder.getInstance();
    dataHolder.setJsFunctionRegistry(new JsFunctionRegistryImpl());
    BundleContext bundleContext = ctxt.getBundleContext();
    bundleContext.registerService(JsFunctionRegistry.class, dataHolder.getJsFunctionRegistry(), null);
    bundleContext.registerService(UserSessionManagementService.class.getName(), new UserSessionManagementServiceImpl(), null);
    bundleContext.registerService(HttpIdentityRequestFactory.class.getName(), new SessionExtenderRequestFactory(), null);
    bundleContext.registerService(HttpIdentityResponseFactory.class.getName(), new SessionExtenderResponseFactory(), null);
    bundleContext.registerService(IdentityProcessor.class.getName(), new SessionExtenderProcessor(), null);
    ServerSessionManagementService serverSessionManagementService = new ServerSessionManagementServiceImpl();
    bundleContext.registerService(ServerSessionManagementService.class.getName(), serverSessionManagementService, null);
    dataHolder.setServerSessionManagementService(serverSessionManagementService);
    setAdaptiveAuthExecutionSupervisor();
    boolean tenantDropdownEnabled = ConfigurationFacade.getInstance().getTenantDropdownEnabled();
    if (tenantDropdownEnabled) {
        // Register the tenant management listener for tracking changes to tenants
        bundleContext.registerService(TenantMgtListener.class.getName(), new AuthenticationEndpointTenantActivityListener(), null);
        if (log.isDebugEnabled()) {
            log.debug("AuthenticationEndpointTenantActivityListener is registered. Tenant Domains Dropdown is " + "enabled.");
        }
    }
    AuthenticationMethodNameTranslatorImpl authenticationMethodNameTranslator = new AuthenticationMethodNameTranslatorImpl();
    authenticationMethodNameTranslator.initializeConfigsWithServerConfig();
    bundleContext.registerService(AuthenticationMethodNameTranslator.class, authenticationMethodNameTranslator, null);
    dataHolder.setAuthenticationMethodNameTranslator(authenticationMethodNameTranslator);
    // Register Common servlet
    Servlet commonAuthServlet = new ContextPathServletAdaptor(new CommonAuthenticationServlet(), COMMON_SERVLET_URL);
    Servlet identityServlet = new ContextPathServletAdaptor(new IdentityServlet(), IDENTITY_SERVLET_URL);
    Servlet loginContextServlet = new ContextPathServletAdaptor(new LoginContextServlet(), LOGIN_CONTEXT_SERVLET_URL);
    try {
        httpService.registerServlet(COMMON_SERVLET_URL, commonAuthServlet, null, null);
        httpService.registerServlet(IDENTITY_SERVLET_URL, identityServlet, null, null);
        httpService.registerServlet(LOGIN_CONTEXT_SERVLET_URL, loginContextServlet, null, null);
    } catch (Exception e) {
        String errMsg = "Error when registering servlets via the HttpService.";
        log.error(errMsg, e);
        throw new RuntimeException(errMsg, e);
    }
    if (promptOnLongWait()) {
        Servlet longWaitStatusServlet = new ContextPathServletAdaptor(new LongWaitStatusServlet(), LONGWAITSTATUS_SERVLET_URL);
        try {
            httpService.registerServlet(LONGWAITSTATUS_SERVLET_URL, longWaitStatusServlet, null, null);
        } catch (Exception e) {
            String errMsg = "Error when registering longwaitstatus servlet via the HttpService.";
            log.error(errMsg, e);
            throw new RuntimeException(errMsg, e);
        }
    }
    dataHolder.setBundleContext(bundleContext);
    dataHolder.getHttpIdentityRequestFactories().add(new HttpIdentityRequestFactory());
    dataHolder.getHttpIdentityResponseFactories().add(new FrameworkLoginResponseFactory());
    dataHolder.getHttpIdentityResponseFactories().add(new FrameworkLogoutResponseFactory());
    JsGraphBuilderFactory jsGraphBuilderFactory = new JsGraphBuilderFactory();
    jsGraphBuilderFactory.init();
    UIBasedConfigurationLoader uiBasedConfigurationLoader = new UIBasedConfigurationLoader();
    dataHolder.setSequenceLoader(uiBasedConfigurationLoader);
    dataHolder.setJsGraphBuilderFactory(jsGraphBuilderFactory);
    PostAuthenticationMgtService postAuthenticationMgtService = new PostAuthenticationMgtService();
    bundleContext.registerService(PostAuthenticationMgtService.class.getName(), postAuthenticationMgtService, null);
    dataHolder.setPostAuthenticationMgtService(postAuthenticationMgtService);
    // Registering missing mandatory claim handler as a post authn handler
    PostAuthenticationHandler postAuthnMissingClaimHandler = new PostAuthnMissingClaimHandler();
    bundleContext.registerService(PostAuthenticationHandler.class.getName(), postAuthnMissingClaimHandler, null);
    SSOConsentService ssoConsentService = new SSOConsentServiceImpl();
    bundleContext.registerService(SSOConsentService.class.getName(), ssoConsentService, null);
    dataHolder.setSSOConsentService(ssoConsentService);
    bundleContext.registerService(PostAuthenticationHandler.class.getName(), consentMgtPostAuthnHandler, null);
    JITProvisioningIdentityProviderMgtListener jitProvisioningIDPMgtListener = new JITProvisioningIdentityProviderMgtListener();
    bundleContext.registerService(IdentityProviderMgtListener.class.getName(), jitProvisioningIDPMgtListener, null);
    bundleContext.registerService(ClaimFilter.class.getName(), new DefaultClaimFilter(), null);
    // this is done to load SessionDataStore class and start the cleanup tasks.
    SessionDataStore.getInstance();
    AsyncSequenceExecutor asyncSequenceExecutor = new AsyncSequenceExecutor();
    asyncSequenceExecutor.init();
    dataHolder.setAsyncSequenceExecutor(asyncSequenceExecutor);
    LongWaitStatusDAOImpl daoImpl = new LongWaitStatusDAOImpl();
    CacheBackedLongWaitStatusDAO cacheBackedDao = new CacheBackedLongWaitStatusDAO(daoImpl);
    String connectionTimeoutString = IdentityUtil.getProperty("AdaptiveAuth.HTTPConnectionTimeout");
    int connectionTimeout = 5000;
    if (connectionTimeoutString != null) {
        try {
            connectionTimeout = Integer.parseInt(connectionTimeoutString);
        } catch (NumberFormatException e) {
            log.error("Error while parsing connection timeout : " + connectionTimeoutString, e);
        }
    }
    LongWaitStatusStoreService longWaitStatusStoreService = new LongWaitStatusStoreService(cacheBackedDao, connectionTimeout);
    dataHolder.setLongWaitStatusStoreService(longWaitStatusStoreService);
    // Registering JIT, association and domain handler as post authentication handler
    PostAuthenticationHandler postJITProvisioningHandler = JITProvisioningPostAuthenticationHandler.getInstance();
    bundleContext.registerService(PostAuthenticationHandler.class.getName(), postJITProvisioningHandler, null);
    PostAuthenticationHandler postAuthAssociationHandler = PostAuthAssociationHandler.getInstance();
    bundleContext.registerService(PostAuthenticationHandler.class.getName(), postAuthAssociationHandler, null);
    PostAuthenticationHandler postAuthenticatedUserDomainHandler = PostAuthenticatedSubjectIdentifierHandler.getInstance();
    bundleContext.registerService(PostAuthenticationHandler.class.getName(), postAuthenticatedUserDomainHandler, null);
    if (log.isDebugEnabled()) {
        log.debug("Application Authentication Framework bundle is activated");
    }
    /**
     * Load and reade the require.js file in resources.
     */
    this.loadCodeForRequire();
    // Set user session mapping enabled.
    FrameworkServiceDataHolder.getInstance().setUserSessionMappingEnabled(FrameworkUtils.isUserSessionMappingEnabled());
    if (FrameworkServiceDataHolder.getInstance().getSessionSerializer() == null) {
        FrameworkServiceDataHolder.getInstance().setSessionSerializer(new JavaSessionSerializer());
    }
    bundleContext.registerService(ApplicationAuthenticationService.class.getName(), new ApplicationAuthenticationService(), null);
// Note : DO NOT add any activation related code below this point,
// to make sure the server doesn't start up if any activation failures
}
Also used : JsGraphBuilderFactory(org.wso2.carbon.identity.application.authentication.framework.config.model.graph.JsGraphBuilderFactory) SessionExtenderProcessor(org.wso2.carbon.identity.application.authentication.framework.session.extender.processor.SessionExtenderProcessor) JsFunctionRegistryImpl(org.wso2.carbon.identity.application.authentication.framework.config.model.graph.JsFunctionRegistryImpl) CommonAuthenticationServlet(org.wso2.carbon.identity.application.authentication.framework.servlet.CommonAuthenticationServlet) AsyncSequenceExecutor(org.wso2.carbon.identity.application.authentication.framework.handler.sequence.impl.AsyncSequenceExecutor) JavaSessionSerializer(org.wso2.carbon.identity.application.authentication.framework.store.JavaSessionSerializer) ServerSessionManagementServiceImpl(org.wso2.carbon.identity.application.authentication.framework.internal.impl.ServerSessionManagementServiceImpl) AuthenticationMethodNameTranslatorImpl(org.wso2.carbon.identity.application.authentication.framework.internal.impl.AuthenticationMethodNameTranslatorImpl) ApplicationAuthenticationService(org.wso2.carbon.identity.application.authentication.framework.ApplicationAuthenticationService) DefaultClaimFilter(org.wso2.carbon.identity.application.authentication.framework.handler.claims.impl.DefaultClaimFilter) LongWaitStatusServlet(org.wso2.carbon.identity.application.authentication.framework.servlet.LongWaitStatusServlet) TenantMgtListener(org.wso2.carbon.stratos.common.listeners.TenantMgtListener) LoginContextServlet(org.wso2.carbon.identity.application.authentication.framework.servlet.LoginContextServlet) UIBasedConfigurationLoader(org.wso2.carbon.identity.application.authentication.framework.config.loader.UIBasedConfigurationLoader) JITProvisioningIdentityProviderMgtListener(org.wso2.carbon.identity.application.authentication.framework.handler.provisioning.listener.JITProvisioningIdentityProviderMgtListener) CacheBackedLongWaitStatusDAO(org.wso2.carbon.identity.application.authentication.framework.dao.impl.CacheBackedLongWaitStatusDAO) LongWaitStatusStoreService(org.wso2.carbon.identity.application.authentication.framework.store.LongWaitStatusStoreService) IdentityProcessor(org.wso2.carbon.identity.application.authentication.framework.inbound.IdentityProcessor) Servlet(javax.servlet.Servlet) CommonAuthenticationServlet(org.wso2.carbon.identity.application.authentication.framework.servlet.CommonAuthenticationServlet) IdentityServlet(org.wso2.carbon.identity.application.authentication.framework.inbound.IdentityServlet) LoginContextServlet(org.wso2.carbon.identity.application.authentication.framework.servlet.LoginContextServlet) LongWaitStatusServlet(org.wso2.carbon.identity.application.authentication.framework.servlet.LongWaitStatusServlet) UserSessionManagementServiceImpl(org.wso2.carbon.identity.application.authentication.framework.internal.impl.UserSessionManagementServiceImpl) HttpIdentityRequestFactory(org.wso2.carbon.identity.application.authentication.framework.inbound.HttpIdentityRequestFactory) IdentityServlet(org.wso2.carbon.identity.application.authentication.framework.inbound.IdentityServlet) ClaimFilter(org.wso2.carbon.identity.application.authentication.framework.handler.claims.ClaimFilter) DefaultClaimFilter(org.wso2.carbon.identity.application.authentication.framework.handler.claims.impl.DefaultClaimFilter) PostAuthenticationMgtService(org.wso2.carbon.identity.application.authentication.framework.services.PostAuthenticationMgtService) SessionExtenderRequestFactory(org.wso2.carbon.identity.application.authentication.framework.session.extender.request.SessionExtenderRequestFactory) FrameworkLogoutResponseFactory(org.wso2.carbon.identity.application.authentication.framework.inbound.FrameworkLogoutResponseFactory) UserSessionManagementService(org.wso2.carbon.identity.application.authentication.framework.UserSessionManagementService) FrameworkLoginResponseFactory(org.wso2.carbon.identity.application.authentication.framework.inbound.FrameworkLoginResponseFactory) SSOConsentService(org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.consent.SSOConsentService) IdentityProviderMgtListener(org.wso2.carbon.idp.mgt.listener.IdentityProviderMgtListener) JITProvisioningIdentityProviderMgtListener(org.wso2.carbon.identity.application.authentication.framework.handler.provisioning.listener.JITProvisioningIdentityProviderMgtListener) SessionExtenderResponseFactory(org.wso2.carbon.identity.application.authentication.framework.session.extender.response.SessionExtenderResponseFactory) PostAuthnMissingClaimHandler(org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.PostAuthnMissingClaimHandler) IOException(java.io.IOException) FrameworkException(org.wso2.carbon.identity.application.authentication.framework.exception.FrameworkException) ContextPathServletAdaptor(org.eclipse.equinox.http.helper.ContextPathServletAdaptor) LongWaitStatusDAOImpl(org.wso2.carbon.identity.application.authentication.framework.dao.impl.LongWaitStatusDAOImpl) AuthenticationEndpointTenantActivityListener(org.wso2.carbon.identity.application.authentication.framework.listener.AuthenticationEndpointTenantActivityListener) HttpIdentityResponseFactory(org.wso2.carbon.identity.application.authentication.framework.inbound.HttpIdentityResponseFactory) ServerSessionManagementService(org.wso2.carbon.identity.application.authentication.framework.ServerSessionManagementService) SSOConsentServiceImpl(org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.consent.SSOConsentServiceImpl) BundleContext(org.osgi.framework.BundleContext) JITProvisioningPostAuthenticationHandler(org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.JITProvisioningPostAuthenticationHandler) PostAuthenticationHandler(org.wso2.carbon.identity.application.authentication.framework.handler.request.PostAuthenticationHandler) Activate(org.osgi.service.component.annotations.Activate)

Example 2 with ServerSessionManagementService

use of org.wso2.carbon.identity.application.authentication.framework.ServerSessionManagementService in project carbon-identity-framework by wso2.

the class SessionManagementService method removeMySession.

/**
 * Terminates the requested session, after validating whether the session belongs to the logged in user.
 * @deprecated Use UserSessionManagementService to terminate the session of the current user
 * {@link org.wso2.carbon.identity.application.authentication.framework.UserSessionManagementService
 * #terminateSessionBySessionId(String, String)}
 * @param sessionId
 * @return
 */
public boolean removeMySession(String sessionId) {
    if (StringUtils.isBlank(sessionId)) {
        return false;
    }
    SessionContext sessionContext = FrameworkUtils.getSessionContextFromCache(sessionId, FrameworkUtils.getLoginTenantDomainFromContext());
    // Check whether the session belongs to the logged in user.
    CarbonContext carbonContext = CarbonContext.getThreadLocalCarbonContext();
    String username = carbonContext.getUsername();
    // Extract the user store domain if there is any or set to 'PRIMARY'.
    String userStoreDomain = "PRIMARY";
    username = UserCoreUtil.removeDomainFromName(username);
    AuthenticatedUser authenticatedUser = (AuthenticatedUser) sessionContext.getProperty(FrameworkConstants.AUTHENTICATED_USER);
    if (username.equals(authenticatedUser.getUserName()) && userStoreDomain.equals(authenticatedUser.getUserStoreDomain()) && carbonContext.getTenantDomain().equals(authenticatedUser.getTenantDomain())) {
        ServerSessionManagementService serverSessionManagementService = FrameworkServiceDataHolder.getInstance().getServerSessionManagementService();
        return serverSessionManagementService.removeSession(sessionId);
    } else {
        // TODO : Handle federated scenario.
        log.warn(String.format("Trying to terminate a session which does not belong to logged in user (%s). " + "This might be an attempt for a security breach", username));
        return false;
    }
}
Also used : SessionContext(org.wso2.carbon.identity.application.authentication.framework.context.SessionContext) AuthenticatedUser(org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser) ServerSessionManagementService(org.wso2.carbon.identity.application.authentication.framework.ServerSessionManagementService) CarbonContext(org.wso2.carbon.context.CarbonContext)

Aggregations

ServerSessionManagementService (org.wso2.carbon.identity.application.authentication.framework.ServerSessionManagementService)2 IOException (java.io.IOException)1 Servlet (javax.servlet.Servlet)1 ContextPathServletAdaptor (org.eclipse.equinox.http.helper.ContextPathServletAdaptor)1 BundleContext (org.osgi.framework.BundleContext)1 Activate (org.osgi.service.component.annotations.Activate)1 CarbonContext (org.wso2.carbon.context.CarbonContext)1 ApplicationAuthenticationService (org.wso2.carbon.identity.application.authentication.framework.ApplicationAuthenticationService)1 UserSessionManagementService (org.wso2.carbon.identity.application.authentication.framework.UserSessionManagementService)1 UIBasedConfigurationLoader (org.wso2.carbon.identity.application.authentication.framework.config.loader.UIBasedConfigurationLoader)1 JsFunctionRegistryImpl (org.wso2.carbon.identity.application.authentication.framework.config.model.graph.JsFunctionRegistryImpl)1 JsGraphBuilderFactory (org.wso2.carbon.identity.application.authentication.framework.config.model.graph.JsGraphBuilderFactory)1 SessionContext (org.wso2.carbon.identity.application.authentication.framework.context.SessionContext)1 CacheBackedLongWaitStatusDAO (org.wso2.carbon.identity.application.authentication.framework.dao.impl.CacheBackedLongWaitStatusDAO)1 LongWaitStatusDAOImpl (org.wso2.carbon.identity.application.authentication.framework.dao.impl.LongWaitStatusDAOImpl)1 FrameworkException (org.wso2.carbon.identity.application.authentication.framework.exception.FrameworkException)1 ClaimFilter (org.wso2.carbon.identity.application.authentication.framework.handler.claims.ClaimFilter)1 DefaultClaimFilter (org.wso2.carbon.identity.application.authentication.framework.handler.claims.impl.DefaultClaimFilter)1 JITProvisioningIdentityProviderMgtListener (org.wso2.carbon.identity.application.authentication.framework.handler.provisioning.listener.JITProvisioningIdentityProviderMgtListener)1 PostAuthenticationHandler (org.wso2.carbon.identity.application.authentication.framework.handler.request.PostAuthenticationHandler)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial