2 * ================================================================================
4 * ================================================================================
5 * Copyright (C) 2017 AT&T Intellectual Property
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ================================================================================
20 package org.openecomp.portalapp.util;
22 import javax.servlet.http.Cookie;
23 import javax.servlet.http.HttpServletRequest;
24 import javax.servlet.http.HttpServletResponse;
25 import javax.servlet.http.HttpSession;
27 import org.openecomp.portalapp.portal.utils.EPCommonSystemProperties;
28 import org.openecomp.portalapp.portal.utils.EcompPortalUtils;
29 import org.openecomp.portalsdk.core.logging.logic.EELFLoggerDelegate;
30 import org.openecomp.portalsdk.core.onboarding.util.PortalApiConstants;
31 import org.openecomp.portalsdk.core.onboarding.listener.PortalTimeoutHandler;
32 import org.openecomp.portalsdk.core.onboarding.util.CipherUtil;
33 import org.openecomp.portalsdk.core.util.SystemProperties;
34 import org.openecomp.portalsdk.core.web.support.AppUtils;
36 public class SessionCookieUtil {
38 //private static final String JSESSIONID = "JSESSIONID";
39 private static final String EP_SERVICE = "EPService";
40 private static final String USER_ID = "UserId";
41 private static Integer cookieMaxAge = -1;
42 private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(SessionCookieUtil.class);
44 public static void preSetUp(HttpServletRequest request,
45 HttpServletResponse response) {
46 initateSessionMgtHandler(request);
47 //set up EPService cookie
48 setUpEPServiceCookie(request, response);
51 public static void setUpEPServiceCookie(HttpServletRequest request,
52 HttpServletResponse response) {
53 String jSessionId = getJessionId(request);
54 Cookie cookie1 = new Cookie(EP_SERVICE, jSessionId);
55 cookie1.setMaxAge(cookieMaxAge);
56 cookie1.setDomain(EPCommonSystemProperties.getProperty(EPCommonSystemProperties.COOKIE_DOMAIN));
58 response.addCookie(cookie1);
61 public static void setUpUserIdCookie(HttpServletRequest request,
62 HttpServletResponse response,String userId) throws Exception {
63 logger.info("************** session cookie util set up UserId cookie begins");
64 userId = CipherUtil.encrypt(userId,
65 SystemProperties.getProperty(SystemProperties.Decryption_Key));
66 Cookie cookie1 = new Cookie(USER_ID, userId);
67 cookie1.setMaxAge(cookieMaxAge);
68 cookie1.setDomain(EPCommonSystemProperties.getProperty(EPCommonSystemProperties.COOKIE_DOMAIN));
70 response.addCookie(cookie1);
71 logger.info("************** session cookie util set up EP cookie completed");
74 public static String getUserIdFromCookie(HttpServletRequest request,
75 HttpServletResponse response) throws Exception {
77 Cookie[] cookies = request.getCookies();
78 Cookie userIdcookie = null;
80 for (Cookie cookie : cookies)
81 if (cookie.getName().equals(USER_ID))
82 userIdcookie = cookie;
83 if(userIdcookie!=null){
84 userId = CipherUtil.decrypt(userIdcookie.getValue(),
85 SystemProperties.getProperty(SystemProperties.Decryption_Key));
88 logger.info("************** session cookie util set up EP cookie completed");
92 public static String getJessionId(HttpServletRequest request){
94 return request.getSession().getId();
96 Cookie ep = WebUtils.getCookie(request, JSESSIONID);
98 return request.getSession().getId();
100 return ep.getValue();
104 protected static void initateSessionMgtHandler(HttpServletRequest request) {
105 String jSessionId = getJessionId(request);
106 storeMaxInactiveTime(request);
107 PortalTimeoutHandler.sessionCreated(jSessionId, jSessionId, AppUtils.getSession(request));
110 protected static void storeMaxInactiveTime(HttpServletRequest request) {
111 HttpSession session = AppUtils.getSession(request);
112 if(session.getAttribute(PortalApiConstants.GLOBAL_SESSION_MAX_IDLE_TIME) == null)
113 session.setAttribute(PortalApiConstants.GLOBAL_SESSION_MAX_IDLE_TIME,session.getMaxInactiveInterval());
116 public static void resetSessionMaxIdleTimeOut(HttpServletRequest request) {
118 HttpSession session = AppUtils.getSession(request);
119 final Object maxIdleAttribute = session.getAttribute(PortalApiConstants.GLOBAL_SESSION_MAX_IDLE_TIME);
120 if(session != null && maxIdleAttribute != null) {
121 session.setMaxInactiveInterval(Integer.parseInt(maxIdleAttribute.toString()));
123 } catch (Exception e) {
124 logger.error(EELFLoggerDelegate.errorLogger, "Could not reset the session timeout. Details: " + EcompPortalUtils.getStackTrace(e));