Skip to content

Commit

Permalink
Merge pull request #2989 from SCADA-LTS/fix/#2988_Fixed_active_sessio…
Browse files Browse the repository at this point in the history
…ns_load_in_loggedUsers_bean_when_tomcat_starts

 #2988 Fixed active sessions load in loggedUsers bean when tomcat sta…
  • Loading branch information
Limraj authored Aug 24, 2024
2 parents 56ff260 + a0e635a commit dd405c5
Show file tree
Hide file tree
Showing 4 changed files with 81 additions and 3 deletions.
37 changes: 37 additions & 0 deletions src/com/serotonin/mango/MangoContextListener.java
Original file line number Diff line number Diff line change
Expand Up @@ -55,6 +55,11 @@
import freemarker.cache.TemplateLoader;
import freemarker.template.Configuration;
import freemarker.template.DefaultObjectWrapper;
import org.apache.catalina.Manager;
import org.apache.catalina.Session;
import org.apache.catalina.core.ApplicationContext;
import org.apache.catalina.core.ApplicationContextFacade;
import org.apache.catalina.core.StandardContext;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.mozilla.javascript.ContextFactory;
Expand All @@ -76,6 +81,7 @@
import java.io.File;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.lang.reflect.Field;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
Expand Down Expand Up @@ -105,6 +111,8 @@ public void contextInitialized(ServletContextEvent evt) {
private void initialized(ServletContextEvent evt) {
log.info("Scada-LTS context starting at: " + Common.getStartupTime());

sessionsInitialize(evt);

scriptContextInitialize();

// Get a handle on the context.
Expand Down Expand Up @@ -682,4 +690,33 @@ private void initSchedule() {
log.error(e.getMessage(), e);
}
}

private void sessionsInitialize(ServletContextEvent evt) {
try {
Session[] sessions = getSessions(evt);
ApplicationBeans.getLoggedUsersBean().loadSessions(sessions);
} catch (Exception ex) {
log.error(ex.getMessage(), ex);
}
}

private static Session[] getSessions(ServletContextEvent evt) throws NoSuchFieldException, IllegalAccessException {
Manager manager = getManager(evt);
return manager.findSessions();
}

private static Manager getManager(ServletContextEvent evt) throws NoSuchFieldException, IllegalAccessException {
ApplicationContextFacade applicationContextFacade = (ApplicationContextFacade) evt.getServletContext();

Field applicationContextField = applicationContextFacade.getClass().getDeclaredField("context");
applicationContextField.setAccessible(true);
ApplicationContext applicationContext = (ApplicationContext) applicationContextField.get(applicationContextFacade);
applicationContextField.setAccessible(false);

Field standardContextField = applicationContext.getClass().getDeclaredField("context");
standardContextField.setAccessible(true);
StandardContext standardContext = (StandardContext) standardContextField.get(applicationContext);
standardContextField.setAccessible(false);
return standardContext.getManager();
}
}
2 changes: 2 additions & 0 deletions src/org/scada_lts/login/ILoggedUsers.java
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@

import br.org.scadabr.vo.usersProfiles.UsersProfileVO;
import com.serotonin.mango.vo.User;
import org.apache.catalina.Session;

import javax.servlet.http.HttpSession;
import java.util.Collection;
Expand All @@ -15,4 +16,5 @@ public interface ILoggedUsers {
Set<Integer> getUserIds();
Collection<User> getUsers();
User getUser(int id);
void loadSessions(Session[] sessions);
}
43 changes: 40 additions & 3 deletions src/org/scada_lts/login/LoggedUsers.java
Original file line number Diff line number Diff line change
Expand Up @@ -3,9 +3,14 @@
import br.org.scadabr.vo.usersProfiles.UsersProfileVO;
import com.serotonin.mango.util.LoggingUtils;
import com.serotonin.mango.vo.User;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.catalina.Session;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.scada_lts.mango.service.UserService;
import org.scada_lts.web.beans.ApplicationBeans;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContext;

import javax.servlet.http.HttpSession;
import java.util.*;
Expand All @@ -17,7 +22,7 @@

public class LoggedUsers implements ILoggedUsers {

private static final Log LOG = LogFactory.getLog(LoggedUsers.class);
private static final Logger LOG = LogManager.getLogger(LoggedUsers.class);

private final Map<Integer, User> loggedUsers = new ConcurrentHashMap<>();
private final Map<Integer, List<HttpSession>> loggedSessions = new ConcurrentHashMap<>();
Expand Down Expand Up @@ -111,6 +116,29 @@ public User getUser(int id) {
}
}

@Override
public void loadSessions(Session[] sessions) {
for(Session session: sessions) {
HttpSession httpSession = session.getSession();
UserService userService = ApplicationBeans.getBean("userService", UserService.class);
SecurityContext securityContext = (SecurityContext)httpSession.getAttribute("SPRING_SECURITY_CONTEXT");
if(securityContext != null) {
Authentication authentication = securityContext.getAuthentication();
if(authentication != null) {
String username = authentication.getName();
User sessionUser = userService.getUser(username);
if (sessionUser != null && (!sessionUser.isAdmin() || isAdmin(authentication))) {
int userId = sessionUser.getId();
loggedSessions.putIfAbsent(userId, new ArrayList<>());
loggedSessions.get(userId).add(httpSession);
loggedUsers.put(userId, sessionUser);
LOG.info("Loaded session for user: {}", username);
}
}
}
}
}

private static void update(User user, Map<Integer, User> loggedUsers,
Map<Integer, List<HttpSession>> loggedSessions) {
User loggedUser = loggedUsers.get(user.getId());
Expand All @@ -127,4 +155,13 @@ private static void update(User user, Map<Integer, User> loggedUsers,
}
loggedUsers.put(user.getId(), user);
}

private static boolean isAdmin(Authentication authentication) {
for(GrantedAuthority authority: authentication.getAuthorities()) {
if("ROLE_ADMIN".equals(authority.getAuthority())) {
return true;
}
}
return false;
}
}
2 changes: 2 additions & 0 deletions webapp-resources/log4j2.xml
Original file line number Diff line number Diff line change
Expand Up @@ -155,6 +155,8 @@
<AppenderRef ref="ASYNC_FLYWAY"/>
</Logger>

<Logger name="org.scada_lts.login" level="${startupLoggingLevel}"/>

<!-- BackgroundProcessing Logging-->
<Logger name="com.serotonin.mango.rt.maint.BackgroundProcessing" level="${backgroundProcessingLoggingLevel}"/>

Expand Down

0 comments on commit dd405c5

Please sign in to comment.