[Minor] fixed session timeout not being audit action timeout
This commit is contained in:
parent
4383e8a1ab
commit
91a08057c1
|
@ -69,6 +69,9 @@ public class StrolchConstants {
|
||||||
|
|
||||||
public static final String PRIVILEGE = "Privilege"; //$NON-NLS-1$
|
public static final String PRIVILEGE = "Privilege"; //$NON-NLS-1$
|
||||||
public static final String CERTIFICATE = "Certificate"; //$NON-NLS-1$
|
public static final String CERTIFICATE = "Certificate"; //$NON-NLS-1$
|
||||||
|
public static final String LOGIN = "Login"; //$NON-NLS-1$
|
||||||
|
public static final String LOGOUT = "Logout"; //$NON-NLS-1$
|
||||||
|
public static final String SESSION_TIME_OUT = "SessionTimeout"; //$NON-NLS-1$
|
||||||
public static final String ROLE = "Role"; //$NON-NLS-1$
|
public static final String ROLE = "Role"; //$NON-NLS-1$
|
||||||
public static final String USER = "User"; //$NON-NLS-1$
|
public static final String USER = "User"; //$NON-NLS-1$
|
||||||
|
|
||||||
|
|
|
@ -117,7 +117,7 @@ public class DefaultStrolchPrivilegeHandler extends StrolchComponent implements
|
||||||
try {
|
try {
|
||||||
Certificate certificate = this.privilegeHandler.authenticate(username, password);
|
Certificate certificate = this.privilegeHandler.authenticate(username, password);
|
||||||
StrolchRealm realm = getContainer().getRealm(certificate);
|
StrolchRealm realm = getContainer().getRealm(certificate);
|
||||||
try (StrolchTransaction tx = realm.openTx(certificate, getClass())) {
|
try (StrolchTransaction tx = realm.openTx(certificate, StrolchPrivilegeConstants.LOGIN)) {
|
||||||
tx.setSuppressDoNothingLogging(true);
|
tx.setSuppressDoNothingLogging(true);
|
||||||
tx.setSuppressAudits(true);
|
tx.setSuppressAudits(true);
|
||||||
Audit audit = tx.auditFrom(AccessType.CREATE, StrolchPrivilegeConstants.PRIVILEGE,
|
Audit audit = tx.auditFrom(AccessType.CREATE, StrolchPrivilegeConstants.PRIVILEGE,
|
||||||
|
@ -147,7 +147,22 @@ public class DefaultStrolchPrivilegeHandler extends StrolchComponent implements
|
||||||
assertContainerStarted();
|
assertContainerStarted();
|
||||||
boolean invalidateSession = this.privilegeHandler.invalidateSession(certificate);
|
boolean invalidateSession = this.privilegeHandler.invalidateSession(certificate);
|
||||||
StrolchRealm realm = getContainer().getRealm(certificate);
|
StrolchRealm realm = getContainer().getRealm(certificate);
|
||||||
try (StrolchTransaction tx = realm.openTx(certificate, getClass())) {
|
try (StrolchTransaction tx = realm.openTx(certificate, StrolchPrivilegeConstants.LOGOUT)) {
|
||||||
|
tx.setSuppressDoNothingLogging(true);
|
||||||
|
tx.setSuppressAudits(true);
|
||||||
|
Audit audit = tx.auditFrom(AccessType.DELETE, StrolchPrivilegeConstants.PRIVILEGE,
|
||||||
|
StrolchPrivilegeConstants.CERTIFICATE, certificate.getUsername());
|
||||||
|
tx.getAuditTrail().add(tx, audit);
|
||||||
|
}
|
||||||
|
return invalidateSession;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public boolean sessionTimeout(Certificate certificate) {
|
||||||
|
assertContainerStarted();
|
||||||
|
boolean invalidateSession = this.privilegeHandler.invalidateSession(certificate);
|
||||||
|
StrolchRealm realm = getContainer().getRealm(certificate);
|
||||||
|
try (StrolchTransaction tx = realm.openTx(certificate, StrolchPrivilegeConstants.SESSION_TIME_OUT)) {
|
||||||
tx.setSuppressDoNothingLogging(true);
|
tx.setSuppressDoNothingLogging(true);
|
||||||
tx.setSuppressAudits(true);
|
tx.setSuppressAudits(true);
|
||||||
Audit audit = tx.auditFrom(AccessType.DELETE, StrolchPrivilegeConstants.PRIVILEGE,
|
Audit audit = tx.auditFrom(AccessType.DELETE, StrolchPrivilegeConstants.PRIVILEGE,
|
||||||
|
|
|
@ -48,6 +48,13 @@ public interface PrivilegeHandler {
|
||||||
*/
|
*/
|
||||||
public abstract boolean invalidateSession(Certificate certificate);
|
public abstract boolean invalidateSession(Certificate certificate);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @param certificate
|
||||||
|
* @return
|
||||||
|
* @see ch.eitchnet.privilege.handler.PrivilegeHandler#invalidateSession(ch.eitchnet.privilege.model.Certificate)
|
||||||
|
*/
|
||||||
|
public abstract boolean sessionTimeout(Certificate certificate);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param certificate
|
* @param certificate
|
||||||
* @return
|
* @return
|
||||||
|
|
|
@ -156,7 +156,7 @@ public class DefaultStrolchSessionHandler extends StrolchComponent implements St
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void invalidate(Certificate certificate) {
|
public void invalidate(Certificate certificate) {
|
||||||
DBC.PRE.assertNotNull("Certificate must bet given!", certificate); //$NON-NLS-1$
|
DBC.PRE.assertNotNull("Certificate must be given!", certificate); //$NON-NLS-1$
|
||||||
|
|
||||||
Certificate removedCert;
|
Certificate removedCert;
|
||||||
synchronized (this.certificateMap) {
|
synchronized (this.certificateMap) {
|
||||||
|
@ -168,6 +168,19 @@ public class DefaultStrolchSessionHandler extends StrolchComponent implements St
|
||||||
this.privilegeHandler.invalidateSession(certificate);
|
this.privilegeHandler.invalidateSession(certificate);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
protected void sessionTimeout(Certificate certificate) {
|
||||||
|
DBC.PRE.assertNotNull("Certificate must be given!", certificate); //$NON-NLS-1$
|
||||||
|
|
||||||
|
Certificate removedCert;
|
||||||
|
synchronized (this.certificateMap) {
|
||||||
|
removedCert = this.certificateMap.remove(certificate.getAuthToken());
|
||||||
|
}
|
||||||
|
if (removedCert == null)
|
||||||
|
logger.error(MessageFormat.format("No session was registered with token {0}", certificate.getAuthToken())); //$NON-NLS-1$
|
||||||
|
|
||||||
|
this.privilegeHandler.sessionTimeout(certificate);
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @return the certificateMap
|
* @return the certificateMap
|
||||||
*/
|
*/
|
||||||
|
@ -200,7 +213,7 @@ public class DefaultStrolchSessionHandler extends StrolchComponent implements St
|
||||||
if (timeOutTime.isAfter(LocalDateTime.ofInstant(lastAccess, systemDefault))) {
|
if (timeOutTime.isAfter(LocalDateTime.ofInstant(lastAccess, systemDefault))) {
|
||||||
String msg = "Session {0} for user {1} has expired, invalidating session..."; //$NON-NLS-1$
|
String msg = "Session {0} for user {1} has expired, invalidating session..."; //$NON-NLS-1$
|
||||||
logger.info(MessageFormat.format(msg, certificate.getAuthToken(), certificate.getUsername()));
|
logger.info(MessageFormat.format(msg, certificate.getAuthToken(), certificate.getUsername()));
|
||||||
invalidate(certificate);
|
sessionTimeout(certificate);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue