org.springframework.security.web.session.HttpSessionCreatedEvent Java Examples
The following examples show how to use
org.springframework.security.web.session.HttpSessionCreatedEvent.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: SessionListener.java From webanno with Apache License 2.0 | 6 votes |
@EventListener @Order(Ordered.HIGHEST_PRECEDENCE) public void onSessionCreated(HttpSessionCreatedEvent aEvent) { Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); if (authentication == null) { log.trace("Session created for anonymous user [{}]", aEvent.getSession().getId()); // We don't register anonymous un-authorized sessions. // If this were a pre-authenticated session, we'd have an authentication by now. // If it is using the form-based login, the login page handles registering the // session. return; } String username = authentication.getName(); log.trace("Session created for user [{}] [{}]", username, aEvent.getSession().getId()); sessionRegistry.registerNewSession(aEvent.getSession().getId(), username); }
Example #2
Source File: SecurityContextRegistryImplTest.java From molgenis with GNU Lesser General Public License v3.0 | 6 votes |
@BeforeEach void setUpBeforeMethod() { securityContextRegistry = new SecurityContextRegistryImpl(); httpSessionWithSecurityContextId = "sessionWithSecurityContext"; httpSessionWithSecurityContext = when(mock(HttpSession.class).getId()) .thenReturn(httpSessionWithSecurityContextId) .getMock(); securityContext = mock(SecurityContext.class); when(httpSessionWithSecurityContext.getAttribute("SPRING_SECURITY_CONTEXT")) .thenReturn(securityContext); securityContextRegistry.handleHttpSessionCreatedEvent( new HttpSessionCreatedEvent(httpSessionWithSecurityContext)); httpSessionWithoutSecurityContextId = "sessionWithoutSecurityContext"; HttpSession httpSessionWithoutSecurityContext = when(mock(HttpSession.class).getId()) .thenReturn(httpSessionWithoutSecurityContextId) .getMock(); securityContextRegistry.handleHttpSessionCreatedEvent( new HttpSessionCreatedEvent(httpSessionWithoutSecurityContext)); }
Example #3
Source File: SecurityContextRegistryImplTest.java From molgenis with GNU Lesser General Public License v3.0 | 6 votes |
@Test void testGetSecurityContextFromSessionUnexpectedValue() { String corruptHttpSessionId = "corruptSessionId"; HttpSession corruptHttpSession = when(mock(HttpSession.class).getId()).thenReturn(corruptHttpSessionId).getMock(); when(corruptHttpSession.getAttribute("SPRING_SECURITY_CONTEXT")) .thenReturn("corruptSecurityContext"); securityContextRegistry.handleHttpSessionCreatedEvent( new HttpSessionCreatedEvent(corruptHttpSession)); Exception exception = assertThrows( RuntimeException.class, () -> securityContextRegistry.getSecurityContext(corruptHttpSessionId)); assertThat(exception.getMessage()) .containsPattern( "Session attribute 'SPRING_SECURITY_CONTEXT' is of type 'String' instead of 'SecurityContext'"); }
Example #4
Source File: MatomoTelemetrySupportImpl.java From webanno with Apache License 2.0 | 5 votes |
@Override @EventListener public void onSessionCreated(HttpSessionCreatedEvent aEvent) { // Listen explicitly ot all sessions so we catch sessions that get created and destroyed // within a PING period. if (isEnabled()) { updateActivePrincipals(); } }
Example #5
Source File: SecurityContextRegistryImplTest.java From molgenis with GNU Lesser General Public License v3.0 | 5 votes |
@Test void testGetSecurityContextInvalidatedSession() { String corruptHttpSessionId = "invalidSessionId"; HttpSession corruptHttpSession = when(mock(HttpSession.class).getId()).thenReturn(corruptHttpSessionId).getMock(); doThrow(IllegalStateException.class) .when(corruptHttpSession) .getAttribute("SPRING_SECURITY_CONTEXT"); securityContextRegistry.handleHttpSessionCreatedEvent( new HttpSessionCreatedEvent(corruptHttpSession)); assertNull(securityContextRegistry.getSecurityContext(corruptHttpSessionId)); }
Example #6
Source File: HttpSessionCreatedEventListener.java From cia with Apache License 2.0 | 4 votes |
@Override public void onApplicationEvent(final HttpSessionCreatedEvent event) { LOGGER.info(LOG_MSG_SESSION_CREATED_SESSION_ID, event.getSession().getId()); }
Example #7
Source File: SecurityContextRegistryImpl.java From molgenis with GNU Lesser General Public License v3.0 | 4 votes |
@EventListener public void handleHttpSessionCreatedEvent(HttpSessionCreatedEvent httpSessionCreatedEvent) { HttpSession session = httpSessionCreatedEvent.getSession(); httpSessionMap.put(session.getId(), session); }
Example #8
Source File: MatomoTelemetrySupport.java From webanno with Apache License 2.0 | votes |
void onSessionCreated(HttpSessionCreatedEvent aEvent);