Package com.adito.security

Examples of com.adito.security.SessionInfo

77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
    public ActionForward unspecified(ActionMapping mapping, ActionForm form, HttpServletRequest request,
                    HttpServletResponse response) throws Exception {
        List<WizardActionStatus> actionStatus = new ArrayList<WizardActionStatus>();
        AbstractWizardSequence seq = getWizardSequence(request);
        SessionInfo info = this.getSessionInfo(request);
        String name = (String) seq.getAttribute(AccessRightsDetailsForm.ATTR_RESOURCE_NAME, null);
        String description = (String) seq.getAttribute(AccessRightsDetailsForm.ATTR_RESOURCE_DESCRIPTION, null);
        PropertyList permissionList = (PropertyList) seq.getAttribute(AccessRightsPermissionsForm.ATTR_SELECTED_ACCESS_RIGHTS, null);
        String permissionClass = (String) seq.getAttribute(AccessRightsDetailsForm.ATTR_RESOURCE_PERMISSION_CLASS, null);
        AccessRights accessRights = null;
        Calendar now = Calendar.getInstance();
        try {
            DefaultAccessRights defaultAccessRights = new DefaultAccessRights(info.getUser().getRealm().getRealmID(), 0, name, description, new ArrayList<AccessRight>(), permissionClass, now, now);
            defaultAccessRights.setAllAccessRights(info.getHttpSession(), permissionList);
            accessRights = PolicyDatabaseFactory.getInstance().createAccessRights(defaultAccessRights);         
           
            actionStatus.add(new WizardActionStatus(WizardActionStatus.COMPLETED_OK,
                            "accessRightsWizard.resourceFinish.status.resourceCreated"));
           
View Full Code Here
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
            launchSession = foundLaunchSession;
            if (log.isDebugEnabled()) {
              log.debug("Found a web forward launch session provided by " + LaunchSession.LONG_LAUNCH_ID
                + " parameter in request.");
            }
            SessionInfo session = locateSession(request, response);
            if (session == null) {
              throw new Exception("Session could not be located.");
            }
                        LogonControllerFactory.getInstance().addCookies(request, response, session.getLogonTicket(), session);
            launchSession.checkAccessRights(null, session);
            return handleReplacementProxy(request, response, launchSession);
          }
        }
      }
View Full Code Here
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
    /*
     * First try and locate the session, if there is no session then this is
     * definitely not a reverse proxy request
     */
    LaunchSession launchSession = null;
    SessionInfo session = locateSession(request, response);

    if (session == null) {
      // If we have no session, then this cannot be a reverse proxy
      // request
      if (log.isDebugEnabled())
        log.debug("No session, not a reverse proxy.");
      return false;
    }
   
    try {
      // Perhaps this is a reverse proxy?
      String host = request.getHost();
      ReverseProxyWebForward wf = null;

      // Active Proxy

      if (host != null && !host.equals("") && host.indexOf('.') > -1) {
        int idx = host.indexOf('.');
        if (idx != -1) {
          try {
            String uniqueId = host.substring(0, idx);
            launchSession = LaunchSessionFactory.getInstance().getLaunchSession(session, uniqueId);
            if (launchSession != null) {
              wf = (ReverseProxyWebForward) launchSession.getResource();
              launchSession.checkAccessRights(null, session);
              if (!((ReverseProxyWebForward) wf).getActiveDNS()) {
                throw new Exception("Appears to be an active DNS request but the associated web forward is not active DNS. Is someone trying something funny???");
              }
                          LogonControllerFactory.getInstance().addCookies(request, response, session.getLogonTicket(), session);
              return handleReverseProxy(pathInContext, pathParams, request, response, launchSession);
            }

          } catch (Exception ex) {
            if (log.isDebugEnabled())
              log.debug("Active DNS web forward lookup failed", ex);
          }
        } else {
          if (log.isDebugEnabled())
            log.debug("Not active DNS.");
        }
      }

      String hostHeader = request.getHost();
      int idx = hostHeader.indexOf(':');
      if (idx > -1)
        hostHeader = hostHeader.substring(0, idx);

      /* Ordinary reverse proxy? There can only ever be one launch session per reverse proxy
       * as there is no way of maintaining the session across requests. If a user launches the
       * resource more than once, the old launch session will be removed
       */

      for (LaunchSession rs : LaunchSessionFactory.getInstance().getLaunchSessionsForType(session,
        WebForwardPlugin.WEBFORWARD_RESOURCE_TYPE)) {
        if (rs.getResource() instanceof ReverseProxyWebForward) {
          wf = (ReverseProxyWebForward) rs.getResource();
          // Check that its not reverseProxyRedirect.jsp because if we don't it breaks access after first attempt in same session
          if (wf.isValidPath(pathInContext) || (wf.getHostHeader() != null && wf.getHostHeader().equals(hostHeader) && !pathInContext.startsWith("/reverseProxyRedirect.jsp"))) {
            rs.checkAccessRights(null, session);
            return handleReverseProxy(pathInContext, pathParams, request, response, rs);
          }
        }
      }
    } catch (Exception e) {
      log.error("Failed to process web forward.", e);
      if (session != null) {
        session.getHttpSession().setAttribute(Constants.EXCEPTION, e);
        response.sendRedirect("/showPopupException.do");
      } else {
        throw new RequestHandlerException("Failed to process web forward.", 500);
      }
      return true;
View Full Code Here
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
                RequestHandlerResponse response) {
    /*
     * When not authenticated, dont reverse proxy anything. We use the logon
     * ticket to get the HttpSession in use
     */
    SessionInfo session = null;

    /**
     * The launching of a reverse proxy will always be a GET. This change
     * will allow us to set the character encoding of the request later so
     * that POST parameters are not incorrectly encoded.
     */
    if (request.getMethod().equals("GET") && request.getParameters().containsKey(LaunchSession.LONG_LAUNCH_ID)) {
      String launchId = (String) request.getParameters().get(LaunchSession.LONG_LAUNCH_ID);

      // Get the actual session for the reverse proxy
      LaunchSession launchSession = LaunchSessionFactory.getInstance().getLaunchSession(launchId);
      if (launchSession != null) {

        // If the launch session is not for a reverse proxy web forward
        // then ignore
        if (launchSession.isTracked() && launchSession.getResource() instanceof ReverseProxyWebForward) {
          session = launchSession.getSession();

          Cookie[] cookies = request.getCookies();
          if (cookies != null) {
            for (int i = 0; i < cookies.length; i++) {
              if (cookies[i].getName().equalsIgnoreCase(sessionCookie)) {
                LogonControllerFactory.getInstance().attachSession(cookies[i].getValue(), session);
                break;
              }
            }
          }

          LogonControllerFactory.getInstance().addCookies(request, response, session.getLogonTicket(), session);
        }
      }

    } else {
      Cookie[] cookies = request.getCookies();

      if (cookies != null) {
        for (int i = 0; i < cookies.length; i++) {
          if (cookies[i].getName().equalsIgnoreCase(sessionCookie)) {
            session = LogonControllerFactory.getInstance().getSessionInfoBySessionId(cookies[i].getValue());
            if (session != null) {
              LogonControllerFactory.getInstance().addCookies(request, response, session.getLogonTicket(), session);
              session.access();
              break;
            }
          }
          if (cookies[i].getName().equalsIgnoreCase(Constants.DOMAIN_LOGON_TICKET) || cookies[i].getName()
                  .equalsIgnoreCase(Constants.LOGON_TICKET)) {
            session = LogonControllerFactory.getInstance().getSessionInfo(cookies[i].getValue());
            if (session != null) {
              LogonControllerFactory.getInstance().addCookies(request, response, session.getLogonTicket(), session);
              session.access();
              break;
            }
          }

        }
      }
    }

    if (session != null) {
      session.access();
    }

    return session;
  }
View Full Code Here
99
100
101
102
103
104
105
106
107
108
109
110
111
112
    }

  @Override
  public ActionErrors validate(ActionMapping mapping, HttpServletRequest request) {
    ActionErrors errs = super.validate(mapping, request);
    SessionInfo session = LogonControllerFactory.getInstance().getSessionInfo(request);
    if(isCommiting()) {
          try {
              UserDatabase udb = UserDatabaseManager.getInstance().getUserDatabase(session.getRealm());
            for(String account : selectedAccounts) {
              try {
                udb.getAccount(account);
              }
              catch(Exception e) {  
View Full Code Here
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
      throw new IllegalArgumentException("This method may only be used with global warnings of type USERS_WITH_PERMISSIONS");
    }
    HttpSession servletSession;
    for (Iterator i = CoreRequestProcessor.getSessions().entrySet().iterator(); i.hasNext();) {
      servletSession = (HttpSession) ((Map.Entry) i.next()).getValue();
      SessionInfo info = LogonControllerFactory.getInstance().getSessionInfo(servletSession);
      if (info != null) {
        try {
          if (PolicyDatabaseFactory.getInstance().isPermitted(warning.getRequiredResourceType(),
            warning.getRequiredPermissions(),
            info.getUser(),
            false)) {
            populateSession(servletSession, warning);
          }
        } catch (Exception e) {
          CoreUtil.log.error("Failed to add global warning. ", e);
View Full Code Here
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
  @SuppressWarnings("unchecked")
  public void addMultipleGlobalWarning(GlobalWarning warning) {
    HttpSession servletSession = null;
    for (Iterator i = CoreRequestProcessor.getSessions().entrySet().iterator(); i.hasNext();) {
      servletSession = (HttpSession) ((Map.Entry) i.next()).getValue();
      SessionInfo info = LogonControllerFactory.getInstance().getSessionInfo(servletSession);
      if (info != null) {
        try {
          if ((warning.getType() == GlobalWarning.SUPER_USER && LogonControllerFactory.getInstance()
                  .isAdministrator(info.getUser())) || (warning.getType() == GlobalWarning.MANAGEMENT_USERS && PolicyDatabaseFactory.getInstance()
                  .isAnyAccessRightAllowed(info.getUser(), true, true, false))
            || warning.getType() == GlobalWarning.ALL_USERS) {
            populateSession(servletSession, warning);
          }
        } catch (Exception e) {
          CoreUtil.log.error("Failed to add global warning.", e);
View Full Code Here
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
    for (GlobalWarning warning : new ArrayList<GlobalWarning>(globalWarnings)) {
      if (warning.getMessage().getKey().equals(key)) {
        if (warning.getDismissType() == DismissType.DISMISS_FOR_SESSION) {
          removeGlobalWarning(servletSession, key);
        } else if (warning.getDismissType() == DismissType.DISMISS_FOR_USER) {
          SessionInfo sessionInfo = LogonControllerFactory.getInstance().getSessionInfo(servletSession);
          if (sessionInfo == null) {
            throw new IllegalArgumentException("No session info for servlet session.");
          }
          synchronized (dismissedWarnings) {
            List<User> users = dismissedWarnings.get(key);
            if (users == null) {
              users = new ArrayList<User>();
              dismissedWarnings.put(key, users);
            }
            if (!users.contains(sessionInfo.getUser())) {
              users.add(sessionInfo.getUser());
            }
          }
          removeGlobalWarning(servletSession, key);
        } else {
          throw new IllegalArgumentException("This global warning cannot be dismissed.");
View Full Code Here
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
   * @see com.adito.core.CoreListener#coreEvent(com.adito.core.CoreEvent)
   */
  @SuppressWarnings("unchecked")
  public void coreEvent(CoreEvent evt) {
    if (evt.getId() == CoreEventConstants.LOGON) {
      SessionInfo sessionInfo = evt.getSessionInfo();
      if (sessionInfo != null && sessionInfo.getHttpSession() != null) {
        // Only add warnings to web sessions
        HttpSession session = sessionInfo.getHttpSession();
        User user = sessionInfo.getUser();
        List<GlobalWarning> globalWarnings = (List<GlobalWarning>) session.getServletContext()
                .getAttribute(Constants.CONTEXT_GLOBAL_WARNINGS);
        if (globalWarnings != null) {
          for (GlobalWarning gw : globalWarnings) {
            List<User> dismissedByUsers = dismissedWarnings.get(gw.getMessage().getKey());
View Full Code Here
294
295
296
297
298
299
300
301
302
303
304
  }

  private void populateSession(HttpSession servletSession, GlobalWarning warning) {
    synchronized (servletSession) {
      SessionInfo info = LogonControllerFactory.getInstance().getSessionInfo(servletSession);
      if (info != null) {
        List<GlobalWarning> l = (List<GlobalWarning>) servletSession.getAttribute(Constants.SESSION_GLOBAL_WARNINGS);
        if (l == null) {
          l = new ArrayList<GlobalWarning>();
          servletSession.setAttribute(Constants.SESSION_GLOBAL_WARNINGS, l);
View Full Code Here
TOP

Related Classes of com.adito.security.SessionInfo

  • com.adito.agent.DefaultAgentCallback
  • com.adito.agent.DefaultAgentManager
  • com.adito.agent.DummyAgentCallback
  • com.adito.core.CoreUtil
  • com.adito.core.GlobalWarningManager
  • com.adito.extensions.actions.GetApplicationFileAction
  • com.adito.install.actions.InstallAction
  • com.adito.navigation.forms.FavoritesForm
  • com.adito.networkplaces.actions.FileSystemViewDispatchAction
  • com.adito.networkplaces.NetworkPlaceUploadHandler
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.