Java Code Examples for org.apache.catalina.Session#getPrincipal()
The following examples show how to use
org.apache.catalina.Session#getPrincipal() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: TomcatValve.java From flex-blazeds with Apache License 2.0 | 6 votes |
|
private void handleMatch(Request request, Principal principal)
{
TomcatLoginHolder.setLogin(new TomcatLoginImpl(getContainer(), request));
// Copy over user principal and auth type values, just like in AuthenticatorBase.invoke()
if (principal != null)
return;
Session session = getSession(request, false);
if (session == null)
return;
principal = session.getPrincipal();
if (principal != null)
{
request.setAuthType(session.getAuthType());
request.setUserPrincipal(principal);
}
}
Example 2
| Source File: Tomcat7Valve.java From flex-blazeds with Apache License 2.0 | 6 votes |
|
private void handleMatch(Request request, Principal principal)
{
TomcatLoginHolder.setLogin(new TomcatLoginImpl(this, request));
// Copy over user principal and auth type values, just like in AuthenticatorBase.invoke()
if (principal != null)
return;
Session session = getSession(request, false);
if (session == null)
return;
principal = session.getPrincipal();
if (principal != null)
{
request.setAuthType(session.getAuthType());
request.setUserPrincipal(principal);
}
}
Example 3
| Source File: CatalinaSamlSessionStore.java From keycloak with Apache License 2.0 | 6 votes |
|
@Override
public void saveAccount(SamlSession account) {
Session session = request.getSessionInternal(true);
session.getSession().setAttribute(SamlSession.class.getName(), account);
GenericPrincipal principal = (GenericPrincipal) session.getPrincipal();
// in clustered environment in JBossWeb, principal is not serialized or saved
if (principal == null) {
principal = principalFactory.createPrincipal(request.getContext().getRealm(), account.getPrincipal(), account.getRoles());
session.setPrincipal(principal);
session.setAuthType("KEYCLOAK-SAML");
}
request.setUserPrincipal(principal);
request.setAuthType("KEYCLOAK-SAML");
String newId = changeSessionId(session);
idMapperUpdater.map(idMapper, account.getSessionIndex(), account.getPrincipal().getSamlSubject(), newId);
}
Example 4
| Source File: CatalinaSessionTokenStore.java From keycloak with Apache License 2.0 | 5 votes |
|
@Override
public boolean isCached(RequestAuthenticator authenticator) {
Session session = request.getSessionInternal(false);
if (session == null) return false;
SerializableKeycloakAccount account = (SerializableKeycloakAccount) session.getSession().getAttribute(SerializableKeycloakAccount.class.getName());
if (account == null) {
return false;
}
log.fine("remote logged in already. Establish state from session");
RefreshableKeycloakSecurityContext securityContext = account.getKeycloakSecurityContext();
if (!deployment.getRealm().equals(securityContext.getRealm())) {
log.fine("Account from cookie is from a different realm than for the request.");
cleanSession(session);
return false;
}
securityContext.setCurrentRequestInfo(deployment, this);
request.setAttribute(KeycloakSecurityContext.class.getName(), securityContext);
GenericPrincipal principal = (GenericPrincipal) session.getPrincipal();
// in clustered environment in JBossWeb, principal is not serialized or saved
if (principal == null) {
principal = principalFactory.createPrincipal(request.getContext().getRealm(), account.getPrincipal(), account.getRoles());
session.setPrincipal(principal);
session.setAuthType("KEYCLOAK");
}
request.setUserPrincipal(principal);
request.setAuthType("KEYCLOAK");
restoreRequest();
return true;
}
Example 5
| Source File: CatalinaUserSessionManagement.java From keycloak with Apache License 2.0 | 5 votes |
|
public void sessionEvent(SessionEvent event) {
// We only care about session destroyed events
if (!Session.SESSION_DESTROYED_EVENT.equals(event.getType()))
return;
// Look up the single session id associated with this session (if any)
Session session = event.getSession();
log.debugf("Session %s destroyed", session.getId());
GenericPrincipal principal = (GenericPrincipal) session.getPrincipal();
if (principal == null) return;
session.setPrincipal(null);
session.setAuthType(null);
}
Example 6
| Source File: CatalinaSamlSessionStore.java From keycloak with Apache License 2.0 | 5 votes |
|
@Override
public boolean isLoggedIn() {
Session session = request.getSessionInternal(false);
if (session == null) {
log.debug("session was null, returning null");
return false;
}
final SamlSession samlSession = SamlUtil.validateSamlSession(session.getSession().getAttribute(SamlSession.class.getName()), deployment);
if (samlSession == null) {
return false;
}
GenericPrincipal principal = (GenericPrincipal) session.getPrincipal();
// in clustered environment in JBossWeb, principal is not serialized or saved
if (principal == null) {
principal = principalFactory.createPrincipal(request.getContext().getRealm(), samlSession.getPrincipal(), samlSession.getRoles());
session.setPrincipal(principal);
session.setAuthType("KEYCLOAK-SAML");
}
else if (samlSession.getPrincipal().getName().equals(principal.getName())){
if (!principal.getUserPrincipal().getName().equals(samlSession.getPrincipal().getName())) {
throw new RuntimeException("Unknown State");
}
log.debug("************principal already in");
if (log.isDebugEnabled()) {
for (String role : principal.getRoles()) {
log.debug("principal role: " + role);
}
}
}
request.setUserPrincipal(principal);
request.setAuthType("KEYCLOAK-SAML");
restoreRequest();
return true;
}
Example 7
| Source File: TomcatValve4150.java From flex-blazeds with Apache License 2.0 | 4 votes |
|
public void invoke(Request request, Response response, ValveContext context)
throws IOException, ServletException
{
ServletRequest servRequest = request.getRequest();
if (servRequest instanceof HttpServletRequest)
{
// we only set the TomcatLoginImpl for gateway paths
HttpServletRequest hrequest = ((HttpServletRequest)servRequest);
String path = hrequest.getServletPath();
boolean match = false;
if (path == null)
{
// We need to use a slighly-weaker uri match for 4.1
String uri = hrequest.getRequestURI();
match = (uri != null &&
(uri.indexOf(MESSAGEBROKER_MATCH) != -1 ||
uri.indexOf(AMF_MATCH) != -1 ||
uri.indexOf(GATEWAY_MATCH) != -1 ||
(CUSTOM_MATCH != null && uri.indexOf(CUSTOM_MATCH) != -1)));
}
else
{
match = (path.startsWith(MESSAGEBROKER_MATCH) ||
path.startsWith(AMF_MATCH) ||
path.startsWith(GATEWAY_MATCH) ||
(CUSTOM_MATCH != null && path.startsWith(CUSTOM_MATCH)));
}
if (match)
{
HttpRequest httpRequest = (HttpRequest)request;
TomcatLoginHolder.setLogin(new TomcatLoginImpl(getContainer(), httpRequest));
// copy over user princicpal and auth type values, just like in AuthenticatorBase.invoke()
Principal principal = hrequest.getUserPrincipal();
if (principal == null)
{
Session session = getSession(httpRequest, false);
if (session != null)
{
principal = session.getPrincipal();
if (principal != null)
{
httpRequest.setAuthType(session.getAuthType());
httpRequest.setUserPrincipal(principal);
}
}
}
}
}
context.invokeNext(request, response);
}
