Java > Open Source Codes > info > magnolia > context > SessionStore


1 /**
2  *
3  * Magnolia and its source-code is licensed under the LGPL.
4  * You may copy, adapt, and redistribute this file for commercial or non-commercial use.
5  * When copying, adapting, or redistributing this document in keeping with the guidelines above,
6  * you are required to provide proper attribution to obinary.
7  * If you reproduce or distribute the document without making any substantive modifications to its content,
8  * please use the following attribution line:
9  *
10  * Copyright 1993-2006 obinary Ltd. (http://www.obinary.com) All rights reserved.
11  *
12  */
13 package info.magnolia.context;
14
15 import info.magnolia.cms.beans.config.ContentRepository;
16 import info.magnolia.cms.core.HierarchyManager;
17 import info.magnolia.cms.core.search.QueryManager;
18 import info.magnolia.cms.core.search.SearchFactory;
19 import info.magnolia.cms.security.AccessManager;
20 import info.magnolia.cms.security.AccessManagerImpl;
21 import info.magnolia.cms.security.Authenticator;
22 import info.magnolia.cms.security.auth.ACL;
23 import info.magnolia.cms.security.auth.PrincipalCollection;
24
25 import java.util.ArrayList ;
26 import java.util.Iterator ;
27 import java.util.List ;
28 import java.util.Set ;
29
30 import javax.jcr.LoginException;
31 import javax.jcr.RepositoryException;
32 import javax.jcr.Session;
33 import javax.jcr.SimpleCredentials;
34 import javax.security.auth.Subject ;
35 import javax.servlet.http.HttpServletRequest ;
36 import javax.servlet.http.HttpSession ;
37
38 import org.slf4j.Logger;
39 import org.slf4j.LoggerFactory;
40
41
42 /**
43  * This class is meant to be used by WebContextImpl
44  * @author Sameer Charles
45  * @version $Revision $ ($Author $)
46  */
47 final class SessionStore {
48
49     private static Logger log = LoggerFactory.getLogger(SessionStore.class);
50
51     private static final String ATTRIBUTE_REPOSITORY_SESSION_PREFIX = "mgnlRepositorySession_";
52
53     private static final String ATTRIBUTE_HM_PREFIX = "mgnlHMgr_";
54
55     private static final String ATTRIBUTE_AM_PREFIX = "mgnlAccessMgr_";
56
57     private static final String ATTRIBUTE_QM_PREFIX = "mgnlQueryMgr_";
58
59     private static final String DEFAULT_REPOSITORY = ContentRepository.WEBSITE;
60
61     /**
62      * Utility class, don't instantiate.
63      */
64     protected SessionStore() {
65         // unused
66 }
67
68     /**
69      * Gets the ticket creted while login, creates a new ticket if not existing.
70      * @param request
71      * @throws LoginException
72      * @throws RepositoryException
73      */
74     protected static Session getSession(HttpServletRequest request) throws LoginException, RepositoryException {
75         return getSession(request, DEFAULT_REPOSITORY);
76     }
77
78     /**
79      * Gets the ticket creted while login, creates a new ticket if not existing.
80      * @param request
81      * @param repositoryID
82      * @throws LoginException
83      * @throws RepositoryException
84      */
85     protected static Session getSession(HttpServletRequest request, String repositoryID) throws LoginException,
86         RepositoryException {
87         return getSession(request, repositoryID, ContentRepository.getDefaultWorkspace(repositoryID));
88     }
89
90     /**
91      * Gets the ticket creted while login, creates a new ticket if not existing .
92      * @param request
93      * @param repositoryID
94      * @param workspaceID
95      * @throws LoginException
96      * @throws RepositoryException
97      */
98     protected static Session getSession(HttpServletRequest request, String repositoryID, String workspaceID)
99         throws LoginException, RepositoryException {
100         return getRepositorySession(request, repositoryID, workspaceID);
101     }
102
103     /**
104      * Gets hierarchy manager for the default repository using session ticket. Creates a new ticket and hierarchy
105      * manager if not exist. Use MgnlContext if possible.
106      * @param request
107      * @param repositoryID
108      * @param workspaceID
109      */
110     protected static HierarchyManager getHierarchyManager(HttpServletRequest request, String repositoryID,
111         String workspaceID) {
112         HttpSession httpSession = request.getSession(false);
113         HierarchyManager hm = null;
114
115         if (httpSession != null) {
116             hm = (HierarchyManager) httpSession.getAttribute(ATTRIBUTE_HM_PREFIX + repositoryID + "_" + workspaceID); //$NON-NLS-1$
117 }
118
119         if (hm == null) {
120             hm = new HierarchyManager(Authenticator.getUserId(request));
121
122             try {
123                 hm.init(getSession(request, repositoryID, workspaceID).getRootNode());
124                 AccessManager am = getAccessManager(request, repositoryID, workspaceID);
125                 hm.setAccessManager(am);
126
127                 if (httpSession != null) {
128                     httpSession.setAttribute(ATTRIBUTE_HM_PREFIX + repositoryID + "_" + workspaceID, hm); //$NON-NLS-1$
129 }
130             }
131             catch (RepositoryException re) {
132                 log.error(re.getMessage(), re);
133             }
134         }
135
136         return hm;
137     }
138
139     /**
140      * gets AccessManager for the current user session for the specified repository and workspace. Use MgnlContext if
141      * possible
142      * @param request
143      * @param repositoryID
144      * @param workspaceID
145      */
146     protected static AccessManager getAccessManager(HttpServletRequest request, String repositoryID, String workspaceID) {
147
148         HttpSession httpSession = request.getSession(false);
149         AccessManager accessManager = null;
150
151         if (httpSession != null) {
152             accessManager = (AccessManager) httpSession.getAttribute(ATTRIBUTE_AM_PREFIX
153                 + repositoryID
154                 + "_" + workspaceID); //$NON-NLS-1$
155 }
156
157         if (accessManager == null) {
158
159             // JAAS specific
160 Subject subject = Authenticator.getSubject(request);
161
162             List permissionList = null;
163             if (subject != null) {
164                 Set principalSet = subject.getPrincipals(PrincipalCollection.class);
165                 Iterator it = principalSet.iterator();
166                 PrincipalCollection principals = (PrincipalCollection) it.next();
167                 ACL acl = (ACL) principals.get(repositoryID + "_" + workspaceID);
168                 if (acl != null) {
169                     permissionList = acl.getList();
170                 }
171                 else {
172                     permissionList = new ArrayList (); // no permissions assigned to this workspace
173 }
174             }
175
176             accessManager = new AccessManagerImpl();
177             accessManager.setPermissionList(permissionList);
178
179             if (httpSession != null) {
180                 httpSession.setAttribute(ATTRIBUTE_AM_PREFIX + repositoryID + "_" + workspaceID, accessManager); //$NON-NLS-1$
181 }
182
183         }
184
185         return accessManager;
186     }
187
188     /**
189      * Gets access controlled query manager. Use MgnlContext if possible.
190      * @param request
191      * @param repositoryID
192      * @param workspaceID
193      * @throws RepositoryException
194      */
195     protected static QueryManager getQueryManager(HttpServletRequest request, String repositoryID, String workspaceID)
196         throws RepositoryException {
197
198         QueryManager queryManager = null;
199
200         HttpSession httpSession = request.getSession(false);
201         if (httpSession != null) {
202             queryManager = (QueryManager) httpSession.getAttribute(ATTRIBUTE_QM_PREFIX
203                 + repositoryID
204                 + "_" + workspaceID); //$NON-NLS-1$
205 }
206         if (queryManager == null) {
207             javax.jcr.query.QueryManager qm = getSession(request, repositoryID, workspaceID)
208                 .getWorkspace()
209                 .getQueryManager();
210
211             AccessManager accessManager = getAccessManager(request, repositoryID, workspaceID);
212
213             queryManager = SearchFactory.getAccessControllableQueryManager(qm, accessManager);
214
215             if (httpSession != null) {
216                 httpSession.setAttribute(ATTRIBUTE_QM_PREFIX + repositoryID + "_" + workspaceID, queryManager); //$NON-NLS-1$
217 }
218         }
219
220         return queryManager;
221     }
222
223     /**
224      * Get repository session
225      * @param request
226      * @param repositoryID
227      * @param workspaceID
228      * @throws LoginException
229      * @throws RepositoryException
230      */
231     protected static Session getRepositorySession(HttpServletRequest request, String repositoryID, String workspaceID)
232         throws LoginException, RepositoryException {
233
234         Session jcrSession = null;
235         HttpSession httpSession = request.getSession(false);
236
237         if (httpSession != null) {
238             jcrSession = (Session) httpSession.getAttribute(ATTRIBUTE_REPOSITORY_SESSION_PREFIX
239                 + repositoryID
240                 + "_" + workspaceID); //$NON-NLS-1$
241 }
242         if (jcrSession == null) {
243
244             SimpleCredentials sc = new SimpleCredentials(
245                 ContentRepository.REPOSITORY_USER,
246                 ContentRepository.REPOSITORY_PSWD.toCharArray());
247
248             jcrSession = ContentRepository.getRepository(repositoryID).login(sc,
249                     ContentRepository.getMappedWorkspaceName(workspaceID));
250
251             if (httpSession != null) {
252                 httpSession.setAttribute(ATTRIBUTE_REPOSITORY_SESSION_PREFIX + repositoryID + "_" + workspaceID, //$NON-NLS-1$
253 jcrSession);
254             }
255
256         }
257         return jcrSession;
258     }
259
260 }
261

A to Z: JavaDoc & Examples

---

Daily Java News & Articles

---

Open Source Projects

---

Open Source Codes

---

Free Computer Books

---

Remove Frame

---

Popular Tags