[Minor] fixed session timeout not being audit action timeout

2015-04-05 01:27:50 +02:00 · 2015-04-05 01:27:50 +02:00 · 91a08057c1
parent 4383e8a1ab
commit 91a08057c1
4 changed files with 42 additions and 4 deletions
--- a/li.strolch.agent/src/main/java/li/strolch/runtime/StrolchConstants.java
+++ b/li.strolch.agent/src/main/java/li/strolch/runtime/StrolchConstants.java
@ -69,6 +69,9 @@ public class StrolchConstants {

 		public static final String PRIVILEGE = "Privilege"; //$NON-NLS-1$
 		public static final String CERTIFICATE = "Certificate"; //$NON-NLS-1$
+		public static final String LOGIN = "Login"; //$NON-NLS-1$
+		public static final String LOGOUT = "Logout"; //$NON-NLS-1$
+		public static final String SESSION_TIME_OUT = "SessionTimeout"; //$NON-NLS-1$
 		public static final String ROLE = "Role"; //$NON-NLS-1$
 		public static final String USER = "User"; //$NON-NLS-1$

--- a/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/DefaultStrolchPrivilegeHandler.java
+++ b/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/DefaultStrolchPrivilegeHandler.java
@ -117,7 +117,7 @@ public class DefaultStrolchPrivilegeHandler extends StrolchComponent implements
 		try {
 			Certificate certificate = this.privilegeHandler.authenticate(username, password);
 			StrolchRealm realm = getContainer().getRealm(certificate);
-			try (StrolchTransaction tx = realm.openTx(certificate, getClass())) {
+			try (StrolchTransaction tx = realm.openTx(certificate, StrolchPrivilegeConstants.LOGIN)) {
 				tx.setSuppressDoNothingLogging(true);
 				tx.setSuppressAudits(true);
 				Audit audit = tx.auditFrom(AccessType.CREATE, StrolchPrivilegeConstants.PRIVILEGE,
@ -147,7 +147,22 @@ public class DefaultStrolchPrivilegeHandler extends StrolchComponent implements
 		assertContainerStarted();
 		boolean invalidateSession = this.privilegeHandler.invalidateSession(certificate);
 		StrolchRealm realm = getContainer().getRealm(certificate);
-		try (StrolchTransaction tx = realm.openTx(certificate, getClass())) {
+		try (StrolchTransaction tx = realm.openTx(certificate, StrolchPrivilegeConstants.LOGOUT)) {
+			tx.setSuppressDoNothingLogging(true);
+			tx.setSuppressAudits(true);
+			Audit audit = tx.auditFrom(AccessType.DELETE, StrolchPrivilegeConstants.PRIVILEGE,
+					StrolchPrivilegeConstants.CERTIFICATE, certificate.getUsername());
+			tx.getAuditTrail().add(tx, audit);
+		}
+		return invalidateSession;
+	}
+
+	@Override
+	public boolean sessionTimeout(Certificate certificate) {
+		assertContainerStarted();
+		boolean invalidateSession = this.privilegeHandler.invalidateSession(certificate);
+		StrolchRealm realm = getContainer().getRealm(certificate);
+		try (StrolchTransaction tx = realm.openTx(certificate, StrolchPrivilegeConstants.SESSION_TIME_OUT)) {
 			tx.setSuppressDoNothingLogging(true);
 			tx.setSuppressAudits(true);
 			Audit audit = tx.auditFrom(AccessType.DELETE, StrolchPrivilegeConstants.PRIVILEGE,
--- a/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/PrivilegeHandler.java
+++ b/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/PrivilegeHandler.java
@ -47,6 +47,13 @@ public interface PrivilegeHandler {
 	 * @see ch.eitchnet.privilege.handler.PrivilegeHandler#invalidateSession(ch.eitchnet.privilege.model.Certificate)
 	 */
 	public abstract boolean invalidateSession(Certificate certificate);
+	
+	/**
+	 * @param certificate
+	 * @return
+	 * @see ch.eitchnet.privilege.handler.PrivilegeHandler#invalidateSession(ch.eitchnet.privilege.model.Certificate)
+	 */
+	public abstract boolean sessionTimeout(Certificate certificate);

 	/**
 	 * @param certificate
--- a/li.strolch.rest/src/main/java/li/strolch/rest/DefaultStrolchSessionHandler.java
+++ b/li.strolch.rest/src/main/java/li/strolch/rest/DefaultStrolchSessionHandler.java
@ -156,7 +156,7 @@ public class DefaultStrolchSessionHandler extends StrolchComponent implements St

 	@Override
 	public void invalidate(Certificate certificate) {
-		DBC.PRE.assertNotNull("Certificate must bet given!", certificate); //$NON-NLS-1$
+		DBC.PRE.assertNotNull("Certificate must be given!", certificate); //$NON-NLS-1$

 		Certificate removedCert;
 		synchronized (this.certificateMap) {
@ -168,6 +168,19 @@ public class DefaultStrolchSessionHandler extends StrolchComponent implements St
 		this.privilegeHandler.invalidateSession(certificate);
 	}

+	protected void sessionTimeout(Certificate certificate) {
+		DBC.PRE.assertNotNull("Certificate must be given!", certificate); //$NON-NLS-1$
+
+		Certificate removedCert;
+		synchronized (this.certificateMap) {
+			removedCert = this.certificateMap.remove(certificate.getAuthToken());
+		}
+		if (removedCert == null)
+			logger.error(MessageFormat.format("No session was registered with token {0}", certificate.getAuthToken())); //$NON-NLS-1$
+
+		this.privilegeHandler.sessionTimeout(certificate);
+	}
+
 	/**
 	 * @return the certificateMap
 	 */
@ -200,7 +213,7 @@ public class DefaultStrolchSessionHandler extends StrolchComponent implements St
 				if (timeOutTime.isAfter(LocalDateTime.ofInstant(lastAccess, systemDefault))) {
 					String msg = "Session {0} for user {1} has expired, invalidating session..."; //$NON-NLS-1$
 					logger.info(MessageFormat.format(msg, certificate.getAuthToken(), certificate.getUsername()));
-					invalidate(certificate);
+					sessionTimeout(certificate);
 				}
 			}
 		}