Java Code Examples for io.undertow.server.session.Session#removeAttribute()
The following examples show how to use
io.undertow.server.session.Session#removeAttribute() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: SavedRequest.java From keycloak with Apache License 2.0 | 6 votes |
|
public static void tryRestoreRequest(final HttpServerExchange exchange, HttpSession session) {
if(session instanceof HttpSessionImpl) {
Session underlyingSession;
if(System.getSecurityManager() == null) {
underlyingSession = ((HttpSessionImpl) session).getSession();
} else {
underlyingSession = AccessController.doPrivileged(new HttpSessionImpl.UnwrapSessionAction(session));
}
io.undertow.servlet.util.SavedRequest request = (io.undertow.servlet.util.SavedRequest) underlyingSession.removeAttribute(SESSION_KEY);
if (request != null) {
underlyingSession.setAttribute(io.undertow.servlet.util.SavedRequest.class.getName(), request);
io.undertow.servlet.util.SavedRequest.tryRestoreRequest(exchange, session);
}
}
}
Example 2
| Source File: CachedAuthenticatedSessionHandler.java From quarkus-http with Apache License 2.0 | 5 votes |
|
@Override
public void clearSession(HttpServerExchange exchange) {
HttpSessionImpl httpSession = servletContext.getSession(exchange, false);
if (httpSession != null) {
Session session = underlyingSession(httpSession);
session.removeAttribute(ATTRIBUTE_NAME);
}
}
Example 3
| Source File: SessionListenerBridge.java From quarkus-http with Apache License 2.0 | 5 votes |
|
private void doDestroy(Session session) {
final HttpSessionImpl httpSession = SecurityActions.forSession(session, servletContext, false);
applicationListeners.sessionDestroyed(httpSession);
//we make a defensive copy here, as there is no guarantee that the underlying session map
//is a concurrent map, and as a result a concurrent modification exception may be thrown
HashSet<String> names = new HashSet<>(session.getAttributeNames());
for (String attribute : names) {
session.removeAttribute(attribute);
}
}
Example 4
| Source File: CachedAuthenticatedSessionHandler.java From quarkus-http with Apache License 2.0 | 5 votes |
|
@Override
public void handleNotification(SecurityNotification notification) {
EventType eventType = notification.getEventType();
HttpServerExchange exchange = notification.getExchange();
SessionManager sessionManager = exchange.getAttachment(SessionManager.ATTACHMENT_KEY);
SessionConfig sessionConfig = exchange.getAttachment(SessionConfig.ATTACHMENT_KEY);
if (sessionManager == null || sessionConfig == null) {
return;
}
Session httpSession = sessionManager.getSession(exchange, sessionConfig);
switch (eventType) {
case AUTHENTICATED:
if (isCacheable(notification)) {
if (httpSession == null) {
httpSession = sessionManager.createSession(exchange, sessionConfig);
}
// It is normal for this notification to be received when using a previously cached session - in that
// case the IDM would have been given an opportunity to re-load the Account so updating here ready for
// the next request is desired.
httpSession.setAttribute(ATTRIBUTE_NAME,
new AuthenticatedSession(notification.getAccount(), notification.getMechanism()));
}
break;
case LOGGED_OUT:
if (httpSession != null) {
httpSession.removeAttribute(ATTRIBUTE_NAME);
httpSession.removeAttribute(NO_ID_CHANGE_REQUIRED);
}
break;
}
}
Example 5
| Source File: CachedAuthenticatedSessionHandler.java From quarkus-http with Apache License 2.0 | 5 votes |
|
@Override
public void clearSession(HttpServerExchange exchange) {
SessionManager sessionManager = exchange.getAttachment(SessionManager.ATTACHMENT_KEY);
SessionConfig sessionConfig = exchange.getAttachment(SessionConfig.ATTACHMENT_KEY);
if (sessionManager == null || sessionConfig == null) {
return;
}
Session httpSession = sessionManager.getSession(exchange, sessionConfig);
if (httpSession != null) {
httpSession.removeAttribute(ATTRIBUTE_NAME);
}
}
Example 6
| Source File: CachedAuthenticatedSessionHandler.java From lams with GNU General Public License v2.0 | 5 votes |
|
@Override
public void handleNotification(SecurityNotification notification) {
EventType eventType = notification.getEventType();
HttpServerExchange exchange = notification.getExchange();
SessionManager sessionManager = exchange.getAttachment(SessionManager.ATTACHMENT_KEY);
SessionConfig sessionConfig = exchange.getAttachment(SessionConfig.ATTACHMENT_KEY);
if (sessionManager == null || sessionConfig == null) {
return;
}
Session httpSession = sessionManager.getSession(exchange, sessionConfig);
switch (eventType) {
case AUTHENTICATED:
if (isCacheable(notification)) {
if (httpSession == null) {
httpSession = sessionManager.createSession(exchange, sessionConfig);
}
// It is normal for this notification to be received when using a previously cached session - in that
// case the IDM would have been given an opportunity to re-load the Account so updating here ready for
// the next request is desired.
httpSession.setAttribute(ATTRIBUTE_NAME,
new AuthenticatedSession(notification.getAccount(), notification.getMechanism()));
}
break;
case LOGGED_OUT:
if (httpSession != null) {
httpSession.removeAttribute(ATTRIBUTE_NAME);
httpSession.removeAttribute(NO_ID_CHANGE_REQUIRED);
}
break;
}
}
Example 7
| Source File: CachedAuthenticatedSessionHandler.java From lams with GNU General Public License v2.0 | 5 votes |
|
@Override
public void clearSession(HttpServerExchange exchange) {
SessionManager sessionManager = exchange.getAttachment(SessionManager.ATTACHMENT_KEY);
SessionConfig sessionConfig = exchange.getAttachment(SessionConfig.ATTACHMENT_KEY);
if (sessionManager == null || sessionConfig == null) {
return;
}
Session httpSession = sessionManager.getSession(exchange, sessionConfig);
if (httpSession != null) {
httpSession.removeAttribute(ATTRIBUTE_NAME);
}
}
Example 8
| Source File: CachedAuthenticatedSessionHandler.java From lams with GNU General Public License v2.0 | 5 votes |
|
@Override
public void clearSession(HttpServerExchange exchange) {
HttpSessionImpl httpSession = servletContext.getSession(exchange, false);
if (httpSession != null) {
Session session = underlyingSession(httpSession);
session.removeAttribute(ATTRIBUTE_NAME);
}
}
Example 9
| Source File: SessionListenerBridge.java From lams with GNU General Public License v2.0 | 5 votes |
|
private void doDestroy(Session session) {
final HttpSessionImpl httpSession = SecurityActions.forSession(session, servletContext, false);
applicationListeners.sessionDestroyed(httpSession);
//we make a defensive copy here, as there is no guarantee that the underlying session map
//is a concurrent map, and as a result a concurrent modification exception may be thrown
HashSet<String> names = new HashSet<>(session.getAttributeNames());
for (String attribute : names) {
session.removeAttribute(attribute);
}
}
Example 10
| Source File: UndertowSessionTokenStore.java From keycloak with Apache License 2.0 | 5 votes |
|
@Override
public boolean isCached(RequestAuthenticator authenticator) {
Session session = Sessions.getSession(exchange);
if (session == null) {
log.debug("session was null, returning null");
return false;
}
KeycloakUndertowAccount account = (KeycloakUndertowAccount)session.getAttribute(KeycloakUndertowAccount.class.getName());
if (account == null) {
log.debug("Account was not in session, returning null");
return false;
}
if (!deployment.getRealm().equals(account.getKeycloakSecurityContext().getRealm())) {
log.debug("Account in session belongs to a different realm than for this request.");
return false;
}
account.setCurrentRequestInfo(deployment, this);
if (account.checkActive()) {
log.debug("Cached account found");
securityContext.authenticationComplete(account, "KEYCLOAK", false);
((AbstractUndertowRequestAuthenticator)authenticator).propagateKeycloakContext(account);
return true;
} else {
log.debug("Account was not active, returning false");
session.removeAttribute(KeycloakUndertowAccount.class.getName());
session.removeAttribute(KeycloakSecurityContext.class.getName());
session.invalidate(exchange);
return false;
}
}
Example 11
| Source File: UndertowSessionTokenStore.java From keycloak with Apache License 2.0 | 5 votes |
|
@Override
public void logout() {
Session session = Sessions.getSession(exchange);
if (session == null) return;
KeycloakUndertowAccount account = (KeycloakUndertowAccount)session.getAttribute(KeycloakUndertowAccount.class.getName());
if (account == null) return;
session.removeAttribute(KeycloakUndertowAccount.class.getName());
session.removeAttribute(KeycloakSecurityContext.class.getName());
}
Example 12
| Source File: SavedRequest.java From keycloak with Apache License 2.0 | 5 votes |
|
public static void trySaveRequest(final HttpServerExchange exchange) {
io.undertow.servlet.util.SavedRequest.trySaveRequest(exchange);
final ServletRequestContext sc = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY);
HttpSessionImpl session = sc.getCurrentServletContext().getSession(exchange, true);
Session underlyingSession;
if(System.getSecurityManager() == null) {
underlyingSession = session.getSession();
} else {
underlyingSession = AccessController.doPrivileged(new HttpSessionImpl.UnwrapSessionAction(session));
}
io.undertow.servlet.util.SavedRequest request = (io.undertow.servlet.util.SavedRequest) underlyingSession.removeAttribute(io.undertow.servlet.util.SavedRequest.class.getName());
if (request != null) underlyingSession.setAttribute(SESSION_KEY, request);
}
