From 537e9f394e0eb0ac1c395fcd6d6d8e202a0ad5dc Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Thu, 21 Aug 2014 10:51:19 +0200 Subject: add active user-session cleanup process --- .../moa/id/configuration/Constants.java | 2 ++ .../id/configuration/auth/AuthenticatedUser.java | 23 ++++++++++++++-------- .../configuration/auth/AuthenticationManager.java | 15 ++++++++++++++ .../id/configuration/auth/IActiveUserStorage.java | 4 ++++ .../auth/MemoryActiveUserStorageImpl.java | 19 ++++++++++++++++++ .../auth/pvp2/servlets/SLOBasicServlet.java | 1 - .../configuration/filter/AuthenticationFilter.java | 8 ++++++-- .../id/configuration/helper/FormDataHelper.java | 4 +++- .../configuration/struts/action/IndexAction.java | 20 +++++++++++++++---- .../id/configuration/utils/UserRequestCleaner.java | 7 ++++++- 10 files changed, 86 insertions(+), 17 deletions(-) (limited to 'id/ConfigWebTool/src/main/java/at') diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java index 2f4d700a2..f549db9f3 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java @@ -116,4 +116,6 @@ public class Constants { BUSINESSSERVICENAMES = Collections.unmodifiableMap(tmp); } + + public static final long ONE_MINUTE_IN_MILLIS=60000;//millisecs } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/AuthenticatedUser.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/AuthenticatedUser.java index 036acf1f6..3bfe409c0 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/AuthenticatedUser.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/AuthenticatedUser.java @@ -42,6 +42,7 @@ public class AuthenticatedUser { private String institute; private String userName; private Date lastLogin; + private Date sessionExpired; private boolean onlyBusinessService = false; private String businessServiceType; @@ -54,7 +55,7 @@ public class AuthenticatedUser { } - public static AuthenticatedUser generateDefaultUser() { + public static AuthenticatedUser generateDefaultUser(Date sessionExpired) { AuthenticatedUser user = new AuthenticatedUser(); user.familyName = "TestUser"; @@ -67,12 +68,13 @@ public class AuthenticatedUser { user.isMandateUser = false; user.isPVP2Login = false; user.lastLogin = new Date(); + user.sessionExpired = sessionExpired; return user; } public static AuthenticatedUser generateUserRequestUser(UserDatabaseFrom form, - String nameID, String nameIDFormat) { + String nameID, String nameIDFormat, Date sessionExpired) { AuthenticatedUser user = new AuthenticatedUser(); user.familyName = form.getFamilyName(); @@ -85,6 +87,7 @@ public class AuthenticatedUser { user.isMandateUser = form.isIsmandateuser(); user.isPVP2Login = form.isPVPGenerated(); user.lastLogin = new Date(); + user.sessionExpired = sessionExpired; user.nameID = nameID; user.nameIDFormat = nameIDFormat; @@ -93,7 +96,7 @@ public class AuthenticatedUser { } public AuthenticatedUser(UserDatabase userdb, boolean isAuthenticated, boolean isMandateUser, - boolean isPVP2Login, String nameID, String nameIDFormat) { + boolean isPVP2Login, String nameID, String nameIDFormat, Date sessionExpired) { this.familyName = userdb.getFamilyname(); this.givenName = userdb.getGivenname(); @@ -105,6 +108,7 @@ public class AuthenticatedUser { this.isMandateUser = isMandateUser; this.isPVP2Login = isPVP2Login; this.lastLogin = new Date(); + this.sessionExpired = sessionExpired; this.nameID = nameID; this.nameIDFormat = nameIDFormat; @@ -250,10 +254,13 @@ public class AuthenticatedUser { public String getNameIDFormat() { return nameIDFormat; } - - - - - + + /** + * @return the sessionExpired + */ + public Date getSessionExpired() { + return sessionExpired; + } + } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/AuthenticationManager.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/AuthenticationManager.java index 6d3afffc9..58142b398 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/AuthenticationManager.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/AuthenticationManager.java @@ -22,6 +22,9 @@ */ package at.gv.egovernment.moa.id.configuration.auth; +import java.util.Date; +import java.util.Iterator; + import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -81,4 +84,16 @@ public class AuthenticationManager { activeUsers.removeUser(authUser.getNameID()); } + + public void removeAllUsersAfterTimeOut() { + Iterator expiredUsers = activeUsers.getUserWithSessionTimeOut(new Date()); + while (expiredUsers.hasNext()) { + AuthenticatedUser user = expiredUsers.next(); + activeUsers.removeUser(user.getNameID()); + log.info("LogOut user with ID" + user.getNameID() + " after SessionTimeOut."); + + } + + } + } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/IActiveUserStorage.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/IActiveUserStorage.java index c52fee140..80730c6e0 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/IActiveUserStorage.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/IActiveUserStorage.java @@ -22,6 +22,9 @@ */ package at.gv.egovernment.moa.id.configuration.auth; +import java.util.Date; +import java.util.Iterator; + /** * @author tlenz * @@ -31,5 +34,6 @@ public interface IActiveUserStorage { public AuthenticatedUser getUser(String nameID); public void setUser(String nameID, AuthenticatedUser authUser); public void removeUser(String nameID); + public Iterator getUserWithSessionTimeOut(Date date); } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/MemoryActiveUserStorageImpl.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/MemoryActiveUserStorageImpl.java index 145da2c35..186a2b931 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/MemoryActiveUserStorageImpl.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/MemoryActiveUserStorageImpl.java @@ -22,7 +22,12 @@ */ package at.gv.egovernment.moa.id.configuration.auth; +import java.util.ArrayList; +import java.util.Collection; +import java.util.Date; import java.util.HashMap; +import java.util.Iterator; +import java.util.List; import java.util.Map; /** @@ -68,4 +73,18 @@ public class MemoryActiveUserStorageImpl implements IActiveUserStorage { } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.configuration.auth.IActiveUserStorage#getUserWithSessionTimeOut(java.util.Date) + */ + @Override + public Iterator getUserWithSessionTimeOut(Date date) { + List expiredUsers = new ArrayList(); + for (AuthenticatedUser user : store.values()) { + if (date.after(user.getSessionExpired())) + expiredUsers.add(user); + + } + return expiredUsers.iterator(); + } + } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBasicServlet.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBasicServlet.java index 38c858918..00d6850d3 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBasicServlet.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBasicServlet.java @@ -127,7 +127,6 @@ public class SLOBasicServlet extends HttpServlet { HttpSession session = request.getSession(false); if (session != null) session.invalidate(); - return createSLOResponse(sloReq, StatusCode.SUCCESS_URI, request); } else { diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java index 1f631afea..d13696d51 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java @@ -24,6 +24,7 @@ package at.gv.egovernment.moa.id.configuration.filter; import java.io.IOException; import java.util.ArrayList; +import java.util.Date; import java.util.StringTokenizer; import java.util.regex.Pattern; @@ -153,8 +154,11 @@ public class AuthenticationFilter implements Filter{ log.warn("Authentication is deaktivated. Dummy authentication-information are used!"); if (authuser == null) { - - authuser = AuthenticatedUser.generateDefaultUser(); + int sessionTimeOut = session.getMaxInactiveInterval(); + Date sessionExpired = new Date(new Date().getTime() + + (sessionTimeOut * Constants.ONE_MINUTE_IN_MILLIS)); + + authuser = AuthenticatedUser.generateDefaultUser(sessionExpired); authManager.setActiveUser(authuser); //authuser = new AuthenticatedUser(1, "Max", "TestUser", true, false); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/FormDataHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/FormDataHelper.java index cd6c699b9..dc97dd2c8 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/FormDataHelper.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/FormDataHelper.java @@ -23,6 +23,7 @@ package at.gv.egovernment.moa.id.configuration.helper; import java.util.ArrayList; +import java.util.Date; import java.util.List; import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; @@ -88,7 +89,8 @@ public class FormDataHelper { userlist.add(new AuthenticatedUser(dbuser, dbuser.isIsActive(), ismandate, - false, null, null)); + false, null, null, new Date()) + ); } return userlist; } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java index 4762f1518..f4a3d0c75 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java @@ -215,12 +215,17 @@ public class IndexAction extends BasicAction { if (dbuser.isIsMandateUser() != null) ismandateuser = dbuser.isIsMandateUser(); + int sessionTimeOut = session.getMaxInactiveInterval(); + Date sessionExpired = new Date(new Date().getTime() + + (sessionTimeOut * Constants.ONE_MINUTE_IN_MILLIS)); + AuthenticatedUser authuser = new AuthenticatedUser(dbuser, true, ismandateuser, false, dbuser.getHjid()+"dbID", - "username/password"); + "username/password", + sessionExpired); //store user as authenticated user AuthenticationManager authManager = AuthenticationManager.getInstance(); @@ -390,6 +395,10 @@ public class IndexAction extends BasicAction { String bpkwbpk = nameID.getNameQualifier() + "+" + nameID.getValue(); + int sessionTimeOut = session.getMaxInactiveInterval(); + Date sessionExpired = new Date(new Date().getTime() + + (sessionTimeOut * Constants.ONE_MINUTE_IN_MILLIS)); + //search user UserDatabase dbuser = ConfigurationDBRead.getUserWithUserBPKWBPK(bpkwbpk); if (dbuser == null) { @@ -434,7 +443,8 @@ public class IndexAction extends BasicAction { //create AuthUser data element authUser = AuthenticatedUser.generateUserRequestUser(user, nameID.getValue(), - nameID.getFormat()); + nameID.getFormat(), + sessionExpired); //store user as authenticated user AuthenticationManager authManager = AuthenticationManager.getInstance(); @@ -464,7 +474,8 @@ public class IndexAction extends BasicAction { dbuser.isIsMandateUser(), true, nameID.getValue(), - nameID.getFormat()); + nameID.getFormat(), + sessionExpired); //store user as authenticated user AuthenticationManager authManager = AuthenticationManager.getInstance(); @@ -491,7 +502,8 @@ public class IndexAction extends BasicAction { ismandateuser, true, nameID.getValue(), - nameID.getFormat()); + nameID.getFormat(), + sessionExpired); //store user as authenticated user AuthenticationManager authManager = AuthenticationManager.getInstance(); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/UserRequestCleaner.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/UserRequestCleaner.java index 9ec8db858..a75f8307d 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/UserRequestCleaner.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/UserRequestCleaner.java @@ -31,6 +31,7 @@ import org.apache.log4j.Logger; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; +import at.gv.egovernment.moa.id.configuration.auth.AuthenticationManager; import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider; import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException; import at.gv.egovernment.moa.id.configuration.helper.DateTimeHelper; @@ -40,13 +41,14 @@ public class UserRequestCleaner implements Runnable { private static final Logger log = Logger.getLogger(UserRequestCleaner.class); - private static final long SESSION_CLEANUP_INTERVAL = 60 * 60; // 60 min + private static final long SESSION_CLEANUP_INTERVAL = 5 * 60; // 5 min public void run() { while (true) { try { ConfigurationProvider config = ConfigurationProvider.getInstance(); + //clean up user request storage List userrequests = ConfigurationDBRead.getAllOpenUsersRequests(); if (userrequests != null) { Calendar cal = Calendar.getInstance(); @@ -63,6 +65,9 @@ public class UserRequestCleaner implements Runnable { } } + + //clean up active user storage + AuthenticationManager.getInstance().removeAllUsersAfterTimeOut(); Thread.sleep(SESSION_CLEANUP_INTERVAL * 1000); -- cgit v1.2.3