📄 defaultlogoncontroller.java
字号:
VPNListeningSocket l = (VPNListeningSocket) i.next();
if (log.isDebugEnabled())
log.debug("Taking down tunnels on port " + l.getTunnel().getDestination());
l.closeActiveTunnels();
}
// Clean up the listening sockets
vpnSession.removeAllListeningSockets();
// Remove the session block
SessionInfo sessionInfo = ((SessionInfo) logons.get(vpnSession.getSessionInfo().getLogonTicket()));
if (sessionInfo != null) {
//
try {
Integer vpnClientSessionTimeoutBlockId = (Integer) sessionInfo.getHttpSession().getAttribute(
Constants.VPN_CLIENT_SESSION_TIMEOUT_BLOCK_ID);
PropertyProfile p = (PropertyProfile) sessionInfo.getHttpSession().getAttribute(Constants.SELECTED_PROFILE);
if (p != null && vpnClientSessionTimeoutBlockId != null) {
if ("true".equals(CoreServlet.getServlet().getPropertyDatabase().getProperty(p.getResourceId(),
vpnSession.getSessionInfo().getUser().getPrincipalName(), "client.preventSessionTimeoutIfActive"))) {
removeSessionTimeoutBlock(sessionInfo.getHttpSession(), vpnClientSessionTimeoutBlockId.intValue());
}
}
} catch (Exception e) {
log.error("Could not determine if VPN session should prevent timeout.", e);
}
} else {
log.error("Could not get originating session.");
}
// Synchronize on the session so that the web launcher can be
// informed
// once complete
synchronized (vpnSession) {
activeVPNSessionsByTicket.remove(vpnSession.getVPNTicket());
List active = getVPNSessionsByLogon(vpnSession.getSessionInfo().getLogonTicket());
if (active != null) {
active.remove(vpnSession);
if (active.size() == 0) {
activeVPNSessionsByLogon.remove(vpnSession.getSessionInfo().getLogonTicket());
}
}
// if (request != null && clientPort != -1 &&
// logons.containsKey(session.getLogonTicket())) {
// if (log.isInfoEnabled()) {log.info("New pending VPN ticket is "}
// + setupVPNSession(request, session.getLogonTicket(),
// session.getOriginatingSession()));
// }
vpnSession.notifyAll();
}
}
}
}
public String registerVPNClient(HttpServletRequest request, String authorizationTicket, int clientPort, Properties properties,
int type) throws InvalidTicketException {
VPNSession session = null;
try {
if (!pendingVPNSessionsByTicket.containsKey(authorizationTicket)) {
String vpnClientDebug = System.getProperty("sslexplorer.agent.debug", "");
if (authorizationTicket.equals("PST_VPN_CLIENT_DEBUG_MODE")
&& (vpnClientDebug.equals("interactive") || vpnClientDebug.equals("enabled"))) {
if (vpnClientDebug.equals("interactive")
&& JOptionPane.showConfirmDialog(null, "A SSL-Explorer Agent wants to connect from "
+ request.getRemoteHost() + ". Do you wish to allow this?",
"Authorize SSL-Explorer Agent Connection", JOptionPane.OK_CANCEL_OPTION) != JOptionPane.OK_OPTION) {
throw new Exception();
}
if(logons.size() < 1) {
throw new Exception("No UI session to attach to.");
}
SessionInfo info = (SessionInfo) logons.values().iterator().next();
session = new VPNSession(info);
} else {
throw new Exception("Not pending");
}
}
} catch (Exception e) {
throw new InvalidTicketException(authorizationTicket + " is not a valid pending VPN session ticket", e);
}
// Get the pending VPN session
if (session == null) {
session = (VPNSession) pendingVPNSessionsByTicket.get(authorizationTicket);
}
// Generate the VPN ticket and setup the session
String ticket = TicketGenerator.getInstance().generateUniqueTicket("VST");
session.setLastAccessTime(System.currentTimeMillis());
session.setVPNTicket(ticket);
session.setClientPort(clientPort);
session.setProperties(properties);
session.setType(type);
// Remove the pending VPN session
pendingVPNSessionsByTicket.remove(authorizationTicket);
// Record the VPN session in our lookup tables
synchronized (activeVPNSessionsByTicket) {
activeVPNSessionsByTicket.put(ticket, session);
List active = (List) activeVPNSessionsByLogon.get(session.getSessionInfo().getLogonTicket());
if (active == null) {
active = new ArrayList();
activeVPNSessionsByLogon.put(session.getSessionInfo().getLogonTicket(), active);
}
active.add(session);
}
SessionInfo sessionInfo = ((SessionInfo) logons.get(session.getSessionInfo().getLogonTicket()));
PropertyProfile p = (PropertyProfile) sessionInfo.getHttpSession().getAttribute(Constants.SELECTED_PROFILE);
//
try {
if (p != null) {
if ("true".equals(CoreServlet.getServlet().getPropertyDatabase().getProperty(p.getResourceId(),
session.getSessionInfo().getUser().getPrincipalName(), "client.preventSessionTimeoutIfActive"))) {
if (log.isDebugEnabled())
log.debug("Adding session timeout to session block to " + sessionInfo.getHttpSession().getId());
sessionInfo.getHttpSession().setAttribute(Constants.VPN_CLIENT_SESSION_TIMEOUT_BLOCK_ID,
new Integer(addSessionTimeoutBlock(sessionInfo.getHttpSession(), "SSL-Explorer Agent active")));
} else {
if (log.isDebugEnabled())
log.debug("Not configured to add session block");
}
} else {
throw new Exception("No selected profile for originating session.");
}
} catch (Exception e) {
log.error("Could not determine if VPN session should prevent timeout.", e);
}
// Setup a new pending ticket
setupVPNSession(request, sessionInfo);
// Return the ticket
return ticket;
}
public boolean waitForClientRegistration(String ticket, int timeout) {
// Get the pending VPN session
VPNSession session = (VPNSession) pendingVPNSessionsByTicket.get(ticket);
synchronized (session) {
try {
if (log.isDebugEnabled())
log.debug("Waiting for at most " + timeout + "ms for a client registration");
session.wait(timeout);
if (log.isDebugEnabled())
log.debug("Got client registration");
} catch (InterruptedException ex) {
if (log.isDebugEnabled())
log.debug("Interrupted waiting for client registration");
}
return session.getFirstAccessTime() != -1;
}
}
public User getUser(HttpSession session, String logonTicket) throws InvalidTicketException {
if (logonTicket == null) {
logonTicket = (String) session.getAttribute(Constants.LOGON_TICKET);
}
if (logonTicket == null) {
throw new InvalidTicketException("No ticket was provided or found in the session object (" + session.getId() + ")");
}
SessionInfo info = (SessionInfo) logons.get(logonTicket);
if (info == null) {
throw new InvalidTicketException("No session info. object could be found for the ticket (" + session.getId() + ")");
}
User user = info.getUser();
return user;
}
public User getUser(HttpServletRequest request) throws InvalidTicketException {
return getUser(request, null);
}
public User getUser(HttpServletRequest request, String logonTicket) throws InvalidTicketException {
return getUser(request.getSession(), logonTicket);
}
public int hasClientLoggedOn(HttpServletRequest request, HttpServletResponse response) throws InvalidTicketException {
// Get the logon cookie
String logonCookie = null;
if (request.getCookies() != null) {
for (int i = 0; i < request.getCookies().length; i++) {
Cookie cookie = request.getCookies()[i];
if (cookie.getName().equals(Constants.LOGON_TICKET) || cookie.getName().equals(Constants.DOMAIN_LOGON_TICKET)) {
logonCookie = cookie.getValue();
}
}
}
// If there is a logon ticket in the requests attributes then reassign
// as we've just been issued a new ticket.
if (request.getAttribute(Constants.LOGON_TICKET) != null)
logonCookie = (String) request.getAttribute(Constants.LOGON_TICKET);
// First check the users session for a logonticket
String sessionLogonTicket = (String) request.getSession().getAttribute(Constants.LOGON_TICKET);
if (sessionLogonTicket != null) {
// Make sure we are still receiving the logon ticket
/**
* LDP - Users are having too many issues with this change. If we
* still have a ticket in the session then the HTTP session must
* still be alive and the the cookie has simply expired before the
* HTTP session (or the browser has elected not to send it). We
* should allow this to continue and refresh the cookie here.
*/
/*
* if(logonCookie == null &&
* request.getAttribute(Constants.LOGON_TICKET) == null) {
*
*
* log.warn("Lost logon ticket. It is likely that logon cookie has
* expired. "); return INVALID_TICKET; } else
*/
if (logonCookie == null) {
try {
addCookies(new ServletRequestAdapter(request), new ServletResponseAdapter(response), sessionLogonTicket, getUser(
request, sessionLogonTicket));
}
catch(InvalidTicketException ite) {
log.warn("Invalid ticket, assuming not logged on.");
return NOT_LOGGED_ON;
}
}
// Still check that the cookie is what we expect it to be
if (logonCookie != null && !sessionLogonTicket.equals(logonCookie)) {
log.warn("Expected a different logon ticket.");
return NOT_LOGGED_ON;
}
return LOGGED_ON;
} else {
if (logonCookie != null && logons.containsKey(logonCookie)) {
refreshLogonTicket(request, response, logonCookie);
return LOGGED_ON;
}
}
return NOT_LOGGED_ON;
}
private void refreshLogonTicket(HttpServletRequest request, HttpServletResponse response, String logonTicket)
throws InvalidTicketException {
if (log.isInfoEnabled())
log.info("Refreshing logon ticket " + logonTicket);
User user = getUser(request, logonTicket);
request.getSession().setAttribute(Constants.USER, user);
request.getSession().setAttribute(Constants.LOGON_TICKET, logonTicket);
request.setAttribute(Constants.LOGON_TICKET, logonTicket);
SessionInfo info = (SessionInfo) logons.get(logonTicket);
if (info == null) {
InetAddress address;
try {
address = InetAddress.getByName(request.getRemoteAddr());
} catch (UnknownHostException uhe) {
throw new InvalidTicketException("Could not refresh logon ticket. " + uhe.getMessage());
}
String userAgent = request.getHeader("User-Agent");
info = SessionInfo.nextSession(request.getSession(), logonTicket, user, address, SessionInfo.UI, userAgent);
} else {
moveSessionTimeoutBlocks(info.getHttpSession(), request.getSession());
info.setSession(request.getSession());
}
/**
* LDP - Allow for the session info to be looked up using the session
* id.
*/
try {
String sessionIdentifier = System.getProperty("sslexplorer.cookie", "JSESSIONID");
String sessionId = null;
Cookie[] cookies = request.getCookies();
for (int i = 0; i < cookies.length; i++) {
if (cookies[i].getName().equalsIgnoreCase(sessionIdentifier)) {
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -