LocalOperations.java revision fc8409d20f991d53ac0c4708efa04c121b73c449
/*
* The contents of this file are subject to the terms of the Common Development and
* Distribution License (the License). You may not use this file except in compliance with the
* License.
*
* You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
* specific language governing permission and limitations under the License.
*
* When distributing Covered Software, include this CDDL Header Notice in each file and include
* the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
* Header, with the fields enclosed by brackets [] replaced by your own identifying
* information: "Portions copyright [year] [name of copyright owner]".
*
* Copyright 2014-2016 ForgeRock AS.
*/
/**
* Responsible for applying Session operations on the local Server instance.
*
* This will be based on invoking the {@link SessionService} directly. This implementation
* has been refactored out from {@link Session}.
*/
public class LocalOperations implements SessionOperations {
private final SessionAccessManager sessionAccessManager;
private final SessionInfoFactory sessionInfoFactory;
private final SessionServerConfig serverConfig;
private final SessionNotificationSender sessionNotificationSender;
private final SessionLogging sessionLogging;
private final SessionAuditor sessionAuditor;
private final SessionChangeAuthorizer sessionChangeAuthorizer;
private final SessionServiceConfig serviceConfig;
/**
* Guice initialised constructor.
* @param debug Non null.
* @param sessionAccessManager access manager for returning the session information from the storage mechanism
* @param sessionInfoFactory the factory for creating session information objects from a session
* @param serverConfig session server config
* @param sessionNotificationSender notification sender for session removal notification
* @param sessionLogging special logging service for session removal logging
* @param sessionAuditor audit logger
* @param sessionChangeAuthorizer class for verifying permissions and authorisation for the current user to
* perform tasks on the session. Used during deleting a session and getting access
* @param serviceConfig contains configuration relating to the session service.
*
*/
final SessionServerConfig serverConfig,
final SessionLogging sessionLogging,
final SessionAuditor sessionAuditor,
final SessionServiceConfig serviceConfig) {
this.sessionInfoFactory = sessionInfoFactory;
this.serverConfig = serverConfig;
this.sessionLogging = sessionLogging;
this.sessionAuditor = sessionAuditor;
this.serviceConfig = serviceConfig;
}
/**
* Fetches the SessionInfo from the SessionService.
*
* @param session The Session to update.
* @param reset If true, then update the last modified timestamp of the Session.
* @return Null if there was an error locating the Session, otherwise non null.
*/
if (debug.messageEnabled()) {
"Local fetch SessionInfo for {0}\n" +
"Reset: {1}",
reset));
}
}
/**
* Destroy the Session using the SessionService.
*
* @param requester {@inheritDoc}
* @param session {@inheritDoc}
* @throws SessionException {@inheritDoc}
*/
if (debug.messageEnabled()) {
}
return;
}
InternalSession internalSessionToDestroy = sessionAccessManager.getInternalSession(session.getSessionID());
if (internalSessionToDestroy == null) {
// let us check if the argument is a session handle
}
if (internalSessionToDestroy != null) {
sessionChangeAuthorizer.checkPermissionToDestroySession(requester, internalSessionToDestroy.getSessionID());
}
}
/**
* Destroy a Internal Session, whose session id has been specified.
*
* @param sessionID
*/
}
}
/**
* Sets the property using the SessionService.
* {@inheritDoc}
*/
if (debug.messageEnabled()) {
"Local setProperty for {0} {1}={2}",
name,
value));
}
}
if (reset) {
}
}
}
if (!sessionId.equals(internalSession.getID()) && internalSession.getRestrictionForToken(sessionId) == null) {
throw new IllegalArgumentException("Session id mismatch");
}
}
// Attempt to load the session. If one is found, the InternalSesion is now local.
}
/**
* As opposed to locateSession() this one accepts normal or restricted token
* This is expected to be only called once the session is detected as local
*
* @param token
* @return
*/
}
}
return sess;
}
boolean checkRestriction) throws SessionException {
return null;
}
if (checkRestriction) {
try {
}
} catch (SessionException se) {
throw se;
} catch (Exception e) {
throw new SessionException(e);
}
}
return session;
}
/**
* Returns the restricted token
*
* @param masterSessionId master session id
* @param restriction TokenRestriction Object
* @return restricted token id
* @throws SessionException
*/
// locate master session
}
// attempt to reuse the token if restriction is the same
if (restrictedSessionID == null) {
if (previousValue == null) {
} else {
}
}
return restrictedSessionID.toString();
}
public String deferenceRestrictedID(Session session, SessionID restrictedID) throws SessionException {
}
public void setExternalProperty(SSOToken clientToken, SessionID sessionId, String name, String value) throws SessionException {
}
if (debug.messageEnabled()) {
}
}
//if the provided session ID was a restricted token, resolveToken will always validate the restriction, so there is no
//need to check restrictions here.
}
}
/**
* Gets all valid Internal Sessions, depending on the value of the user's
* preferences.
*
* @param s
* @throws SessionException
*/
public SearchResults<SessionInfo> getValidSessions(Session s, String pattern) throws SessionException {
throw new SessionException(SessionBundle
.getString("invalidSessionState")
}
try {
}
Collection<InternalSession> sessionsWithPermission = sessionChangeAuthorizer.filterPermissionToAccess(
// replace session id with session handle to prevent impersonation
}
} catch (Exception e) {
throw new SessionException(e);
}
}
/**
* Get all valid Internal Sessions matched with pattern.
*/
throws SessionException {
pattern = "*";
}
try {
long startTime = currentTimeMillis();
if (!matchAll) {
// For application sessions, the client ID
// will not be in the DN format but just uid.
sess.getClientID();
continue;
} else {
}
continue;
}
}
break;
}
if ((currentTimeMillis() - startTime) >=
break;
}
}
} catch (Exception e) {
+ "Unable to get Session Information ", e);
throw new SessionException(e);
}
}
/**
* Get all valid Internal Sessions.
*/
synchronized (sessionAccessManager) {
}
}
return sessions;
}
}
/**
* Returns true if the given pattern is contained in the string.
*
* @param string to examine
* @param pattern to match
* @return true if string matches <code>filter</code>
*/
return true;
}
if (wildCardIndex >= 0) {
return false;
}
int stringIndex = 0;
if (wildCardIndex > 0) {
}
return false;
}
}
return true;
}
}
return false;
}
}
}
/**
* Simplifies the signalling that a Session has been removed.
* @param session Non null InternalSession.
* @param event An integrate from the SessionEvent class.
*/
}
}