/** * Returns the preferred locale of the specified request. You rarely need to invoke this method * directly, because it is done automatically by {@link #setup}. * * <ol> * <li>It checks whether any attribute stored in HttpSession called {@link * Attributes#PREFERRED_LOCALE}. If so, return it. * <li>If not found, it checks if the servlet context has the attribute called {@link * Attributes#PREFERRED_LOCALE}. If so, return it. * <li>If not found, it checks if the library property called {@link * Attributes#PREFERRED_LOCALE} is defined. If so, return it. * <li>Otherwise, use ServletRequest.getLocale(). * </ol> * * @param sess the session to look for the preferred locale. Ignored if null. */ public static final Locale getPreferredLocale(HttpSession sess, ServletRequest request) { if (sess != null) { Object v = sess.getAttribute(Attributes.PREFERRED_LOCALE); if (v == null) v = sess.getAttribute(PX_PREFERRED_LOCALE); // backward compatible (prior to 5.0.3) if (v != null) { if (v instanceof Locale) return (Locale) v; logLocaleError(v); } v = sess.getServletContext().getAttribute(Attributes.PREFERRED_LOCALE); if (v == null) v = sess.getServletContext() .getAttribute(PX_PREFERRED_LOCALE); // backward compatible (prior to 5.0.3) if (v != null) { if (v instanceof Locale) return (Locale) v; logLocaleError(v); } final String s = Library.getProperty(Attributes.PREFERRED_LOCALE); if (s != null) return Locales.getLocale(s); } Locale l = request.getLocale(); // B65-ZK-1916: convert zh_HANS-XX and zh_HANT-XX to zh_XX return l != null ? fixZhLocale(l) : Locale.getDefault(); }
// add ---wangzhixin----2009/07/21 start public boolean processFile() { if (checkData()) { try { long time = System.currentTimeMillis(); // BaseConfig tBaseConfig=new BaseConfig(); // ProductCombinationDef // tProductCombinationDef=(ProductCombinationDef)tBaseConfig.getValue("productCombinationDef", "requestScope"); // String fileName =tProductCombinationDef.getRiskCode()+".jpg"; // String fileName = new File(upfile.getName()).getName(); String fileName = new File(upfile.getName()).getName(); String endwith = fileName.substring(fileName.lastIndexOf(".") + 1, fileName.length()); SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyyMMddHHmmss"); fileName = simpleDateFormat.format(new Date()) + "." + endwith; this.myFile = fileName; System.out.println(fileName); InputStream in = upfile.getInputStream(); if (limitSize(in.available())) { return false; } // (double)((double)in.available()/1024/1024) System.out.println(".............." + in.available()); FacesContext ctx = FacesContext.getCurrentInstance(); HttpSession hs = (HttpSession) ctx.getExternalContext().getSession(true); String directory = hs.getServletContext().getRealPath("/") + "/upload"; directory.replace("\\", "/"); System.out.println("directory....." + directory); directory.replace("\\", "/"); File fileDir = new File(directory); if (!fileDir.exists()) { if (!fileDir.mkdir()) { System.out.println("文件夹创建失败"); } } String file = hs.getServletContext().getRealPath("/") + "/upload/" + fileName; // this.action(fileName, file); BufferedOutputStream out = new BufferedOutputStream(new FileOutputStream(file)); byte[] buffer = new byte[1024 * 2]; int length; while ((length = in.read(buffer, 0, buffer.length)) > 0) { out.write(buffer, 0, length); } out.flush(); out.close(); copyFileToFront(fileName, file); // 将条款拷贝到前台一份 add by fengzg 2009-06-16 return true; } catch (Exception e) { e.printStackTrace(); return false; } } else { return false; } }
/** * Get the current list of map of users stored in the session * * @param httpSession the current session * @return map of users logged in */ @SuppressWarnings("unchecked") private static Map<String, String> getCurrentUsers(HttpSession httpSession) { Map<String, String> currentUsers = (Map<String, String>) httpSession.getServletContext().getAttribute(WebConstants.CURRENT_USERS); if (currentUsers == null) { currentUsers = init(httpSession.getServletContext()); } return currentUsers; }
public static void add(HttpSession session) { String sessionId = session.getId(); if (CompoundSessionIdSplitterUtil.hasSessionDelimiter()) { sessionId = CompoundSessionIdSplitterUtil.parseSessionId(sessionId); } Map<String, HttpSession> sessions = _sessions.get(sessionId); if (sessions == null) { sessions = new ConcurrentHashMap<String, HttpSession>(); Map<String, HttpSession> previousSessions = _sessions.putIfAbsent(sessionId, sessions); if (previousSessions != null) { sessions = previousSessions; } } ServletContext servletContext = session.getServletContext(); String contextPath = servletContext.getContextPath(); // ConcurrentHashMap's read is faster than its write. This check is // logically unnecessary, but is a performance improvement. if (!sessions.containsKey(contextPath)) { sessions.put(contextPath, session); } }
/** * Gets the path to the resultset XSL file. * * @param request The HttpServletRequest object. * @return xslPath The real path to the resultset XSL file. */ public String getResultsetXSL(HttpServletRequest request) { HttpSession httpSession = request.getSession(); ServletContext servletContext = httpSession.getServletContext(); String xslPath = servletContext.getRealPath("style/common/resultset.xsl"); return xslPath; }
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpSession session = ((HttpServletRequest) request).getSession(true); Authn authnService = (Authn) WebApplicationContextUtils.getWebApplicationContext(session.getServletContext()) .getBean(authnBean); String userUid = null; try { userUid = authnService.getUserUid(request); } catch (Exception e) { if (log.isDebugEnabled()) log.debug("Could not get user uuid from authn service."); } if (log.isDebugEnabled()) log.debug("userUid=" + userUid); if (userUid == null) { if (authnRedirect != null) { if (authnRedirect.equals(((HttpServletRequest) request).getRequestURI())) { // Don't redirect to the same spot. chain.doFilter(request, response); } else { ((HttpServletResponse) response).sendRedirect(authnRedirect); } } else { ((HttpServletResponse) response).sendError(HttpServletResponse.SC_UNAUTHORIZED); } } else { chain.doFilter(request, response); } }
protected ActionRequest createActionRequest(String actionPath) { HttpServletRequest servletRequest = mock(HttpServletRequest.class); HttpServletResponse servletResponse = mock(HttpServletResponse.class); HttpSession httpSession = mock(HttpSession.class); ServletContext servletContext = mock(ServletContext.class); when(servletRequest.getSession()).thenReturn(httpSession); when(httpSession.getServletContext()).thenReturn(servletContext); MadvocController madvocController = new MadvocController(); Object action = new Object(); ActionInfo actionInfo = new ActionInfo( Action.class, ReflectUtil.findMethod(Action.class, "view"), null, null, new ActionDef(actionPath, "GET"), null, false, null, null); return new ActionRequest( madvocController, actionInfo.getActionPath(), actionInfo, action, servletRequest, servletResponse); }
public synchronized void service(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException { HttpSession dbSession = request.getSession(); JspFactory _jspxFactory = JspFactory.getDefaultFactory(); PageContext pageContext = _jspxFactory.getPageContext(this, request, response, "", true, 8192, true); ServletContext dbApplication = dbSession.getServletContext(); ServletContext application; HttpSession session = request.getSession(); nseer_db_backup1 finance_db = new nseer_db_backup1(dbApplication); try { if (finance_db.conn((String) dbSession.getAttribute("unit_db_name"))) { String finance_cheque_id = request.getParameter("finance_cheque_id"); String sql = "delete from finance_bill where id='" + finance_cheque_id + "'"; finance_db.executeUpdate(sql); finance_db.commit(); finance_db.close(); } else { response.sendRedirect("error_conn.htm"); } } catch (Exception ex) { ex.printStackTrace(); } }
private boolean findOnlineUser(String userid) { HttpSession session = request.getSession(); ServletContext application = (ServletContext) session.getServletContext(); ArrayList users = (ArrayList) application.getAttribute("users"); HashMap ipUser = (HashMap) application.getAttribute("ipusers"); if (null != users && users.contains(userid)) { if (ipUser != null && ((String) ipUser.get(userid)).equals((String) request.getRemoteAddr())) { session.setAttribute("username", userid); return true; } else { return false; } } else { session.setAttribute("username", userid); if (users == null) { users = new ArrayList(); } users.add(userid); if (ipUser == null) { ipUser = new HashMap(); } ipUser.put(userid, request.getRemoteAddr()); application.setAttribute("ipusers", ipUser); application.setAttribute("users", users); return true; } }
@Override protected void processRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { if (isCommentFormSanitized(request) && isStringXSSSecured(request.getParameter("comment"))) { HttpSession session = request.getSession(); ServletContext context = session.getServletContext(); Catalog catalog = (Catalog) context.getAttribute("catalog"); Comment comment = generateCommentFromRequest(request); if (catalog.addComment(comment)) { logger.info( "Comentado el articulo: " + comment.getRecordIdAsString() + " por: " + comment.getNickname()); request.setAttribute("info", "Comentario insertado con exito!"); request.setAttribute("commented", comment.getRecordIdAsString()); gotoNamedResource(recordInfoServlet, request, response); } else { request.setAttribute("info", "Algo falla en nuestro sistema! Intentalo mas tarde..."); logger.warn("Error insertando un nuevo comentario: " + comment.getIdAsString()); } } else { gotoURL(frontPage, request, response); } }
private void showResults(HttpSession session, HttpServletResponse response) { Document xmlDocument = null; try { PrintWriter writer = response.getWriter(); xmlDocument = (Document) session.getAttribute("queryResults"); String xslPath = ContextUtil.getRealPath(session.getServletContext(), XSL_TBLTEXT_RELATIVE_PATH); StreamSource s = new StreamSource( new InputStreamReader(new BufferedInputStream(new FileInputStream(xslPath)))); Templates cachedXSLT = factory.newTemplates(s); Transformer transformer = cachedXSLT.newTransformer(); DocumentSource source = new DocumentSource(xmlDocument); StreamResult result = new StreamResult(writer); transformer.transform(source, result); } catch (Exception ex) { } }
@ResponseBody @RequestMapping(value = "/delete", method = RequestMethod.POST) public ImmutableMap<String, String> linkDelete(Long[] linkIds, HttpSession session) { try { if (linkIds == null || linkIds.length == 0) { LOGGER.warn("要删除链接的ID为空!"); return ImmutableMap.of("status", "0", "message", getMessage("link.deletefailed.message")); } List<Link> links = linkService.findAll(linkIds); String realPath = session.getServletContext().getRealPath(""); List<File> deleteFiles = Lists.newArrayList(); File deleteFile; for (Link link : links) { if (link.getLinkPic() == null || "".equals(link.getLinkPic())) continue; deleteFile = new File(realPath + link.getLinkPic()); deleteFiles.add(deleteFile); } linkService.deleteInBatch(links); deleteLinkRes(deleteFiles); } catch (Exception e) { LOGGER.error("链接信息删除失败,失败原因:{}", e.getMessage()); return ImmutableMap.of("status", "0", "message", getMessage("link.deletefailed.message")); } LOGGER.info("链接信息删除成功,ID为{}", StringUtils.join(linkIds, ",")); return ImmutableMap.of("status", "1", "message", getMessage("link.deletesuccess.message")); }
@Secured(value = {"ROLE_USER", "ROLE_ADMIN", "ROLE_MANAGER"}) @RequestMapping(method = RequestMethod.GET, value = "profile-pic") public @ResponseBody FileSystemResource getFile( @RequestParam(required = false, value = "user") String userid, Principal principal, HttpSession session) throws IOException { if (documentFolder.exists()) { String uuid; if (userid != null) uuid = userid; else { PipUser user = PipUser.findPipUsersByEmailEquals(principal.getName()).getSingleResult(); uuid = user.getUuid(); } File folder = new File(documentFolder.getFile(), "user-data/" + uuid); File file; if (!uuid.isEmpty() && folder.exists() && folder.listFiles().length > 0) file = folder.listFiles()[0]; else { file = new ServletContextResource(session.getServletContext(), "/images/profile.jpg") .getFile(); } return new FileSystemResource(file); } return null; }
private Authentication fresh(Authentication authentication, ServletRequest req) { HttpServletRequest request = (HttpServletRequest) req; HttpSession session = request.getSession(false); if (session != null) { SessionRegistry sessionRegistry = (SessionRegistry) SpringBeanUtil.getBeanByName("sessionRegistry"); SessionInformation info = sessionRegistry.getSessionInformation(session.getId()); if (info != null) { // Non-expired - update last request date/time Object principal = info.getPrincipal(); if (principal instanceof org.springframework.security.core.userdetails.User) { org.springframework.security.core.userdetails.User userRefresh = (org.springframework.security.core.userdetails.User) principal; ServletContext sc = session.getServletContext(); HashSet<String> unrgas = springSecurityService.getUsersNeedRefreshGrantedAuthorities(); if (unrgas.size() > 0) { HashSet<String> loginedUsernames = new HashSet<String>(); List<Object> loggedUsers = sessionRegistry.getAllPrincipals(); for (Object lUser : loggedUsers) { if (lUser instanceof org.springframework.security.core.userdetails.User) { org.springframework.security.core.userdetails.User u = (org.springframework.security.core.userdetails.User) lUser; loginedUsernames.add(u.getUsername()); } } // 清除已经下线的但需要刷新的username for (Iterator iterator = unrgas.iterator(); iterator.hasNext(); ) { String unrgs = (String) iterator.next(); if (!loginedUsernames.contains(unrgs)) { iterator.remove(); } } if (unrgas.contains(userRefresh.getUsername())) { // 如果需要刷新权限的列表中有当前的用户,刷新登录用户权限 // FIXME:与springSecurityServiceImpl中的功能,相重复,需重构此方法和springSecurityServiceImpl MyJdbcUserDetailsManager mdudm = (MyJdbcUserDetailsManager) SpringBeanUtil.getBeanByType(MyJdbcUserDetailsManager.class); SecurityContextHolder.getContext() .setAuthentication( new UsernamePasswordAuthenticationToken( userRefresh, userRefresh.getPassword(), mdudm.getUserAuthorities(userRefresh.getUsername()))); session.setAttribute( HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY, SecurityContextHolder.getContext()); unrgas.remove(userRefresh.getUsername()); return SecurityContextHolder.getContext().getAuthentication(); } } } } } return authentication; }
private String[] _resolvePaths(HttpServletRequest request, String path) { String servletContextPath = null; int index = path.indexOf(CharPool.FORWARD_SLASH, 1); if (index != -1) { index = path.lastIndexOf(CharPool.PERIOD, index); if (index != -1) { servletContextPath = path.substring(0, index); path = CharPool.FORWARD_SLASH + path.substring(index + 1); } } if (servletContextPath == null) { HttpSession session = request.getSession(); ServletContext servletContext = session.getServletContext(); servletContextPath = ContextPathUtil.getContextPath(servletContext); } return new String[] {servletContextPath, path}; }
/** @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response) */ protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { HttpSession session = request.getSession(true); SpielBean spiel = (SpielBean) session.getServletContext().getAttribute("spiel"); spiel.kizieh(); response.sendRedirect("refreshServlet"); }
@RequestMapping(value = "/tracking/export", method = RequestMethod.POST) public void export( @RequestParam(required = true) Integer[] chk, @RequestParam(required = false) String token, @RequestParam(required = true) String claimSearch, @RequestParam(required = true) String companySearch, HttpSession session, HttpServletResponse response) throws ServletException, IOException, JRException, Exception { String titleName = "หนังสือสัญญา"; String insuranceName = "บริษัท "; HashMap<String, Object> params = new HashMap<String, Object>(); System.out.println(">>>> claimSearch = " + claimSearch); System.out.println(">>>> ClaimType.FAST_TRACK = " + ClaimType.FAST_TRACK); if (claimSearch != null && !claimSearch.equals("")) { int temp = Integer.parseInt(claimSearch); if (temp == ClaimType.FAST_TRACK.getId()) { titleName = "หนังสือสัญญา เรียกร้องค่าสินไหมทดแทนรถยนต์แบบ Fast-Track"; } else if (temp == ClaimType.KFK.getId()) { titleName = "หนังสือสัญญา ตกลงไม่เรียกร้องค่าเสียหายซึ่งกันและกัน"; } else if (temp == ClaimType.REQUEST.getId()) { titleName = "หนังสือสัญญา เรื่องเรียกร้องค่าเสียหาย"; } else { titleName = "หนังสือสัญญา"; } params.put("titleName", titleName); } else { params.put("titleName", titleName); } if (companySearch != null && !companySearch.equals("")) { insuranceName = insuranceService.findById(Integer.parseInt(companySearch)).getFullName(); params.put("insuranceFullName", insuranceName); } else { params.put("insuranceFullName", insuranceName); } List<TrackingSearchResultVo> results = trackingService.searchExport(chk); List<TrackingSearchResultVo> exports = new ArrayList<TrackingSearchResultVo>(); for (TrackingSearchResultVo result : results) { exports.add(result); } downloadService.download( ExporterService.EXTENSION_TYPE_EXCEL, "tracking", session.getServletContext().getRealPath("/report/tracking"), params, exports, token, response); }
private IdentifierBundle getIdentifiers() { HttpSession session = vreq.getSession(); ServletContext context = session.getServletContext(); IdentifierBundle ids = ServletIdentifierBundleFactory.getIdBundleForRequest(vreq, session, context); if (ids == null) { return new ArrayIdentifierBundle(); } else { return ids; } }
/** * @Title: refreshCacheConfig @Description: TODO(这里用一句话描述这个方法的作用) * * @author [email protected] * @date 2016年7月18日 下午5:46:14 */ protected void refreshCacheConfig(SystemSettingsEntry sse, HttpSession session) { if (sse.getIs_on() == 0) { session.getServletContext().removeAttribute(sse.getConfig_name()); return; } if (null != sse.getId()) { SystemSettingsVo settingsquerycase = new SystemSettingsVo(); settingsquerycase.setId(sse.getId()); List<SystemSettingsVo> settingsVos = this.systemSettingsService.querySystenSettings(settingsquerycase); if (null != settingsVos && settingsVos.size() == 1) { session .getServletContext() .setAttribute( settingsVos.get(0).getConfig_name(), settingsVos.get(0).getConfig_value()); } } else { session.getServletContext().setAttribute(sse.getConfig_name(), sse.getConfig_value()); } }
/** * The application home page can be overridden by an attribute in the ServletContext. Further, it * can either be an absolute URL, or it can be relative to the application. Weird. */ private String getApplicationHomePageUrl() { String contextRedirect = (String) session.getServletContext().getAttribute("postLoginRequest"); if (contextRedirect != null) { if (contextRedirect.indexOf(":") == -1) { return request.getContextPath() + contextRedirect; } else { return contextRedirect; } } return request.getContextPath(); }
@SuppressWarnings("unchecked") public void getAll() { // servletActionContext class requestMap = (Map) ServletActionContext.getContext().get("request"); sessionMap = (Map<String, Object>) ServletActionContext.getContext().getSession(); applicationMap = (Map<String, Object>) ServletActionContext.getContext().getApplication(); request = ServletActionContext.getRequest(); session = request.getSession(); context = session.getServletContext(); }
protected final void setUp() throws Exception { String[] files = { "/org/hdiv/config/hdiv-core-applicationContext.xml", "/org/hdiv/config/hdiv-config.xml", "/org/hdiv/config/hdiv-validations.xml", "/org/hdiv/config/applicationContext-test.xml" }; if (this.applicationContext == null) { this.applicationContext = new ClassPathXmlApplicationContext(files); } // Servlet API mock HttpServletRequest request = (MockHttpServletRequest) this.applicationContext.getBean("mockRequest"); HttpSession httpSession = request.getSession(); ServletContext servletContext = httpSession.getServletContext(); HDIVUtil.setHttpServletRequest(request); // Initialize config this.config = (HDIVConfig) this.applicationContext.getBean("config"); // Initialize HttpSession InitListener initListener = new InitListener(); initListener.setConfig(this.config); initListener.initStrategies(this.applicationContext, httpSession); initListener.initCache(this.applicationContext, httpSession); initListener.initPageIdGenerator(this.applicationContext, httpSession); initListener.initHDIVState(this.applicationContext, httpSession); // Initialize HDIVConfig in ServletContext HDIVUtil.setHDIVConfig(this.config, servletContext); // Initialize IApplication in ServletContext IApplication application = (IApplication) this.applicationContext.getBean("application"); HDIVUtil.setApplication(application, servletContext); // Initialize MessageSource in ServletContext ResourceBundleMessageSource messageSource = new ResourceBundleMessageSource(); messageSource.setBeanClassLoader(this.applicationContext.getClassLoader()); String messageSourcePath = (String) this.applicationContext.getBean("messageSourcePath"); messageSource.setBasename(messageSourcePath); HDIVUtil.setMessageSource(messageSource, servletContext); // Initialize the IDataComposer DataComposerFactory dataComposerFactory = (DataComposerFactory) this.applicationContext.getBean("dataComposerFactory"); IDataComposer dataComposer = dataComposerFactory.newInstance(); HDIVUtil.setDataComposer(dataComposer, request); onSetUp(); }
static void validateSession(HttpSession session, String user, boolean allowConcurrent) { ServletContext context = session.getServletContext(); String match = (String) context.getAttribute(ATTRIBUTE_SESSIONMATCH + "." + user); if (allowConcurrent && match != null) { session.setAttribute(ATTRIBUTE_SESSIONMATCH, "*"); } else { String id = session.getId(); session.setAttribute(ATTRIBUTE_SESSIONMATCH, id); context.setAttribute(ATTRIBUTE_SESSIONMATCH + "." + user, id); } session.setAttribute(ATTRIBUTE_SESSIONUSER, user); }
public static List createPermittedOperationList(HttpSession session, Role role) { List opList = (List) session.getServletContext().getAttribute(WebConstants.OPERATION_LIST); List permList = new ArrayList(); for (Iterator it = opList.iterator(); it.hasNext(); ) { Operation op = (Operation) it.next(); if ((role.getCumulativeBitmap().intValue() & op.getBitmap().intValue()) == op.getBitmap().intValue()) { permList.add(op); } } session.setAttribute(WebConstants.PERMITTED_OPERATION_LIST, permList); return permList; }
static void destroySession(HttpSession session) { ServletContext context = session.getServletContext(); String user = (String) session.getAttribute(ATTRIBUTE_SESSIONUSER); if (user != null) { String current = (String) session.getAttribute(ATTRIBUTE_SESSIONMATCH); String match = (String) context.getAttribute(ATTRIBUTE_SESSIONMATCH + "." + user); if (current != null && current.equals(match)) { context.removeAttribute(ATTRIBUTE_SESSIONMATCH + "." + user); } } session.removeAttribute(ATTRIBUTE_SESSIONUSER); session.removeAttribute(ATTRIBUTE_SESSIONMATCH); }
@RequestMapping("/download") @ResponseBody public ResponseEntity<byte[]> ExportBindAccount(String path, HttpSession session) throws IOException { path = new String(path.getBytes("ISO8859-1"), "UTF-8"); String filePath = session.getServletContext().getRealPath("/") + path; HttpHeaders headers = new HttpHeaders(); headers.setContentType(MediaType.APPLICATION_OCTET_STREAM); String outputName = Utils.getFileName(path); headers.setContentDispositionFormData( "attachment", new String(outputName.getBytes("GB2312"), "ISO_8859_1")); return new ResponseEntity<byte[]>( FileUtils.readFileToByteArray(new File(filePath)), headers, HttpStatus.OK); }
/** Remove {@link ConversationState}. {@inheritDoc} */ public void sessionDestroyed(HttpSessionEvent event) { HttpSession httpSession = event.getSession(); StateKey stateKey = new HttpSessionStateKey(httpSession); ConversationRegistry conversationRegistry = (ConversationRegistry) getContainer(httpSession.getServletContext()) .getComponentInstanceOfType(ConversationRegistry.class); ConversationState conversationState = conversationRegistry.unregister(stateKey); if (conversationState != null) if (log.isDebugEnabled()) log.debug("Remove conversation state " + httpSession.getId()); }
static boolean isConcurrentSession(HttpSession session, String user) { ServletContext context = session.getServletContext(); String match = (String) context.getAttribute(ATTRIBUTE_SESSIONMATCH + "." + user); String current = (String) session.getAttribute(ATTRIBUTE_SESSIONMATCH); if (match != null) { if (current == null || !(current.equals("*") || current.equals(match))) { return true; } else { return false; } } else { return false; } }
public void handleLogout(String sessionIndex) { HttpSession session = (HttpSession) sessionMap.get(sessionIndex); if (session == null) { // send cluster message sendSessionInvalidationClusterMessage(sessionIndex); return; } CarbonSSOSessionManager ssoSessionManager = SAML2SSOAuthFEDataHolder.getInstance().getCarbonSSOSessionManager(); // mark this session as invalid. ssoSessionManager.makeSessionInvalid(sessionIndex); String username = (String) session.getAttribute(CarbonSecuredHttpContext.LOGGED_USER); log.info("Invalidating session for user " + username); // invalidating backend session try { CarbonUIAuthenticator authenticator = (CarbonUIAuthenticator) session.getAttribute(CarbonSecuredHttpContext.CARBON_AUTHNETICATOR); if (authenticator != null) { authenticator.unauthenticate(session); log.debug("Backend session invalidated"); } } catch (Exception e) { log.error(e.getMessage()); } // clearing front end session session.setAttribute("authenticated", false); session.removeAttribute(CarbonSecuredHttpContext.LOGGED_USER); session.getServletContext().removeAttribute(CarbonSecuredHttpContext.LOGGED_USER); removeSession(sessionIndex); try { session.invalidate(); } catch (Exception ignored) { log.error(ignored.getMessage()); } if (log.isDebugEnabled()) { log.debug("Cleared authenticated session " + session.getId()); } }
@RequestMapping(value = "/admin/updateevent", method = RequestMethod.POST) public String eventUpdateSubmit( HttpSession session, Event dto, @RequestParam(value = "pageNum") String pageNum) throws Exception { SessionInfo info = (SessionInfo) session.getAttribute("member"); if (info == null) { return "redirect:/memeber/login"; } String root = session.getServletContext().getRealPath("/"); String pathname = root + File.separator + "uploads" + File.separator + "event"; service.updateEvent(dto, pathname); return "redirect:/event/article?pageNum=" + pageNum + "&eventNum=" + dto.getEventNum(); }