Package org.apache.catalina

Examples of org.apache.catalina.Session


      assertEquals("Correct max active count", 1, managers[0].getMaxActiveAllowed());
      assertEquals("Correct max idle time", 1, managers[0].getPassivationMaxIdleTime());
      assertEquals("Correct min idle time", -1, managers[0].getPassivationMinIdleTime());

      // Set up a session
      Session sess1 = createAndUseSession(managers[0], "1", true, true);
     
      assertEquals("Session count correct", 1, managers[0].getActiveSessionCount());
      assertEquals("Local session count correct", 1, managers[0].getLocalActiveSessionCount());
     
      // Should fail to create a 2nd
      createAndUseSession(managers[0], "2", false, false);
     
      // Confirm a session timeout clears space
      sess1.setMaxInactiveInterval(1);      
      SessionTestUtil.sleepThread(1100);     
     
      createAndUseSession(managers[0], "2", true, true);     
     
      assertEquals("Session count correct", 1, managers[0].getActiveSessionCount());
View Full Code Here


      assertEquals("Correct max active count", 1, managers[0].getMaxActiveAllowed());
      assertEquals("Correct max idle time", 3, managers[0].getPassivationMaxIdleTime());
      assertEquals("Correct min idle time", 1, managers[0].getPassivationMinIdleTime());
     
      // Set up a session
      Session sess1 = createAndUseSession(managers[0], "1", true, true);
     
      assertEquals("Session count correct", 1, managers[0].getActiveSessionCount());
      assertEquals("Local session count correct", 1, managers[0].getLocalActiveSessionCount());
     
      // Should fail to create a 2nd
      createAndUseSession(managers[0], "2", false, false);
     
      // Confirm a session timeout clears space
      sess1.setMaxInactiveInterval(1);      
      SessionTestUtil.sleepThread(1100);     
     
      createAndUseSession(managers[0], "2", true, false);     
     
      assertEquals("Session count correct", 1, managers[0].getActiveSessionCount());
View Full Code Here

         assertEquals("Correct max active count", 1, managers[i].getMaxActiveAllowed());
         assertEquals("Correct max inactive interval", 1, managers[i].getMaxInactiveInterval());
      }
     
      // Set up a session
      Session session = createAndUseSession(managers[0], "1", true, true);
     
      assertEquals("Session count correct", 1, managers[0].getActiveSessionCount());
      assertEquals("Local session count correct", 1, managers[0].getLocalActiveSessionCount());     
      assertEquals("Session count correct", 1, managers[1].getActiveSessionCount());
      assertEquals("Local session count correct", 0, managers[1].getLocalActiveSessionCount());
     
      // Should fail to create a 2nd
      createAndUseSession(managers[1], "2", false, false);
     
      // Confirm a session timeout clears space
      session.setMaxInactiveInterval(1);    
      useSession(managers[0], "1");
      SessionTestUtil.sleepThread(managers[0].getMaxInactiveInterval() * 1000 + 100);     
     
      createAndUseSession(managers[1], "2", true, true);     
     
View Full Code Here

  
   private Session createAndUseSession(JBossCacheManager<?> manager, String id, boolean canCreate, boolean access) throws Exception
   {
      //    Shift to Manager interface when we simulate Tomcat
      Manager mgr = manager;
      Session sess = mgr.findSession(id);
      assertNull("session does not exist", sess);
      try
      {
         sess = mgr.createSession(id);
         if (!canCreate)
            fail("Could not create session" + id);
      }
      catch (IllegalStateException ise)
      {
         if (canCreate)
         {
            log.error("Failed to create session " + id, ise);
            fail("Could create session " + id);
         }
      }
     
      if (access)
      {
         sess.access();
         sess.getSession().setAttribute("test", "test");
        
         manager.storeSession(sess);
        
         sess.endAccess();
      }
     
      return sess;
   }
View Full Code Here

      Principal principal;
      context = request.getContext();
      LoginConfig config = context.getLoginConfig();
      
      // References to objects we will need later
      Session session = null;

      //Lets find out if the cache is enabled or not
      cache = (Boolean) messageInfo.getMap().get("CACHE");
     
      // Have we authenticated this user before but have caching disabled?
      if (!cache) {
          session = request.getSessionInternal(true);
          log.debug("Checking for reauthenticate in session " + session);
          String username =
              (String) session.getNote(Constants.SESS_USERNAME_NOTE);
          String password =
              (String) session.getNote(Constants.SESS_PASSWORD_NOTE);
          if ((username != null) && (password != null)) {
              log.debug("Reauthenticating username '" + username + "'");
              principal =
                  context.getRealm().authenticate(username, password);
              if (principal != null) {
                  session.setNote(Constants.FORM_PRINCIPAL_NOTE, principal);
                  if (!matchRequest(request)) {
                     registerWithCallbackHandler(principal, username, password);
                    
                      /*register(request, response, principal,
                               Constants.FORM_METHOD,
                               username, password);*/
                      return AuthStatus.SUCCESS;
                  }
              }
              log.trace("Reauthentication failed, proceed normally");
          }
      }

      // Is this the re-submit of the original request URI after successful
      // authentication?  If so, forward the *original* request instead.
      if (matchRequest(request)) {
          session = request.getSessionInternal(true);
          log.trace("Restore request from session '"
                        + session.getIdInternal()
                        + "'");
          principal = (Principal)
              session.getNote(Constants.FORM_PRINCIPAL_NOTE);
         
          registerWithCallbackHandler(principal,
                (String) session.getNote(Constants.SESS_USERNAME_NOTE),
                (String) session.getNote(Constants.SESS_PASSWORD_NOTE));
         
          /*register(request, response, principal, Constants.FORM_METHOD,
                   (String) session.getNote(Constants.SESS_USERNAME_NOTE),
                   (String) session.getNote(Constants.SESS_PASSWORD_NOTE));*/
          // If we're caching principals we no longer need the username
          // and password in the session, so remove them
          if (cache) {
              session.removeNote(Constants.SESS_USERNAME_NOTE);
              session.removeNote(Constants.SESS_PASSWORD_NOTE);
          }
          if (restoreRequest(request, session)) {
              log.trace("Proceed to restored request");
              return (AuthStatus.SUCCESS);
          } else {
              log.trace("Restore of original request failed");
           
            try
            {
               response.sendError(HttpServletResponse.SC_BAD_REQUEST);
            }
            catch (IOException e)
            {
               log.error(e.getLocalizedMessage(),e);
            }
              return AuthStatus.FAILURE;
          }
      }

      // Acquire references to objects we will need to evaluate
      MessageBytes uriMB = MessageBytes.newInstance();
      CharChunk uriCC = uriMB.getCharChunk();
      uriCC.setLimit(-1);
      String contextPath = request.getContextPath();
      String requestURI = request.getDecodedRequestURI();

      // Is this the action request from the login page?
      boolean loginAction =
          requestURI.startsWith(contextPath) &&
          requestURI.endsWith(Constants.FORM_ACTION);

      // No -- Save this request and redirect to the form login page
      if (!loginAction) {
          session = request.getSessionInternal(true);
          log.trace("Save request in session '" + session.getIdInternal() + "'");
          try {
              saveRequest(request, session);
          } catch (IOException ioe) {
              log.trace("Request body too big to save during authentication");
              try
            {
               response.sendError(HttpServletResponse.SC_FORBIDDEN,
                         sm.getString("authenticator.requestBodyTooBig"));
            }
            catch (IOException e)
            {
               log.error("Exception in Form authentication:",e);
               throw new AuthException(e.getLocalizedMessage());
            }
              return (AuthStatus.FAILURE);
          }
          forwardToLoginPage(request, response, config);
          return (AuthStatus.SEND_CONTINUE);
      }

      // Yes -- Validate the specified credentials and redirect
      // to the error page if they are not correct
      Realm realm = context.getRealm();
      String characterEncoding = request.getCharacterEncoding();
      if (characterEncoding != null) {
          try
         {
            request.setCharacterEncoding(characterEncoding);
         }
         catch (UnsupportedEncodingException e)
         {
            log.error(e.getLocalizedMessage(), e);
         }
      }
      String username = request.getParameter(Constants.FORM_USERNAME);
      String password = request.getParameter(Constants.FORM_PASSWORD);
      log.trace("Authenticating username '" + username + "'");
      principal = realm.authenticate(username, password);
      if (principal == null) {
          forwardToErrorPage(request, response, config);
          return (AuthStatus.FAILURE);
      }

      log.trace("Authentication of '" + username + "' was successful");

      if (session == null)
          session = request.getSessionInternal(false);
      if (session == null) {
          log.trace
                  ("User took so long to log on the session expired");
          try
         {
            response.sendError(HttpServletResponse.SC_REQUEST_TIMEOUT,
                                sm.getString("authenticator.sessionExpired"));
         }
         catch (IOException e)
         {
            log.error(e.getLocalizedMessage(),e);
         }
          return (AuthStatus.FAILURE);
      }

      // Save the authenticated Principal in our session
      session.setNote(Constants.FORM_PRINCIPAL_NOTE, principal);

      // Save the username and password as well
      session.setNote(Constants.SESS_USERNAME_NOTE, username);
      session.setNote(Constants.SESS_PASSWORD_NOTE, password);

      // Redirect the user to the original request URI (which will cause
      // the original request to be restored)
      requestURI = savedRequestURL(session);
      log.trace("Redirecting to original '" + requestURI + "'");
View Full Code Here

  
   private void useSession(JBossCacheManager<?> manager, String id) throws Exception
   {
      //    Shift to Manager interface when we simulate Tomcat
      Manager mgr = manager;
      Session sess = mgr.findSession(id);
      assertNotNull("session exists", sess);
     
      sess.access();
      sess.getSession().setAttribute("test", "test");
     
      manager.storeSession(sess);
     
      sess.endAccess();
   }
View Full Code Here

    * @param request The request to be verified
    */
   protected boolean matchRequest(Request request)
   {
     // Has a session been created?
     Session session = request.getSessionInternal(false);
     if (session == null)
         return (false);

     // Is there a saved request?
     SavedRequest sreq = (SavedRequest)
         session.getNote(Constants.FORM_REQUEST_NOTE);
     if (sreq == null)
         return (false);

     // Is there a saved principal?
     if (session.getNote(Constants.FORM_PRINCIPAL_NOTE) == null)
         return (false);

     // Does the request URI match?
     String requestURI = request.getRequestURI();
     if (requestURI == null)
View Full Code Here

    */
   public boolean authenticate(Request request, HttpServletResponse response,
         LoginConfig config) throws IOException
   {
      //References to objects we will need later
      Session session = null;

      // Have we already authenticated someone?
      Principal principal = request.getUserPrincipal();
      String ssoId = (String) request.getNote(Constants.REQ_SSOID_NOTE);
      if (principal != null) {
          if (log.isDebugEnabled())
              log.debug("Already authenticated '" +
                  principal.getName() + "'");
          // Associate the session with any existing SSO session
          if (ssoId != null)
              associate(ssoId, request.getSessionInternal(true));
          return (true);
      }

      // Is there an SSO session against which we can try to reauthenticate?
      if (ssoId != null) {
          if (log.isDebugEnabled())
              log.debug("SSO Id " + ssoId + " set; attempting " +
                        "reauthentication");
          // Try to reauthenticate using data cached by SSO.  If this fails,
          // either the original SSO logon was of DIGEST or SSL (which
          // we can't reauthenticate ourselves because there is no
          // cached username and password), or the realm denied
          // the user's reauthentication for some reason.
          // In either case we have to prompt the user for a logon */
          if (reauthenticateFromSSO(ssoId, request))
              return true;
      }

      // Have we authenticated this user before but have caching disabled?
      if (!cache) {
          session = request.getSessionInternal(true);
          if (log.isDebugEnabled())
              log.debug("Checking for reauthenticate in session " + session);
          String username =
              (String) session.getNote(Constants.SESS_USERNAME_NOTE);
          String password =
              (String) session.getNote(Constants.SESS_PASSWORD_NOTE);
          if ((username != null) && (password != null)) {
              if (log.isDebugEnabled())
                  log.debug("Reauthenticating username '" + username + "'");
             // principal =
                 // context.getRealm().authenticate(username, password);
              ExtendedRealm realm = (ExtendedRealm)context.getRealm();
              try
              {
                 principal = realm.authenticate(request, response, config);
              }
              catch(Exception e)
              {
                 log.error("Exception in realm authenticate:",e);
              }
              if (principal != null) {
                  session.setNote(Constants.FORM_PRINCIPAL_NOTE, principal);
                  if (!matchRequest(request)) {
                      register(request, response, principal,
                               HttpServletRequest.FORM_AUTH,
                               username, password);
                      return (true);
                  }
              }
              if (log.isDebugEnabled())
                  log.debug("Reauthentication failed, proceed normally");
          }
      }

      // Is this the re-submit of the original request URI after successful
      // authentication?  If so, forward the *original* request instead.
      if (matchRequest(request)) {
          session = request.getSessionInternal(true);
          if (log.isDebugEnabled())
              log.debug("Restore request from session '"
                        + session.getIdInternal()
                        + "'");
          principal = (Principal)
              session.getNote(Constants.FORM_PRINCIPAL_NOTE);
          register(request, response, principal, HttpServletRequest.FORM_AUTH,
                   (String) session.getNote(Constants.SESS_USERNAME_NOTE),
                   (String) session.getNote(Constants.SESS_PASSWORD_NOTE));
          // If we're caching principals we no longer need the username
          // and password in the session, so remove them
          if (cache) {
              session.removeNote(Constants.SESS_USERNAME_NOTE);
              session.removeNote(Constants.SESS_PASSWORD_NOTE);
          }
          if (restoreRequest(request, session)) {
              if (log.isDebugEnabled())
                  log.debug("Proceed to restored request");
              return (true);
          } else {
              if (log.isDebugEnabled())
                  log.debug("Restore of original request failed");
              response.sendError(HttpServletResponse.SC_BAD_REQUEST);
              return (false);
          }
      }

      // Acquire references to objects we will need to evaluate
      MessageBytes uriMB = MessageBytes.newInstance();
      CharChunk uriCC = uriMB.getCharChunk();
      uriCC.setLimit(-1);
      String contextPath = request.getContextPath();
      String requestURI = request.getDecodedRequestURI();

      // Is this the action request from the login page?
      boolean loginAction =
          requestURI.startsWith(contextPath) &&
          requestURI.endsWith(Constants.FORM_ACTION);

      // No -- Save this request and redirect to the form login page
      if (!loginAction) {
          session = request.getSessionInternal(true);
          if (log.isDebugEnabled())
              log.debug("Save request in session '" + session.getIdInternal() + "'");
          try {
              saveRequest(request, session);
          } catch (IOException ioe) {
              log.debug("Request body too big to save during authentication");
              response.sendError(HttpServletResponse.SC_FORBIDDEN,
                      sm.getString("authenticator.requestBodyTooBig"));
              return (false);
          }
          forwardToLoginPage(request, response, config);
          return (false);
      }

      // Yes -- Validate the specified credentials and redirect
      // to the error page if they are not correct
      ExtendedRealm realm = (ExtendedRealm)context.getRealm();
      if (characterEncoding != null) {
          request.setCharacterEncoding(characterEncoding);
      }
      String username = request.getParameter(Constants.FORM_USERNAME);
      String password = request.getParameter(Constants.FORM_PASSWORD);
      if (log.isDebugEnabled())
          log.debug("Authenticating username '" + username + "'");
      //principal = realm.authenticate(username, password);
      try
      {
         principal = realm.authenticate(request, response, config);
      }
      catch(Exception e)
      {
         log.error("Exception in realm authenticate:",e);
      }
     
      if (principal == null) {
          forwardToErrorPage(request, response, config);
          return (false);
      }

      if (log.isDebugEnabled())
          log.debug("Authentication of '" + username + "' was successful");

      if (session == null)
          session = request.getSessionInternal(false);
      if (session == null) {
          if (containerLog.isDebugEnabled())
              containerLog.debug
                  ("User took so long to log on the session expired");
          response.sendError(HttpServletResponse.SC_REQUEST_TIMEOUT,
                             sm.getString("authenticator.sessionExpired"));
          return (false);
      }

      // Save the authenticated Principal in our session
      session.setNote(Constants.FORM_PRINCIPAL_NOTE, principal);

      // Save the username and password as well
      session.setNote(Constants.SESS_USERNAME_NOTE, username);
      session.setNote(Constants.SESS_PASSWORD_NOTE, password);

      // Redirect the user to the original request URI (which will cause
      // the original request to be restored)
      requestURI = savedRequestURL(session);
      if (log.isDebugEnabled())
View Full Code Here

     
      MockValve mockValve = new MockValve();
     
      jvmRouteValve.setNext(mockValve);
     
      Session session = mgr.createSession(NON_FAILOVER_ID);
      MockRequest req = new MockRequest();
      req.setSession(session.getSession());
      req.setRequestedSessionId(session.getId());
     
      Response res = new Response();
     
      jvmRouteValve.invoke(req, res);
     
      assertSame(req, mockValve.getInvokedRequest());
      assertSame(res, mockValve.getInvokedResponse());
      assertEquals(NON_FAILOVER_ID, session.getId());
      assertEquals(null, mgr.getNewCookieIdSession());
   }
View Full Code Here

     
      MockValve mockValve = new MockValve();
     
      jvmRouteValve.setNext(mockValve);
     
      Session session = mgr.createSession(FAILOVER_ID);
      MockRequest req = new MockRequest();
      req.setSession(session.getSession());
      req.setRequestedSessionId(session.getId());
     
      Response res = new Response();
     
      jvmRouteValve.invoke(req, res);
     
      assertSame(req, mockValve.getInvokedRequest());
      assertSame(res, mockValve.getInvokedResponse());
      assertEquals(NON_FAILOVER_ID, session.getId());
      assertEquals(NON_FAILOVER_ID, mgr.getNewCookieIdSession());
     
   }
View Full Code Here

TOP

Related Classes of org.apache.catalina.Session

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.