Examples of UserSession

Examples of org.olat.core.util.UserSession

28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
  }

  public void testReproceCompilerFreakout() throws Exception {
    UserActivityLoggerImpl ual = new UserActivityLoggerImpl();
    HttpSession session = new MockHttpSession();
    UserSession userSession = UserSession.getUserSession(session);
   
    assertTrue("isactivated", DBModule.isActivated());
   
    User user = UserManager.getInstance().createAndPersistUser("foo","bar","foo@bar.goo");
    Identity identity = ManagerFactory.getManager().createAndPersistIdentity("foo", user, "me", "foo", "bar");
    userSession.setSessionInfo(new SessionInfo("user", session));
    userSession.setIdentity(identity);
    ual.frameworkSetSession(userSession);
    System.out.println("********************************************************");
    System.out.println("Starting ReproduceCompilerFreakout Test... Runs Forever!");
    System.out.println("********************************************************");
    while(true) {
View Full Code Here

Examples of org.olat.core.util.UserSession

173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
    int httpsCount = 0;
    int activeSessionCnt = 0;
    if (command.equals("users")) { // get user stats of (authenticated) usersessions
      Set userSessions = UserSession.getAuthenticatedUserSessions();
      for (Iterator it_usess = userSessions.iterator(); it_usess.hasNext();) {
        UserSession usess = (UserSession) it_usess.next();
        activeSessionCnt++;
        SessionInfo sessInfo = usess.getSessionInfo();
        if (sessInfo.isSecure()) httpsCount++;
      }
      result.append(activeSessionCnt); // active authenticated sessions
      result.append("\n");
      result.append(httpsCount); // ,,, of which are secure
      result.append("\n0\n");
      result.append(instanceId);
    } else if (command.equals("webdav")) { // get webdav stats of (authenticated) usersessions
      Set userSessions = UserSession.getAuthenticatedUserSessions();
      int webdavcount = 0;
      int securewebdavcount = 0;
      for (Iterator it_usess = userSessions.iterator(); it_usess.hasNext();) {
        UserSession usess = (UserSession) it_usess.next();
        SessionInfo sessInfo = usess.getSessionInfo();
        if (sessInfo.isWebDAV()) {
          webdavcount++;
          if (sessInfo.isSecure()) securewebdavcount++;
        }
      }
View Full Code Here

Examples of org.olat.core.util.UserSession

53
54
55
56
57
58
59
60
61
62
63
64
65
  /**
   * @see org.olat.core.gui.components.table.TableDataModel#getValueAt(int, int)
   */
  public Object getValueAt(int row, int col) {
    UserSession usess = (UserSession)getObject(row);
    SessionInfo sessInfo = usess.getSessionInfo();
    if (usess.isAuthenticated()) {
      switch (col) {
        case 0: return sessInfo.getLastname();
        case 1: return sessInfo.getFirstname();
        case 2: return sessInfo.getLogin();
        case 3: return sessInfo.getAuthProvider();
View Full Code Here

Examples of org.olat.core.util.UserSession

142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
   *      org.olat.core.gui.control.Controller, org.olat.core.gui.control.Event)
   */
  public void event(UserRequest ureq, Controller source, Event event) {
    if (source == dialogController) {
      if (DialogBoxUIFactory.isYesEvent(event)) {
        UserSession usess = (UserSession) usessTableModel.getObject(selRow);
        SessionInfo sessInfo = usess.getSessionInfo();
        if (usess.isAuthenticated()) {
          HttpSession session = sessInfo.getSession();
          if (session!=null) {
            try{
              session.invalidate();
            } catch(IllegalStateException ise) {
              // thrown when session already invalidated. fine. ignore.
            }
          }
          showInfo("sess.kill.done", sessInfo.getLogin() );
        }
        reset();
      }
    }
    else if (source == tableCtr) {
      if (event.getCommand().equals(Table.COMMANDLINK_ROWACTION_CLICKED)) {
        TableEvent te = (TableEvent) event;
        selRow = te.getRowId();
        // session info (we only have authenticated sessions here
        UserSession usess = (UserSession) usessTableModel.getObject(selRow);
        //if (!usess.isAuthenticated()) throw new AssertException("usersession was not authenticated!?");
        myContent.setPage(VELOCITY_ROOT + "/sessionDetails.html");
        myContent.contextPut("us", usess);
        SessionInfo sessInfo = usess.getSessionInfo();
        myContent.contextPut("si", sessInfo);
        boolean isAuth = usess.isAuthenticated();
        myContent.contextPut("isauth", isAuth? "yes" : "-- NOT AUTHENTICATED!");

        long creatTime = -1;
        long lastAccessTime = -1;
       
        boolean success = false;
        if (isAuth) {
          try {
            HttpSession se = sessInfo.getSession();
            creatTime = se.getCreationTime();
            lastAccessTime = se.getLastAccessedTime();
            success = true;
          } catch (Exception ise) {
            // nothing to do
          }
        }
       
        if (success) {
          myContent.contextPut("created", f.formatDateAndTime(new Date(creatTime)));
          myContent.contextPut("lastaccess", f.formatDateAndTime(new Date(lastAccessTime)));
        } else {
          myContent.contextPut("created", " -- this session has been invalidated --");
          myContent.contextPut("lastaccess", " -- this session has been invalidated --");
        }
       
        if (success) {
          // lock information
          String username = sessInfo.getLogin();
          ArrayList lockList = new ArrayList();
          List<LockEntry> locks = CoordinatorManager.getCoordinator().getLocker().adminOnlyGetLockEntries();
          Formatter f = Formatter.getInstance(ureq.getLocale());
          for (LockEntry entry : locks) {
            if (entry.getOwner().getName().equals(username)) {
              lockList.add(entry.getKey()+" "+f.formatDateAndTime(new Date(entry.getLockAquiredTime())));
            }
          }         
          myContent.contextPut("locklist", lockList);
 
          // user environment
          myContent.contextPut("env", usess.getIdentityEnvironment());
 
          // GUI statistics
          Windows ws = Windows.getWindows(usess);
          StringBuilder sb = new StringBuilder();
          for (Iterator iterator = ws.getWindowIterator(); iterator.hasNext();) {
View Full Code Here

Examples of org.olat.core.util.UserSession

91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
   * @param request
   * @param response
   * @param uriPrefix
   */
  public void execute(HttpServletRequest request, HttpServletResponse response, String uriPrefix) {
    UserSession usess = UserSession.getUserSession(request);
    UserRequest ureq = null;
    try {
      //upon creation URL is checked for
      ureq = new UserRequest(uriPrefix, request, response);
    } catch(NumberFormatException nfe) {
      //MODE could not be decoded
      //typically if robots with wrong urls hit the system
      //or user have bookmarks
      //or authors copy-pasted links to the content.
      //showing redscreens for non valid URL is wrong instead
      //a 404 message must be shown -> e.g. robots correct their links.
      if(Tracing.isDebugEnabled(UzhAuthenticatedDispatcher.class)){
        Tracing.logDebug("Bad Request "+request.getPathInfo(), this.getClass());
      }
      DispatcherAction.sendBadRequest(request.getPathInfo(), response);
      return;
    }
    GUIInterna.setLoadPerformanceMode(ureq);   
   
    boolean auth = usess.isAuthenticated();
   
    if (!auth) {
      //check for legacy unizh url's and redirect
      if (checkForRedirect(request, response) ) return;
     
     
      if (!ureq.isValidDispatchURI()) {
        // might be a direct jump request -> remember it if not logged in yet
        String reqUri = request.getRequestURI();
        String query = request.getQueryString();
        String allGet = reqUri + QUESTIONMARK + query;
        usess.putEntryInNonClearedStore(AUTHDISPATCHER_ENTRYURL, allGet);
      }
      String guestAccess = ureq.getParameter(GUEST);
      if (guestAccess == null) {
        DispatcherAction.redirectToDefaultDispatcher(response);
        return;
      } else if (guestAccess.equals(TRUE)) {
        // try to log in as anonymous
        int loginStatus = AuthHelper.doAnonymousLogin(ureq,I18nManager.getInstance().getLocaleOrDefault(ureq.getParameter(LANG)) );
        if ( loginStatus != AuthHelper.LOGIN_OK ) {
          if (loginStatus == AuthHelper.LOGIN_NOTAVAILABLE) {
            DispatcherAction.redirectToServiceNotAvailable(response);
          }
          return;
        }
        // else now logged in as anonymous user, continue
      }
    }

    // authenticated!
    try {
     
      //kill session if not secured via SSL
      if (forceSecureAccessOnly && !request.isSecure()) {
        SessionInfo sessionInfo = usess.getSessionInfo();
        if (sessionInfo!=null) {
          HttpSession session = sessionInfo.getSession();
          if (session!=null) {
            try{
              session.invalidate();
            } catch(IllegalStateException ise) {
              // thrown when session already invalidated. fine. ignore.
            }
          }
        }
        DispatcherAction.redirectToDefaultDispatcher(response);
        return;
      }
    //check for legacy unizh url's and redirect
      if (checkForRedirect(request, response)) return ;
     
      usess.getSessionInfo().setLastClickTime();
      String origUrl = (String) usess.removeEntryFromNonClearedStore(AUTHDISPATCHER_ENTRYURL);
      if (origUrl != null) {
        // we had a direct jump request
        // to avoid a endless redirect, remove the guest parameter if any
        // this can happen if a guest has cookies disabled
        String url = new URIHelper(origUrl).removeParameter(GUEST).toString();
View Full Code Here

Examples of org.olat.core.util.UserSession

214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
      Tracing.logAudit("was denied login", AuthHelper.class);
      return LOGIN_DENIED;     
    }
    // if the user sending the cookie did not log out and we are logging in
    // again, then we need to make sure everything is cleaned up. we cleanup in all cases.
    UserSession usess = ureq.getUserSession();
    // prepare for a new user: clear all the instance vars of the userSession
    // note: does not invalidate the session, since it is reused
    usess.signOffAndClear();
    // init the UserSession for the new User
    // we can set the identity and finish the log in process
    usess.setIdentity(identity);
    setRolesFor(identity, usess);
   
    // check if loginDenied or maxSession (only for non-admin)
    if ( (loginBlocked && !usess.getRoles().isOLATAdmin())
        || ( ((maxSessions != MAX_SESSION_NO_LIMIT) && (UserSession.getUserSessionsCnt() >= maxSessions)) && !usess.getRoles().isOLATAdmin() ) ) {
      Tracing.logAudit("Login was blocked for username=" + usess.getIdentity().getName() + ", loginBlocked=" + loginBlocked + " NbrOfSessions=" + UserSession.getUserSessionsCnt() , AuthHelper.class);
      usess.signOffAndClear();
      return LOGIN_NOTAVAILABLE;
    }
   
    // set authprovider
    //usess.getIdentityEnvironment().setAuthProvider(authProvider);
   
    //set the language
    usess.setLocale( I18nManager.getInstance().getLocaleOrDefault(identity.getUser().getPreferences().getLanguage()) );
    // update fontsize in users session globalsettings
    Windows.getWindows(ureq).getWindowManager().setFontSize(Integer.parseInt(identity.getUser().getPreferences().getFontsize() ));   
    // put users personal rss token into session
    RSSUtil.putPersonalRssTokenInSession(ureq);
    // calculate session info and attach it to the user session
    setSessionInfoFor(identity, authProvider, ureq);
    //confirm signedOn
    usess.signOn();
    // set users web delivery mode
    setAjaxModeFor(ureq);
    // update web delivery mode in session info
    ureq.getUserSession().getSessionInfo().setWebModeFromUreq(ureq);
    return LOGIN_OK;
View Full Code Here

Examples of org.olat.core.util.UserSession

399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
    sinfo.setAuthProvider(authProvider);
    sinfo.setUserAgent(ureq.getHttpReq().getHeader("User-Agent"));
    sinfo.setSecure(ureq.getHttpReq().isSecure());
    sinfo.setLastClickTime();
    // set session info for this session
    UserSession usess = ureq.getUserSession();
    usess.setSessionInfo(sinfo);
    // For Usertracking, let the User object know about some desired/specified infos from the sessioninfo
    Map<String,String> sessionInfoForUsertracking = new HashMap<String, String>();
    sessionInfoForUsertracking.put("language", usess.getLocale().toString());
    sessionInfoForUsertracking.put("authprovider", authProvider);
    sessionInfoForUsertracking.put("iswebdav", String.valueOf(sinfo.isWebDAV()));
    usess.getIdentityEnvironment().setAttributes(sessionInfoForUsertracking);
   
  }
View Full Code Here

Examples of org.olat.core.util.UserSession

182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
          sub = pathInfo;
        }
        // chief controller creator for sub path, e.g.
        subPathccc = dmzServicesByPath.get(sub);
       
        UserSession usess = ureq.getUserSession();
        Windows ws = Windows.getWindows(usess);
        synchronized (ws) { //o_clusterOK by:fj per user session
          ChiefController occ;
          if(subPathccc != null){
            occ = subPathccc.createChiefController(ureq);
            Window window = occ.getWindow();
            window.setUriPrefix(uriPrefix);
            ws.registerWindow(window);
           
            window.dispatchRequest(ureq, true);
            return;
          }         
        }
      }//else a /olat/dmz/ request
      /*
       * create content as it is defined in config.xml in he dmzbean
       */

      /*
       * solve this with a predispatcher action
       */
     
//      // convenience method to jump immediatly to AAI (Shibboleth) home
//      // organisation for login without selecting home organisation manually
//      if (ShibbolethModule.isEnableShibbolethLogins()) {
//        String preSelIdp = request.getParameter("preselection");
//        String redirect = request.getParameter("redirect");
//        if (preSelIdp != null && redirect != null && redirect.equalsIgnoreCase("true")) {
//          preSelIdp = preSelIdp.toLowerCase();
//          Collection sites = IdPSite.getIdPSites(ShibbolethModule.getMetadata());
//          for (Iterator iter = sites.iterator(); iter.hasNext();) {
//            IdPSite site = (IdPSite) iter.next();
//            if (site.getName().toLowerCase().indexOf(preSelIdp) > -1) {
//              response.sendRedirect(AssertionConsumerService.buildRequest(request.getLocale(), site));
//              break;
//            }
//          }
//        }
//      }

      UserSession usess = ureq.getUserSession();
      Windows ws = Windows.getWindows(usess);
      synchronized (ws) { //o_clusterOK by:fj per user session

        Window window;
        boolean windowHere = ws.isExisting(ureq.getWindowID());
        boolean validDispatchUri = ureq.isValidDispatchURI();
        if (validDispatchUri && !windowHere) {
          // probably valid framework link from previous user && new Session(no window):
          // when a previous user logged off, and 30min later (when the httpsession is invalidated), the next user clicks e.g. on
          // the log-in link in the -same- browser window ->
          // -> there is no window -> create a new one
          window = null;
          usess.signOffAndClear();
          usess.setLocale(LocaleNegotiator.getPreferedLocale(ureq));
          // request new windows since it is a new usersession, the old one was purged
          ws = Windows.getWindows(usess);
        } else {
          if (validDispatchUri) {
            window = ws.getWindow(ureq);
          } else {
            // e.g. /dmz/ -> start screen, clear previous session data
            window = null;
            usess.signOffAndClear();
            usess.setLocale(LocaleNegotiator.getPreferedLocale(ureq));
            // request new windows since it is a new usersession, the old one was purged
            ws = Windows.getWindows(usess);
          }
        }
       
View Full Code Here

Examples of org.olat.core.util.UserSession

78
79
80
81
82
83
84
85
86
87
88
  /**
   * @see org.olat.commons.servlets.WebDAVManager#handleAuthentication(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
   */
  protected boolean handleAuthentication(HttpServletRequest req, HttpServletResponse resp) {
    UserSession usess = handleBasicAuthentication(req, resp);
    if (usess == null) return false;

    // register usersession in REQUEST, not session !!
    // see SecureWebDAVServlet.setAuthor() and checkQuota()
    req.setAttribute(SecureWebdavServlet.REQUEST_USERSESSION_KEY, usess);
View Full Code Here

Examples of org.olat.core.util.UserSession

99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
  private UserSession handleBasicAuthentication(HttpServletRequest request, HttpServletResponse response) {
    // Get the Authorization header, if one was supplied
    String authHeader = request.getHeader("Authorization");
    if (authHeader != null) {
      // fetch user session from a previous authentication
      UserSession usess = (UserSession)timedSessionCache.get(authHeader);
      if (usess != null && usess.isAuthenticated()) return usess;
     
      StringTokenizer st = new StringTokenizer(authHeader);
      if (st.hasMoreTokens()) {
        String basic = st.nextToken();

        // We only handle HTTP Basic authentication
        if (basic.equalsIgnoreCase("Basic")) {
          String credentials = st.nextToken();

          // This example uses sun.misc.* classes.
          // You will need to provide your own
          // if you are not comfortable with that.
          String userPass = Base64Decoder.decode(credentials);

          // The decoded string is in the form
          // "userID:password".
          int p = userPass.indexOf(":");
          if (p != -1) {
            String userID = userPass.substring(0, p);
            String password = userPass.substring(p + 1);
           
            // Validate user ID and password
            // and set valid true if valid.
            // In this example, we simply check
            // that neither field is blank
            Identity identity = WebDAVAuthManager.authenticate(userID, password);
            if (identity != null) {
              usess = UserSession.getUserSession(request);
              usess.signOffAndClear();
              usess.setIdentity(identity);
              UserDeletionManager.getInstance().setIdentityAsActiv(identity);
              // set the roles (admin, author, guest)
              Roles roles = ManagerFactory.getManager().getRoles(identity);
              usess.setRoles(roles);
              // set authprovider
              //usess.getIdentityEnvironment().setAuthProvider(OLATAuthenticationController.PROVIDER_OLAT);
           
              // set session info
              SessionInfo sinfo = new SessionInfo(identity.getName(), request.getSession());
              User usr = identity.getUser();
              sinfo.setFirstname(usr.getProperty(UserConstants.FIRSTNAME, null));
              sinfo.setLastname(usr.getProperty(UserConstants.LASTNAME, null));
              sinfo.setFromIP(request.getRemoteAddr());
              sinfo.setFromFQN(request.getRemoteAddr());
              try {
                InetAddress[] iaddr = InetAddress.getAllByName(request.getRemoteAddr());
                if (iaddr.length > 0) sinfo.setFromFQN(iaddr[0].getHostName());
              } catch (UnknownHostException e) {
                 // ok, already set IP as FQDN
              }
              sinfo.setAuthProvider(OLATAuthenticationController.PROVIDER_OLAT);
              sinfo.setUserAgent(request.getHeader("User-Agent"));
              sinfo.setSecure(request.isSecure());
              sinfo.setWebDAV(true);
              sinfo.setWebModeFromUreq(null);
              // set session info for this session
              usess.setSessionInfo(sinfo);
              //
              usess.signOn();
              timedSessionCache.put(authHeader, usess);
              return usess;
            }
          }
        }
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.