From 168534b7a9dd20be449847d98939de729e3e1b8a Mon Sep 17 00:00:00 2001
From: felmer <felmer>
Date: Mon, 8 Mar 2010 12:55:31 +0000
Subject: [PATCH] LMS-1365 setSessionUser() with tests implemented. Missing:
 white list of hosts

SVN: 15061
---
 .../cisd/authentication/BasicSession.java     |  2 +-
 .../authentication/DefaultSessionManager.java | 26 +++++++++++++++++++
 .../cisd/authentication/ISessionManager.java  |  6 +++++
 3 files changed, 33 insertions(+), 1 deletion(-)

diff --git a/authentication/source/java/ch/systemsx/cisd/authentication/BasicSession.java b/authentication/source/java/ch/systemsx/cisd/authentication/BasicSession.java
index 028158ae9f0..171d231c74d 100644
--- a/authentication/source/java/ch/systemsx/cisd/authentication/BasicSession.java
+++ b/authentication/source/java/ch/systemsx/cisd/authentication/BasicSession.java
@@ -81,7 +81,7 @@ public class BasicSession implements Serializable
     /**
      * Returns the owner of the session.
      */
-    public final String getUserName()
+    public String getUserName()
     {
         return userName;
     }
diff --git a/authentication/source/java/ch/systemsx/cisd/authentication/DefaultSessionManager.java b/authentication/source/java/ch/systemsx/cisd/authentication/DefaultSessionManager.java
index 54d134774a6..fe4b86d14df 100644
--- a/authentication/source/java/ch/systemsx/cisd/authentication/DefaultSessionManager.java
+++ b/authentication/source/java/ch/systemsx/cisd/authentication/DefaultSessionManager.java
@@ -244,6 +244,32 @@ public class DefaultSessionManager<T extends BasicSession> implements ISessionMa
         }
     }
 
+    public boolean isAWellFormedSessionToken(String sessionTokenOrNull)
+    {
+        if (sessionTokenOrNull == null)
+        {
+            return false;
+        }
+        final String[] splittedToken = StringUtils.split(sessionTokenOrNull, SESSION_TOKEN_SEPARATOR);
+        if (splittedToken.length < 2)
+        {
+            return false;
+        }
+        String[] splittedTimeStampToken = StringUtils.split(splittedToken[1], TIMESTAMP_TOKEN_SEPARATOR);
+        if (splittedTimeStampToken.length < 2)
+        {
+            return false;
+        }
+        try
+        {
+            Long.parseLong(splittedTimeStampToken[0]);
+        } catch (NumberFormatException ex)
+        {
+            return false;
+        }
+        return splittedTimeStampToken[1].length() == 32;
+    }
+
     public T getSession(final String sessionToken) throws InvalidSessionException
     {
         checkIfNotBlank(sessionToken, "sessionToken");
diff --git a/authentication/source/java/ch/systemsx/cisd/authentication/ISessionManager.java b/authentication/source/java/ch/systemsx/cisd/authentication/ISessionManager.java
index 41d4945bd04..fcdd7224846 100644
--- a/authentication/source/java/ch/systemsx/cisd/authentication/ISessionManager.java
+++ b/authentication/source/java/ch/systemsx/cisd/authentication/ISessionManager.java
@@ -43,6 +43,11 @@ public interface ISessionManager<T extends BasicSession> extends IRemoteHostProv
      * Closes session by removing given <code>sessionToken</code> from active sessions.
      */
     public void closeSession(final String sessionToken) throws InvalidSessionException;
+    
+    /**
+     * Returns <code>true</code> if the specified string is a well-formed session token.
+     */
+    public boolean isAWellFormedSessionToken(String sessionTokenOrNull);
 
     /**
      * For given <var>sessionToken</var> return the <code>Session</code> object.
@@ -52,4 +57,5 @@ public interface ISessionManager<T extends BasicSession> extends IRemoteHostProv
      */
     public T getSession(final String sessionToken) throws InvalidSessionException;
 
+
 }
\ No newline at end of file
-- 
GitLab