protected boolean shouldLogSession(UserSession userSession) { return globalConfig.getUserSessionLogEnabled() && !userSession.isSystem(); } }
protected void checkSession(UserSession userSession) { if (userSession.isSystem()) throw new RuntimeException("Access to system session " + userSession.getId() + " is not allowed"); }
@Override public void logout() { try { UserSession session = userSessionSource.getUserSession(); if (session != null && session.isSystem()) { throw new RuntimeException("Logout of system session from client is not permitted"); } authenticationManager.logout(); userSessionLog.updateSessionLogRecord(session, SessionAction.LOGOUT); } catch (NoUserSessionException e) { log.debug("An attempt to perform logout for expired session", e); throw e; } catch (Throwable e) { log.error("Logout error", e); throw new RuntimeException("Logout error: " + e.toString()); } }
@Override public void remove(UserSession session) { UserSessionInfo usi = removeSessionInfo(session.getId()); if (usi != null) { log.debug("Removed session: {}", usi); if (!session.isSystem()) { usi.lastUsedTs = 0; clusterManager.send(usi); } } }
@Override public void killSession(UUID id) { UserSession userSession = userSessions.get(id); if (userSession != null && !userSession.isSystem()) { userSessionLog.updateSessionLogRecord(userSession, SessionAction.TERMINATION); userSessions.killSession(id); } }
@Override public void processEviction() { if (!AppContext.isStarted()) return; log.trace("Processing eviction"); long now = timeSource.currentTimeMillis(); getSessionInfoStream() .filter(info -> !info.session.isSystem() && now > (info.lastUsedTs + toMillis(expirationTimeout))) .forEach(usi -> { log.debug("Removing session due to timeout: {}", usi); userSessionLog.updateSessionLogRecord(usi.getSession(), SessionAction.EXPIRATION); removeSessionInfo(usi.session.getId()); usi.lastUsedTs = 0; clusterManager.send(usi); }); }
@Override public void postMessage(List<UUID> sessionIds, String message) { long time = timeSource.currentTimeMillis(); for (UUID sessionId : sessionIds) { UserSession userSession = userSessions.get(sessionId); if (userSession != null && !userSession.isSystem()) { userSession.setAttribute(MESSAGE_ATTR_PREFIX + time, message); userSessions.propagate(sessionId); } } }
@Override public boolean checkCurrentUserSession() { SecurityContext securityContext = AppContext.getSecurityContext(); if (securityContext != null && securityContext.getSession() != null && securityContext.getSession().isSystem()) { return true; } return securityContext != null && userSessions.get(securityContext.getSessionId()) != null; }
@Nullable protected UserSession internalGet(UUID id, boolean touch, boolean propagate) { if (!AppContext.isStarted()) return NO_USER_SESSION; UserSessionInfo usi = getSessionInfo(id); if (usi != null) { if (touch) { long now = timeSource.currentTimeMillis(); if (now > (usi.lastUsedTs + toMillis(touchTimeout))) { usi.lastUsedTs = now; putSessionInfo(id, usi); } if (propagate && !usi.session.isSystem()) { if (now > (usi.lastSentTs + toMillis(sendTimeout))) { usi.lastSentTs = now; clusterManager.send(usi); } } } return usi.session; } return null; }
@Override public void add(UserSession session) { UserSessionInfo usi = new UserSessionInfo(session, timeSource.currentTimeMillis()); putSessionInfo(session.getId(), usi); if (!session.isSystem()) { if (serverConfig.getSyncNewUserSessionReplication()) clusterManager.sendSync(usi); else clusterManager.send(usi); } }
protected UserSessionEntity createUserSessionEntity(UserSession session, long since, long lastUsedTs) { UserSessionEntity use = metadata.create(UserSessionEntity.class); use.setId(session.getId()); use.setLogin(session.getUser().getLoginLowerCase()); use.setUserName(session.getUser().getName()); use.setAddress(session.getAddress()); use.setClientInfo(session.getClientInfo()); use.setSince(new Date(since)); use.setLastUsedTs(new Date(lastUsedTs)); use.setSystem(session.isSystem()); return use; }
@Override public UserSession getUserSession() { SecurityContext securityContext = AppContext.getSecurityContextNN(); if (securityContext.getSession() != null && securityContext.getSession().isSystem()) { return securityContext.getSession(); } UserSession session = userSessions.getAndRefresh(securityContext.getSessionId()); if (session == null) { throw new NoUserSessionException(securityContext.getSessionId()); } return session; } }