2012-09-12 12:47:59 +02:00
package org.gcube.application.framework.core.session ;
2013-06-21 13:45:09 +02:00
import java.io.File ;
import java.io.IOException ;
import java.net.URL ;
2012-09-12 12:47:59 +02:00
import java.util.HashMap ;
import java.util.Set ;
2013-06-21 13:45:09 +02:00
import javax.xml.parsers.DocumentBuilder ;
import javax.xml.parsers.DocumentBuilderFactory ;
import javax.xml.parsers.ParserConfigurationException ;
2013-02-22 17:52:54 +01:00
import org.slf4j.Logger ;
import org.slf4j.LoggerFactory ;
2013-06-21 13:45:09 +02:00
import org.w3c.dom.Document ;
import org.w3c.dom.NodeList ;
import org.xml.sax.SAXException ;
2012-09-12 12:47:59 +02:00
import org.gcube.application.framework.accesslogger.library.impl.AccessLogger ;
import org.gcube.application.framework.accesslogger.model.LoginToVreAccessLogEntry ;
2014-03-12 11:42:22 +01:00
//import org.gcube.application.framework.core.security.PortalSecurityManager;
2012-09-12 12:47:59 +02:00
import org.gcube.application.framework.core.util.ASLGroupModel ;
2012-10-16 14:49:57 +02:00
import org.gcube.application.framework.core.util.GenderType ;
2012-09-12 12:47:59 +02:00
import org.gcube.application.framework.core.util.SessionConstants ;
2014-03-12 11:42:22 +01:00
//import org.gcube.application.framework.core.util.UserCredential;
2013-08-22 12:28:07 +02:00
//import org.gcube.common.core.scope.GCUBEScope;
2013-02-21 12:32:11 +01:00
import org.gcube.common.scope.api.ScopeProvider ;
2013-10-03 18:29:27 +02:00
//import org.gridforum.jgss.ExtendedGSSCredential;
2012-09-12 12:47:59 +02:00
/ * *
* @author Valia Tsagkalidou ( NKUA )
*
* /
public class ASLSession {
/ * *
*
* /
private static final long serialVersionUID = 1L ;
private HashMap < String , Object > innerSession ;
private long lastUsedTime ;
private String externalSessionID ;
private String username ;
2013-10-03 18:29:27 +02:00
// private ExtendedGSSCredential credential;
2013-08-22 12:28:07 +02:00
private String scope ;
2012-09-12 12:47:59 +02:00
private HashMap < String , Notifier > notifiers ;
String scopeName ;
private ASLGroupModel groupModel ;
private boolean loggedIn = false ;
2012-10-16 14:49:57 +02:00
private String userEmailAddress ;
private String fullName ;
private String avatarId ;
private GenderType gender ;
2013-06-27 11:18:19 +02:00
private long sessionTimeout = - 1 ; //if < 0, not set
2013-02-22 17:52:54 +01:00
/** The logger. */
private static final Logger logger = LoggerFactory . getLogger ( ASLSession . class ) ;
2013-02-21 12:32:11 +01:00
2012-09-12 12:47:59 +02:00
// ACCESS LOGGER
AccessLogger accessLogger = AccessLogger . getAccessLogger ( ) ;
/ * *
* A constructor based on the user and an external ID
* @param externalSessionId the external id
* @param user the username
* /
ASLSession ( String externalSessionId , String user )
{
innerSession = new HashMap < String , Object > ( ) ;
notifiers = new HashMap < String , Notifier > ( ) ;
lastUsedTime = System . currentTimeMillis ( ) ;
username = user ;
externalSessionID = externalSessionId ;
groupModel = new ASLGroupModel ( ) ;
}
private void initializeAttributes ( ) {
for ( String key : innerSession . keySet ( ) ) {
if ( key . equals ( " collectionsPresentableFields " ) | | key . equals ( SessionConstants . collectionsHierarchy ) ) {
innerSession . remove ( key ) ;
break ;
}
}
}
2013-06-21 13:45:09 +02:00
/ * *
* It looks into tomcat ' s web . xml file for session - timeout value .
* if not available , it looks into the properties . xml of this JAR
*
* @return timeout in milliseconds
* @throws IOException
* @throws ParserConfigurationException
* /
2013-06-27 11:18:19 +02:00
public long getSessionTimeoutMillis ( ) throws IOException , ParserConfigurationException {
2013-08-22 12:28:07 +02:00
if ( sessionTimeout > 0 ) //means that is already set to a value !
2013-06-27 11:18:19 +02:00
return sessionTimeout ;
2013-09-13 17:55:23 +02:00
int timeoutMins ;
2013-06-21 13:45:09 +02:00
DocumentBuilderFactory dbFactory = DocumentBuilderFactory . newInstance ( ) ;
DocumentBuilder dBuilder = null ;
try {
dBuilder = dbFactory . newDocumentBuilder ( ) ;
} catch ( ParserConfigurationException e1 ) { e1 . printStackTrace ( ) ; }
String tomcatBasePath = System . getProperty ( " catalina.base " ) ;
String fullFilePath = tomcatBasePath + " /webapps/ROOT/WEB-INF/web.xml " ;
Document webXMLDoc = null ;
try {
File webXML = new File ( fullFilePath ) ;
webXMLDoc = dBuilder . parse ( webXML ) ;
webXMLDoc . getDocumentElement ( ) . normalize ( ) ;
NodeList sessionTimeouts = webXMLDoc . getElementsByTagName ( " session-timeout " ) ; //this NodeList contains all the <session-timeout> elements - should by only one
String timeoutString = sessionTimeouts . item ( 0 ) . getTextContent ( ) ; //timeout now contains the timeout value in string. eg "400"
if ( ( timeoutString = = null ) | | ( timeoutString = = " " ) ) {
logger . debug ( " No property session-timeout in file, setting it to default " ) ;
2013-09-13 17:55:23 +02:00
timeoutMins = 30 ;
2013-06-21 13:45:09 +02:00
}
else {
2013-09-13 17:55:23 +02:00
timeoutMins = Integer . parseInt ( timeoutString ) ;
2013-06-21 13:45:09 +02:00
}
}
catch ( Exception e ) { //case tomcat properties file could not be found
logger . debug ( " Could not parse file " + fullFilePath + " for session-timeout property. Parsing from jar. " ) ;
try { //try getting it from the local file
ClassLoader classLoader = Thread . currentThread ( ) . getContextClassLoader ( ) ;
URL url = classLoader . getResource ( " /properties.xml " ) ;
webXMLDoc = dBuilder . parse ( new File ( url . toURI ( ) ) ) ;
webXMLDoc . getDocumentElement ( ) . normalize ( ) ;
NodeList sessionTimeouts = webXMLDoc . getElementsByTagName ( " session-timeout " ) ; //this NodeList contains all the <session-timeout> elements - should by only one
String timeoutString = sessionTimeouts . item ( 0 ) . getTextContent ( ) ;
if ( ( timeoutString = = null ) | | ( timeoutString = = " " ) ) {
logger . debug ( " No property session-timeout in local file, setting it to default " ) ;
2013-09-13 17:55:23 +02:00
timeoutMins = 30 ;
2013-06-21 13:45:09 +02:00
}
else {
2013-09-13 17:55:23 +02:00
timeoutMins = Integer . parseInt ( timeoutString ) ;
2013-06-21 13:45:09 +02:00
}
} catch ( Exception e1 ) {
logger . debug ( " Could not parse file properties.xml for property. Setting it to default. " ) ;
2013-09-13 17:55:23 +02:00
timeoutMins = 30 ;
2013-06-21 13:45:09 +02:00
}
}
//At this point, in all cases "timeoutSecs" will have a valid timeout value. If not from the two xml files, then a default one
2013-09-13 17:55:23 +02:00
sessionTimeout = timeoutMins * 60000 ; //in milliseconds
logger . info ( " Session Timeout is: " + sessionTimeout ) ;
return sessionTimeout ;
2013-06-21 13:45:09 +02:00
}
2014-03-26 12:36:51 +01:00
/ * *
* Increases the current session timeout value by the given milliseconds . If negative input , it decreases the timeout .
* @param milliseconds
2014-03-26 12:54:27 +01:00
* @param resetCounting if true , it resets ( = 0 ) the counting towards the timeout
2014-03-26 12:36:51 +01:00
* @return the new timeout in milliseconds
* /
2014-03-26 12:54:27 +01:00
public long increaseSessionTimeout ( long milliseconds , boolean resetCounting ) {
if ( resetCounting )
lastUsedTime = System . currentTimeMillis ( ) ;
2014-03-26 12:36:51 +01:00
sessionTimeout + = milliseconds ;
return sessionTimeout ;
}
2013-06-21 13:45:09 +02:00
2012-09-12 12:47:59 +02:00
/ * *
* @return whether the session is still valid or not
* /
public boolean isValid ( )
{
2013-06-27 11:18:19 +02:00
long maxTime = - 1 ; //it will never be -1
2013-06-21 13:45:09 +02:00
try {
maxTime = getSessionTimeoutMillis ( ) ;
} catch ( Exception e ) { e . printStackTrace ( ) ; }
if ( ( System . currentTimeMillis ( ) - lastUsedTime ) > maxTime )
2012-09-12 12:47:59 +02:00
return false ;
return true ;
}
/ * *
* @return whether the session is empty or not
* /
public boolean isEmpty ( )
{
lastUsedTime = System . currentTimeMillis ( ) ;
return innerSession . isEmpty ( ) ;
}
/ * *
* @param name the name of the attribute
* @return whether the name attribute exists in the session
* /
public boolean hasAttribute ( String name )
{
lastUsedTime = System . currentTimeMillis ( ) ;
return innerSession . containsKey ( name ) ;
}
/ * *
* @return a set of all the attributes in the session
* /
public Set < String > getAttributeNames ( )
{
lastUsedTime = System . currentTimeMillis ( ) ;
return innerSession . keySet ( ) ;
}
/ * *
* @param name the name of the attribute
* @return the value of the named attribute
* /
public Object getAttribute ( String name )
{
lastUsedTime = System . currentTimeMillis ( ) ;
return innerSession . get ( name ) ;
}
/ * *
* @param name the name of the attribute
* @param value the value of the attribute
* /
public void setAttribute ( String name , Object value )
{
lastUsedTime = System . currentTimeMillis ( ) ;
innerSession . put ( name , value ) ;
}
public String getOriginalScopeName ( ) {
return scopeName ;
}
/ * *
* Removes the named attribute from the session
* @param name the name of the attribute
* @return the removed object
* /
public Object removeAttribute ( String name )
{
lastUsedTime = System . currentTimeMillis ( ) ;
return innerSession . remove ( name ) ;
}
/ * *
* Removes all the attributes from the session
* /
public void removeAll ( )
{
lastUsedTime = System . currentTimeMillis ( ) ;
innerSession . clear ( ) ;
}
/ * *
* invalidates the session
* /
public void invalidate ( )
{
2013-06-27 11:18:19 +02:00
long maxTime = - 1 ; //it will never be -1
2013-06-21 13:45:09 +02:00
try {
maxTime = getSessionTimeoutMillis ( ) ;
} catch ( Exception e ) { e . printStackTrace ( ) ; }
2013-09-13 17:55:23 +02:00
lastUsedTime = System . currentTimeMillis ( ) - maxTime - 120000 ; // 2 minutes excessive
2012-09-12 12:47:59 +02:00
}
/ * *
* @return the credential
* /
2013-10-03 18:29:27 +02:00
/ *
DO NOT FORGET TO COMMENT OUT THIS WHEN THE NEW SECURITY MODEL IS AVAILABLE
2012-09-12 12:47:59 +02:00
public ExtendedGSSCredential getCredential ( ) {
return credential ;
}
2013-10-03 18:29:27 +02:00
* /
2012-09-12 12:47:59 +02:00
/ * *
* @return the external session id ( passed to the constructor )
* /
public String getExternalSessionID ( ) {
return externalSessionID ;
}
/ * *
* @return the username
* /
public String getUsername ( ) {
return username ;
}
/ * *
* @return the scope
* /
2013-08-22 12:28:07 +02:00
public String getScope ( ) {
2014-01-21 15:11:05 +01:00
if ( scope = = null )
logger . debug ( " Scope is null, returning null " ) ;
2012-09-12 12:47:59 +02:00
return scope ;
}
/ * *
* @return the name of the scope ( VRE )
* /
2014-01-21 15:11:05 +01:00
public String getScopeName ( ) {
if ( scope = = null )
logger . debug ( " Scope is null, returning null " ) ;
return scope ;
2012-09-12 12:47:59 +02:00
}
/ * *
* @param scope the scope name ( VRE )
* /
public void setScope ( String scope ) {
2013-02-22 17:52:54 +01:00
logger . info ( " The scope about to set is: " + scope ) ;
2012-09-12 12:47:59 +02:00
lastUsedTime = System . currentTimeMillis ( ) ;
2013-08-22 12:28:07 +02:00
/ *
2012-09-12 12:47:59 +02:00
String [ ] split = scope . trim ( ) . substring ( 1 ) . split ( " / " , 2 ) ;
2013-03-01 13:06:05 +01:00
//Uncomment this and comment the line bellow for devsec
//String vo = "/" + split[0].toLowerCase();
2012-09-12 12:47:59 +02:00
String vo = " / " + split [ 0 ] ;
if ( split . length > 1 )
vo + = " / " + split [ 1 ] ;
2013-08-22 12:28:07 +02:00
* /
// String currentScope = ScopeProvider.instance.get();
// logger.info("GCube scope returns: " + currentScope);
String previousScopeName = this . scopeName ;
this . scope = scope ;
this . scopeName = scope ;
ScopeProvider . instance . set ( scope ) ;
2013-10-03 18:29:27 +02:00
/ * DO NOT FORGET TO ADD THIS WHEN THE NEW SECURITY MODEL IS AVAILABLE !
2012-09-12 12:47:59 +02:00
if ( new PortalSecurityManager ( this . scope ) . isSecurityEnabled ( ) )
this . credential = UserCredential . getCredential ( username , scope ) ;
2013-10-03 18:29:27 +02:00
* /
2012-09-12 12:47:59 +02:00
// get the attribute that indicates of log in has been done from the login portlet - or if the user logs in from a bookmark
if ( loggedIn = = true ) {
// don't log
initializeAttributes ( ) ;
// clear the attribute
loggedIn = false ;
2013-03-01 13:06:05 +01:00
logger . debug ( " Passing the logging because the variable was set " ) ;
2012-09-12 12:47:59 +02:00
return ;
}
if ( ( previousScopeName ! = null & & ! previousScopeName . equals ( scopeName ) ) | | previousScopeName = = null ) {
2013-02-22 17:52:54 +01:00
logger . info ( " Logging the entrance " ) ;
2012-09-12 12:47:59 +02:00
innerSession . clear ( ) ;
// ACCESS LOGGER
LoginToVreAccessLogEntry loginEntry = new LoginToVreAccessLogEntry ( ) ;
accessLogger . logEntry ( username , scope , loginEntry ) ;
} else
2013-03-01 13:06:05 +01:00
logger . debug ( " Passing the logging because the scope was the same " ) ;
2012-09-12 12:47:59 +02:00
initializeAttributes ( ) ;
}
public void logUserLogin ( String scope ) {
innerSession . clear ( ) ;
loggedIn = true ;
// ACCESS LOGGER
LoginToVreAccessLogEntry loginEntry = new LoginToVreAccessLogEntry ( ) ;
accessLogger . logEntry ( username , scope , loginEntry ) ;
}
/ * *
* @param notification the name of the notification to wait for
* @throws InterruptedException when the thread is interrupted
* /
public void waitNotification ( String notification ) throws InterruptedException
{
Notifier notifier = notifiers . get ( notification ) ;
if ( notifier = = null )
{
notifier = new Notifier ( ) ;
notifiers . put ( notification , notifier ) ;
}
lastUsedTime = System . currentTimeMillis ( ) ;
notifier . waitNotification ( ) ;
}
/ * *
* @param notification the name of the notification to send notification
* @throws InterruptedException when the thread is interrupted
* /
public void notifyAllWaiting ( String notification ) throws InterruptedException
{
Notifier notifier = notifiers . get ( notification ) ;
if ( notifier = = null )
{
notifier = new Notifier ( ) ;
notifiers . put ( notification , notifier ) ;
}
lastUsedTime = System . currentTimeMillis ( ) ;
notifier . notifyAllWaiting ( ) ;
}
public void setGroupModelInfos ( String groupName , long groupId ) {
groupModel . setGroupName ( groupName ) ;
groupModel . setGroupId ( groupId ) ;
}
public long getGroupId ( ) {
return groupModel . getGroupId ( ) ;
}
public String getGroupName ( ) {
return groupModel . getGroupName ( ) ;
}
2012-10-16 14:49:57 +02:00
public void setUserEmailAddress ( String email ) {
this . userEmailAddress = email ;
}
public String getUserEmailAddress ( ) {
return this . userEmailAddress ;
}
public void setUserFullName ( String fullName ) {
this . fullName = fullName ;
}
public String getUserFullName ( ) {
return this . fullName ;
}
public void setUserAvatarId ( String avatarId ) {
this . avatarId = avatarId ;
}
public String getUserAvatarId ( ) {
return this . avatarId ;
}
public void setUserGender ( GenderType gender ) {
this . gender = gender ;
}
public GenderType getUserGender ( ) {
return this . gender ;
}
2012-09-12 12:47:59 +02:00
}