private AdapterTokenStore createSessionTokenStore(Request request, KeycloakDeployment resolvedDeployment) { AdapterTokenStore store; store = new CatalinaSessionTokenStore(request, resolvedDeployment, userSessionManagement, createPrincipalFactory(), this); return store; }
@Override public void logout() { Session session = request.getSessionInternal(false); if (session != null) { cleanSession(session); } }
@Override public boolean isCached(RequestAuthenticator authenticator) { Session session = request.getSessionInternal(false); if (session == null) return false; SerializableKeycloakAccount account = (SerializableKeycloakAccount) session.getSession().getAttribute(SerializableKeycloakAccount.class.getName()); if (account == null) { return false; } log.fine("remote logged in already. Establish state from session"); RefreshableKeycloakSecurityContext securityContext = account.getKeycloakSecurityContext(); if (!deployment.getRealm().equals(securityContext.getRealm())) { log.fine("Account from cookie is from a different realm than for the request."); cleanSession(session); return false; } securityContext.setCurrentRequestInfo(deployment, this); request.setAttribute(KeycloakSecurityContext.class.getName(), securityContext); GenericPrincipal principal = (GenericPrincipal) session.getPrincipal(); // in clustered environment in JBossWeb, principal is not serialized or saved if (principal == null) { principal = principalFactory.createPrincipal(request.getContext().getRealm(), account.getPrincipal(), account.getRoles()); session.setPrincipal(principal); session.setAuthType("KEYCLOAK"); } request.setUserPrincipal(principal); request.setAuthType("KEYCLOAK"); restoreRequest(); return true; }
@Override public boolean isCached(RequestAuthenticator authenticator) { Session session = request.getSessionInternal(false); if (session == null) return false; SerializableKeycloakAccount account = (SerializableKeycloakAccount) session.getSession().getAttribute(SerializableKeycloakAccount.class.getName()); if (account == null) { return false; } log.fine("remote logged in already. Establish state from session"); RefreshableKeycloakSecurityContext securityContext = account.getKeycloakSecurityContext(); if (!deployment.getRealm().equals(securityContext.getRealm())) { log.fine("Account from cookie is from a different realm than for the request."); cleanSession(session); return false; } securityContext.setCurrentRequestInfo(deployment, this); request.setAttribute(KeycloakSecurityContext.class.getName(), securityContext); GenericPrincipal principal = (GenericPrincipal) session.getPrincipal(); // in clustered environment in JBossWeb, principal is not serialized or saved if (principal == null) { principal = principalFactory.createPrincipal(request.getContext().getRealm(), account.getPrincipal(), account.getRoles()); session.setPrincipal(principal); session.setAuthType("KEYCLOAK"); } request.setUserPrincipal(principal); request.setAuthType("KEYCLOAK"); restoreRequest(); return true; }
@Override public void logout() { Session session = request.getSessionInternal(false); if (session != null) { cleanSession(session); } }
private AdapterTokenStore createSessionTokenStore(Request request, KeycloakDeployment resolvedDeployment) { AdapterTokenStore store; store = new CatalinaSessionTokenStore(request, resolvedDeployment, userSessionManagement, createPrincipalFactory(), this); return store; }
request.setUserPrincipal(null); request.setAuthType(null); cleanSession(catalinaSession); catalinaSession.expire();
request.setUserPrincipal(null); request.setAuthType(null); cleanSession(catalinaSession); catalinaSession.expire();