View Javadoc

1   /**
2    * 2007, Digitalis Informatica. All rights reserved. Distribuicao e Gestao de Informatica, Lda. Estrada de Paco de Arcos
3    * num.9 - Piso -1 2780-666 Paco de Arcos Telefone: (351) 21 4408990 Fax: (351) 21 4408999 http://www.digitalis.pt
4    */
5   
6   package pt.digitalis.dif.controller.security.managers.impl;
7   
8   import java.util.HashMap;
9   import java.util.Map;
10  
11  import pt.digitalis.dif.controller.interfaces.IDIFSession;
12  import pt.digitalis.dif.controller.interfaces.IPrivateDIFSession;
13  import pt.digitalis.dif.controller.objects.Constants;
14  import pt.digitalis.dif.controller.objects.DIFSession;
15  import pt.digitalis.dif.controller.objects.DIFUserInSession;
16  import pt.digitalis.dif.controller.security.managers.IAuthenticationManager;
17  import pt.digitalis.dif.controller.security.managers.ISessionManager;
18  import pt.digitalis.dif.controller.security.objects.IDIFUser;
19  import pt.digitalis.dif.exception.security.AuthenticationManagerException;
20  import pt.digitalis.dif.startup.DIFGeneralConfigurationParameters;
21  import pt.digitalis.dif.utils.ObjectFormatter;
22  
23  import com.google.inject.Inject;
24  import com.newrelic.api.agent.Trace;
25  
26  /**
27   * DIF's default implementation of a session manager. REFACTOR: Should extract a superclass from this as a base
28   * implementation for this and other sessionManager impl's
29   * 
30   * @author Pedro Viegas <a href="mailto:pviegas@digitalis.pt">pviegas@digitalis.pt</a><br/>
31   * @author Rodrigo Gonçalves <a href="mailto:rgoncalves@digitalis.pt">rgoncalves@digitalis.pt</a><br/>
32   * @created Dec 11, 2007
33   */
34  public class SessionManagerImpl implements ISessionManager {
35  
36      /** List of logged sessions. */
37      private Map<String, IPrivateDIFSession> loggedSessions = new HashMap<String, IPrivateDIFSession>();
38  
39      /** The authentication manager. */
40      @Inject
41      private IAuthenticationManager theAuthenticationManager;
42  
43      /**
44       * Default constructor
45       */
46      public SessionManagerImpl()
47      {
48          // Launches the inactive session monitoring thread
49          SessionGarbageCollector collector = new SessionGarbageCollector(this);
50          collector.start();
51      }
52  
53      /**
54       * @see pt.digitalis.dif.controller.security.managers.ISessionManager#createSession(java.lang.String)
55       */
56      public IDIFSession createSession(String sessionID)
57      {
58          IPrivateDIFSession session = loggedSessions.get(sessionID);
59  
60          if (session == null || session.isMarkedForRemoval())
61          {
62              session = new DIFSession(sessionID);
63              session.setSessionTimeOut(DIFGeneralConfigurationParameters.getInstance().getSessionTimeout());
64  
65              loggedSessions.put(sessionID, session);
66          }
67          else
68              update(session);
69  
70          return session;
71      }
72  
73      /**
74       * @return the loggedSessions
75       */
76      public Map<String, IPrivateDIFSession> getLoggedSessions()
77      {
78          return loggedSessions;
79      }
80  
81      /**
82       * @see pt.digitalis.dif.controller.security.managers.ISessionManager#getSession(java.lang.String)
83       */
84      public IDIFSession getSession(String sessionID)
85      {
86          return loggedSessions.get(sessionID);
87      }
88  
89      /**
90       * @see pt.digitalis.dif.controller.security.managers.ISessionManager#isSessionPresent(java.lang.String)
91       */
92      public boolean isSessionPresent(String sessionID)
93      {
94          return loggedSessions.containsKey(sessionID);
95      }
96  
97      /**
98       * @see pt.digitalis.dif.controller.security.managers.ISessionManager#logIn(java.lang.String, java.lang.String,
99       *      java.lang.String)
100      */
101     @Trace(metricName = "DIF:SessionManager:Login", dispatcher = true)
102     public IDIFSession logIn(String sessionID, String userID, String password) throws AuthenticationManagerException
103     {
104         IDIFSession session = createSession(sessionID);
105 
106         IDIFUser loggedUser = theAuthenticationManager.logIn(sessionID, userID, password);
107 
108         if (loggedUser != null)
109         {
110             session.setUser(new DIFUserInSession(loggedUser, password));
111             update(session);
112         }
113 
114         return session;
115     }
116 
117     /**
118      * @see pt.digitalis.dif.controller.security.managers.ISessionManager#logOut(java.lang.String)
119      */
120     @Trace(metricName = "DIF:SessionManager:Logout", dispatcher = true)
121     public IDIFSession logOut(String sessionID)
122     {
123         IDIFSession session = loggedSessions.get(sessionID);
124 
125         if (session != null)
126         {
127             session.setUser(null);
128             theAuthenticationManager.logOut(sessionID);
129             session.getNavigationHistory().cleanUpAfterLogout(session);
130             update(session);
131             reinitializeSession(sessionID);
132         }
133 
134         return session;
135     }
136 
137     /**
138      * Cleans up an existant session, after logout or clean session request
139      * 
140      * @param sessionID
141      *            the session ID to clean up
142      */
143     private void reinitializeSession(String sessionID)
144     {
145         IPrivateDIFSession session = loggedSessions.get(sessionID);
146 
147         if (session != null)
148         {
149             Object sessionInvalidBrowser = session.getAttribute(Constants.INVALID_BROWSER_ACCEPTED);
150             session.setAttributes(new HashMap<String, Object>());
151             session.addAttribute(Constants.INVALID_BROWSER_ACCEPTED, sessionInvalidBrowser);
152             loggedSessions.put(sessionID, session);
153         }
154     }
155 
156     /**
157      * Removes a session
158      * 
159      * @param sessionID
160      */
161     synchronized public void removeSession(String sessionID)
162     {
163         loggedSessions.remove(sessionID);
164 
165         // Instructs the authenticated manager that this client has disconnected from DIF. It will decide if there is an
166         // authentication record present what to do with it. Keep or remove it.
167         theAuthenticationManager.disconnectClient(sessionID);
168     }
169 
170     /**
171      * @see java.lang.Object#toString()
172      */
173     @Override
174     public String toString()
175     {
176         ObjectFormatter formatter = new ObjectFormatter();
177         formatter.addItem("Sessions", loggedSessions);
178 
179         return formatter.getFormatedObject();
180     }
181 
182     /**
183      * @see pt.digitalis.dif.controller.security.managers.ISessionManager#update(pt.digitalis.dif.controller.interfaces.IDIFSession)
184      */
185     public boolean update(IDIFSession session)
186     {
187         boolean exists = isSessionPresent(session.getSessionID());
188 
189         if (exists)
190         {
191             IPrivateDIFSession privSession = (IPrivateDIFSession) session;
192 
193             privSession.keepAlive();
194             loggedSessions.put(privSession.getSessionID(), privSession);
195         }
196 
197         return exists;
198     }
199 }