Esempio n. 1
0
  /**
   * @see
   *     org.olat.core.commons.services.webdav.WebDAVManager#handleAuthentication(javax.servlet.http.HttpServletRequest,
   *     javax.servlet.http.HttpServletResponse)
   */
  @Override
  public boolean handleAuthentication(HttpServletRequest req, HttpServletResponse resp) {
    UserSession usess = sessionManager.getUserSession(req);
    if (usess != null && usess.isAuthenticated()) {
      req.setAttribute(REQUEST_USERSESSION_KEY, usess);
      return true;
    }

    usess = doAuthentication(req, resp);
    if (usess == null) {
      return false;
    }

    // register usersession in REQUEST, not session !!
    // see SecureWebDAVServlet.setAuthor() and checkQuota()
    req.setAttribute(REQUEST_USERSESSION_KEY, usess);
    return true;
  }
Esempio n. 2
0
  private UserSession afterAuthorization(Identity identity, HttpServletRequest request) {
    UserSession usess = sessionManager.getUserSession(request);
    synchronized (usess) {
      // double check to prevent severals concurrent login
      if (usess.isAuthenticated()) {
        return usess;
      }

      sessionManager.signOffAndClear(usess);
      usess.setIdentity(identity);
      UserDeletionManager.getInstance().setIdentityAsActiv(identity);
      // set the roles (admin, author, guest)
      Roles roles = BaseSecurityManager.getInstance().getRoles(identity);
      usess.setRoles(roles);
      // set session info
      SessionInfo sinfo =
          new SessionInfo(identity.getKey(), identity.getName(), request.getSession());
      User usr = identity.getUser();
      sinfo.setFirstname(usr.getProperty(UserConstants.FIRSTNAME, null));
      sinfo.setLastname(usr.getProperty(UserConstants.LASTNAME, null));

      String remoteAddr = request.getRemoteAddr();
      sinfo.setFromIP(remoteAddr);
      sinfo.setFromFQN(remoteAddr);
      try {
        InetAddress[] iaddr = InetAddress.getAllByName(request.getRemoteAddr());
        if (iaddr.length > 0) sinfo.setFromFQN(iaddr[0].getHostName());
      } catch (UnknownHostException e) {
        // ok, already set IP as FQDN
      }
      sinfo.setAuthProvider(BaseSecurityModule.getDefaultAuthProviderIdentifier());
      sinfo.setUserAgent(request.getHeader("User-Agent"));
      sinfo.setSecure(request.isSecure());
      sinfo.setWebDAV(true);
      sinfo.setWebModeFromUreq(null);
      // set session info for this session
      usess.setSessionInfo(sinfo);
      //
      sessionManager.signOn(usess);
      return usess;
    }
  }