Java Code Examples for org.apache.catalina.Session#setPrincipal()

The following examples show how to use org.apache.catalina.Session#setPrincipal() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: TomcatValve.java    From flex-blazeds with Apache License 2.0 6 votes vote down vote up
public boolean logout(HttpServletRequest servletRequest)
{
    if (servletRequestMatches(servletRequest))
    {
        Session session = getSession(request, false);
        if (session != null)
        {
            session.setPrincipal(null);
            session.setAuthType(null);
            session.removeNote(Constants.SESS_USERNAME_NOTE);
            session.removeNote(Constants.SESS_PASSWORD_NOTE);
        }
        return true;
    }
    return false;
}
 
Example 2
Source File: TomcatValve4150.java    From flex-blazeds with Apache License 2.0 6 votes vote down vote up
public boolean logout(HttpServletRequest request)
{
    if (this.request != null && this.request.getRequest() == request)
    {
        Session session = getSession(this.request, false);
        if (session != null)
        {
            session.setPrincipal(null);
            session.setAuthType(null);
            session.removeNote(Constants.SESS_USERNAME_NOTE);
            session.removeNote(Constants.SESS_PASSWORD_NOTE);
        }
        return true;
    }
    return false;
}
 
Example 3
Source File: Tomcat7Valve.java    From flex-blazeds with Apache License 2.0 6 votes vote down vote up
public boolean logout(HttpServletRequest servletRequest)
{
    if (servletRequestMatches(servletRequest))
    {
        Session session = getSession(request, false);
        if (session != null)
        {
            session.setPrincipal(null);
            session.setAuthType(null);
            session.removeNote(Constants.SESS_USERNAME_NOTE);
            session.removeNote(Constants.SESS_PASSWORD_NOTE);
        }
        return true;
    }
    return false;
}
 
Example 4
Source File: FederationAuthenticator.java    From cxf-fediz with Apache License 2.0 6 votes vote down vote up
protected boolean validateToken(Request request, HttpServletResponse response, FedizContext fedConfig) {
    Session session = request.getSessionInternal();
    if (session != null) {

        FedizResponse wfRes = (FedizResponse)session.getNote(FEDERATION_NOTE);
        Instant tokenExpires = wfRes.getTokenExpires();
        if (tokenExpires == null) {
            LOG.debug("Token doesn't expire");
            return true;
        }

        Instant currentTime = Instant.now();
        if (!currentTime.isAfter(tokenExpires)) {
            return true;
        } else {
            LOG.warn("Token already expired. Clean up and redirect");

            session.removeNote(FEDERATION_NOTE);
            session.setPrincipal(null);
            request.getSession().removeAttribute(SECURITY_TOKEN);
        }
    } else {
        LOG.debug("Session should not be null after authentication");
    }
    return false;
}
 
Example 5
Source File: CatalinaSessionTokenStore.java    From keycloak with Apache License 2.0 6 votes vote down vote up
@Override
public void saveAccountInfo(OidcKeycloakAccount account) {
    RefreshableKeycloakSecurityContext securityContext = (RefreshableKeycloakSecurityContext) account.getKeycloakSecurityContext();
    Set<String> roles = account.getRoles();
    GenericPrincipal principal = principalFactory.createPrincipal(request.getContext().getRealm(), account.getPrincipal(), roles);

    SerializableKeycloakAccount sAccount = new SerializableKeycloakAccount(roles, account.getPrincipal(), securityContext);
    Session session = request.getSessionInternal(true);
    session.setPrincipal(principal);
    session.setAuthType("KEYCLOAK");
    session.getSession().setAttribute(SerializableKeycloakAccount.class.getName(), sAccount);
    session.getSession().setAttribute(KeycloakSecurityContext.class.getName(), account.getKeycloakSecurityContext());
    String username = securityContext.getToken().getSubject();
    log.fine("userSessionManagement.login: " + username);
    this.sessionManagement.login(session);
}
 
Example 6
Source File: CatalinaSamlSessionStore.java    From keycloak with Apache License 2.0 6 votes vote down vote up
@Override
public void logoutAccount() {
    Session sessionInternal = request.getSessionInternal(false);
    if (sessionInternal == null) return;
    HttpSession session = sessionInternal.getSession();
    List<String> ids = new LinkedList<String>();
    if (session != null) {
        SamlSession samlSession = (SamlSession)session.getAttribute(SamlSession.class.getName());
        if (samlSession != null) {
            if (samlSession.getSessionIndex() != null) {
                ids.add(session.getId());
                idMapperUpdater.removeSession(idMapper, session.getId());
            }
            session.removeAttribute(SamlSession.class.getName());
        }
        session.removeAttribute(SAML_REDIRECT_URI);
    }
    sessionInternal.setPrincipal(null);
    sessionInternal.setAuthType(null);
    logoutSessionIds(ids);
}
 
Example 7
Source File: CatalinaSamlSessionStore.java    From keycloak with Apache License 2.0 6 votes vote down vote up
@Override
public void saveAccount(SamlSession account) {
    Session session = request.getSessionInternal(true);
    session.getSession().setAttribute(SamlSession.class.getName(), account);
    GenericPrincipal principal = (GenericPrincipal) session.getPrincipal();
    // in clustered environment in JBossWeb, principal is not serialized or saved
    if (principal == null) {
        principal = principalFactory.createPrincipal(request.getContext().getRealm(), account.getPrincipal(), account.getRoles());
        session.setPrincipal(principal);
        session.setAuthType("KEYCLOAK-SAML");

    }
    request.setUserPrincipal(principal);
    request.setAuthType("KEYCLOAK-SAML");
    String newId = changeSessionId(session);
    idMapperUpdater.map(idMapper, account.getSessionIndex(), account.getPrincipal().getSamlSubject(), newId);

}
 
Example 8
Source File: TomcatValve.java    From flex-blazeds with Apache License 2.0 5 votes vote down vote up
public Principal login(String username, String password, HttpServletRequest servletRequest)
{
    Realm realm = container.getRealm();
    if (realm == null)
        return null;

    Principal principal = realm.authenticate(username, password);
    if (principal == null)
        return null;

    if (servletRequestMatches(servletRequest))
    {
        request.setAuthType(AUTH_TYPE);
        request.setUserPrincipal(principal);

        Session session = getSession(request, true);

        // Cache the authentication information in our session.
        if (session != null) 
        {
            session.setAuthType(AUTH_TYPE);
            session.setPrincipal(principal);

            if (username != null)
                session.setNote(Constants.SESS_USERNAME_NOTE, username);
            else
                session.removeNote(Constants.SESS_USERNAME_NOTE);

            if (password != null)
                session.setNote(Constants.SESS_PASSWORD_NOTE, password);
            else
                session.removeNote(Constants.SESS_PASSWORD_NOTE);
        }
    }

    return principal;
}
 
Example 9
Source File: TomcatValve4150.java    From flex-blazeds with Apache License 2.0 5 votes vote down vote up
public Principal login(String username, String password, HttpServletRequest servletRequest)
{
    Realm realm = container.getRealm();
    if (realm == null)
        return null;
    Principal principal = realm.authenticate(username, password);

    if (principal != null) 
    {
        if (this.request != null && this.request.getRequest() == servletRequest)
        {
            request.setAuthType("flexmessaging"); //was "flashgateway"
            request.setUserPrincipal(principal);

            Session session = getSession(request, true);

            // Cache the authentication information in our session, if any
            if (session != null) 
            {
                session.setAuthType("flexmessaging"); //was "flashgateway"
                session.setPrincipal(principal);
                if (username != null)
                    session.setNote(Constants.SESS_USERNAME_NOTE, username);
                else
                    session.removeNote(Constants.SESS_USERNAME_NOTE);
                if (password != null)
                    session.setNote(Constants.SESS_PASSWORD_NOTE, password);
                else
                    session.removeNote(Constants.SESS_PASSWORD_NOTE);
            }
        }
    }

    return principal;
}
 
Example 10
Source File: Tomcat7Valve.java    From flex-blazeds with Apache License 2.0 5 votes vote down vote up
public Principal login(String username, String password, HttpServletRequest servletRequest)
{
    Realm realm = valve.getContainer().getRealm();
    if (realm == null)
        return null;

    Principal principal = realm.authenticate(username, password);
    if (principal == null)
        return null;

    if (servletRequestMatches(servletRequest))
    {
        request.setAuthType(AUTH_TYPE);
        request.setUserPrincipal(principal);

        Session session = getSession(request, true);

        // Cache the authentication information in our session.
        if (session != null) 
        {
            session.setAuthType(AUTH_TYPE);
            session.setPrincipal(principal);

            if (username != null)
                session.setNote(Constants.SESS_USERNAME_NOTE, username);
            else
                session.removeNote(Constants.SESS_USERNAME_NOTE);

            if (password != null)
                session.setNote(Constants.SESS_PASSWORD_NOTE, password);
            else
                session.removeNote(Constants.SESS_PASSWORD_NOTE);
        }
    }

    return principal;
}
 
Example 11
Source File: TomcatLogoutHandler.java    From cxf-fediz with Apache License 2.0 5 votes vote down vote up
@Override
protected boolean signoutCleanup(HttpServletRequest req, HttpServletResponse resp) {
    // Cleanup session internal
    Session session = request.getSessionInternal();
    session.removeNote(FederationAuthenticator.FEDERATION_NOTE);
    session.setPrincipal(null);
    super.signoutCleanup(req, resp);
    request.clearCookies();
    return true;
}
 
Example 12
Source File: TomcatLogoutHandler.java    From cxf-fediz with Apache License 2.0 5 votes vote down vote up
@Override
protected boolean signout(HttpServletRequest req, HttpServletResponse resp) {
    // Direct Logout
    Session session = request.getSessionInternal();
    session.removeNote(FederationAuthenticator.FEDERATION_NOTE);
    session.setPrincipal(null);
    return super.signout(req, resp);
}
 
Example 13
Source File: CatalinaSessionTokenStore.java    From keycloak with Apache License 2.0 5 votes vote down vote up
protected void cleanSession(Session catalinaSession) {
    catalinaSession.getSession().removeAttribute(KeycloakSecurityContext.class.getName());
    catalinaSession.getSession().removeAttribute(SerializableKeycloakAccount.class.getName());
    catalinaSession.getSession().removeAttribute(OidcKeycloakAccount.class.getName());
    catalinaSession.setPrincipal(null);
    catalinaSession.setAuthType(null);
}
 
Example 14
Source File: CatalinaSessionTokenStore.java    From keycloak with Apache License 2.0 5 votes vote down vote up
@Override
public boolean isCached(RequestAuthenticator authenticator) {
    Session session = request.getSessionInternal(false);
    if (session == null) return false;
    SerializableKeycloakAccount account = (SerializableKeycloakAccount) session.getSession().getAttribute(SerializableKeycloakAccount.class.getName());
    if (account == null) {
        return false;
    }

    log.fine("remote logged in already. Establish state from session");

    RefreshableKeycloakSecurityContext securityContext = account.getKeycloakSecurityContext();

    if (!deployment.getRealm().equals(securityContext.getRealm())) {
        log.fine("Account from cookie is from a different realm than for the request.");
        cleanSession(session);
        return false;
    }

    securityContext.setCurrentRequestInfo(deployment, this);
    request.setAttribute(KeycloakSecurityContext.class.getName(), securityContext);
    GenericPrincipal principal = (GenericPrincipal) session.getPrincipal();
    // in clustered environment in JBossWeb, principal is not serialized or saved
    if (principal == null) {
        principal = principalFactory.createPrincipal(request.getContext().getRealm(), account.getPrincipal(), account.getRoles());
        session.setPrincipal(principal);
        session.setAuthType("KEYCLOAK");

    }
    request.setUserPrincipal(principal);
    request.setAuthType("KEYCLOAK");

    restoreRequest();
    return true;
}
 
Example 15
Source File: CatalinaUserSessionManagement.java    From keycloak with Apache License 2.0 5 votes vote down vote up
public void sessionEvent(SessionEvent event) {
    // We only care about session destroyed events
    if (!Session.SESSION_DESTROYED_EVENT.equals(event.getType()))
        return;

    // Look up the single session id associated with this session (if any)
    Session session = event.getSession();
    log.debugf("Session %s destroyed", session.getId());

    GenericPrincipal principal = (GenericPrincipal) session.getPrincipal();
    if (principal == null) return;
    session.setPrincipal(null);
    session.setAuthType(null);
}
 
Example 16
Source File: CatalinaSamlSessionStore.java    From keycloak with Apache License 2.0 5 votes vote down vote up
@Override
public boolean isLoggedIn() {
    Session session = request.getSessionInternal(false);
    if (session == null) {
        log.debug("session was null, returning null");
        return false;
    }
    final SamlSession samlSession = SamlUtil.validateSamlSession(session.getSession().getAttribute(SamlSession.class.getName()), deployment);
    if (samlSession == null) {
        return false;
    }

    GenericPrincipal principal = (GenericPrincipal) session.getPrincipal();
    // in clustered environment in JBossWeb, principal is not serialized or saved
    if (principal == null) {
        principal = principalFactory.createPrincipal(request.getContext().getRealm(), samlSession.getPrincipal(), samlSession.getRoles());
        session.setPrincipal(principal);
        session.setAuthType("KEYCLOAK-SAML");

    }
    else if (samlSession.getPrincipal().getName().equals(principal.getName())){
        if (!principal.getUserPrincipal().getName().equals(samlSession.getPrincipal().getName())) {
            throw new RuntimeException("Unknown State");
        }
        log.debug("************principal already in");
        if (log.isDebugEnabled()) {
            for (String role : principal.getRoles()) {
                log.debug("principal role: " + role);
            }
        }

    }
    request.setUserPrincipal(principal);
    request.setAuthType("KEYCLOAK-SAML");
    restoreRequest();
    return true;
}