import org.joda.time.DateTime;
import org.opensaml.xml.util.DatatypeHelper;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
import edu.internet2.middleware.shibboleth.common.session.SessionManager;
+import edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine;
/**
* A filter that adds the current users {@link Session} the request, if the user has a session.
*/
public class IdPSessionFilter implements Filter {
- /** Name of the IdP Cookie containing the IdP session ID. */
- public static final String IDP_SESSION_COOKIE_NAME = "_idp_session";
+ /** Class Logger. */
+ private final Logger log = LoggerFactory.getLogger(IdPSessionFilter.class);
/** IdP session manager. */
private SessionManager<Session> sessionManager;
if (idpSessionCookie != null) {
idpSession = sessionManager.getSession(idpSessionCookie.getValue());
if (idpSession != null) {
+ log.trace("Updating IdP session activity time and adding session object to the request");
idpSession.setLastActivityInstant(new DateTime());
httpRequest.setAttribute(Session.HTTP_SESSION_BINDING_ATTRIBUTE, idpSession);
}
}
- addIdPSessionCookieToResponse(httpRequest, httpResponse, idpSession);
-
filterChain.doFilter(request, response);
}
/** {@inheritDoc} */
public void init(FilterConfig filterConfig) throws ServletException {
- sessionManager = (SessionManager<Session>) filterConfig.getServletContext().getAttribute("sessionManager");
+ String sessionManagerId = filterConfig.getInitParameter("sessionManagedId");
+ if (DatatypeHelper.isEmpty(sessionManagerId)) {
+ sessionManagerId = "shibboleth.SessionManager";
+ }
+
+ sessionManager = (SessionManager<Session>) filterConfig.getServletContext().getAttribute(sessionManagerId);
}
/**
* @return the user's current IdP session cookie, if they have a current session, otherwise null
*/
protected Cookie getIdPSessionCookie(HttpServletRequest request) {
+ log.trace("Attempting to retrieve IdP session cookie.");
Cookie[] requestCookies = request.getCookies();
if (requestCookies != null) {
for (Cookie requestCookie : requestCookies) {
- if (DatatypeHelper.safeEquals(requestCookie.getDomain(), request.getLocalName())
- && DatatypeHelper.safeEquals(requestCookie.getPath(), request.getContextPath())
- && DatatypeHelper.safeEquals(requestCookie.getName(), IDP_SESSION_COOKIE_NAME)) {
+ if (DatatypeHelper.safeEquals(requestCookie.getName(), AuthenticationEngine.IDP_SESSION_COOKIE_NAME)) {
+ log.trace("Found IdP session cookie.");
return requestCookie;
}
}
}
+ log.trace("No IdP session cookie sent by the client.");
return null;
}
-
- /**
- * Adds a cookie, containing the user's IdP session ID, to the response.
- *
- * @param request current HTTP request
- * @param response current HTTP response
- * @param userSession user's currentSession
- */
- protected void addIdPSessionCookieToResponse(HttpServletRequest request, HttpServletResponse response,
- Session userSession) {
- Cookie sessionCookie = new Cookie(IDP_SESSION_COOKIE_NAME, userSession.getSessionID());
- sessionCookie.setDomain(request.getLocalName());
- sessionCookie.setPath(request.getContextPath());
- sessionCookie.setSecure(false);
-
- int maxAge = (int) (userSession.getInactivityTimeout() / 1000);
- sessionCookie.setMaxAge(maxAge);
-
- response.addCookie(sessionCookie);
- }
}
\ No newline at end of file
projects / java-idp.git / blobdiff