@RequestMapping(
     value = "/debitAndCredit",
     method = {RequestMethod.POST, RequestMethod.GET})
 public ModelAndView creditAndDebit(HttpServletRequest request, HttpSession session) {
   ModelAndView model = new ModelAndView();
   String userName = "";
   LoginHandler handler = new LoginHandler();
   userName = (String) session.getAttribute("USERNAME");
   String role = (String) session.getAttribute("Role");
   try {
     if (role != null
         && !role.isEmpty()
         && (role.equalsIgnoreCase("USER") || role.equalsIgnoreCase("MERCHANT"))) {
       getAccountNumbers(model, userName, session);
       model.setViewName("creditAndDebit");
     } else {
       if (!userName.isEmpty() || !userName.equalsIgnoreCase(null)) {
         handler.updateLoggedInFlag(userName, 0);
       }
       session.invalidate();
       model.setViewName("index");
     }
   } catch (Exception e) {
     session.invalidate();
     model.setViewName("index");
   }
   return model;
 }
Exemplo n.º 2
0
 @Override
 public void service(HttpServletRequest req, HttpServletResponse res)
     throws ServletException, IOException {
   HttpSession session = req.getSession();
   session.invalidate();
   session = req.getSession();
   session.invalidate();
   req.getSession();
 }
  @RequestMapping(
      value = "/viewBal",
      method = {RequestMethod.POST, RequestMethod.GET})
  public ModelAndView viewBalance(HttpServletRequest request, HttpSession session) {
    ModelAndView model = new ModelAndView();
    LoginHandler handler = new LoginHandler();
    String userName = "";
    userName = (String) session.getAttribute("USERNAME");
    String role = (String) session.getAttribute("Role");
    try {
      if (role != null
          && !role.isEmpty()
          && (role.equalsIgnoreCase("USER") || role.equalsIgnoreCase("MERCHANT"))) {
        ResultSet rs = handler.requestBalance(userName);
        List<AccountDetails> acntdetails = new ArrayList<AccountDetails>();

        try {
          while (rs.next()) {
            AccountDetails details = new AccountDetails();
            details.setAccountNumber(rs.getString("accountnumber"));
            details.setAccountType(rs.getString("accounttype"));
            details.setBalance(rs.getDouble("balance"));
            acntdetails.add(details);
          }
          model.addObject("accountDetails", acntdetails);
          rs.close();

        } catch (SQLException e) {
          model.addObject("accountDetails", "");
          try {
            if (!userName.isEmpty() || !userName.equalsIgnoreCase(null)) {
              handler.updateLoggedInFlag(userName, 0);
            }
          } catch (Exception e1) {
            session.invalidate();
            model.setViewName("index");
          }
          session.invalidate();
          model.setViewName("index");
          e.printStackTrace();
        }

        model.setViewName("viewBalance");
      } else {
        if (!userName.isEmpty() || !userName.equalsIgnoreCase(null)) {
          handler.updateLoggedInFlag(userName, 0);
        }
        session.invalidate();
        model.setViewName("index");
      }
    } catch (Exception e) {
      session.invalidate();
      model.setViewName("index");
    }

    return model;
  }
  /**
   * This method handles the logout requests from the IdP Any request for the defined logout URL is
   * handled here
   *
   * @param request
   * @throws javax.servlet.ServletException
   * @throws IOException
   */
  public void doSLO(HttpServletRequest request) throws SSOAgentException {

    XMLObject saml2Object = null;
    if (request.getParameter(SSOAgentConstants.SAML2SSO.HTTP_POST_PARAM_SAML2_AUTH_REQ) != null) {
      saml2Object =
          SSOAgentUtils.unmarshall(
              new String(
                  Base64.decode(
                      request.getParameter(
                          SSOAgentConstants.SAML2SSO.HTTP_POST_PARAM_SAML2_AUTH_REQ)),
                  Charset.forName("UTF-8")));
    }
    if (saml2Object == null) {
      saml2Object =
          SSOAgentUtils.unmarshall(
              new String(
                  Base64.decode(
                      request.getParameter(SSOAgentConstants.SAML2SSO.HTTP_POST_PARAM_SAML2_RESP)),
                  Charset.forName("UTF-8")));
    }
    if (saml2Object instanceof LogoutRequest) {
      LogoutRequest logoutRequest = (LogoutRequest) saml2Object;
      String sessionIndex = logoutRequest.getSessionIndexes().get(0).getSessionIndex();
      Set<HttpSession> sessions = SSOAgentSessionManager.invalidateAllSessions(sessionIndex);
      for (HttpSession session : sessions) {
        session.invalidate();
      }
    } else if (saml2Object instanceof LogoutResponse) {
      if (request.getSession(false) != null) {
        /**
         * Not invalidating session explicitly since there may be other listeners still waiting to
         * get triggered and at the end of the chain session needs to be invalidated by the system
         */
        Set<HttpSession> sessions =
            SSOAgentSessionManager.invalidateAllSessions(request.getSession(false));
        for (HttpSession session : sessions) {
          try {
            session.invalidate();
          } catch (IllegalStateException ignore) {

            if (log.isDebugEnabled()) {
              log.debug("Ignoring exception : ", ignore);
            }
            // ignore
            // session is already invalidated
          }
        }
      }
    } else {
      throw new SSOAgentException("Invalid SAML2 Single Logout Request/Response");
    }
  }
  /** @throws Exception */
  public void testInvalidateSession() throws Exception {
    MockServletContextImpl servletContext = new MockServletContextImpl("hoge");
    MockHttpServletRequestImpl request = new MockHttpServletRequestImpl(servletContext, "foo");
    SessionStateManager sessionStateManager =
        new SessionStateManager() {
          public SessionState loadState(String sessionId) {
            return null;
          }

          public void updateState(String sessionId, SessionState sessionState) {}

          public void removeState(String sessionId) {}
        };
    S2HttpServletRequestWrapper requestWrapper =
        new S2HttpServletRequestWrapper(request, sessionStateManager);
    HttpSession session = requestWrapper.getSession();
    assertNotNull(session);

    session.invalidate();
    assertNull(request.getSession(false));
    assertNull(request.getRequestedSessionId());

    HttpSession session2 = requestWrapper.getSession();
    assertNotSame(session, session2);
    assertFalse(session.getId().equals(session2.getId()));
  }
Exemplo n.º 6
0
  public void doGet(HttpServletRequest req, HttpServletResponse res)
      throws ServletException, IOException {

    res.setContentType("text/html");
    PrintWriter out = res.getWriter();
    Enumeration values = req.getParameterNames();
    String name = "";
    String value = "";
    String id = "";
    while (values.hasMoreElements()) {
      name = ((String) values.nextElement()).trim();
      value = req.getParameter(name).trim();
      if (name.equals("id")) id = value;
    }
    if (url.equals("")) {
      url = getServletContext().getInitParameter("url");
      cas_url = getServletContext().getInitParameter("cas_url");
    }
    HttpSession session = null;
    session = req.getSession(false);
    if (session != null) {
      session.invalidate();
    }
    res.sendRedirect(cas_url);
    return;
  }
Exemplo n.º 7
0
  protected void sendToLogoutPage(
      HttpServletRequest request, HttpServletResponse response, HttpSession session)
      throws IOException, ServletException {
    // we are invalidated.
    RequestDispatcher dispatch =
        this.servletContext.getRequestDispatcher(this.getConfiguration().getLogOutPage());
    if (dispatch == null) {
      logger.samlSPCouldNotDispatchToLogoutPage(this.getConfiguration().getLogOutPage());
    } else {
      logger.trace("Forwarding request to logOutPage: " + this.getConfiguration().getLogOutPage());

      try {
        session.invalidate();
      } catch (IllegalStateException e) {
        // if session was already invalidated we just ignore the exception.
        return;
      }

      try {
        dispatch.forward(request, response);
      } catch (Exception e) {
        //                JBAS5.1 and 6 quirkiness
        dispatch.forward(request, response);
      }
    }
  }
Exemplo n.º 8
0
  public String[] getSessionHTML(HttpSession session, HttpServletRequest request)
      throws ServletException, IOException {

    String user = null;
    String group = null;
    String userName = null;
    String groupname = null;
    String redirect = "";
    try {

      redirect = UserRecord;
      if (session.getAttribute("user") == null) {

        session.invalidate();
        request.getRequestDispatcher(redirect).include(request, response);
      } else {
        user = (String) session.getAttribute("user");
        group = (String) session.getAttribute("group");
      }
      Cookie[] cookies = request.getCookies();
      if (cookies != null) {
        for (Cookie cookie : cookies) {
          if (cookie.getName().equals("user")) sess[0] = cookie.getValue();
          if (cookie.getName().equals("JSESSIONID")) sessionID = cookie.getValue();
          if (cookie.getName().equals("group")) sess[1] = cookie.getValue();
          break;
        }
      }

    } catch (NullPointerException n) {
      n.printStackTrace();
    }
    return sess;
  }
  public void doFilter(
      ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain)
      throws IOException, ServletException {

    if (SystemConfigs.get("memSessionSwitch", "true").equalsIgnoreCase("true")) {
      HttpServletRequest request = (HttpServletRequest) servletRequest;
      HttpServletResponse response = (HttpServletResponse) servletResponse;
      String sid = request.getSession().getId();
      if (StringUtils.isNotBlank(request.getParameter("jsessionid"))) {
        String jsessionid = request.getParameter("jsessionid");
        if (!StringUtils.equals(sid, jsessionid)) {
          HttpSession session = request.getSession(false);
          if (session != null) session.invalidate();
          Cookie cookie = new Cookie("JSESSIONID", jsessionid);
          cookie.setDomain(request.getServerName());
          cookie.setPath("/");
          response.addCookie(cookie);
          sid = jsessionid;
        }
      }
      sessionLog.info("get session in memcached...");
      filterChain.doFilter(new HttpServletRequestWrapper(sid, request), servletResponse);
    } else {
      sessionLog.info("get session in httpsession...");
      filterChain.doFilter(servletRequest, servletResponse);
    }
  }
 @Override
 protected void doPost(HttpServletRequest req, HttpServletResponse resp)
     throws ServletException, IOException {
   HttpSession session = req.getSession();
   session.invalidate();
   resp.sendRedirect(PathConstants.LOGIN_PAGE);
 }
  protected void processRequest(HttpServletRequest request, HttpServletResponse response)
      throws ServletException, IOException {
    response.setContentType("text/html;charset=UTF-8");
    PrintWriter out = response.getWriter();
    HttpSession session = request.getSession();
    try {
      SimpleDateFormat sdf = new SimpleDateFormat("MM/dd/yyyy");
      java.util.Date date = new Date();
      try {
        date = sdf.parse(request.getParameter("date"));
      } catch (ParseException ex) {
        session.setAttribute("errorMSG", "Error: Password & Confirm password mismatch! ");
        response.sendRedirect("/eBanking/admin/calculateInvestment.jsp");
      }
      if (session != null) {
        session.invalidate();
      }
      List<InvestmentAccount> ias = InvestmentAccount.getInvestmentAccounts();
      for (InvestmentAccount ia : ias) {
        double newBalance = ia.calculateReturnOfInvestment(date);
        // newBalance =(double) Math.round(newBalance * 100.0) / 100.0;
        ia.setBalance(newBalance);
        ia.updateAccount();
      }

      response.sendRedirect("./admin/adminFinished.jsp");
    } finally {
      out.close();
    }
  }
Exemplo n.º 12
0
  @RequestMapping("/logout")
  public String logout(HttpSession session) {
    log.info("logout success ... ");
    session.invalidate();

    return "redirect:/";
  }
  /** @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response) */
  protected void doGet(HttpServletRequest request, HttpServletResponse response)
      throws ServletException, IOException {

    // System.out.println("Working here in the studentu pdates");

    HttpSession session = request.getSession();
    String theURL = request.getRequestURL().toString();
    // System.out.println(theURL);

    if (null == session.getAttribute("netID")) {
      // User is not logged in.
      session.invalidate();
      response.sendRedirect("Login.jsp");
    } else {
      // User IS logged in.
      // System.out.println("working in student update servlet");
      try {

        if (theURL.contains("SCourseUpdates")) response.sendRedirect("CourseTaken.jsp");
        else if (theURL.contains("RequestUpdates")) {
          response.sendRedirect("Request.jsp");
        } else if (theURL.contains("SInfoUpdates")) {
          response.sendRedirect("Info.jsp");
        } else if (theURL.contains("StudentViewEligibility")) {
          session.setAttribute("courseID", request.getParameter("CourseID"));
          session.setAttribute("sectionNo", request.getParameter("SectionNo"));
          response.sendRedirect("StudentViewEligibility.jsp");
        } else response.sendRedirect("Student.jsp");

      } catch (Exception e) {
        System.out.println(e);
      }
    }
  }
Exemplo n.º 14
0
  /**
   * Processes requests for both HTTP <code>GET</code> and <code>POST</code> methods.
   *
   * @param request servlet request
   * @param response servlet response
   * @throws ServletException if a servlet-specific error occurs
   * @throws IOException if an I/O error occurs
   */
  protected void processRequest(HttpServletRequest request, HttpServletResponse response)
      throws ServletException, IOException, DaoEx {

    HttpSession session = request.getSession(false);
    if (session != null) session.invalidate();
    request.getRequestDispatcher("index.jsp").forward(request, response);
  }
Exemplo n.º 15
0
 /**
  * 退出登录
  *
  * @return
  */
 public String logout() {
   UserInfo user = getOnlineUser();
   if (user != null) {
     OperationLog ol = new OperationLog();
     ol.setUserId(user.getEntityId());
     ol.setUserName(user.getName());
     ol.setDetail("login.action");
     ol.setUrl("logout.action");
     ol.setIp(getRequest().getRemoteAddr());
     try {
       this.getBaseService().save(ol);
     } catch (Exception ex) {
       log.error(ex.getMessage(), ex);
     }
   }
   try {
     this.setOnlineUser(null);
     this.getSession().clear();
     HttpSession session = getRequest().getSession();
     session.invalidate(); // 移出所有
   } catch (Exception e) {
     log.error(e.getMessage(), e);
   }
   return "success";
 }
Exemplo n.º 16
0
  protected void doGet(HttpServletRequest request, HttpServletResponse response)
      throws ServletException, IOException {
    HttpSession session = request.getSession();
    session.invalidate();

    response.sendRedirect("/lista_eventos.jsp");
  }
  /**
   * Processes requests for both HTTP <code>GET</code> and <code>POST</code> methods.
   *
   * @param request servlet request
   * @param response servlet response
   * @throws ServletException if a servlet-specific error occurs
   * @throws IOException if an I/O error occurs
   */
  protected void processRequest(HttpServletRequest request, HttpServletResponse response)
      throws ServletException, IOException {
    HttpSession session = request.getSession(true);
    request.setCharacterEncoding("UTF-8");
    response.setCharacterEncoding("UTF-8");
    session.removeAttribute("error");
    session.removeAttribute("sucesso");

    Usuario user = (Usuario) session.getAttribute("user");
    String idSecaoS = request.getParameter("idSecao");
    try {
      int id = Integer.parseInt(idSecaoS);
      if (user != null && user instanceof Editor) {
        Editor editor = (Editor) user;
        Secao secao = editor.getSecao(id);
        if (secao != null) {
          session.setAttribute("secao", secao);
          response.sendRedirect(request.getContextPath() + "/editorAdicionarSecao.jsp");
        } else {
          session.setAttribute("error", "Voce nao tem permissao para atualizar essa secao.");
          response.sendRedirect(request.getContextPath() + "/editorListarSecao.jsp");
        }
      } else {
        session.setAttribute("error", "Voce nao tem permissao para acessar essa area.");
        response.sendRedirect(request.getContextPath() + "/index.jsp");
      }
    } catch (Exception ex) {
      ex.printStackTrace();
      session.invalidate();
      response.sendRedirect(request.getContextPath() + "/index.jsp");
    }
  }
Exemplo n.º 18
0
  public String logout() {
    setConnecte(false);

    session.setAttribute("connecte", connecte);
    session.invalidate();
    return "Acceuil";
  }
Exemplo n.º 19
0
  public static void destroySession(final HttpServletRequest request) {
    final HttpSession currentSession = request.getSession(false);

    if (currentSession != null) {
      currentSession.invalidate();
    }
  }
Exemplo n.º 20
0
  @RequestMapping(value = "/logout", method = RequestMethod.GET)
  public String logout(Model model, HttpSession session) {

    session.invalidate();

    return "redirect:/";
  }
Exemplo n.º 21
0
  @RequestMapping(value = "/logout")
  public String logout(final HttpSession httpSession) {
    logger.trace("invalidating session:{}", httpSession.getId());
    httpSession.invalidate();

    return "redirect:/index.htm";
  }
Exemplo n.º 22
0
  @Override
  protected void doPost(HttpServletRequest req, HttpServletResponse resp)
      throws ServletException, IOException {

    resp.setContentType("application/json");
    final PrintWriter out = resp.getWriter();

    HttpSession session = req.getSession(false);

    if (session != null) {
      Subject subject = (Subject) session.getAttribute("subject");
      if (subject == null) {
        LOG.warn("No security subject stored in existing session, invalidating");
        session.invalidate();
        Helpers.doForbidden(resp);
        return;
      }
      sendResponse(session, subject, out);
      return;
    }

    AccessControlContext acc = AccessController.getContext();
    Subject subject = Subject.getSubject(acc);

    if (subject == null) {
      Helpers.doForbidden(resp);
      return;
    }
    Set<Principal> principals = subject.getPrincipals();

    String username = null;

    if (principals != null) {
      for (Principal principal : principals) {
        if (principal.getClass().getSimpleName().equals("UserPrincipal")) {
          username = principal.getName();
          LOG.debug("Authorizing user {}", username);
        }
      }
    }

    session = req.getSession(true);
    session.setAttribute("subject", subject);
    session.setAttribute("user", username);
    session.setAttribute("org.osgi.service.http.authentication.remote.user", username);
    session.setAttribute(
        "org.osgi.service.http.authentication.type", HttpServletRequest.BASIC_AUTH);
    session.setAttribute("loginTime", GregorianCalendar.getInstance().getTimeInMillis());
    if (timeout != null) {
      session.setMaxInactiveInterval(timeout);
    }
    if (LOG.isDebugEnabled()) {
      LOG.debug(
          "Http session timeout for user {} is {} sec.",
          username,
          session.getMaxInactiveInterval());
    }

    sendResponse(session, subject, out);
  }
Exemplo n.º 23
0
 @RequestMapping(value = "/logout", method = RequestMethod.GET)
 public ModelAndView addReimbursement(HttpServletRequest request) {
   HttpSession session = request.getSession();
   session.invalidate();
   // Map<String, Object> model = new HashMap<String, Object>();
   return new ModelAndView("login");
 }
Exemplo n.º 24
0
  @Override
  public boolean isValid(Action<? extends Result> action) throws ActionException {

    if (!action.isSecured()) {
      return true;
    }

    HttpSession session = request.get().getSession(false);

    if (session == null) {
      throw new InvalidSessionException("No valid session found[1]");
    }

    Object sessionCookie = session.getAttribute(ServerConstants.AUTHENTICATIONCOOKIE);

    if (sessionCookie == null) {
      throw new InvalidSessionException("No valid session found[2]");
    }

    Cookie[] cookies = request.get().getCookies();
    for (Cookie c : cookies) {
      if (c.getName().equals(ServerConstants.AUTHENTICATIONCOOKIE)) {
        if (sessionCookie.equals(c.getValue())) {
          // Authentication cookie provided by the front end== authentication cookie on the server
          // session
          return true;
        }
      }
    }

    session.invalidate();
    throw new InvalidSessionException("No valid session found[3]");
  }
  // method will call when user clicks on the link given in email
  @RequestMapping(value = "/logoutOutAction")
  public String getIssueDetails(
      HttpSession session, HttpServletRequest request, HttpServletResponse response) {

    logger.info("---- Entered getIssueDetails() of LogoutController ----");

    try {
      session = request.getSession(false);
      response.setHeader(
          "Cache-Control",
          "no-cache"); // Forces caches to obtain a new copy of the page from the origin server
      response.setHeader(
          "Cache-Control",
          "no-store"); // Directs caches not to store the page under any circumstance
      response.setDateHeader("Expires", 0); // Causes the proxy cache to see the page as "stale"
      response.setHeader("Pragma", "no-cache"); // HTTP 1.0 backward compatibility
      session.removeAttribute(IssueTrackerConstants.ISSUETRACKERCONSTANTS_LOGIN_USER_SESSION_NAME);
      session.setAttribute(
          IssueTrackerConstants.ISSUETRACKERCONSTANTS_LOGIN_USER_SESSION_NAME, null);
      session.invalidate();
    } catch (Exception e) {
      e.printStackTrace();
      StringWriter errors = new StringWriter();
      e.printStackTrace(new PrintWriter(errors));
      logger.error(errors.toString());
    }

    return "logout";
  }
Exemplo n.º 26
0
  @RequestMapping("last")
  public ModelAndView getlast(HttpSession session, @ModelAttribute User_Results user, Model model) {

    logger.info("Results stored");

    ModelAndView modelAndView = new ModelAndView();
    modelAndView.setViewName("last");

    User_Results users = new User_Results();
    Iterator iterator = resultData.keySet().iterator();
    while (iterator.hasNext()) {
      Integer key = (Integer) iterator.next();
      List list = (List) resultData.get(key);
      users.setTitle(utitle);
      users.setExpertName(uName);
      users.setExperience(exp);
      users.setTestsNumber(numberTests);
      users.setEmail(mail);
      users.setDataSet("Data-Set" + key);
      users.setSession(session.getId());
      users.setPower(((GraphPlot) list.get(0)).getLast());
      users.setVCO2(((GraphPlot) list.get(0)).getVCO2());
      users.setVO2(((GraphPlot) list.get(0)).getVO2());
      users.setVE(((GraphPlot) list.get(0)).getVE());
      dataService.insertData(users);
    }
    session.invalidate();
    model.asMap().clear();
    return modelAndView;
  }
 public String cerrarSesion() {
   HttpSession session =
       (HttpSession) FacesContext.getCurrentInstance().getExternalContext().getSession(false);
   session.invalidate();
   WebUtil.sendRedirect("/login/login.jsf");
   return "RELOGEA";
 }
Exemplo n.º 28
0
 /** @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response) */
 protected void doGet(HttpServletRequest request, HttpServletResponse response)
     throws ServletException, IOException {
   // TODO Auto-generated method stub
   HttpSession session = request.getSession();
   session.invalidate();
   response.sendRedirect("Accueil.html");
 }
Exemplo n.º 29
0
 public String execute() throws Exception {
   // 获取HttpSession
   HttpSession session = request.getSession();
   // 使Session失效
   session.invalidate();
   return SUCCESS;
 }
Exemplo n.º 30
0
  public static void invalidateSession() {

    HttpSession session =
        (HttpSession) FacesContext.getCurrentInstance().getExternalContext().getSession(false);

    session.invalidate();
  }