List of usage examples for javax.servlet.http HttpSession invalidate
public void invalidate();
From source file:gr.abiss.calipso.userDetails.util.SecurityUtil.java
public static void logout(HttpServletRequest request, HttpServletResponse response, UserDetailsConfig userDetailsConfig) { addCookie(request, response, userDetailsConfig.getCookiesBasicAuthTokenName(), null, true, userDetailsConfig);/*from ww w . ja va2 s . c om*/ addCookie(request, response, COOKIE_NAME_SESSION, null, true, userDetailsConfig); HttpSession session = request.getSession(); if (session == null) { if (LOGGER.isDebugEnabled()) { LOGGER.debug("logout, no session to clear"); } } else { if (LOGGER.isDebugEnabled()) { LOGGER.debug("logout, invalidating session"); } session.invalidate(); } }
From source file:com.hangum.tadpole.session.manager.SessionManager.java
/** * logout ./* w w w. j a v a 2 s. c o m*/ */ public static void logout() { HttpServletRequest request = RWT.getRequest(); try { HttpSession sStore = request.getSession(); sStore.setAttribute(NAME.USER_SEQ.toString(), 0); sStore.invalidate(); } catch (Throwable e) { // ignore exception } // fixed https://github.com/hangum/TadpoleForDBTools/issues/708 // ps - ? session id ? ? ?. - hangum String[] arryRequestURL = StringUtils.split(request.getRequestURL().toString(), ";"); String browserText = MessageFormat.format("parent.window.location.href = \"{0}\";", arryRequestURL[0]); JavaScriptExecutor executor = RWT.getClient().getService(JavaScriptExecutor.class); executor.execute("setTimeout('" + browserText + "', 100)"); }
From source file:info.magnolia.cms.security.Authenticator.java
/** * Authenticate authorization request using JAAS login module as configured * @param request as received by the servlet engine * @return boolean//www .j a v a2 s . co m */ public static boolean authenticate(HttpServletRequest request) { String credentials = request.getHeader("Authorization"); String userid; String pswd; CredentialsCallbackHandler callbackHandler; String loginModuleToInitialize = "magnolia"; // default login module if (StringUtils.isEmpty(credentials) || credentials.length() <= 6) { // check for form based login request if (StringUtils.isNotEmpty(request.getParameter(PARAMETER_USER_ID))) { userid = request.getParameter(PARAMETER_USER_ID); pswd = StringUtils.defaultString(request.getParameter(PARAMETER_PSWD)); callbackHandler = new PlainTextCallbackHandler(userid, pswd.toCharArray()); } else { // select login module to use if user is authenticated against the container if (request.getUserPrincipal() != null) { loginModuleToInitialize = "magnolia_authorization"; callbackHandler = new PlainTextCallbackHandler(request.getUserPrincipal().getName(), "".toCharArray()); } else { // invalid auth request return false; } } } else { // its a basic authentication request callbackHandler = new Base64CallbackHandler(credentials); } Subject subject; try { LoginContext loginContext = new LoginContext(loginModuleToInitialize, callbackHandler); loginContext.login(); subject = loginContext.getSubject(); // ok, we NEED a session here since the user has been authenticated HttpSession httpsession = request.getSession(true); httpsession.setAttribute(ATTRIBUTE_JAAS_SUBJECT, subject); } catch (LoginException le) { if (log.isDebugEnabled()) log.debug("Exception caught", le); HttpSession httpsession = request.getSession(false); if (httpsession != null) { httpsession.invalidate(); } return false; } return true; }
From source file:com.lm.lic.manager.util.GenUtil.java
/** * @param session// ww w. j a v a 2 s . c o m */ public static void invalidateSession(HttpSession session) { if (session != null) { session.removeAttribute(GenUtil.LOGGED_IN_ATTRIBUTE); session.invalidate(); } }
From source file:org.opencms.ui.login.CmsLoginController.java
/** * Logs out the current user redirecting to the login form afterwards.<p> * * @param cms the cms context//from w ww . j a v a 2s . c o m * @param request the servlet request * @param response the servlet response * * @throws IOException if writing to the response fails */ public static void logout(CmsObject cms, HttpServletRequest request, HttpServletResponse response) throws IOException { String loggedInUser = cms.getRequestContext().getCurrentUser().getName(); HttpSession session = request.getSession(false); if (session != null) { session.invalidate(); /* we need this because a new session might be created after this method, but before the session info is updated in OpenCmsCore.showResource. */ cms.getRequestContext().setUpdateSessionEnabled(false); } // logout was successful if (LOG.isInfoEnabled()) { LOG.info(org.opencms.jsp.Messages.get().getBundle().key(org.opencms.jsp.Messages.LOG_LOGOUT_SUCCESFUL_3, loggedInUser, cms.getRequestContext().addSiteRoot(cms.getRequestContext().getUri()), cms.getRequestContext().getRemoteAddress())); } response.sendRedirect(getFormLink(cms)); }
From source file:de.zib.gndms.kit.monitor.GroovyMoniServlet.java
/** * Tries to destroy the current session and reclaim associated resources * * @param requestWrapper/* w w w .j a v a 2 s . co m*/ * @return true, if the session was destroyed. false, if there was none. */ @SuppressWarnings({ "unchecked" }) private static boolean didDestroySessionOnRequest(@NotNull HttpServletRequest requestWrapper) { if ("destroy".equalsIgnoreCase(requestWrapper.getParameter("m"))) { final HttpSession session = getSessionOrFail(requestWrapper); if (session != null) { synchronized (session) { final Enumeration<String> attrs = (Enumeration<String>) session.getAttributeNames(); while (attrs.hasMoreElements()) session.removeAttribute(attrs.nextElement()); session.invalidate(); } } return true; } else return false; }
From source file:org.eclipse.kapua.app.console.server.KapuaRemoteServiceServlet.java
/** * * This method perform a XSRF validation on the given request and for the specific userToken. * This is a private method to support both, standard class validation or multipart Servlet validation. * * @param req//from w w w. j a v a2 s . c om * @param userToken */ static private void performXSRFTokenValidation(HttpServletRequest req, GwtXSRFToken userToken) throws GwtKapuaException { HttpSession session = req.getSession(); if (!isValidXSRFToken(session, userToken)) { if (session != null) { s_logger.info("XSRF token is NOT VALID - Token={}", userToken.getToken()); s_logger.debug("\tSender IP: {}", req.getRemoteAddr()); s_logger.debug("\tSender Host: {}", req.getRemoteHost()); s_logger.debug("\tSender Port: {}", req.getRemotePort()); s_logger.debug("\tFull Request URL\n {}?{}\n\n", req.getRequestURL().toString(), req.getQueryString()); } // forcing the console log out session.invalidate(); s_logger.debug("Session invalidated."); throw new GwtKapuaException(GwtKapuaErrorCode.XSRF_INVALID_TOKEN, null, "Invalid XSRF token"); } }
From source file:org.eclipse.kura.web.server.KuraRemoteServiceServlet.java
/** * * This method perform a XSRF validation on the given request and for the specific userToken. * This is a private method to support both, standard class validation or multipart Servlet validation. * * @param req//from ww w .j a v a2 s . c o m * @param userToken */ static private void performXSRFTokenValidation(HttpServletRequest req, GwtXSRFToken userToken) throws GwtKuraException { HttpSession session = req.getSession(); if (!isValidXSRFToken(session, userToken)) { if (session != null) { s_logger.info("XSRF token is NOT VALID - Token={}", userToken.getToken()); s_logger.debug("\tSender IP: {}", req.getRemoteAddr()); s_logger.debug("\tSender Host: {}", req.getRemoteHost()); s_logger.debug("\tSender Port: {}", req.getRemotePort()); s_logger.debug("\tFull Request URL\n {}?{}\n\n", req.getRequestURL().toString(), req.getQueryString()); } // forcing the console log out session.invalidate(); s_logger.debug("Session invalidated."); throw new GwtKuraException(GwtKuraErrorCode.INTERNAL_ERROR, null, "Invalid XSRF token"); } }
From source file:com.lm.lic.manager.util.GenUtil.java
/** * @param session//from ww w . j a va 2 s . c o m */ public static void invalidateSession(LoginService loginService, HttpSession session) { if (session != null) { User user = (User) session.getAttribute("user"); if (user != null) loginService.makeUserLoggedOut(user, session); session.removeAttribute(GenUtil.LOGGED_IN_ATTRIBUTE); session.invalidate(); } }
From source file:org.dspace.webmvc.utils.Authenticate.java
/** * Log the user out//from w w w . j av a 2 s . c om * * @param context * DSpace context * @param request * HTTP request */ public static void loggedOut(Context context, HttpServletRequest request) { HttpSession session = request.getSession(); context.setCurrentUser(null); request.removeAttribute("isadmin"); request.removeAttribute("dspace.current.user"); session.removeAttribute("dspace.current.user.id"); // Keep the user's locale setting if set Locale sessionLocale = getSessionLocale(request); // Invalidate session unless dspace.cfg says not to if (ConfigurationManager.getBooleanProperty("webui.session.invalidate", true)) { session.invalidate(); } // Restore the session locale if (sessionLocale != null) { //Config.set(request.getSession(), Config.FMT_LOCALE, sessionLocale); session.setAttribute("FMT_LOCALE", sessionLocale); } }