Example #1
0
  /**
   * Returns the preferred locale of the specified request. You rarely need to invoke this method
   * directly, because it is done automatically by {@link #setup}.
   *
   * <ol>
   *   <li>It checks whether any attribute stored in HttpSession called {@link
   *       Attributes#PREFERRED_LOCALE}. If so, return it.
   *   <li>If not found, it checks if the servlet context has the attribute called {@link
   *       Attributes#PREFERRED_LOCALE}. If so, return it.
   *   <li>If not found, it checks if the library property called {@link
   *       Attributes#PREFERRED_LOCALE} is defined. If so, return it.
   *   <li>Otherwise, use ServletRequest.getLocale().
   * </ol>
   *
   * @param sess the session to look for the preferred locale. Ignored if null.
   */
  public static final Locale getPreferredLocale(HttpSession sess, ServletRequest request) {
    if (sess != null) {
      Object v = sess.getAttribute(Attributes.PREFERRED_LOCALE);
      if (v == null)
        v = sess.getAttribute(PX_PREFERRED_LOCALE); // backward compatible (prior to 5.0.3)
      if (v != null) {
        if (v instanceof Locale) return (Locale) v;
        logLocaleError(v);
      }

      v = sess.getServletContext().getAttribute(Attributes.PREFERRED_LOCALE);
      if (v == null)
        v =
            sess.getServletContext()
                .getAttribute(PX_PREFERRED_LOCALE); // backward compatible (prior to 5.0.3)
      if (v != null) {
        if (v instanceof Locale) return (Locale) v;
        logLocaleError(v);
      }

      final String s = Library.getProperty(Attributes.PREFERRED_LOCALE);
      if (s != null) return Locales.getLocale(s);
    }

    Locale l = request.getLocale();
    // B65-ZK-1916: convert zh_HANS-XX and zh_HANT-XX to zh_XX
    return l != null ? fixZhLocale(l) : Locale.getDefault();
  }
  // add ---wangzhixin----2009/07/21  start
  public boolean processFile() {
    if (checkData()) {
      try {
        long time = System.currentTimeMillis();
        // BaseConfig tBaseConfig=new BaseConfig();
        // ProductCombinationDef
        // tProductCombinationDef=(ProductCombinationDef)tBaseConfig.getValue("productCombinationDef", "requestScope");
        // String fileName =tProductCombinationDef.getRiskCode()+".jpg";
        // String fileName = new File(upfile.getName()).getName();
        String fileName = new File(upfile.getName()).getName();
        String endwith = fileName.substring(fileName.lastIndexOf(".") + 1, fileName.length());
        SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyyMMddHHmmss");

        fileName = simpleDateFormat.format(new Date()) + "." + endwith;

        this.myFile = fileName;
        System.out.println(fileName);
        InputStream in = upfile.getInputStream();
        if (limitSize(in.available())) {
          return false;
        }
        // (double)((double)in.available()/1024/1024)
        System.out.println(".............." + in.available());
        FacesContext ctx = FacesContext.getCurrentInstance();
        HttpSession hs = (HttpSession) ctx.getExternalContext().getSession(true);
        String directory = hs.getServletContext().getRealPath("/") + "/upload";
        directory.replace("\\", "/");
        System.out.println("directory....." + directory);
        directory.replace("\\", "/");
        File fileDir = new File(directory);
        if (!fileDir.exists()) {
          if (!fileDir.mkdir()) {
            System.out.println("文件夹创建失败");
          }
        }
        String file = hs.getServletContext().getRealPath("/") + "/upload/" + fileName;
        // this.action(fileName, file);
        BufferedOutputStream out = new BufferedOutputStream(new FileOutputStream(file));
        byte[] buffer = new byte[1024 * 2];
        int length;
        while ((length = in.read(buffer, 0, buffer.length)) > 0) {
          out.write(buffer, 0, length);
        }
        out.flush();
        out.close();
        copyFileToFront(fileName, file); // 将条款拷贝到前台一份  add by fengzg 2009-06-16

        return true;
      } catch (Exception e) {
        e.printStackTrace();
        return false;
      }
    } else {
      return false;
    }
  }
 /**
  * Get the current list of map of users stored in the session
  *
  * @param httpSession the current session
  * @return map of users logged in
  */
 @SuppressWarnings("unchecked")
 private static Map<String, String> getCurrentUsers(HttpSession httpSession) {
   Map<String, String> currentUsers =
       (Map<String, String>)
           httpSession.getServletContext().getAttribute(WebConstants.CURRENT_USERS);
   if (currentUsers == null) {
     currentUsers = init(httpSession.getServletContext());
   }
   return currentUsers;
 }
  public static void add(HttpSession session) {
    String sessionId = session.getId();

    if (CompoundSessionIdSplitterUtil.hasSessionDelimiter()) {
      sessionId = CompoundSessionIdSplitterUtil.parseSessionId(sessionId);
    }

    Map<String, HttpSession> sessions = _sessions.get(sessionId);

    if (sessions == null) {
      sessions = new ConcurrentHashMap<String, HttpSession>();

      Map<String, HttpSession> previousSessions = _sessions.putIfAbsent(sessionId, sessions);

      if (previousSessions != null) {
        sessions = previousSessions;
      }
    }

    ServletContext servletContext = session.getServletContext();

    String contextPath = servletContext.getContextPath();

    // ConcurrentHashMap's read is faster than its write. This check is
    // logically unnecessary, but is a performance improvement.

    if (!sessions.containsKey(contextPath)) {
      sessions.put(contextPath, session);
    }
  }
  /**
   * Gets the path to the resultset XSL file.
   *
   * @param request The HttpServletRequest object.
   * @return xslPath The real path to the resultset XSL file.
   */
  public String getResultsetXSL(HttpServletRequest request) {
    HttpSession httpSession = request.getSession();
    ServletContext servletContext = httpSession.getServletContext();
    String xslPath = servletContext.getRealPath("style/common/resultset.xsl");

    return xslPath;
  }
 public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
     throws IOException, ServletException {
   HttpSession session = ((HttpServletRequest) request).getSession(true);
   Authn authnService =
       (Authn)
           WebApplicationContextUtils.getWebApplicationContext(session.getServletContext())
               .getBean(authnBean);
   String userUid = null;
   try {
     userUid = authnService.getUserUid(request);
   } catch (Exception e) {
     if (log.isDebugEnabled()) log.debug("Could not get user uuid from authn service.");
   }
   if (log.isDebugEnabled()) log.debug("userUid=" + userUid);
   if (userUid == null) {
     if (authnRedirect != null) {
       if (authnRedirect.equals(((HttpServletRequest) request).getRequestURI())) {
         // Don't redirect to the same spot.
         chain.doFilter(request, response);
       } else {
         ((HttpServletResponse) response).sendRedirect(authnRedirect);
       }
     } else {
       ((HttpServletResponse) response).sendError(HttpServletResponse.SC_UNAUTHORIZED);
     }
   } else {
     chain.doFilter(request, response);
   }
 }
  protected ActionRequest createActionRequest(String actionPath) {
    HttpServletRequest servletRequest = mock(HttpServletRequest.class);
    HttpServletResponse servletResponse = mock(HttpServletResponse.class);
    HttpSession httpSession = mock(HttpSession.class);
    ServletContext servletContext = mock(ServletContext.class);

    when(servletRequest.getSession()).thenReturn(httpSession);
    when(httpSession.getServletContext()).thenReturn(servletContext);

    MadvocController madvocController = new MadvocController();

    Object action = new Object();
    ActionInfo actionInfo =
        new ActionInfo(
            Action.class,
            ReflectUtil.findMethod(Action.class, "view"),
            null,
            null,
            new ActionDef(actionPath, "GET"),
            null,
            false,
            null,
            null);

    return new ActionRequest(
        madvocController,
        actionInfo.getActionPath(),
        actionInfo,
        action,
        servletRequest,
        servletResponse);
  }
Example #8
0
  public synchronized void service(HttpServletRequest request, HttpServletResponse response)
      throws IOException, ServletException {
    HttpSession dbSession = request.getSession();
    JspFactory _jspxFactory = JspFactory.getDefaultFactory();
    PageContext pageContext =
        _jspxFactory.getPageContext(this, request, response, "", true, 8192, true);
    ServletContext dbApplication = dbSession.getServletContext();

    ServletContext application;
    HttpSession session = request.getSession();
    nseer_db_backup1 finance_db = new nseer_db_backup1(dbApplication);

    try {

      if (finance_db.conn((String) dbSession.getAttribute("unit_db_name"))) {
        String finance_cheque_id = request.getParameter("finance_cheque_id");
        String sql = "delete from finance_bill where id='" + finance_cheque_id + "'";
        finance_db.executeUpdate(sql);
        finance_db.commit();
        finance_db.close();

      } else {
        response.sendRedirect("error_conn.htm");
      }
    } catch (Exception ex) {
      ex.printStackTrace();
    }
  }
 private boolean findOnlineUser(String userid) {
   HttpSession session = request.getSession();
   ServletContext application = (ServletContext) session.getServletContext();
   ArrayList users = (ArrayList) application.getAttribute("users");
   HashMap ipUser = (HashMap) application.getAttribute("ipusers");
   if (null != users && users.contains(userid)) {
     if (ipUser != null
         && ((String) ipUser.get(userid)).equals((String) request.getRemoteAddr())) {
       session.setAttribute("username", userid);
       return true;
     } else {
       return false;
     }
   } else {
     session.setAttribute("username", userid);
     if (users == null) {
       users = new ArrayList();
     }
     users.add(userid);
     if (ipUser == null) {
       ipUser = new HashMap();
     }
     ipUser.put(userid, request.getRemoteAddr());
     application.setAttribute("ipusers", ipUser);
     application.setAttribute("users", users);
     return true;
   }
 }
 @Override
 protected void processRequest(HttpServletRequest request, HttpServletResponse response)
     throws ServletException, IOException {
   if (isCommentFormSanitized(request) && isStringXSSSecured(request.getParameter("comment"))) {
     HttpSession session = request.getSession();
     ServletContext context = session.getServletContext();
     Catalog catalog = (Catalog) context.getAttribute("catalog");
     Comment comment = generateCommentFromRequest(request);
     if (catalog.addComment(comment)) {
       logger.info(
           "Comentado el articulo: "
               + comment.getRecordIdAsString()
               + " por: "
               + comment.getNickname());
       request.setAttribute("info", "Comentario insertado con exito!");
       request.setAttribute("commented", comment.getRecordIdAsString());
       gotoNamedResource(recordInfoServlet, request, response);
     } else {
       request.setAttribute("info", "Algo falla en nuestro sistema! Intentalo mas tarde...");
       logger.warn("Error insertando un nuevo comentario: " + comment.getIdAsString());
     }
   } else {
     gotoURL(frontPage, request, response);
   }
 }
Example #11
0
  private void showResults(HttpSession session, HttpServletResponse response) {

    Document xmlDocument = null;

    try {
      PrintWriter writer = response.getWriter();

      xmlDocument = (Document) session.getAttribute("queryResults");

      String xslPath =
          ContextUtil.getRealPath(session.getServletContext(), XSL_TBLTEXT_RELATIVE_PATH);

      StreamSource s =
          new StreamSource(
              new InputStreamReader(new BufferedInputStream(new FileInputStream(xslPath))));
      Templates cachedXSLT = factory.newTemplates(s);
      Transformer transformer = cachedXSLT.newTransformer();
      DocumentSource source = new DocumentSource(xmlDocument);

      StreamResult result = new StreamResult(writer);
      transformer.transform(source, result);
    } catch (Exception ex) {

    }
  }
Example #12
0
 @ResponseBody
 @RequestMapping(value = "/delete", method = RequestMethod.POST)
 public ImmutableMap<String, String> linkDelete(Long[] linkIds, HttpSession session) {
   try {
     if (linkIds == null || linkIds.length == 0) {
       LOGGER.warn("要删除链接的ID为空!");
       return ImmutableMap.of("status", "0", "message", getMessage("link.deletefailed.message"));
     }
     List<Link> links = linkService.findAll(linkIds);
     String realPath = session.getServletContext().getRealPath("");
     List<File> deleteFiles = Lists.newArrayList();
     File deleteFile;
     for (Link link : links) {
       if (link.getLinkPic() == null || "".equals(link.getLinkPic())) continue;
       deleteFile = new File(realPath + link.getLinkPic());
       deleteFiles.add(deleteFile);
     }
     linkService.deleteInBatch(links);
     deleteLinkRes(deleteFiles);
   } catch (Exception e) {
     LOGGER.error("链接信息删除失败,失败原因:{}", e.getMessage());
     return ImmutableMap.of("status", "0", "message", getMessage("link.deletefailed.message"));
   }
   LOGGER.info("链接信息删除成功,ID为{}", StringUtils.join(linkIds, ","));
   return ImmutableMap.of("status", "1", "message", getMessage("link.deletesuccess.message"));
 }
 @Secured(value = {"ROLE_USER", "ROLE_ADMIN", "ROLE_MANAGER"})
 @RequestMapping(method = RequestMethod.GET, value = "profile-pic")
 public @ResponseBody FileSystemResource getFile(
     @RequestParam(required = false, value = "user") String userid,
     Principal principal,
     HttpSession session)
     throws IOException {
   if (documentFolder.exists()) {
     String uuid;
     if (userid != null) uuid = userid;
     else {
       PipUser user = PipUser.findPipUsersByEmailEquals(principal.getName()).getSingleResult();
       uuid = user.getUuid();
     }
     File folder = new File(documentFolder.getFile(), "user-data/" + uuid);
     File file;
     if (!uuid.isEmpty() && folder.exists() && folder.listFiles().length > 0)
       file = folder.listFiles()[0];
     else {
       file =
           new ServletContextResource(session.getServletContext(), "/images/profile.jpg")
               .getFile();
     }
     return new FileSystemResource(file);
   }
   return null;
 }
Example #14
0
  private Authentication fresh(Authentication authentication, ServletRequest req) {
    HttpServletRequest request = (HttpServletRequest) req;

    HttpSession session = request.getSession(false);

    if (session != null) {
      SessionRegistry sessionRegistry =
          (SessionRegistry) SpringBeanUtil.getBeanByName("sessionRegistry");
      SessionInformation info = sessionRegistry.getSessionInformation(session.getId());

      if (info != null) {
        // Non-expired - update last request date/time
        Object principal = info.getPrincipal();
        if (principal instanceof org.springframework.security.core.userdetails.User) {
          org.springframework.security.core.userdetails.User userRefresh =
              (org.springframework.security.core.userdetails.User) principal;
          ServletContext sc = session.getServletContext();
          HashSet<String> unrgas = springSecurityService.getUsersNeedRefreshGrantedAuthorities();
          if (unrgas.size() > 0) {
            HashSet<String> loginedUsernames = new HashSet<String>();

            List<Object> loggedUsers = sessionRegistry.getAllPrincipals();
            for (Object lUser : loggedUsers) {
              if (lUser instanceof org.springframework.security.core.userdetails.User) {
                org.springframework.security.core.userdetails.User u =
                    (org.springframework.security.core.userdetails.User) lUser;
                loginedUsernames.add(u.getUsername());
              }
            }
            // 清除已经下线的但需要刷新的username
            for (Iterator iterator = unrgas.iterator(); iterator.hasNext(); ) {
              String unrgs = (String) iterator.next();
              if (!loginedUsernames.contains(unrgs)) {
                iterator.remove();
              }
            }
            if (unrgas.contains(userRefresh.getUsername())) {
              // 如果需要刷新权限的列表中有当前的用户,刷新登录用户权限
              // FIXME:与springSecurityServiceImpl中的功能,相重复,需重构此方法和springSecurityServiceImpl
              MyJdbcUserDetailsManager mdudm =
                  (MyJdbcUserDetailsManager)
                      SpringBeanUtil.getBeanByType(MyJdbcUserDetailsManager.class);
              SecurityContextHolder.getContext()
                  .setAuthentication(
                      new UsernamePasswordAuthenticationToken(
                          userRefresh,
                          userRefresh.getPassword(),
                          mdudm.getUserAuthorities(userRefresh.getUsername())));
              session.setAttribute(
                  HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY,
                  SecurityContextHolder.getContext());
              unrgas.remove(userRefresh.getUsername());
              return SecurityContextHolder.getContext().getAuthentication();
            }
          }
        }
      }
    }
    return authentication;
  }
  private String[] _resolvePaths(HttpServletRequest request, String path) {
    String servletContextPath = null;

    int index = path.indexOf(CharPool.FORWARD_SLASH, 1);

    if (index != -1) {
      index = path.lastIndexOf(CharPool.PERIOD, index);

      if (index != -1) {
        servletContextPath = path.substring(0, index);

        path = CharPool.FORWARD_SLASH + path.substring(index + 1);
      }
    }

    if (servletContextPath == null) {
      HttpSession session = request.getSession();

      ServletContext servletContext = session.getServletContext();

      servletContextPath = ContextPathUtil.getContextPath(servletContext);
    }

    return new String[] {servletContextPath, path};
  }
Example #16
0
  /** @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response) */
  protected void doPost(HttpServletRequest request, HttpServletResponse response)
      throws ServletException, IOException {

    HttpSession session = request.getSession(true);
    SpielBean spiel = (SpielBean) session.getServletContext().getAttribute("spiel");

    spiel.kizieh();
    response.sendRedirect("refreshServlet");
  }
  @RequestMapping(value = "/tracking/export", method = RequestMethod.POST)
  public void export(
      @RequestParam(required = true) Integer[] chk,
      @RequestParam(required = false) String token,
      @RequestParam(required = true) String claimSearch,
      @RequestParam(required = true) String companySearch,
      HttpSession session,
      HttpServletResponse response)
      throws ServletException, IOException, JRException, Exception {

    String titleName = "หนังสือสัญญา";
    String insuranceName = "บริษัท ";
    HashMap<String, Object> params = new HashMap<String, Object>();

    System.out.println(">>>> claimSearch = " + claimSearch);
    System.out.println(">>>> ClaimType.FAST_TRACK = " + ClaimType.FAST_TRACK);

    if (claimSearch != null && !claimSearch.equals("")) {
      int temp = Integer.parseInt(claimSearch);
      if (temp == ClaimType.FAST_TRACK.getId()) {
        titleName = "หนังสือสัญญา เรียกร้องค่าสินไหมทดแทนรถยนต์แบบ Fast-Track";
      } else if (temp == ClaimType.KFK.getId()) {
        titleName = "หนังสือสัญญา ตกลงไม่เรียกร้องค่าเสียหายซึ่งกันและกัน";
      } else if (temp == ClaimType.REQUEST.getId()) {
        titleName = "หนังสือสัญญา เรื่องเรียกร้องค่าเสียหาย";
      } else {
        titleName = "หนังสือสัญญา";
      }
      params.put("titleName", titleName);
    } else {
      params.put("titleName", titleName);
    }

    if (companySearch != null && !companySearch.equals("")) {
      insuranceName = insuranceService.findById(Integer.parseInt(companySearch)).getFullName();
      params.put("insuranceFullName", insuranceName);
    } else {
      params.put("insuranceFullName", insuranceName);
    }

    List<TrackingSearchResultVo> results = trackingService.searchExport(chk);
    List<TrackingSearchResultVo> exports = new ArrayList<TrackingSearchResultVo>();

    for (TrackingSearchResultVo result : results) {
      exports.add(result);
    }
    downloadService.download(
        ExporterService.EXTENSION_TYPE_EXCEL,
        "tracking",
        session.getServletContext().getRealPath("/report/tracking"),
        params,
        exports,
        token,
        response);
  }
 private IdentifierBundle getIdentifiers() {
   HttpSession session = vreq.getSession();
   ServletContext context = session.getServletContext();
   IdentifierBundle ids =
       ServletIdentifierBundleFactory.getIdBundleForRequest(vreq, session, context);
   if (ids == null) {
     return new ArrayIdentifierBundle();
   } else {
     return ids;
   }
 }
Example #19
0
 /**
  * @Title: refreshCacheConfig @Description: TODO(这里用一句话描述这个方法的作用)
  *
  * @author [email protected]
  * @date 2016年7月18日 下午5:46:14
  */
 protected void refreshCacheConfig(SystemSettingsEntry sse, HttpSession session) {
   if (sse.getIs_on() == 0) {
     session.getServletContext().removeAttribute(sse.getConfig_name());
     return;
   }
   if (null != sse.getId()) {
     SystemSettingsVo settingsquerycase = new SystemSettingsVo();
     settingsquerycase.setId(sse.getId());
     List<SystemSettingsVo> settingsVos =
         this.systemSettingsService.querySystenSettings(settingsquerycase);
     if (null != settingsVos && settingsVos.size() == 1) {
       session
           .getServletContext()
           .setAttribute(
               settingsVos.get(0).getConfig_name(), settingsVos.get(0).getConfig_value());
     }
   } else {
     session.getServletContext().setAttribute(sse.getConfig_name(), sse.getConfig_value());
   }
 }
Example #20
0
 /**
  * The application home page can be overridden by an attribute in the ServletContext. Further, it
  * can either be an absolute URL, or it can be relative to the application. Weird.
  */
 private String getApplicationHomePageUrl() {
   String contextRedirect = (String) session.getServletContext().getAttribute("postLoginRequest");
   if (contextRedirect != null) {
     if (contextRedirect.indexOf(":") == -1) {
       return request.getContextPath() + contextRedirect;
     } else {
       return contextRedirect;
     }
   }
   return request.getContextPath();
 }
  @SuppressWarnings("unchecked")
  public void getAll() {

    // servletActionContext class
    requestMap = (Map) ServletActionContext.getContext().get("request");
    sessionMap = (Map<String, Object>) ServletActionContext.getContext().getSession();
    applicationMap = (Map<String, Object>) ServletActionContext.getContext().getApplication();

    request = ServletActionContext.getRequest();
    session = request.getSession();
    context = session.getServletContext();
  }
Example #22
0
  protected final void setUp() throws Exception {

    String[] files = {
      "/org/hdiv/config/hdiv-core-applicationContext.xml",
      "/org/hdiv/config/hdiv-config.xml",
      "/org/hdiv/config/hdiv-validations.xml",
      "/org/hdiv/config/applicationContext-test.xml"
    };

    if (this.applicationContext == null) {
      this.applicationContext = new ClassPathXmlApplicationContext(files);
    }

    // Servlet API mock
    HttpServletRequest request =
        (MockHttpServletRequest) this.applicationContext.getBean("mockRequest");
    HttpSession httpSession = request.getSession();
    ServletContext servletContext = httpSession.getServletContext();
    HDIVUtil.setHttpServletRequest(request);

    // Initialize config
    this.config = (HDIVConfig) this.applicationContext.getBean("config");

    // Initialize HttpSession
    InitListener initListener = new InitListener();
    initListener.setConfig(this.config);
    initListener.initStrategies(this.applicationContext, httpSession);
    initListener.initCache(this.applicationContext, httpSession);
    initListener.initPageIdGenerator(this.applicationContext, httpSession);
    initListener.initHDIVState(this.applicationContext, httpSession);

    // Initialize HDIVConfig in ServletContext
    HDIVUtil.setHDIVConfig(this.config, servletContext);

    // Initialize IApplication in ServletContext
    IApplication application = (IApplication) this.applicationContext.getBean("application");
    HDIVUtil.setApplication(application, servletContext);

    // Initialize MessageSource in ServletContext
    ResourceBundleMessageSource messageSource = new ResourceBundleMessageSource();
    messageSource.setBeanClassLoader(this.applicationContext.getClassLoader());
    String messageSourcePath = (String) this.applicationContext.getBean("messageSourcePath");
    messageSource.setBasename(messageSourcePath);
    HDIVUtil.setMessageSource(messageSource, servletContext);

    // Initialize the IDataComposer
    DataComposerFactory dataComposerFactory =
        (DataComposerFactory) this.applicationContext.getBean("dataComposerFactory");
    IDataComposer dataComposer = dataComposerFactory.newInstance();
    HDIVUtil.setDataComposer(dataComposer, request);

    onSetUp();
  }
Example #23
0
 static void validateSession(HttpSession session, String user, boolean allowConcurrent) {
   ServletContext context = session.getServletContext();
   String match = (String) context.getAttribute(ATTRIBUTE_SESSIONMATCH + "." + user);
   if (allowConcurrent && match != null) {
     session.setAttribute(ATTRIBUTE_SESSIONMATCH, "*");
   } else {
     String id = session.getId();
     session.setAttribute(ATTRIBUTE_SESSIONMATCH, id);
     context.setAttribute(ATTRIBUTE_SESSIONMATCH + "." + user, id);
   }
   session.setAttribute(ATTRIBUTE_SESSIONUSER, user);
 }
Example #24
0
 public static List createPermittedOperationList(HttpSession session, Role role) {
   List opList = (List) session.getServletContext().getAttribute(WebConstants.OPERATION_LIST);
   List permList = new ArrayList();
   for (Iterator it = opList.iterator(); it.hasNext(); ) {
     Operation op = (Operation) it.next();
     if ((role.getCumulativeBitmap().intValue() & op.getBitmap().intValue())
         == op.getBitmap().intValue()) {
       permList.add(op);
     }
   }
   session.setAttribute(WebConstants.PERMITTED_OPERATION_LIST, permList);
   return permList;
 }
Example #25
0
 static void destroySession(HttpSession session) {
   ServletContext context = session.getServletContext();
   String user = (String) session.getAttribute(ATTRIBUTE_SESSIONUSER);
   if (user != null) {
     String current = (String) session.getAttribute(ATTRIBUTE_SESSIONMATCH);
     String match = (String) context.getAttribute(ATTRIBUTE_SESSIONMATCH + "." + user);
     if (current != null && current.equals(match)) {
       context.removeAttribute(ATTRIBUTE_SESSIONMATCH + "." + user);
     }
   }
   session.removeAttribute(ATTRIBUTE_SESSIONUSER);
   session.removeAttribute(ATTRIBUTE_SESSIONMATCH);
 }
Example #26
0
 @RequestMapping("/download")
 @ResponseBody
 public ResponseEntity<byte[]> ExportBindAccount(String path, HttpSession session)
     throws IOException {
   path = new String(path.getBytes("ISO8859-1"), "UTF-8");
   String filePath = session.getServletContext().getRealPath("/") + path;
   HttpHeaders headers = new HttpHeaders();
   headers.setContentType(MediaType.APPLICATION_OCTET_STREAM);
   String outputName = Utils.getFileName(path);
   headers.setContentDispositionFormData(
       "attachment", new String(outputName.getBytes("GB2312"), "ISO_8859_1"));
   return new ResponseEntity<byte[]>(
       FileUtils.readFileToByteArray(new File(filePath)), headers, HttpStatus.OK);
 }
  /** Remove {@link ConversationState}. {@inheritDoc} */
  public void sessionDestroyed(HttpSessionEvent event) {
    HttpSession httpSession = event.getSession();
    StateKey stateKey = new HttpSessionStateKey(httpSession);

    ConversationRegistry conversationRegistry =
        (ConversationRegistry)
            getContainer(httpSession.getServletContext())
                .getComponentInstanceOfType(ConversationRegistry.class);

    ConversationState conversationState = conversationRegistry.unregister(stateKey);

    if (conversationState != null)
      if (log.isDebugEnabled()) log.debug("Remove conversation state " + httpSession.getId());
  }
Example #28
0
 static boolean isConcurrentSession(HttpSession session, String user) {
   ServletContext context = session.getServletContext();
   String match = (String) context.getAttribute(ATTRIBUTE_SESSIONMATCH + "." + user);
   String current = (String) session.getAttribute(ATTRIBUTE_SESSIONMATCH);
   if (match != null) {
     if (current == null || !(current.equals("*") || current.equals(match))) {
       return true;
     } else {
       return false;
     }
   } else {
     return false;
   }
 }
  public void handleLogout(String sessionIndex) {

    HttpSession session = (HttpSession) sessionMap.get(sessionIndex);

    if (session == null) {
      // send cluster message
      sendSessionInvalidationClusterMessage(sessionIndex);
      return;
    }

    CarbonSSOSessionManager ssoSessionManager =
        SAML2SSOAuthFEDataHolder.getInstance().getCarbonSSOSessionManager();

    // mark this session as invalid.
    ssoSessionManager.makeSessionInvalid(sessionIndex);

    String username = (String) session.getAttribute(CarbonSecuredHttpContext.LOGGED_USER);
    log.info("Invalidating session for user " + username);

    // invalidating backend session
    try {
      CarbonUIAuthenticator authenticator =
          (CarbonUIAuthenticator)
              session.getAttribute(CarbonSecuredHttpContext.CARBON_AUTHNETICATOR);
      if (authenticator != null) {
        authenticator.unauthenticate(session);
        log.debug("Backend session invalidated");
      }
    } catch (Exception e) {
      log.error(e.getMessage());
    }

    // clearing front end session
    session.setAttribute("authenticated", false);
    session.removeAttribute(CarbonSecuredHttpContext.LOGGED_USER);
    session.getServletContext().removeAttribute(CarbonSecuredHttpContext.LOGGED_USER);

    removeSession(sessionIndex);

    try {
      session.invalidate();
    } catch (Exception ignored) {
      log.error(ignored.getMessage());
    }

    if (log.isDebugEnabled()) {
      log.debug("Cleared authenticated session " + session.getId());
    }
  }
Example #30
0
  @RequestMapping(value = "/admin/updateevent", method = RequestMethod.POST)
  public String eventUpdateSubmit(
      HttpSession session, Event dto, @RequestParam(value = "pageNum") String pageNum)
      throws Exception {
    SessionInfo info = (SessionInfo) session.getAttribute("member");
    if (info == null) {
      return "redirect:/memeber/login";
    }

    String root = session.getServletContext().getRealPath("/");
    String pathname = root + File.separator + "uploads" + File.separator + "event";
    service.updateEvent(dto, pathname);

    return "redirect:/event/article?pageNum=" + pageNum + "&eventNum=" + dto.getEventNum();
  }