001 //$HeadURL: svn+ssh://rbezema@svn.wald.intevation.org/deegree/base/branches/2.2_testing/src/org/deegree/security/session/MemoryBasedSessionManager.java $
002 /*---------------- FILE HEADER ------------------------------------------
003
004 This file is part of deegree.
005 Copyright (C) 2001-2008 by:
006 University of Bonn
007 http://www.giub.uni-bonn.de/deegree/
008 lat/lon GmbH
009 http://www.lat-lon.de
010
011 This library is free software; you can redistribute it and/or
012 modify it under the terms of the GNU Lesser General Public
013 License as published by the Free Software Foundation; either
014 version 2.1 of the License, or (at your option) any later version.
015
016 This library is distributed in the hope that it will be useful,
017 but WITHOUT ANY WARRANTY; without even the implied warranty of
018 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
019 Lesser General Public License for more details.
020
021 You should have received a copy of the GNU Lesser General Public
022 License along with this library; if not, write to the Free Software
023 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
024
025 Contact:
026
027 Andreas Poth
028 lat/lon GmbH
029 Aennchenstr. 19
030 53115 Bonn
031 Germany
032 E-Mail: poth@lat-lon.de
033
034 Klaus Greve
035 Department of Geography
036 University of Bonn
037 Meckenheimer Allee 166
038 53115 Bonn
039 Germany
040 E-Mail: klaus.greve@uni-bonn.de
041
042 ---------------------------------------------------------------------------*/
043 package org.deegree.security.session;
044
045 import java.net.URL;
046 import java.util.Collections;
047 import java.util.HashMap;
048 import java.util.Iterator;
049 import java.util.Map;
050
051 /**
052 * This exception shall be thrown when a session(ID) will be used that has been expired.
053 *
054 * @author <a href="mailto:poth@lat-lon.de">Andreas Poth </a>
055 * @author last edited by: $Author: apoth $
056 *
057 * @version $Revision: 9346 $, $Date: 2007-12-27 17:39:07 +0100 (Do, 27 Dez 2007) $
058 */
059
060 public class MemoryBasedSessionManager implements SessionManager {
061
062 private Map<String, Session> sessionsById = Collections.synchronizedMap( new HashMap<String, Session>( 100 ) );
063
064 private Map<String, Session> sessionsByUser = Collections.synchronizedMap( new HashMap<String, Session>( 100 ) );
065
066 private static URL config = null;
067
068 private static MemoryBasedSessionManager self = null;
069
070 /**
071 * realizes Singelton pattern <br>
072 * returns an instance of the <tt>SessionManager</tt>. Before this method can be invoked
073 *
074 * @see SessionManager#initSessionManager() must be invoked
075 *
076 * @return single instance of SessionManager in a JVM
077 */
078 public synchronized static MemoryBasedSessionManager getInstance() {
079 if ( self == null ) {
080 self = new MemoryBasedSessionManager( config );
081 }
082 return self;
083 }
084
085 /**
086 * creates a session that never expires for a named user who will be authentificated through his
087 * name and password. If the user doesn't exists or the passwoed is invalid for an existing user
088 * an exception will be thrown.
089 *
090 * @param user
091 * user name
092 * @return
093 */
094 public static Session createSession( String user ) {
095 return createSession( user, -1 );
096 }
097
098 /**
099 * creates a session for a named user who will be authentificated through his name and password.
100 * The session expires after the passed duration after the last access to it. If the user
101 * doesn't exists or the passwoed is invalid for an existing user an exception will be thrown.
102 *
103 * @param user
104 * user name
105 * @param duration
106 * @return
107 */
108 public static Session createSession( String user, int duration ) {
109
110 Session ses = new Session( user, duration );
111 try {
112 MemoryBasedSessionManager.getInstance().addSession( ses );
113 } catch ( Exception e ) {
114 e.printStackTrace();
115 }
116 return ses;
117 }
118
119 /**
120 * creates a session for an anonymous user that never expires
121 *
122 * @return
123 */
124 public static Session createSession() {
125 return createSession( -1 );
126 }
127
128 /**
129 * creates a session for an anonymous user that expires after the passed duration after the last
130 * access to it.
131 *
132 * @param duration
133 * @return
134 */
135 public static Session createSession( int duration ) {
136 Session ses = new Session( duration );
137 try {
138 MemoryBasedSessionManager.getInstance().addSession( ses );
139 } catch ( Exception e ) {
140 e.printStackTrace();
141 }
142 return ses;
143 }
144
145 /**
146 * private constructor. just to be used by the initSessionManager method
147 *
148 * @param config
149 */
150 private MemoryBasedSessionManager( URL config ) {
151 MemoryBasedSessionManager.config = config;
152 }
153
154 /**
155 * returns the session identified by its ID. If no session with the passed ID is known
156 * <tt>null</tt> will be returned. If the requested session isn't alive anymore it will be
157 * removed from the session manager
158 *
159 * @param id
160 * @return the session identified by its ID. If no session with the passed ID is known
161 * <tt>null</tt> will be returned.
162 * @throws SessionStatusException
163 */
164 public Session getSessionByID( String id )
165 throws SessionStatusException {
166 Session ses = sessionsById.get( id );
167 if ( ses != null ) {
168 if ( !ses.isAlive() ) {
169 removeSessionByID( id );
170 } else {
171 ses.reset();
172 }
173 }
174 return ses;
175 }
176
177 /**
178 * returns the session assigned to the passed user. If no session is assigend to the passed user
179 * <tt>null</tt> will be returned. If the requested session isn't alive anymore it will be
180 * removed from the session manager
181 *
182 * @param user
183 * @return the session assigned to the passed user. If no session is assigend to the passed user
184 * <tt>null</tt> will be returned.
185 */
186 public Session getSessionByUser( String user )
187 throws SessionStatusException {
188 Session ses = sessionsByUser.get( user );
189 if ( ses != null ) {
190 if ( !ses.isAlive() ) {
191 removeSessionByID( ses.getSessionID().getId() );
192 } else {
193 ses.reset();
194 }
195 }
196 return ses;
197 }
198
199 /**
200 * adds a session to the session managment. the session will be stored within two lists. one
201 * addresses the session with its ID the other with its user name. If the session is anonymous
202 * it just will be stored in the first list.
203 *
204 * @param session
205 * @throws SessionStatusException
206 */
207 public void addSession( Session session )
208 throws SessionStatusException {
209 if ( session.getUser() != null ) {
210 sessionsByUser.put( session.getUser(), session );
211 }
212 try {
213 sessionsById.put( session.getSessionID().getId(), session );
214 } catch ( Exception e ) {
215 throw new SessionStatusException( "can't add session to session manager:\n" + e.getMessage() );
216 }
217 }
218
219 /**
220 * removes a session identified by its ID from the session managment. the removed session will
221 * be returned.
222 *
223 * @param id
224 * @return
225 */
226 public Session removeSessionByID( String id ) {
227 Session ses = sessionsById.remove( id );
228 if ( ses != null && ses.getUser() != null ) {
229 sessionsByUser.remove( ses.getUser() );
230 }
231 return ses;
232 }
233
234 /**
235 * removes all sessions that are expired from the session management
236 */
237 public synchronized void clearExpired() {
238 synchronized ( sessionsById ) {
239 synchronized ( sessionsByUser ) {
240 Iterator ids = sessionsById.keySet().iterator();
241 while ( ids.hasNext() ) {
242 Object key = ids.next();
243 Session ses = sessionsById.get( key );
244 if ( !ses.isAlive() ) {
245 sessionsById.remove( key );
246 if ( ses.getUser() != null ) {
247 sessionsByUser.remove( ses.getUser() );
248 }
249 }
250 }
251 }
252 }
253
254 }
255
256 }