2 * ============LICENSE_START==========================================
4 * ===================================================================
5 * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
6 * ===================================================================
8 * Unless otherwise specified, all software contained herein is licensed
9 * under the Apache License, Version 2.0 (the "License");
10 * you may not use this software except in compliance with the License.
11 * You may obtain a copy of the License at
13 * http://www.apache.org/licenses/LICENSE-2.0
15 * Unless required by applicable law or agreed to in writing, software
16 * distributed under the License is distributed on an "AS IS" BASIS,
17 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18 * See the License for the specific language governing permissions and
19 * limitations under the License.
21 * Unless otherwise specified, all documentation contained herein is licensed
22 * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
23 * you may not use this documentation except in compliance with the License.
24 * You may obtain a copy of the License at
26 * https://creativecommons.org/licenses/by/4.0/
28 * Unless required by applicable law or agreed to in writing, documentation
29 * distributed under the License is distributed on an "AS IS" BASIS,
30 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
31 * See the License for the specific language governing permissions and
32 * limitations under the License.
34 * ============LICENSE_END============================================
36 * ECOMP is a trademark and service mark of AT&T Intellectual Property.
38 package org.onap.portalsdk.core.interceptor;
40 import java.net.MalformedURLException;
42 import java.net.URLEncoder;
44 import javax.servlet.http.HttpServletRequest;
45 import javax.servlet.http.HttpServletResponse;
46 import javax.servlet.http.HttpSession;
48 import org.apache.commons.lang.StringUtils;
49 import org.onap.portalsdk.core.controller.FusionBaseController;
50 import org.onap.portalsdk.core.domain.User;
51 import org.onap.portalsdk.core.exception.SessionExpiredException;
52 import org.onap.portalsdk.core.listener.CollaborateListBindingListener;
53 import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
54 import org.onap.portalsdk.core.util.SystemProperties;
55 import org.onap.portalsdk.core.web.support.AppUtils;
56 import org.onap.portalsdk.core.web.support.UserUtils;
57 import org.springframework.web.method.HandlerMethod;
58 import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
60 public class SessionTimeoutInterceptor extends HandlerInterceptorAdapter {
62 private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(SessionTimeoutInterceptor.class);
65 * Checks all requests for valid session information. If not found, redirects to
66 * a controller that will establish a valid session.
69 public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
71 if (handler instanceof HandlerMethod) {
72 HandlerMethod method = (HandlerMethod) handler;
73 FusionBaseController controller = (FusionBaseController) method.getBean();
74 if (!controller.isAccessible() && !controller.isRESTfulCall()) {
76 // getSession() throws SessionExpiredException
77 HttpSession session = AppUtils.getSession(request);
78 User user = UserUtils.getUserSession(request);
79 // check if user is logging out
80 if (request.getRequestURI().indexOf("logout.htm") > -1) {
81 session.removeAttribute(CollaborateListBindingListener.SESSION_ATTR_NAME);
82 throw new SessionExpiredException();
83 } else if (user == null) {
84 // Jump to the redirection code
85 throw new Exception("preHandle: user not found in session");
87 // session binding listener will add this value to the
88 // map, and with session replication the listener will
89 // fire in all tomcat instances
90 session.setAttribute(CollaborateListBindingListener.SESSION_ATTR_NAME,
91 new CollaborateListBindingListener(user.getOrgUserId()));
93 } catch (Exception ex) {
94 // get the path within the webapp that the user requested (no host name etc.)
95 final String forwardUrl = request.getRequestURI().substring(request.getContextPath().length() + 1)
96 + (request.getQueryString() == null ? "" : "?" + request.getQueryString());
97 final String forwardUrlParm = "forwardURL=" + URLEncoder.encode(forwardUrl, "UTF-8");
98 final String singleSignonPrefix = "/single_signon.htm?";
99 if (ex instanceof SessionExpiredException) {
100 // Session is expired; send to portal.
101 // Redirect to an absolute path in the webapp; e.g.,
102 // "/context/single_signon.htm"
103 final String redirectUrl = request.getContextPath() + singleSignonPrefix
104 + "redirectToPortal=Yes&" + forwardUrlParm;
105 logger.debug(EELFLoggerDelegate.debugLogger, "preHandle: session is expired, redirecting to {}",
107 response.sendRedirect(redirectUrl);
110 // Other issue; do not send to portal.
111 // Redirect to an absolute path in the webapp; e.g.,
112 // "/context/single_signon.htm"
113 final String redirectUrl = request.getContextPath() + singleSignonPrefix + forwardUrlParm;
114 logger.debug(EELFLoggerDelegate.debugLogger, "preHandle: took exception {}, redirecting to {}",
115 ex.getMessage(), redirectUrl);
116 response.sendRedirect(redirectUrl);
123 return super.preHandle(request, response, handler);
126 public void validateDomain(final String redirectUrl) throws MalformedURLException {
127 if (StringUtils.isNotBlank(redirectUrl)) {
128 String hostName = new URL(redirectUrl).getHost();
129 if (StringUtils.isNotBlank(hostName)
130 && !hostName.endsWith(SystemProperties.getProperty(SystemProperties.COOKIE_DOMAIN))) {
131 logger.debug(EELFLoggerDelegate.debugLogger, "singleSignOnLogin: accessing Unauthorized url", hostName);
132 throw new SecurityException("accessing Unauthorized url : " + hostName);
Code Review / portal / sdk.git / blob