List of usage examples for javax.servlet.http HttpSession getId
public String getId();
From source file:dk.itst.oiosaml.sp.service.session.SingleVMSessionHandler.java
public void logOut(HttpSession session) { // We cannot remove the SESSION_ID_LIST since we use it in LogoutHttpResponseServlet // session.removeAttribute(Constants.SESSION_ID_LIST); removeAssertion(session.getId()); session.removeAttribute(Constants.SESSION_USER_ASSERTION); }
From source file:com.telefonica.euro_iaas.sdc.puppetwrapper.auth.OpenStackAuthenticationFilterTest.java
@Test public void doFilterTestRootPath() throws IOException, ServletException { HttpServletRequest servletRequest = mock(HttpServletRequest.class); HttpServletResponse servletResponse = mock(HttpServletResponse.class); FilterChain filterChain = mock(FilterChain.class); HttpSession httpSession = mock(HttpSession.class); when(servletRequest.getHeader(anyString())).thenReturn("3df25213cac246f8bccad5c70cb3582e"); when(servletRequest.getPathInfo()).thenReturn("/"); when(servletRequest.getSession()).thenReturn(httpSession); when(httpSession.getId()).thenReturn("1234"); openStackAuthenticationFilter.doFilter(servletRequest, servletResponse, filterChain); }
From source file:edu.umich.ctools.sectionsUtilityTool.SectionUtilityToolFilter.java
@Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { M_log.debug("doFilter: Called"); HttpServletRequest useRequest = (HttpServletRequest) request; HttpServletResponse useResponse = (HttpServletResponse) response; if (BASIC_LTI_LAUNCH_REQUEST.equals(request.getParameter(LTI_MESSAGE_TYPE))) { M_log.debug("new launch so invalidate any existing session"); if (useRequest.getSession() != null) { M_log.info("session id to invalidate: " + useRequest.getSession().getId()); useRequest.getSession().invalidate(); }//from w w w . ja v a2s .c om } HttpSession session = useRequest.getSession(true); M_log.debug("session id: " + session.getId()); //Launch type for for the LTI part will be different from the launch //type for SC because LTI will only be launched within LMS and SC can //be launched from a browser setLaunchType(request, session); M_log.debug("Launch Type: " + session.getAttribute(LAUNCH_TYPE)); M_log.debug("Path Info: " + useRequest.getPathInfo()); if (session.getAttribute(LAUNCH_TYPE).equals("lti")) { if (useRequest.getPathInfo() != null && useRequest.getPathInfo().equals(SC_PAGE)) { useRequest.getSession().invalidate(); useResponse.sendError(403); return; } chain.doFilter(useRequest, response); } else if (session.getAttribute(LAUNCH_TYPE).equals("sc")) { if (!checkForAuthorization(useRequest)) { useResponse.sendError(403); return; } chain.doFilter(useRequest, response); } }
From source file:org.apache.struts.webapp.example2.LogonAction.java
/** * Process the specified HTTP request, and create the corresponding HTTP * response (or forward to another web component that will create it). * Return an <code>ActionForward</code> instance describing where and how * control should be forwarded, or <code>null</code> if the response has * already been completed./* w w w . j a v a 2 s .c o m*/ * * @param mapping The ActionMapping used to select this instance * @param form The optional ActionForm bean for this request (if any) * @param request The HTTP request we are processing * @param response The HTTP response we are creating * * @exception Exception if business logic throws an exception */ public ActionForward execute(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { // Extract attributes we will need Locale locale = getLocale(request); MessageResources messages = getResources(request); User user = null; // Validate the request parameters specified by the user ActionErrors errors = new ActionErrors(); String username = (String) PropertyUtils.getSimpleProperty(form, "username"); String password = (String) PropertyUtils.getSimpleProperty(form, "password"); UserDatabase database = (UserDatabase) servlet.getServletContext().getAttribute(Constants.DATABASE_KEY); if (database == null) errors.add(ActionErrors.GLOBAL_ERROR, new ActionError("error.database.missing")); else { user = getUser(database, username); if ((user != null) && !user.getPassword().equals(password)) user = null; if (user == null) errors.add(ActionErrors.GLOBAL_ERROR, new ActionError("error.password.mismatch")); } // Report any errors we have discovered back to the original form if (!errors.isEmpty()) { saveErrors(request, errors); return (mapping.getInputForward()); } // Save our logged-in user in the session HttpSession session = request.getSession(); session.setAttribute(Constants.USER_KEY, user); if (log.isDebugEnabled()) { log.debug("LogonAction: User '" + user.getUsername() + "' logged on in session " + session.getId()); } // Remove the obsolete form bean if (mapping.getAttribute() != null) { if ("request".equals(mapping.getScope())) request.removeAttribute(mapping.getAttribute()); else session.removeAttribute(mapping.getAttribute()); } // Forward control to the specified success URI return (mapping.findForward("success")); }
From source file:cn.powerdash.libsystem.common.security.authc.SessionTimeoutAuthenticationFilter.java
@Override protected void saveRequestAndRedirectToLogin(ServletRequest request, ServletResponse response) throws IOException { saveRequest(request);/*from ww w. j a va 2 s . c o m*/ HttpServletRequest req = (HttpServletRequest) request; HttpServletResponse res = (HttpServletResponse) response; if (WebUtil.isAjaxRequest(req)) { ObjectMapper objectMapper = new ObjectMapper(); res.setContentType("application/json;charset=UTF-8"); res.setStatus(HttpStatus.INTERNAL_SERVER_ERROR.value()); ResultDto<String> error = new ResultDto<String>(); error.setCode(ResultCode.SESSION_TIME_OUT); error.setMessage(MessageUtil.getMessage(SESSION_TIMEOUT_MSG)); objectMapper.writeValue(response.getWriter(), error); LOGGER.debug("session time out for ajax request:{}", req.getRequestURI()); } else { LOGGER.debug("session time out for request:{}", req.getRequestURI()); req.getSession().setAttribute(SESSION_TIMEOUT, true); redirectToLogin(request, response); } HttpSession session = req.getSession(false); if (session != null) { LOGGER.debug( "session time out with id: {}, is sesion new:{}, started: {}, last accessed: {}, request headers: {}", session.getId(), session.isNew(), DateFormatUtils.format(session.getCreationTime(), DATE_FORMAT), DateFormatUtils.format(session.getLastAccessedTime(), DATE_FORMAT), getHeaderString(request)); } else { LOGGER.debug("session time out, no session available for current request"); } }
From source file:com.manydesigns.portofino.servlets.PortofinoListener.java
public void sessionCreated(HttpSessionEvent httpSessionEvent) { HttpSession session = httpSessionEvent.getSession(); logger.debug("Session created: id={}", session.getId()); }
From source file:com.manydesigns.portofino.servlets.PortofinoListener.java
public void sessionDestroyed(HttpSessionEvent httpSessionEvent) { HttpSession session = httpSessionEvent.getSession(); logger.debug("Session destroyed: id={}", session.getId()); }
From source file:edu.harvard.i2b2.fhirserver.ws.OAuth2AuthzEndpoint.java
@Path("processi2b2login") @POST/*from w ww .j ava2s . c o m*/ public Response processResourceOwnerLogin(@FormParam("username") String username, @FormParam("password") String password, @Context HttpServletRequest request) throws XQueryUtilException, URISyntaxException, IOException { logger.trace("processing login: for username:" + username + "\npassword:" + password + "\nclientId:" + request.getSession().getAttribute("clientId")); HttpSession session = request.getSession(); logger.trace("sessionid:" + session.getId()); String pmResponseXml = I2b2Util.getPmResponseXml(username, password, "i2b2demo", Config.i2b2Url); logger.trace("got pmResponseXml:" + pmResponseXml); if (I2b2Util.authenticateUser(pmResponseXml)) { // logger.trace("got pmResponseXml:" + pmResponseXml); // String uri = getBasePath(request).toString() + "scope"; // logger.trace("redirecting to:" + uri); // return Response.status(Status.MOVED_PERMANENTLY) // .location(new URI(uri)).build(); session.setAttribute("msg", "Authentication Successful!"); session.setAttribute("resourceUserId", username); session.setAttribute("pmResponseXml", pmResponseXml); session.setAttribute("i2b2Token", I2b2Util.getToken(pmResponseXml)); return Response.ok().entity(srvResourceOwnerScopeChoice(pmResponseXml)) .header("session_id", request.getSession().getId()).build(); } else { session.setAttribute("msg", "username or password was invalid"); String uri = HttpHelper.getBasePath(request).toString() + "i2b2login"; logger.trace("redirecting to:" + uri); return Response.status(Status.MOVED_PERMANENTLY).location(new URI(uri)) .header("session_id", request.getSession().getId()).build(); } }
From source file:it.polimi.meteocal.ejb.HandleAuthFacebookImpl.java
@Override public String getUrlLoginFacebook() { HttpSession session = (HttpSession) FacesContext.getCurrentInstance().getExternalContext() .getSession(false);//from w w w . j av a 2 s . co m String sessionId = session.getId(); String redirectUrl = URL_BASE + "/MeteoCal-web/loginFacebook.xhtml"; return "https://www.facebook.com/dialog/oauth?client_id=" + APP_ID + "&redirect_uri=" + redirectUrl + "&scope=" + "public_profile,user_friends,email"/*scopeUser + scopeFriend + scopeExtended */ + "&state=" + sessionId; }
From source file:fr.paris.lutece.plugins.genericattributes.service.upload.AbstractGenAttUploadHandler.java
/** * {@inheritDoc}/*from w ww . j a v a 2 s . c o m*/ */ @Override public List<FileItem> getListUploadedFiles(String strFieldName, HttpSession session) { if (StringUtils.isBlank(strFieldName)) { throw new AppException("id field name is not provided for the current file upload"); } initMap(session.getId(), strFieldName); // find session-related files in the map Map<String, List<FileItem>> mapFileItemsSession = _mapAsynchronousUpload.get(session.getId()); return mapFileItemsSession.get(strFieldName); }