*
* @return unique identifier for the service
*/
- public String getEntityID();
-
+ public String getEntityID();
+
/**
- * Gets the time the user authenticated to the service.
+ * Gets the time the user authenticated to the service.
*
* @return time the user authenticated to the service
*/
- public DateTime getAuthenticationInstance();
-
+ public DateTime getAuthenticationInstant();
+
/**
* Gets the authentication method used to log into the service.
*
* @return authentication method used to log into the service
*/
- public AuthenticationMethodInformation getAuthenticationMethod();
-
+ public AuthenticationMethodInformation getAuthenticationMethod();
+
/**
* Gets the NameID used for the subject/user with this service.
*
* @return NameID used for the subject/user with this service
*/
- public NameID getSubjectNameID();
+ public NameID getSubjectNameID();
}
\ No newline at end of file
+++ /dev/null
-/*
- * Copyright [2006] [University Corporation for Advanced Internet Development, Inc.]
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package edu.internet2.middleware.shibboleth.idp.session;
-
-/**
- * Session managers are responsible for creating, managing, and destroying Shibboleth IdP sessions.
- */
-public interface SessionManager {
-
- /**
- * Creates a Shibboleth session.
- *
- * @return a Shibboleth session
- */
- public Session createSession();
-
- /**
- * Gets the user's session based on session's ID.
- *
- * @param sessionID the ID of the session
- *
- * @return the session
- */
- public Session getSession(String sessionID);
-
- /**
- * Destroys the session.
- *
- * @param sessionID the ID of the session.
- */
- public void destroySession(String sessionID);
-}
\ No newline at end of file
import org.joda.time.DateTime;
import org.opensaml.saml2.core.NameID;
-
/**
* Information about a service a user has logged in to.
*/
public class ServiceInformationImpl implements ServiceInformation {
+ /** Entity ID of the service. */
private String entityID;
+ /** Instant the user was authenticated to the service. */
private DateTime authenticationInstant;
+ /** Authentication method used to authenticate the user to the service. */
private AuthenticationMethodInformation methodInfo;
-
+
+ /** Name ID provided to the service. */
private NameID nameId;
-
/**
* Default constructor.
*
* @param entityID The unique identifier for the service.
- * @param authenticationInstant The time the user authenticated to the service.
+ * @param authenticationInstant The time the user authenticated to the service.
* @param methodInfo The authentication method used to log into the service.
* @param nameId The {@link NameID} used for the subject/user with this service.
*
*/
- public ServiceInformationImpl(String entityID, DateTime authenticationInstant,
- AuthenticationMethodInfo methodInfo, final NameID nameId) {
-
- if (entityID == null || authenticationInstant == null
- || methodInfo == null || nameId == null) {
-
- return;
- }
-
+ public ServiceInformationImpl(String entityID, DateTime authenticationInstant, AuthenticationMethodInformation methodInfo,
+ NameID nameId) {
+
this.entityID = entityID;
this.authenticationInstant = authenticationInstant;
this.methodInfo = methodInfo;
- this.nameId = nameId; // XXX: Don't we need to defensively clone nameId? It's mutable.
+ this.nameId = nameId;
}
-
- /**
+ /**
* Cloning constructor.
*
* @param serviceInfo The ServiceInformation instance to duplicate.
*/
public ServiceInformationImpl(final ServiceInformation serviceInfo) {
-
+
if (serviceInfo == null) {
- return;
+ return;
}
-
+
this.entityID = serviceInfo.getEntityID();
this.authenticationInstant = serviceInfo.getAuthenticationInstant();
this.methodInfo = serviceInfo.getAuthenticationMethod();
this.nameId = serviceInfo.getSubjectNameID();
}
-
/** {@inheritDoc} */
public String getEntityID() {
- return this.entityID;
+ return entityID;
}
-
/** {@inheritDoc} */
public DateTime getAuthenticationInstant() {
- return this.authenticationInstant;
+ return authenticationInstant;
}
-
/** {@inheritDoc} */
public AuthenticationMethodInformation getAuthenticationMethod() {
- return this.methodInfo;
+ return methodInfo;
}
-
-
+
/** {@inheritDoc} */
public NameID getSubjectNameID() {
- return this.nameId;
+ return nameId;
}
-
-
+
/** {@inheritDoc} */
public boolean equals(Object obj) {
-
- if (! obj instanceof ServiceInformation) {
- return false;
- }
-
- ServiceInformation si = (ServiceInformation)obj;
-
- if (this.getEntityID().equals(si.getEntityID())
- && this.getAuthenticationInstant().equals(si.getAuthenticationInstant())
- && this.getSubjectNameID().equals(si.getSubjecTNameID())) {
-
- return true;
- } else {
- return false;
- }
+ if (!(obj instanceof ServiceInformation)) {
+ return false;
+ }
+
+ ServiceInformation si = (ServiceInformation) obj;
+ if (this.getEntityID().equals(si.getEntityID())
+ && this.getAuthenticationInstant().equals(si.getAuthenticationInstant())
+ && this.getSubjectNameID().equals(si.getSubjectNameID())) {
+
+ return true;
+ }
+
+ return false;
}
}
\ No newline at end of file
package edu.internet2.middleware.shibboleth.idp.session.impl;
+import java.net.InetAddress;
import java.util.List;
import javolution.util.FastList;
+import edu.internet2.middleware.shibboleth.common.session.impl.AbstractSession;
import edu.internet2.middleware.shibboleth.idp.session.AuthenticationMethodInformation;
import edu.internet2.middleware.shibboleth.idp.session.ServiceInformation;
import edu.internet2.middleware.shibboleth.idp.session.Session;
-// implementation note:
-// pay attention to package names in this file!
-//
-// this class is shib.idp.session.impl.SessionImpl. It implements the shib.idp.session.Session
-// interface. that interface, in turn, extends shib.common.session.Session, which is implemented
-// in shib.common.session.impl.SessionImpl.
-
-
/**
* Session information for user logged into the IdP.
*/
-public class SessionImpl
- extends edu.internet2.middleware.shibboleth.common.session.impl.SessionImpl
- implements Session {
+public class SessionImpl extends AbstractSession implements Session {
- /** The list of methods used to authentictate the user */
- private List<AuthenticationMethodInformation> authnMethods =
- new FastList<AuthenticationMethodInformation>();
-
- /** The list of services to which the user has logged in */
- private List<ServiceInformation> servicesInformation =
- new FastList<ServiceInformation>();
+ /** Serial version UID. */
+ private static final long serialVersionUID = 2927868242208211623L;
+
+ /** The list of methods used to authentictate the user. */
+ private List<AuthenticationMethodInformation> authnMethods;
+
+ /** The list of services to which the user has logged in. */
+ private List<ServiceInformation> servicesInformation;
-
/**
* Default constructor.
*
- * @param principalID The principal ID of the user
+ * @param presenter IP address of the presenter
+ * @param principal principal ID of the user
*/
- public SessionImpl(String principalID) {
-
- super(principalID);
+ public SessionImpl(InetAddress presenter, String principal) {
+ super(presenter, principal);
+
+ authnMethods = new FastList<AuthenticationMethodInformation>();
+ servicesInformation = new FastList<ServiceInformation>();
}
-
-
+
/** {@inheritDoc} */
public List<AuthenticationMethodInformation> getAuthenticationMethods() {
-
- // XXX : This is suspect. One should not return
- // a reference to a private mutable object. The Session
- // interface should have methods for adding and removing
- // AuthenticationMethodInformation and ServicesInformation
- // entries. Further, the Session interface assumes that
- // the implementation will return a thread-safe List. Not
- // all List implementations are thread-safe.
-
- return this.authnMethods;
+ return authnMethods;
}
-
/** {@inheritDoc} */
public List<ServiceInformation> getServicesInformation() {
-
- // XXX: warning: Potentially dangerous. see above note.
-
- return this.servicesInformation;
+ return servicesInformation;
}
-
+
}
--- /dev/null
+/*
+ * Copyright [2007] [University Corporation for Advanced Internet Development, Inc.]
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package edu.internet2.middleware.shibboleth.idp.session.impl;
+
+import java.net.InetAddress;
+import java.util.HashMap;
+
+import org.springframework.context.ApplicationContext;
+import org.springframework.context.ApplicationContextAware;
+
+import edu.internet2.middleware.shibboleth.common.session.LoginEvent;
+import edu.internet2.middleware.shibboleth.common.session.LogoutEvent;
+import edu.internet2.middleware.shibboleth.common.session.SessionManager;
+import edu.internet2.middleware.shibboleth.idp.session.Session;
+
+/**
+ * Manager of IdP sessions.
+ */
+public class SessionManagerImpl implements SessionManager<Session>, ApplicationContextAware {
+
+ /** Spring context used to publish login and logout events. */
+ private ApplicationContext appCtx;
+
+ /** Currently active sessions. */
+ private HashMap<String, Session> activeSessions;
+
+ /** Constructor. */
+ public SessionManagerImpl(){
+ activeSessions = new HashMap<String, Session>();
+ }
+
+ /** {@inheritDoc} */
+ public void setApplicationContext(ApplicationContext applicationContext) {
+ appCtx = applicationContext;
+ }
+
+ /** {@inheritDoc} */
+ public Session createSession(InetAddress presenter, String principal) {
+ SessionImpl session = new SessionImpl(presenter, principal);
+ activeSessions.put(session.getSessionID(), session);
+ appCtx.publishEvent(new LoginEvent(session));
+ return session;
+ }
+
+ /** {@inheritDoc} */
+ public void destroySession(String sessionID) {
+ Session session = activeSessions.remove(sessionID);
+ if(session != null){
+ appCtx.publishEvent(new LogoutEvent(session));
+ }
+ }
+
+ /** {@inheritDoc} */
+ public Session getSession(String sessionID) {
+ return activeSessions.get(sessionID);
+ }
+}
\ No newline at end of file