@Override public LoginSession getCreateSession( long loggedEntity, AuthenticationRealm realm, String entityLabel, boolean outdatedCredential, Date absoluteExpiration) { Object transaction = tokensManagement.startTokenTransaction(); try { try { LoginSession ret = getOwnedSession(new EntityParam(loggedEntity), realm.getName(), transaction); if (ret != null) { ret.setLastUsed(new Date()); byte[] contents = ret.getTokenContents(); tokensManagement.updateToken( SESSION_TOKEN_TYPE, ret.getId(), null, contents, transaction); if (log.isDebugEnabled()) log.debug( "Using existing session " + ret.getId() + " for logged entity " + ret.getEntityId() + " in realm " + realm.getName()); tokensManagement.commitTokenTransaction(transaction); return ret; } } catch (EngineException e) { throw new InternalException( "Can't retrieve current sessions of the " + "authenticated user", e); } LoginSession ret = createSession( loggedEntity, realm, entityLabel, outdatedCredential, absoluteExpiration, transaction); tokensManagement.commitTokenTransaction(transaction); if (log.isDebugEnabled()) log.debug( "Created a new session " + ret.getId() + " for logged entity " + ret.getEntityId() + " in realm " + realm.getName()); return ret; } finally { tokensManagement.closeTokenTransaction(transaction); cleanScheduledRemoval(loggedEntity); } }
@Override public void addSessionParticipant(SessionParticipant... participant) { InvocationContext invocationContext = InvocationContext.getCurrent(); LoginSession ls = invocationContext.getLoginSession(); try { SessionParticipants.AddParticipantToSessionTask addTask = new SessionParticipants.AddParticipantToSessionTask( participantTypesRegistry, participant); updateSessionAttributes(ls.getId(), addTask); } catch (WrongArgumentException e) { throw new InternalException("Can not add session participant to the existing session?", e); } }
@Override public void run() { List<Token> tokens = tokensManagement.getAllTokens(SESSION_TOKEN_TYPE); long now = System.currentTimeMillis(); for (Token t : tokens) { if (t.getExpires() != null) continue; LoginSession session = token2session(t); long inactiveFor = now - session.getLastUsed().getTime(); if (inactiveFor > session.getMaxInactivity()) { log.debug("Expiring login session " + session + " inactive for: " + inactiveFor); try { removeSession(session.getId(), false); } catch (Exception e) { log.error("Can't expire the session " + session, e); } } } }