Example #1
0
  public void resetUserSessionForProfiles(UserSessionBase userSession) {
    if (userSession == null) {
      // Nothing to reset
      return;
    }

    // Let's get the Current User Again
    String currentLoginId = userSession.getLoginId();

    XXPortalUser gjUser = daoManager.getXXPortalUser().findByLoginId(currentLoginId);
    userSession.setXXPortalUser(gjUser);

    setUserRoles(userSession);
  }
Example #2
0
  private void setUserRoles(UserSessionBase userSession) {

    List<String> strRoleList = new ArrayList<String>();
    List<XXPortalUserRole> roleList =
        daoManager.getXXPortalUserRole().findByUserId(userSession.getUserId());
    for (XXPortalUserRole gjUserRole : roleList) {
      String userRole = gjUserRole.getUserRole();

      strRoleList.add(userRole);
      if (userRole.equals(XAConstants.ROLE_SYS_ADMIN)) {
        userSession.setUserAdmin(true);
      }
    }
    userSession.setUserRoleList(strRoleList);
  }
Example #3
0
 protected boolean validateUserSession(UserSessionBase userSession, String currentLoginId) {
   if (currentLoginId.equalsIgnoreCase(userSession.getXXPortalUser().getLoginId())) {
     return true;
   } else {
     logger.info(
         "loginId doesn't match loginId from HTTPSession. Will create new session. loginId="
             + currentLoginId
             + ", userSession="
             + userSession,
         new Exception());
     return false;
   }
 }
Example #4
0
  // non-WEB processing
  public UserSessionBase processStandaloneSuccessLogin(int authType, String ipAddress) {
    Authentication authentication = SecurityContextHolder.getContext().getAuthentication();

    String currentLoginId = authentication.getName();

    // Need to build the UserSession
    XXPortalUser gjUser = daoManager.getXXPortalUser().findByLoginId(currentLoginId);
    if (gjUser == null) {
      logger.error("Error getting user for loginId=" + currentLoginId, new Exception());
      return null;
    }

    XXAuthSession gjAuthSession = new XXAuthSession();
    gjAuthSession.setLoginId(currentLoginId);
    gjAuthSession.setUserId(gjUser.getId());
    gjAuthSession.setAuthTime(DateUtil.getUTCDate());
    gjAuthSession.setAuthStatus(XXAuthSession.AUTH_STATUS_SUCCESS);
    gjAuthSession.setAuthType(authType);
    gjAuthSession.setDeviceType(XACommonEnums.DEVICE_UNKNOWN);
    gjAuthSession.setExtSessionId(null);
    gjAuthSession.setRequestIP(ipAddress);
    gjAuthSession.setRequestUserAgent(null);

    gjAuthSession = storeAuthSession(gjAuthSession);

    UserSessionBase userSession = new UserSessionBase();
    userSession.setXXPortalUser(gjUser);
    userSession.setXXAuthSession(gjAuthSession);

    // create context with user-session and set in thread-local
    XASecurityContext context = new XASecurityContext();
    context.setUserSession(userSession);
    XAContextHolder.setSecurityContext(context);

    resetUserSessionForProfiles(userSession);

    return userSession;
  }
Example #5
0
  public UserSessionBase processSuccessLogin(
      int authType, String userAgent, HttpServletRequest httpRequest) {
    boolean newSessionCreation = true;
    UserSessionBase userSession = null;

    XASecurityContext context = XAContextHolder.getSecurityContext();
    if (context != null) {
      userSession = context.getUserSession();
    }

    Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
    WebAuthenticationDetails details = (WebAuthenticationDetails) authentication.getDetails();

    String currentLoginId = authentication.getName();
    if (userSession != null) {
      if (validateUserSession(userSession, currentLoginId)) {
        newSessionCreation = false;
      }
    }

    if (newSessionCreation) {
      // Need to build the UserSession
      XXPortalUser gjUser = daoManager.getXXPortalUser().findByLoginId(currentLoginId);
      if (gjUser == null) {
        logger.error("Error getting user for loginId=" + currentLoginId, new Exception());
        return null;
      }

      XXAuthSession gjAuthSession = new XXAuthSession();
      gjAuthSession.setLoginId(currentLoginId);
      gjAuthSession.setUserId(gjUser.getId());
      gjAuthSession.setAuthTime(DateUtil.getUTCDate());
      gjAuthSession.setAuthStatus(XXAuthSession.AUTH_STATUS_SUCCESS);
      gjAuthSession.setAuthType(authType);
      if (details != null) {
        gjAuthSession.setExtSessionId(details.getSessionId());
        gjAuthSession.setRequestIP(details.getRemoteAddress());
      }

      if (userAgent != null) {
        gjAuthSession.setRequestUserAgent(userAgent);
      }
      gjAuthSession.setDeviceType(httpUtil.getDeviceType(userAgent));
      gjAuthSession = storeAuthSession(gjAuthSession);

      userSession = new UserSessionBase();
      userSession.setXXPortalUser(gjUser);
      userSession.setXXAuthSession(gjAuthSession);
      resetUserSessionForProfiles(userSession);

      if (details != null) {
        logger.info(
            "Login Success: loginId="
                + currentLoginId
                + ", sessionId="
                + gjAuthSession.getId()
                + ", sessionId="
                + details.getSessionId()
                + ", requestId="
                + details.getRemoteAddress());
      } else {
        logger.info(
            "Login Success: loginId="
                + currentLoginId
                + ", sessionId="
                + gjAuthSession.getId()
                + ", details is null");
      }
    }

    return userSession;
  }