1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23 package org.talika.tarsis.security;
24
25 import javax.servlet.http.HttpServletRequest;
26 import javax.servlet.http.HttpSession;
27
28 import org.talika.tarsis.Globals;
29
30 /**
31 * Utility class to manage common tasks with security session.
32 *
33 * @author Jose M. Palomar
34 * @version $Revision: 124 $
35 */
36 public final class SecuritySessionManager {
37
38
39 /**
40 * Singleton instance.
41 */
42 private static final SecuritySessionManager INSTANCE =
43 new SecuritySessionManager();
44
45
46 /**
47 * Creates a new <code>SecuritySessionManager</code>.
48 */
49 protected SecuritySessionManager() {
50 }
51
52
53 /**
54 * Returns a <code>SecuritySessionManager</code> instance.
55 *
56 * @return SecuritySessionManager a <code>SecuritySessionManager</code> instance.
57 */
58 public static SecuritySessionManager getInstance() {
59 return INSTANCE;
60 }
61
62 /**
63 * Returns <code>true</code> if <code>SecuritySession</code> from client's
64 * session is valid.
65 *
66 * @param request HttpServletRequest client's request.
67 * @return boolean <code>true</code> if <code>SecuritySession</code> from client's
68 * session is valid.
69 */
70 public boolean isSecuritySessionValid(HttpServletRequest request) {
71
72
73 HttpSession session = request.getSession(false);
74 if (session == null) {
75 return (false);
76 }
77
78 SecuritySession securitySession =
79 (SecuritySession) session.getAttribute(Globals.SECURITY_SESSION_ATTR);
80 if (securitySession == null) {
81 return (false);
82 }
83
84 return (securitySession.isValid());
85
86 }
87
88 /**
89 * Resets <code>SecuritySession</code> from client's session.
90 *
91 * @param request HttpServletRequest client's session.
92 */
93 public void resetSecuritySession(HttpServletRequest request) {
94
95 HttpSession session = request.getSession(false);
96 if (session == null) {
97 return;
98 }
99 session.removeAttribute(Globals.SECURITY_SESSION_ATTR);
100
101 }
102
103 /**
104 * Saves given <code>SecuritySession</code> in client's session.
105 *
106 * @param request HttpServletRequest client's request.
107 * @param securitySession SecuritySession security session.
108 */
109 public void saveSecuritySession(HttpServletRequest request, SecuritySession securitySession) {
110
111 HttpSession session = request.getSession();
112 if (securitySession != null) {
113 session.setAttribute(Globals.SECURITY_SESSION_ATTR, securitySession);
114 }
115
116 }
117
118 /**
119 * Returns <code>SecuritySession</code> from client's session.
120 *
121 * @param request HttpServletRequest client's request.
122 * @return SecuritySession <code>SecuritySession</code> from client's session or
123 * <code>null</code> if there is no security session.
124 */
125 public SecuritySession getSecuritySession(HttpServletRequest request) {
126
127 HttpSession session = request.getSession();
128 if (session != null) {
129 return (SecuritySession) session.getAttribute(Globals.SECURITY_SESSION_ATTR);
130 }
131 else {
132 return null;
133 }
134
135 }
136
137 }