protected void cleanSession(Session catalinaSession) { catalinaSession.getSession().removeAttribute(KeycloakSecurityContext.class.getName()); catalinaSession.getSession().removeAttribute(SerializableKeycloakAccount.class.getName()); catalinaSession.getSession().removeAttribute(OidcKeycloakAccount.class.getName()); catalinaSession.setPrincipal(null); catalinaSession.setAuthType(null); }
protected void cleanSession(Session catalinaSession) { catalinaSession.getSession().removeAttribute(KeycloakSecurityContext.class.getName()); catalinaSession.getSession().removeAttribute(SerializableKeycloakAccount.class.getName()); catalinaSession.getSession().removeAttribute(OidcKeycloakAccount.class.getName()); catalinaSession.setPrincipal(null); catalinaSession.setAuthType(null); }
protected boolean validateToken(Request request, HttpServletResponse response, FedizContext fedConfig) { Session session = request.getSessionInternal(); if (session != null) { FedizResponse wfRes = (FedizResponse)session.getNote(FEDERATION_NOTE); Date tokenExpires = wfRes.getTokenExpires(); if (tokenExpires == null) { LOG.debug("Token doesn't expire"); return true; } Date currentTime = new Date(); if (!currentTime.after(tokenExpires)) { return true; } else { LOG.warn("Token already expired. Clean up and redirect"); session.removeNote(FEDERATION_NOTE); session.setPrincipal(null); request.getSession().removeAttribute(SECURITY_TOKEN); } } else { LOG.debug("Session should not be null after authentication"); } return false; }
@Override protected boolean signout(HttpServletRequest req, HttpServletResponse resp) { // Direct Logout Session session = request.getSessionInternal(); session.removeNote(FederationAuthenticator.FEDERATION_NOTE); session.setPrincipal(null); return super.signout(req, resp); } }
@Override protected boolean signout(HttpServletRequest req, HttpServletResponse resp) { // Direct Logout Session session = request.getSessionInternal(); session.removeNote(FederationAuthenticator.FEDERATION_NOTE); session.setPrincipal(null); return super.signout(req, resp); } }
@Override public void logout(HttpRequest request) throws ServletException { Session session = getSession(request); if (session != null) { session.setPrincipal(null); session.setAuthType(null); } // principal and authType set to null in the following register(request, (HttpResponse)request.getResponse(), null, null, null, null); }
@Override protected boolean signoutCleanup(HttpServletRequest req, HttpServletResponse resp) { // Cleanup session internal Session session = request.getSessionInternal(); session.removeNote(FederationAuthenticator.FEDERATION_NOTE); session.setPrincipal(null); super.signoutCleanup(req, resp); request.clearCookies(); return true; }
@Override protected boolean signoutCleanup(HttpServletRequest req, HttpServletResponse resp) { // Cleanup session internal Session session = request.getSessionInternal(); session.removeNote(FederationAuthenticator.FEDERATION_NOTE); session.setPrincipal(null); super.signoutCleanup(req, resp); request.clearCookies(); return true; }
public void sessionEvent(SessionEvent event) { // We only care about session destroyed events if (!Session.SESSION_DESTROYED_EVENT.equals(event.getType())) return; // Look up the single session id associated with this session (if any) Session session = event.getSession(); log.debugf("Session %s destroyed", session.getId()); GenericPrincipal principal = (GenericPrincipal) session.getPrincipal(); if (principal == null) return; session.setPrincipal(null); session.setAuthType(null); } }
public void sessionEvent(SessionEvent event) { // We only care about session destroyed events if (!Session.SESSION_DESTROYED_EVENT.equals(event.getType())) return; // Look up the single session id associated with this session (if any) Session session = event.getSession(); log.debugf("Session %s destroyed", session.getId()); GenericPrincipal principal = (GenericPrincipal) session.getPrincipal(); if (principal == null) return; session.setPrincipal(null); session.setAuthType(null); } }
public boolean logout(HttpServletRequest servletRequest) { if (servletRequestMatches(servletRequest)) { Session session = getSession(request, false); if (session != null) { session.setPrincipal(null); session.setAuthType(null); session.removeNote(Constants.SESS_USERNAME_NOTE); session.removeNote(Constants.SESS_PASSWORD_NOTE); } return true; } return false; }
public boolean logout(HttpServletRequest servletRequest) { if (servletRequestMatches(servletRequest)) { Session session = getSession(request, false); if (session != null) { session.setPrincipal(null); session.setAuthType(null); session.removeNote(Constants.SESS_USERNAME_NOTE); session.removeNote(Constants.SESS_PASSWORD_NOTE); } return true; } return false; }
@Override public void saveAccountInfo(OidcKeycloakAccount account) { RefreshableKeycloakSecurityContext securityContext = (RefreshableKeycloakSecurityContext) account.getKeycloakSecurityContext(); Set<String> roles = account.getRoles(); GenericPrincipal principal = principalFactory.createPrincipal(request.getContext().getRealm(), account.getPrincipal(), roles); SerializableKeycloakAccount sAccount = new SerializableKeycloakAccount(roles, account.getPrincipal(), securityContext); Session session = request.getSessionInternal(true); session.setPrincipal(principal); session.setAuthType("KEYCLOAK"); session.getSession().setAttribute(SerializableKeycloakAccount.class.getName(), sAccount); session.getSession().setAttribute(KeycloakSecurityContext.class.getName(), account.getKeycloakSecurityContext()); String username = securityContext.getToken().getSubject(); log.fine("userSessionManagement.login: " + username); this.sessionManagement.login(session); }
public boolean logout(HttpServletRequest request) { if (this.request != null && this.request.getRequest() == request) { Session session = getSession(this.request, false); if (session != null) { session.setPrincipal(null); session.setAuthType(null); session.removeNote(Constants.SESS_USERNAME_NOTE); session.removeNote(Constants.SESS_PASSWORD_NOTE); } return true; } return false; }
@Override public void saveAccountInfo(OidcKeycloakAccount account) { RefreshableKeycloakSecurityContext securityContext = (RefreshableKeycloakSecurityContext) account.getKeycloakSecurityContext(); Set<String> roles = account.getRoles(); GenericPrincipal principal = principalFactory.createPrincipal(request.getContext().getRealm(), account.getPrincipal(), roles); SerializableKeycloakAccount sAccount = new SerializableKeycloakAccount(roles, account.getPrincipal(), securityContext); Session session = request.getSessionInternal(true); session.setPrincipal(principal); session.setAuthType("KEYCLOAK"); session.getSession().setAttribute(SerializableKeycloakAccount.class.getName(), sAccount); session.getSession().setAttribute(KeycloakSecurityContext.class.getName(), account.getKeycloakSecurityContext()); String username = securityContext.getToken().getSubject(); log.fine("userSessionManagement.login: " + username); this.sessionManagement.login(session); }
public void logout() throws SecurityServiceException { HttpGraniteContext context = (HttpGraniteContext)GraniteContext.getCurrentInstance(); Session session = getSession(context.getRequest(), false); if (session != null && session.getPrincipal() != null) { session.setAuthType(null); session.setPrincipal(null); session.removeNote(Constants.SESS_USERNAME_NOTE); session.removeNote(Constants.SESS_PASSWORD_NOTE); endLogout(); session.expire(); } }
public void logout() throws SecurityServiceException { HttpGraniteContext context = (HttpGraniteContext)GraniteContext.getCurrentInstance(); Session session = getSession(context.getRequest(), false); if (session != null && session.getPrincipal() != null) { session.setAuthType(null); session.setPrincipal(null); session.removeNote(Constants.SESS_USERNAME_NOTE); session.removeNote(Constants.SESS_PASSWORD_NOTE); endLogout(); session.expire(); } }
@Override public void saveAccount(SamlSession account) { Session session = request.getSessionInternal(true); session.getSession().setAttribute(SamlSession.class.getName(), account); GenericPrincipal principal = (GenericPrincipal) session.getPrincipal(); // in clustered environment in JBossWeb, principal is not serialized or saved if (principal == null) { principal = principalFactory.createPrincipal(request.getContext().getRealm(), account.getPrincipal(), account.getRoles()); session.setPrincipal(principal); session.setAuthType("KEYCLOAK-SAML"); } request.setUserPrincipal(principal); request.setAuthType("KEYCLOAK-SAML"); String newId = changeSessionId(session); idMapperUpdater.map(idMapper, account.getSessionIndex(), account.getPrincipal().getSamlSubject(), newId); }
public Principal login(Object credentials, String charset) throws SecurityServiceException { String[] decoded = decodeBase64Credentials(credentials, charset); HttpGraniteContext context = (HttpGraniteContext)GraniteContext.getCurrentInstance(); HttpServletRequest httpRequest = context.getRequest(); Realm realm = getRealm(httpRequest); Principal principal = realm.authenticate(decoded[0], decoded[1]); if (principal == null) throw SecurityServiceException.newInvalidCredentialsException("Wrong username or password"); Request request = getRequest(httpRequest); request.setAuthType(AUTH_TYPE); request.setUserPrincipal(principal); Session session = request.getSessionInternal(true); session.setAuthType(AUTH_TYPE); session.setPrincipal(principal); session.setNote(Constants.SESS_USERNAME_NOTE, decoded[0]); session.setNote(Constants.SESS_PASSWORD_NOTE, decoded[1]); endLogin(credentials, charset); return principal; }
public Principal login(Object credentials, String charset) throws SecurityServiceException { String[] decoded = decodeBase64Credentials(credentials, charset); HttpGraniteContext context = (HttpGraniteContext)GraniteContext.getCurrentInstance(); HttpServletRequest httpRequest = context.getRequest(); CoyoteRequest request = getRequest(httpRequest); Realm realm = request.getContext().getRealm(); Principal principal = realm.authenticate(decoded[0], decoded[1]); if (principal == null) throw SecurityServiceException.newInvalidCredentialsException("Wrong username or password"); request.setAuthType(AUTH_TYPE); request.setUserPrincipal(principal); Session session = request.getSessionInternal(); session.setAuthType(AUTH_TYPE); session.setPrincipal(principal); session.setNote(Constants.SESS_USERNAME_NOTE, decoded[0]); session.setNote(Constants.SESS_PASSWORD_NOTE, decoded[1]); endLogin(credentials, charset); return principal; }