[Minor] fixed session timeout not being audit action timeout
This commit is contained in:
parent
4383e8a1ab
commit
91a08057c1
|
@ -69,6 +69,9 @@ public class StrolchConstants {
|
|||
|
||||
public static final String PRIVILEGE = "Privilege"; //$NON-NLS-1$
|
||||
public static final String CERTIFICATE = "Certificate"; //$NON-NLS-1$
|
||||
public static final String LOGIN = "Login"; //$NON-NLS-1$
|
||||
public static final String LOGOUT = "Logout"; //$NON-NLS-1$
|
||||
public static final String SESSION_TIME_OUT = "SessionTimeout"; //$NON-NLS-1$
|
||||
public static final String ROLE = "Role"; //$NON-NLS-1$
|
||||
public static final String USER = "User"; //$NON-NLS-1$
|
||||
|
||||
|
|
|
@ -117,7 +117,7 @@ public class DefaultStrolchPrivilegeHandler extends StrolchComponent implements
|
|||
try {
|
||||
Certificate certificate = this.privilegeHandler.authenticate(username, password);
|
||||
StrolchRealm realm = getContainer().getRealm(certificate);
|
||||
try (StrolchTransaction tx = realm.openTx(certificate, getClass())) {
|
||||
try (StrolchTransaction tx = realm.openTx(certificate, StrolchPrivilegeConstants.LOGIN)) {
|
||||
tx.setSuppressDoNothingLogging(true);
|
||||
tx.setSuppressAudits(true);
|
||||
Audit audit = tx.auditFrom(AccessType.CREATE, StrolchPrivilegeConstants.PRIVILEGE,
|
||||
|
@ -147,7 +147,22 @@ public class DefaultStrolchPrivilegeHandler extends StrolchComponent implements
|
|||
assertContainerStarted();
|
||||
boolean invalidateSession = this.privilegeHandler.invalidateSession(certificate);
|
||||
StrolchRealm realm = getContainer().getRealm(certificate);
|
||||
try (StrolchTransaction tx = realm.openTx(certificate, getClass())) {
|
||||
try (StrolchTransaction tx = realm.openTx(certificate, StrolchPrivilegeConstants.LOGOUT)) {
|
||||
tx.setSuppressDoNothingLogging(true);
|
||||
tx.setSuppressAudits(true);
|
||||
Audit audit = tx.auditFrom(AccessType.DELETE, StrolchPrivilegeConstants.PRIVILEGE,
|
||||
StrolchPrivilegeConstants.CERTIFICATE, certificate.getUsername());
|
||||
tx.getAuditTrail().add(tx, audit);
|
||||
}
|
||||
return invalidateSession;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean sessionTimeout(Certificate certificate) {
|
||||
assertContainerStarted();
|
||||
boolean invalidateSession = this.privilegeHandler.invalidateSession(certificate);
|
||||
StrolchRealm realm = getContainer().getRealm(certificate);
|
||||
try (StrolchTransaction tx = realm.openTx(certificate, StrolchPrivilegeConstants.SESSION_TIME_OUT)) {
|
||||
tx.setSuppressDoNothingLogging(true);
|
||||
tx.setSuppressAudits(true);
|
||||
Audit audit = tx.auditFrom(AccessType.DELETE, StrolchPrivilegeConstants.PRIVILEGE,
|
||||
|
|
|
@ -47,6 +47,13 @@ public interface PrivilegeHandler {
|
|||
* @see ch.eitchnet.privilege.handler.PrivilegeHandler#invalidateSession(ch.eitchnet.privilege.model.Certificate)
|
||||
*/
|
||||
public abstract boolean invalidateSession(Certificate certificate);
|
||||
|
||||
/**
|
||||
* @param certificate
|
||||
* @return
|
||||
* @see ch.eitchnet.privilege.handler.PrivilegeHandler#invalidateSession(ch.eitchnet.privilege.model.Certificate)
|
||||
*/
|
||||
public abstract boolean sessionTimeout(Certificate certificate);
|
||||
|
||||
/**
|
||||
* @param certificate
|
||||
|
|
|
@ -156,7 +156,7 @@ public class DefaultStrolchSessionHandler extends StrolchComponent implements St
|
|||
|
||||
@Override
|
||||
public void invalidate(Certificate certificate) {
|
||||
DBC.PRE.assertNotNull("Certificate must bet given!", certificate); //$NON-NLS-1$
|
||||
DBC.PRE.assertNotNull("Certificate must be given!", certificate); //$NON-NLS-1$
|
||||
|
||||
Certificate removedCert;
|
||||
synchronized (this.certificateMap) {
|
||||
|
@ -168,6 +168,19 @@ public class DefaultStrolchSessionHandler extends StrolchComponent implements St
|
|||
this.privilegeHandler.invalidateSession(certificate);
|
||||
}
|
||||
|
||||
protected void sessionTimeout(Certificate certificate) {
|
||||
DBC.PRE.assertNotNull("Certificate must be given!", certificate); //$NON-NLS-1$
|
||||
|
||||
Certificate removedCert;
|
||||
synchronized (this.certificateMap) {
|
||||
removedCert = this.certificateMap.remove(certificate.getAuthToken());
|
||||
}
|
||||
if (removedCert == null)
|
||||
logger.error(MessageFormat.format("No session was registered with token {0}", certificate.getAuthToken())); //$NON-NLS-1$
|
||||
|
||||
this.privilegeHandler.sessionTimeout(certificate);
|
||||
}
|
||||
|
||||
/**
|
||||
* @return the certificateMap
|
||||
*/
|
||||
|
@ -200,7 +213,7 @@ public class DefaultStrolchSessionHandler extends StrolchComponent implements St
|
|||
if (timeOutTime.isAfter(LocalDateTime.ofInstant(lastAccess, systemDefault))) {
|
||||
String msg = "Session {0} for user {1} has expired, invalidating session..."; //$NON-NLS-1$
|
||||
logger.info(MessageFormat.format(msg, certificate.getAuthToken(), certificate.getUsername()));
|
||||
invalidate(certificate);
|
||||
sessionTimeout(certificate);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue