Index: lams_common/src/java/org/lamsfoundation/lams/web/session/LoginFormAuthenticator.java
===================================================================
diff -u
--- lams_common/src/java/org/lamsfoundation/lams/web/session/LoginFormAuthenticator.java (revision 0)
+++ lams_common/src/java/org/lamsfoundation/lams/web/session/LoginFormAuthenticator.java (revision 0b91d14af990013a1f529eca5d701ebe37a5fc73)
@@ -0,0 +1,40 @@
+/*
+ *Copyright (C) 2005 LAMS Foundation (http://lamsfoundation.org)
+ *
+ *This program is free software; you can redistribute it and/or modify
+ *it under the terms of the GNU General Public License as published by
+ *the Free Software Foundation; either version 2 of the License, or
+ *(at your option) any later version.
+ *
+ *This program is distributed in the hope that it will be useful,
+ *but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ *GNU General Public License for more details.
+ *
+ *You should have received a copy of the GNU General Public License
+ *along with this program; if not, write to the Free Software
+ *Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
+ *USA
+ *
+ *http://www.gnu.org/licenses/gpl.txt
+ */
+package org.lamsfoundation.lams.web.session;
+
+import java.io.IOException;
+
+import org.apache.catalina.authenticator.FormAuthenticator;
+import org.apache.catalina.connector.Request;
+import org.apache.catalina.connector.Response;
+import org.apache.catalina.deploy.LoginConfig;
+
+public class LoginFormAuthenticator extends FormAuthenticator{
+
+ public boolean authenticate(Request request, Response response, LoginConfig config) throws IOException {
+ SessionManager.startSession(request,response);
+ boolean result = super.authenticate(request, response, config);
+ SessionManager.endSession();
+ return result;
+ }
+
+
+}
Index: lams_common/src/java/org/lamsfoundation/lams/web/session/SessionManager.java
===================================================================
diff -u -rebbe77ec5ad6506eca4b642562cf9898c0d7d587 -r0b91d14af990013a1f529eca5d701ebe37a5fc73
--- lams_common/src/java/org/lamsfoundation/lams/web/session/SessionManager.java (.../SessionManager.java) (revision ebbe77ec5ad6506eca4b642562cf9898c0d7d587)
+++ lams_common/src/java/org/lamsfoundation/lams/web/session/SessionManager.java (.../SessionManager.java) (revision 0b91d14af990013a1f529eca5d701ebe37a5fc73)
@@ -26,11 +26,18 @@
import java.util.Map;
import javax.servlet.ServletContext;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import javax.servlet.http.HttpSessionBindingEvent;
import javax.servlet.http.HttpSessionBindingListener;
import javax.servlet.http.HttpSessionContext;
+import net.sf.hibernate.id.UUIDHexGenerator;
+
import org.apache.log4j.Logger;
import org.lamsfoundation.lams.util.Configuration;
import org.lamsfoundation.lams.util.ConfigurationKeys;
@@ -148,6 +155,97 @@
this.monitorPeriod = monitorPeriod;
}
+ /**
+ * Start a session for current ServletRequest and SerlvetResponse.
+ * If session does not exist, then create a new session. If it exists, just using current session.
+ *
+ * @param req
+ * @param res
+ */
+ public static void startSession(ServletRequest req, ServletResponse res) {
+ Cookie cookie = findCookie((HttpServletRequest) req,SystemSessionFilter.SYS_SESSION_COOKIE);
+ String currentSessionId = null;
+ if(cookie != null){
+ currentSessionId = cookie.getValue();
+ Object obj = getSession(currentSessionId);
+ //if cookie exist, but session does not. This usually menas seesion expired.
+ //then delete the cookie first and set it null in order to create a new one
+ if(obj == null){
+ removeCookie((HttpServletResponse) res,SystemSessionFilter.SYS_SESSION_COOKIE);
+ cookie = null;
+ }
+ }
+ //can not be in else!
+ if(cookie == null){
+ //create new session and set it into cookie
+ currentSessionId = (String) new UUIDHexGenerator().generate(null,null);
+ createSession(currentSessionId);
+ cookie = createCookie((HttpServletResponse) res,SystemSessionFilter.SYS_SESSION_COOKIE,currentSessionId);
+ }
+
+ setCurrentSessionId(currentSessionId);
+ //reset session last access time
+ SessionVisitor sessionVisitor = getSessionVisitor();
+ sessionVisitor.accessed();
+ }
+ /**
+ * This method will reset current session id, so programs can not use getSession() to get current
+ * session after this method is called.
+ */
+ public static void endSession() {
+ setCurrentSessionId(null);
+ }
+
+ /**
+ * Find a cookie by given cookie name from request.
+ *
+ * @param req
+ * @param name The cookie name
+ * @return The cookie of this name in the request, or null if not found.
+ */
+ private static Cookie findCookie(HttpServletRequest req, String name)
+ {
+ Cookie[] cookies = req.getCookies();
+ if (cookies != null) {
+ for (int i = 0; i < cookies.length; i++) {
+ if (cookies[i].getName().equals(name)) {
+ return cookies[i];
+ }
+ }
+ }
+
+ return null;
+ }
+ /**
+ * Remove cookie by given name from request
+ * @param res
+ * @param name
+ * @return the removed cookies
+ */
+ private static Cookie removeCookie(HttpServletResponse res, String name){
+ Cookie cookie = new Cookie(name, "");
+ cookie.setPath("/");
+ cookie.setMaxAge(0);
+ res.addCookie(cookie);
+
+ return cookie;
+ }
+ /**
+ * Create a new cookie for request.
+ * @param res
+ * @param name cookie name
+ * @param value cookie value
+ * @return the created cookie.
+ */
+ private static Cookie createCookie(HttpServletResponse res, String name, String value){
+ Cookie cookie = new Cookie(name, value);
+ cookie.setPath("/");
+ cookie.setMaxAge(-1);
+ res.addCookie(cookie);
+
+ return cookie;
+ }
+
//************************************************************************
// SYSTEM SESSION MONITOR CLASS
//************************************************************************
Index: lams_common/src/java/org/lamsfoundation/lams/web/session/SystemSessionFilter.java
===================================================================
diff -u -rebbe77ec5ad6506eca4b642562cf9898c0d7d587 -r0b91d14af990013a1f529eca5d701ebe37a5fc73
--- lams_common/src/java/org/lamsfoundation/lams/web/session/SystemSessionFilter.java (.../SystemSessionFilter.java) (revision ebbe77ec5ad6506eca4b642562cf9898c0d7d587)
+++ lams_common/src/java/org/lamsfoundation/lams/web/session/SystemSessionFilter.java (.../SystemSessionFilter.java) (revision 0b91d14af990013a1f529eca5d701ebe37a5fc73)
@@ -28,11 +28,9 @@
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
-import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-import net.sf.hibernate.id.UUIDHexGenerator;
/**
*
@@ -57,89 +55,16 @@
return;
}
- Cookie cookie = findCookie((HttpServletRequest) req,SYS_SESSION_COOKIE);
- String currentSessionId = null;
- if(cookie != null){
- currentSessionId = cookie.getValue();
- Object obj = SessionManager.getSession(currentSessionId);
- //if cookie exist, but session does not. This usually menas seesion expired.
- //then delete the cookie first and set it null in order to create a new one
- if(obj == null){
- removeCookie((HttpServletResponse) res,SYS_SESSION_COOKIE);
- cookie = null;
- }
- }
- //can not be in else!
- if(cookie == null){
- //create new session and set it into cookie
- currentSessionId = (String) new UUIDHexGenerator().generate(null,null);
- SessionManager.createSession(currentSessionId);
- cookie = createCookie((HttpServletResponse) res,SYS_SESSION_COOKIE,currentSessionId);
- }
+ SessionManager.startSession(req, res);
- SessionManager.setCurrentSessionId(currentSessionId);
- //reset session last access time
- SessionVisitor sessionVisitor = SessionManager.getSessionVisitor();
- sessionVisitor.accessed();
-
//do following part of chain
chain.doFilter(req,res);
- SessionManager.setCurrentSessionId(null);
+ SessionManager.endSession();
}
public void destroy() {
//do nothing
}
-
- /**
- * Find a cookie by given cookie name from request.
- *
- * @param req
- * @param name The cookie name
- * @return The cookie of this name in the request, or null if not found.
- */
- private Cookie findCookie(HttpServletRequest req, String name)
- {
- Cookie[] cookies = req.getCookies();
- if (cookies != null) {
- for (int i = 0; i < cookies.length; i++) {
- if (cookies[i].getName().equals(name)) {
- return cookies[i];
- }
- }
- }
-
- return null;
- }
- /**
- * Remove cookie by given name from request
- * @param res
- * @param name
- * @return the removed cookies
- */
- private Cookie removeCookie(HttpServletResponse res, String name){
- Cookie cookie = new Cookie(name, "");
- cookie.setPath("/");
- cookie.setMaxAge(0);
- res.addCookie(cookie);
-
- return cookie;
- }
- /**
- * Create a new cookie for request.
- * @param res
- * @param name cookie name
- * @param value cookie value
- * @return the created cookie.
- */
- private Cookie createCookie(HttpServletResponse res, String name, String value){
- Cookie cookie = new Cookie(name, value);
- cookie.setPath("/");
- cookie.setMaxAge(-1);
- res.addCookie(cookie);
-
- return cookie;
- }
}
Index: lams_tool_sbmt/conf/xdoclet/filter-mappings.xml
===================================================================
diff -u -rdf1375bbde992f59d04ee895a971eb4dfa7282b1 -r0b91d14af990013a1f529eca5d701ebe37a5fc73
--- lams_tool_sbmt/conf/xdoclet/filter-mappings.xml (.../filter-mappings.xml) (revision df1375bbde992f59d04ee895a971eb4dfa7282b1)
+++ lams_tool_sbmt/conf/xdoclet/filter-mappings.xml (.../filter-mappings.xml) (revision 0b91d14af990013a1f529eca5d701ebe37a5fc73)
@@ -1,4 +1,8 @@
hibernateFilter
*.do
+
+
+ SystemSessionFilter
+ /*
\ No newline at end of file
Index: lams_tool_sbmt/conf/xdoclet/filters.xml
===================================================================
diff -u -rdf1375bbde992f59d04ee895a971eb4dfa7282b1 -r0b91d14af990013a1f529eca5d701ebe37a5fc73
--- lams_tool_sbmt/conf/xdoclet/filters.xml (.../filters.xml) (revision df1375bbde992f59d04ee895a971eb4dfa7282b1)
+++ lams_tool_sbmt/conf/xdoclet/filters.xml (.../filters.xml) (revision 0b91d14af990013a1f529eca5d701ebe37a5fc73)
@@ -7,4 +7,12 @@
sessionFactoryBeanName
sbmtSessionFactory
-
\ No newline at end of file
+
+
+
+ SystemSessionFilter
+
+ org.lamsfoundation.lams.web.session.SystemSessionFilter
+
+
+
Index: lams_tool_sbmt/conf/xdoclet/web-security.xml
===================================================================
diff -u
--- lams_tool_sbmt/conf/xdoclet/web-security.xml (revision 0)
+++ lams_tool_sbmt/conf/xdoclet/web-security.xml (revision 0b91d14af990013a1f529eca5d701ebe37a5fc73)
@@ -0,0 +1,113 @@
+
+
+
+ Secure Content
+ *.jsp
+ *.html
+ /index.jsp
+
+
+ LEARNER
+ TEACHER
+ STAFF
+ AUTHOR
+ ADMIN
+ SYSADMIN
+
+
+
+
+
+ Authoring Update
+ /authoring.do
+
+
+ AUTHOR
+
+
+
+
+
+ Staff Content
+ /monitoring.do
+
+
+ STAFF
+
+
+
+
+
+ Adminstrator Content
+ /admin.do
+
+
+ ADMIN
+
+
+
+
+
+
+ LAMS System Adminstrator Content
+ /sysadmin.do
+
+
+ SYSADMIN
+
+
+
+
+
+
+ Download Files
+ /download/
+
+
+ AUTHOR
+ STAFF
+ ADMIN
+ SYSADMIN
+
+
+
+
+
+ FORM
+ LAMS
+
+ /login.jsp
+ /login.jsp?failed=y
+
+
+
+
+
+
+ Student
+ LEARNER
+
+
+ Student
+ TEACHER
+
+
+
+ Can create/modify a learning design
+ AUTHOR
+
+
+
+ Can running and monitoring a learning session
+ STAFF
+
+
+
+ Can add/remove users to the system, set up classes of users for sessions
+ ADMIN
+
+
+
+ Can add/remove users to the system, set up classes of users for sessions
+ SYSADMIN
+
Index: lams_tool_sbmt/src/java/org/lamsfoundation/lams/tool/sbmt/web/MonitoringAction.java
===================================================================
diff -u -rcd3b134672bb7a1778186882f34f9a3e15593b07 -r0b91d14af990013a1f529eca5d701ebe37a5fc73
--- lams_tool_sbmt/src/java/org/lamsfoundation/lams/tool/sbmt/web/MonitoringAction.java (.../MonitoringAction.java) (revision cd3b134672bb7a1778186882f34f9a3e15593b07)
+++ lams_tool_sbmt/src/java/org/lamsfoundation/lams/tool/sbmt/web/MonitoringAction.java (.../MonitoringAction.java) (revision 0b91d14af990013a1f529eca5d701ebe37a5fc73)
@@ -30,6 +30,7 @@
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
import org.apache.commons.lang.StringUtils;
import org.apache.poi.hssf.usermodel.HSSFCell;
@@ -52,12 +53,10 @@
import org.lamsfoundation.lams.tool.sbmt.util.SbmtConstants;
import org.lamsfoundation.lams.usermanagement.dto.UserDTO;
import org.lamsfoundation.lams.util.WebUtil;
-import org.lamsfoundation.lams.web.SharedSession;
+import org.lamsfoundation.lams.web.session.SessionManager;
import org.lamsfoundation.lams.web.util.AttributeNames;
-import sun.misc.SharedSecrets;
-
/**
* @author Manpreet Minhas
* @struts.action
@@ -118,7 +117,14 @@
HttpServletResponse response){
Long sessionID =new Long(WebUtil.readLongParam(request,SbmtConstants.TOOL_SESSION_ID));
// Long userID = new Long(WebUtil.readLongParam(request,"userID"));
- SharedSession ss = SharedSession.getInstance(getServlet().getServletContext());
+// Session session = SessionManager.getCurrentSession();
+ System.out.println(request.getRemoteUser());
+ System.out.println(request.getUserPrincipal());
+// ToolSession toolSession = SessionManager.getCurrentToolSession();
+// session.setAttribute("TS","from sesson");
+// toolSession.setAttribute("TTS","from tool session");
+
+ HttpSession ss = SessionManager.getSession();
UserDTO user = (UserDTO) ss.getAttribute(AttributeNames.USER);
Long userID = new Long(user.getUserID().longValue());