From c1e3d56fad0092352f8554ac5908a3e9925cb4a1 Mon Sep 17 00:00:00 2001
From: brinn <brinn>
Date: Sat, 28 Jul 2012 11:23:32 +0000
Subject: [PATCH] Add method BasicSession.cleanup() which is called before a
 session is closed.

SVN: 26250
---
 .../cisd/authentication/BasicSession.java     |  7 +++
 .../authentication/DefaultSessionManager.java | 51 ++++++++++++-------
 2 files changed, 39 insertions(+), 19 deletions(-)

diff --git a/authentication/source/java/ch/systemsx/cisd/authentication/BasicSession.java b/authentication/source/java/ch/systemsx/cisd/authentication/BasicSession.java
index 30d2dfcc22f..cb59410370c 100644
--- a/authentication/source/java/ch/systemsx/cisd/authentication/BasicSession.java
+++ b/authentication/source/java/ch/systemsx/cisd/authentication/BasicSession.java
@@ -127,6 +127,13 @@ public class BasicSession implements Serializable
         return sessionExpirationTime;
     }
 
+    /**
+     * Called when the session is closed. Can perform additional cleanup tasks.
+     */
+    public void cleanup()
+    {
+    }
+    
     @Deprecated
     public void setSessionToken(String sessionToken)
     {
diff --git a/authentication/source/java/ch/systemsx/cisd/authentication/DefaultSessionManager.java b/authentication/source/java/ch/systemsx/cisd/authentication/DefaultSessionManager.java
index 2c0032fdc92..f4bae8c6c3d 100644
--- a/authentication/source/java/ch/systemsx/cisd/authentication/DefaultSessionManager.java
+++ b/authentication/source/java/ch/systemsx/cisd/authentication/DefaultSessionManager.java
@@ -231,9 +231,8 @@ public class DefaultSessionManager<T extends BasicSession> implements ISessionMa
         authenticationLog.info(prefix + ": login   ...FAILED");
     }
 
-    private void logSessionExpired(final FullSession<T> fullSession)
+    private void logSessionExpired(final T session)
     {
-        final T session = fullSession.getSession();
         if (operationLog.isInfoEnabled())
         {
             operationLog.info(String.format("%sExpiring session '%s' for user '%s' "
@@ -289,6 +288,11 @@ public class DefaultSessionManager<T extends BasicSession> implements ISessionMa
 
     @Override
     public T getSession(final String sessionToken) throws InvalidSessionException
+    {
+        return getSession(sessionToken, true);
+    }
+    
+    private T getSession(final String sessionToken, boolean checkAndTouch) throws InvalidSessionException
     {
         checkIfNotBlank(sessionToken, "sessionToken");
 
@@ -305,7 +309,6 @@ public class DefaultSessionManager<T extends BasicSession> implements ISessionMa
                 }
                 throw new InvalidSessionException(msg);
             }
-            final String user = getUserName(splittedToken);
             final FullSession<T> session = sessions.get(sessionToken);
             if (session == null)
             {
@@ -328,30 +331,24 @@ public class DefaultSessionManager<T extends BasicSession> implements ISessionMa
                 }
                 throw new InvalidSessionException(msg);
             }
-            if (doSessionExpiration(session))
+            if (checkAndTouch && doSessionExpiration(session))
             {
-                logSessionExpired(session);
-                sessions.remove(user);
+                closeSession(session.getSession(), false);
             }
-            if (isSessionUnavailable(session))
+            if (checkAndTouch && isSessionUnavailable(session))
             {
                 throw new InvalidSessionException(
                         "Session no longer available. Please login again.");
             }
             // This is where we know for sure we have a session.
-            session.touch();
+            if (checkAndTouch)
+            {
+                session.touch();
+            }
             return session.getSession();
         }
     }
 
-    // take all tokens till the third token counting from the back
-    private static String getUserName(String[] splittedSessionToken)
-    {
-        int exclusiveEndIndex = splittedSessionToken.length - 1;
-        return StringUtils
-                .join(splittedSessionToken, SESSION_TOKEN_SEPARATOR, 0, exclusiveEndIndex);
-    }
-
     @Override
     public String tryToOpenSession(final String user, final String password)
     {
@@ -408,9 +405,25 @@ public class DefaultSessionManager<T extends BasicSession> implements ISessionMa
     {
         synchronized (sessions)
         {
-            final T session = getSession(sessionToken);
-            sessions.remove(sessionToken);
-            logLogout(session);
+            final T session = getSession(sessionToken, false);
+            closeSession(session, true);
+        }
+    }
+
+    private void closeSession(final T session, final boolean regularLogout)
+            throws InvalidSessionException
+    {
+        synchronized (sessions)
+        {
+            session.cleanup();
+            sessions.remove(session.getSessionToken());
+            if (regularLogout)
+            {
+                logLogout(session);
+            } else
+            {
+                logSessionExpired(session);
+            }
         }
     }
 
-- 
GitLab