[Major] Refactored SessionHandler by moving to module agent
This commit is contained in:
parent
f8c77275f2
commit
4b3a537171
GPG Key ID:
75DB9C85C74331F7
|
|
@ -13,7 +13,7 @@
|
|||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package li.strolch.rest;
|
||||
package li.strolch.runtime.sessions;
|
||||
|
||||
import static java.util.function.Function.identity;
|
||||
import static li.strolch.runtime.StrolchConstants.StrolchPrivilegeConstants.PRIVILEGE_GET_SESSION;
|
||||
|
|
@ -21,7 +21,6 @@ import static li.strolch.runtime.StrolchConstants.StrolchPrivilegeConstants.PRIV
|
|||
|
||||
import java.text.MessageFormat;
|
||||
import java.time.ZonedDateTime;
|
||||
import java.time.temporal.ChronoUnit;
|
||||
import java.util.*;
|
||||
import java.util.concurrent.ConcurrentHashMap;
|
||||
import java.util.concurrent.Future;
|
||||
|
|
@ -38,7 +37,6 @@ import li.strolch.privilege.model.Certificate;
|
|||
import li.strolch.privilege.model.PrivilegeContext;
|
||||
import li.strolch.privilege.model.SimpleRestrictable;
|
||||
import li.strolch.privilege.model.Usage;
|
||||
import li.strolch.rest.model.UserSession;
|
||||
import li.strolch.runtime.configuration.ComponentConfiguration;
|
||||
import li.strolch.runtime.privilege.PrivilegeHandler;
|
||||
import li.strolch.utils.dbc.DBC;
|
||||
|
|
@ -321,8 +319,8 @@ public class DefaultStrolchSessionHandler extends StrolchComponent implements St
|
|||
}
|
||||
|
||||
private void checkSessionsForTimeout() {
|
||||
ZonedDateTime maxKeepAliveTime = ZonedDateTime.now().minus(this.maxKeepAliveMinutes, ChronoUnit.MINUTES);
|
||||
ZonedDateTime timeOutTime = ZonedDateTime.now().minus(this.sessionTtlMinutes, ChronoUnit.MINUTES);
|
||||
ZonedDateTime maxKeepAliveTime = ZonedDateTime.now().minusMinutes(this.maxKeepAliveMinutes);
|
||||
ZonedDateTime timeOutTime = ZonedDateTime.now().minusMinutes(this.sessionTtlMinutes);
|
||||
|
||||
Map<String, Certificate> certificateMap = getCertificateMapCopy();
|
||||
for (Certificate certificate : certificateMap.values()) {
|
||||
|
|
@ -13,7 +13,7 @@
|
|||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package li.strolch.rest;
|
||||
package li.strolch.runtime.sessions;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Locale;
|
||||
|
|
@ -24,7 +24,6 @@ import li.strolch.privilege.base.PrivilegeException;
|
|||
import li.strolch.privilege.model.Certificate;
|
||||
import li.strolch.privilege.model.PrivilegeContext;
|
||||
import li.strolch.privilege.model.Usage;
|
||||
import li.strolch.rest.model.UserSession;
|
||||
|
||||
/**
|
||||
* The {@link StrolchSessionHandler} implements session management. It authenticates, validates and invalidates session
|
||||
|
|
@ -13,7 +13,7 @@
|
|||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package li.strolch.rest.model;
|
||||
package li.strolch.runtime.sessions;
|
||||
|
||||
import java.time.ZonedDateTime;
|
||||
import java.util.Locale;
|
||||
|
|
@ -7,6 +7,7 @@ import li.strolch.model.audit.AccessType;
|
|||
import li.strolch.model.audit.Audit;
|
||||
import li.strolch.persistence.api.StrolchTransaction;
|
||||
import li.strolch.privilege.handler.PrivilegeHandler;
|
||||
import li.strolch.runtime.sessions.StrolchSessionHandler;
|
||||
import li.strolch.service.api.Command;
|
||||
import li.strolch.utils.dbc.DBC;
|
||||
|
||||
|
|
@ -37,6 +38,8 @@ public class PrivilegeRemoveUserCommand extends Command {
|
|||
if (privilegeHandler.isPersistOnUserDataChanged())
|
||||
privilegeHandler.persist(tx().getCertificate());
|
||||
|
||||
getComponent(StrolchSessionHandler.class).invalidate(tx().getCertificate());
|
||||
|
||||
Audit audit = tx().auditFrom(AccessType.DELETE, PRIVILEGE, USER, this.username);
|
||||
tx().getAuditTrail().add(tx(), audit);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -25,6 +25,7 @@ import li.strolch.rest.filters.AccessControlResponseFilter;
|
|||
import li.strolch.rest.filters.HttpCacheResponseFilter;
|
||||
import li.strolch.runtime.configuration.ComponentConfiguration;
|
||||
import li.strolch.runtime.privilege.PrivilegeHandler;
|
||||
import li.strolch.runtime.sessions.StrolchSessionHandler;
|
||||
import li.strolch.service.api.ServiceHandler;
|
||||
import li.strolch.utils.dbc.DBC;
|
||||
|
||||
|
|
|
|||
|
|
@ -41,7 +41,7 @@ import li.strolch.privilege.model.Privilege;
|
|||
import li.strolch.privilege.model.PrivilegeContext;
|
||||
import li.strolch.privilege.model.Usage;
|
||||
import li.strolch.rest.RestfulStrolchComponent;
|
||||
import li.strolch.rest.StrolchSessionHandler;
|
||||
import li.strolch.runtime.sessions.StrolchSessionHandler;
|
||||
import li.strolch.rest.helper.ResponseUtil;
|
||||
import li.strolch.runtime.privilege.PrivilegeHandler;
|
||||
import li.strolch.utils.helper.ExceptionHelper;
|
||||
|
|
|
|||
|
|
@ -33,7 +33,7 @@ import li.strolch.privilege.model.UserRep;
|
|||
import li.strolch.privilege.model.UserState;
|
||||
import li.strolch.rest.RestfulStrolchComponent;
|
||||
import li.strolch.rest.StrolchRestfulConstants;
|
||||
import li.strolch.rest.StrolchSessionHandler;
|
||||
import li.strolch.runtime.sessions.StrolchSessionHandler;
|
||||
import li.strolch.rest.model.QueryData;
|
||||
import li.strolch.search.SearchResult;
|
||||
import li.strolch.search.ValueSearch;
|
||||
|
|
|
|||
|
|
@ -37,10 +37,10 @@ import li.strolch.persistence.api.StrolchTransaction;
|
|||
import li.strolch.privilege.model.Certificate;
|
||||
import li.strolch.rest.RestfulStrolchComponent;
|
||||
import li.strolch.rest.StrolchRestfulConstants;
|
||||
import li.strolch.rest.StrolchSessionHandler;
|
||||
import li.strolch.runtime.sessions.StrolchSessionHandler;
|
||||
import li.strolch.rest.helper.ResponseUtil;
|
||||
import li.strolch.rest.model.QueryData;
|
||||
import li.strolch.rest.model.UserSession;
|
||||
import li.strolch.runtime.sessions.UserSession;
|
||||
import li.strolch.search.SearchResult;
|
||||
import li.strolch.search.ValueSearch;
|
||||
import org.slf4j.Logger;
|
||||
|
|
|
|||
|
|
@ -15,17 +15,22 @@
|
|||
*/
|
||||
package li.strolch.rest.filters;
|
||||
|
||||
import static li.strolch.rest.StrolchRestfulConstants.*;
|
||||
import static li.strolch.utils.helper.StringHelper.*;
|
||||
|
||||
import jakarta.annotation.Priority;
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
|
||||
import jakarta.ws.rs.Priorities;
|
||||
import jakarta.ws.rs.container.ContainerRequestContext;
|
||||
import jakarta.ws.rs.container.ContainerRequestFilter;
|
||||
import jakarta.ws.rs.core.*;
|
||||
import jakarta.ws.rs.ext.Provider;
|
||||
import li.strolch.exception.StrolchAccessDeniedException;
|
||||
import li.strolch.exception.StrolchNotAuthenticatedException;
|
||||
import li.strolch.privilege.model.Certificate;
|
||||
import li.strolch.privilege.model.Usage;
|
||||
import li.strolch.rest.RestfulStrolchComponent;
|
||||
import li.strolch.rest.StrolchRestfulConstants;
|
||||
import li.strolch.runtime.sessions.StrolchSessionHandler;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
import java.nio.charset.StandardCharsets;
|
||||
import java.util.Base64;
|
||||
|
|
@ -33,15 +38,8 @@ import java.util.HashSet;
|
|||
import java.util.List;
|
||||
import java.util.Set;
|
||||
|
||||
import li.strolch.exception.StrolchAccessDeniedException;
|
||||
import li.strolch.exception.StrolchNotAuthenticatedException;
|
||||
import li.strolch.privilege.model.Certificate;
|
||||
import li.strolch.privilege.model.Usage;
|
||||
import li.strolch.rest.RestfulStrolchComponent;
|
||||
import li.strolch.rest.StrolchRestfulConstants;
|
||||
import li.strolch.rest.StrolchSessionHandler;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import static li.strolch.rest.StrolchRestfulConstants.*;
|
||||
import static li.strolch.utils.helper.StringHelper.*;
|
||||
|
||||
/**
|
||||
* This authentication request filter secures any requests to a Strolch server, by verifying that the request contains
|
||||
|
|
@ -212,7 +210,7 @@ public class AuthenticationRequestFilter implements ContainerRequestFilter {
|
|||
logger.error(
|
||||
"No Authorization header or cookie on request to URL " + requestContext.getUriInfo().getPath());
|
||||
requestContext.abortWith(
|
||||
Response.status(Response.Status.FORBIDDEN).header(HttpHeaders.CONTENT_TYPE, MediaType.TEXT_PLAIN)
|
||||
Response.status(Response.Status.UNAUTHORIZED).header(HttpHeaders.CONTENT_TYPE, MediaType.TEXT_PLAIN)
|
||||
.entity("Missing Authorization!").build());
|
||||
return null;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -39,8 +39,8 @@
|
|||
</Component>
|
||||
<Component>
|
||||
<name>SessionHandler</name>
|
||||
<api>li.strolch.rest.StrolchSessionHandler</api>
|
||||
<impl>li.strolch.rest.DefaultStrolchSessionHandler</impl>
|
||||
<api>li.strolch.runtime.sessions.StrolchSessionHandler</api>
|
||||
<impl>li.strolch.runtime.sessions.DefaultStrolchSessionHandler</impl>
|
||||
<Properties>
|
||||
<session.ttl.minutes>1</session.ttl.minutes>
|
||||
</Properties>
|
||||
|
|
|
|||
|
|
@ -23,7 +23,7 @@ import li.strolch.agent.api.StrolchAgent;
|
|||
import li.strolch.exception.StrolchNotAuthenticatedException;
|
||||
import li.strolch.model.Tags;
|
||||
import li.strolch.privilege.model.Certificate;
|
||||
import li.strolch.rest.StrolchSessionHandler;
|
||||
import li.strolch.runtime.sessions.StrolchSessionHandler;
|
||||
import li.strolch.utils.helper.ExceptionHelper;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
|
|
|||
Loading…
Reference in New Issue