001    //$HeadURL: svn+ssh://jwilden@svn.wald.intevation.org/deegree/base/branches/2.5_testing/src/org/deegree/security/session/MemoryBasedSessionManager.java $
002    /*----------------------------------------------------------------------------
003     This file is part of deegree, http://deegree.org/
004     Copyright (C) 2001-2009 by:
005       Department of Geography, University of Bonn
006     and
007       lat/lon GmbH
008    
009     This library is free software; you can redistribute it and/or modify it under
010     the terms of the GNU Lesser General Public License as published by the Free
011     Software Foundation; either version 2.1 of the License, or (at your option)
012     any later version.
013     This library is distributed in the hope that it will be useful, but WITHOUT
014     ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
015     FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
016     details.
017     You should have received a copy of the GNU Lesser General Public License
018     along with this library; if not, write to the Free Software Foundation, Inc.,
019     59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
020    
021     Contact information:
022    
023     lat/lon GmbH
024     Aennchenstr. 19, 53177 Bonn
025     Germany
026     http://lat-lon.de/
027    
028     Department of Geography, University of Bonn
029     Prof. Dr. Klaus Greve
030     Postfach 1147, 53001 Bonn
031     Germany
032     http://www.geographie.uni-bonn.de/deegree/
033    
034     e-mail: info@deegree.org
035    ----------------------------------------------------------------------------*/
036    package org.deegree.security.session;
037    
038    import java.net.URL;
039    import java.util.Collections;
040    import java.util.HashMap;
041    import java.util.Iterator;
042    import java.util.Map;
043    
044    /**
045     * This exception shall be thrown when a session(ID) will be used that has been expired.
046     *
047     * @author <a href="mailto:poth@lat-lon.de">Andreas Poth </a>
048     * @author last edited by: $Author: mschneider $
049     *
050     * @version $Revision: 18195 $, $Date: 2009-06-18 17:55:39 +0200 (Do, 18 Jun 2009) $
051     */
052    
053    public class MemoryBasedSessionManager implements SessionManager {
054    
055        private Map<String, Session> sessionsById = Collections.synchronizedMap( new HashMap<String, Session>( 100 ) );
056    
057        private Map<String, Session> sessionsByUser = Collections.synchronizedMap( new HashMap<String, Session>( 100 ) );
058    
059        private static URL config = null;
060    
061        private static MemoryBasedSessionManager self = null;
062    
063        /**
064         * realizes Singelton pattern <br>
065         * returns an instance of the <tt>SessionManager</tt>. Before this method can be invoked
066         *
067         * @return single instance of SessionManager in a JVM
068         */
069        public synchronized static MemoryBasedSessionManager getInstance() {
070            if ( self == null ) {
071                self = new MemoryBasedSessionManager( config );
072            }
073            return self;
074        }
075    
076        /**
077         * creates a session that never expires for a named user who will be authentificated through his name and password.
078         * If the user doesn't exists or the passwoed is invalid for an existing user an exception will be thrown.
079         *
080         * @param user
081         *            user name
082         * @return the session
083         */
084        public static Session createSession( String user ) {
085            return createSession( user, -1 );
086        }
087    
088        /**
089         * creates a session for a named user who will be authentificated through his name and password. The session expires
090         * after the passed duration after the last access to it. If the user doesn't exists or the passwoed is invalid for
091         * an existing user an exception will be thrown.
092         *
093         * @param user
094         *            user name
095         * @param duration
096         * @return the session
097         */
098        public static Session createSession( String user, int duration ) {
099    
100            Session ses = new Session( user, duration );
101            try {
102                MemoryBasedSessionManager.getInstance().addSession( ses );
103            } catch ( Exception e ) {
104                e.printStackTrace();
105            }
106            return ses;
107        }
108    
109        /**
110         * creates a session for an anonymous user that never expires
111         *
112         * @return the session
113         */
114        public static Session createSession() {
115            return createSession( -1 );
116        }
117    
118        /**
119         * creates a session for an anonymous user that expires after the passed duration after the last access to it.
120         *
121         * @param duration
122         * @return the session
123         */
124        public static Session createSession( int duration ) {
125            Session ses = new Session( duration );
126            try {
127                MemoryBasedSessionManager.getInstance().addSession( ses );
128            } catch ( Exception e ) {
129                e.printStackTrace();
130            }
131            return ses;
132        }
133    
134        /**
135         * private constructor. just to be used by the initSessionManager method
136         *
137         * @param config
138         */
139        private MemoryBasedSessionManager( URL config ) {
140            MemoryBasedSessionManager.config = config;
141        }
142    
143        /**
144         * returns the session identified by its ID. If no session with the passed ID is known <tt>null</tt> will be
145         * returned. If the requested session isn't alive anymore it will be removed from the session manager
146         *
147         * @param id
148         * @return the session identified by its ID. If no session with the passed ID is known <tt>null</tt> will be
149         *         returned.
150         * @throws SessionStatusException
151         */
152        public Session getSessionByID( String id )
153                                throws SessionStatusException {
154            Session ses = sessionsById.get( id );
155            if ( ses != null ) {
156                if ( !ses.isAlive() ) {
157                    removeSessionByID( id );
158                } else {
159                    ses.reset();
160                }
161            }
162            return ses;
163        }
164    
165        /**
166         * returns the session assigned to the passed user. If no session is assigend to the passed user <tt>null</tt> will
167         * be returned. If the requested session isn't alive anymore it will be removed from the session manager
168         *
169         * @param user
170         * @return the session assigned to the passed user. If no session is assigend to the passed user <tt>null</tt> will
171         *         be returned.
172         */
173        public Session getSessionByUser( String user )
174                                throws SessionStatusException {
175            Session ses = sessionsByUser.get( user );
176            if ( ses != null ) {
177                if ( !ses.isAlive() ) {
178                    removeSessionByID( ses.getSessionID().getId() );
179                } else {
180                    ses.reset();
181                }
182            }
183            return ses;
184        }
185    
186        /**
187         * adds a session to the session managment. the session will be stored within two lists. one addresses the session
188         * with its ID the other with its user name. If the session is anonymous it just will be stored in the first list.
189         *
190         * @param session
191         * @throws SessionStatusException
192         */
193        public void addSession( Session session )
194                                throws SessionStatusException {
195            if ( session.getUser() != null ) {
196                sessionsByUser.put( session.getUser(), session );
197            }
198            try {
199                sessionsById.put( session.getSessionID().getId(), session );
200            } catch ( Exception e ) {
201                throw new SessionStatusException( "can't add session to session manager:\n" + e.getMessage() );
202            }
203        }
204    
205        /**
206         * removes a session identified by its ID from the session managment. the removed session will be returned.
207         *
208         * @param id
209         * @return the session
210         */
211        public Session removeSessionByID( String id ) {
212            Session ses = sessionsById.remove( id );
213            if ( ses != null && ses.getUser() != null ) {
214                sessionsByUser.remove( ses.getUser() );
215            }
216            return ses;
217        }
218    
219        /**
220         * removes all sessions that are expired from the session management
221         */
222        public synchronized void clearExpired() {
223            synchronized ( sessionsById ) {
224                synchronized ( sessionsByUser ) {
225                    Iterator<String> ids = sessionsById.keySet().iterator();
226                    while ( ids.hasNext() ) {
227                        Object key = ids.next();
228                        Session ses = sessionsById.get( key );
229                        if ( !ses.isAlive() ) {
230                            sessionsById.remove( key );
231                            if ( ses.getUser() != null ) {
232                                sessionsByUser.remove( ses.getUser() );
233                            }
234                        }
235                    }
236                }
237            }
238    
239        }
240    
241    }