List of usage examples for javax.servlet.http HttpSession removeAttribute
public void removeAttribute(String name);
From source file:com.hyeb.back.authenticate.AuthenticationFilter.java
@Override protected String getPassword(ServletRequest servletRequest) { HttpServletRequest request = (HttpServletRequest) servletRequest; String password = null;/*from w ww . j a va2s . c o m*/ Assert.notNull(request); if (enPasswordParam != null) { HttpSession session = request.getSession(); RSAPrivateKey privateKey = (RSAPrivateKey) session.getAttribute(PRIVATE_KEY_ATTRIBUTE_NAME); String parameter = request.getParameter(enPasswordParam); if (privateKey != null && StringUtils.isNotEmpty(parameter)) { password = RSAUtils.decrypt(privateKey, parameter); } } HttpSession session = request.getSession(); session.removeAttribute(PRIVATE_KEY_ATTRIBUTE_NAME); return password; }
From source file:fr.paris.lutece.plugins.crm.business.demand.PaginationFilterSortManager.java
/** * Delete stored values for pagination, filter and sort *///from ww w . java2 s . c o m public void cleanSession() { HttpSession session = _request.getSession(); int nIdStatus; for (DemandStatusCRM statusCRM : DemandStatusCRMService.getService() .getAllStatusCRM(_request.getLocale())) { nIdStatus = statusCRM.getIdStatusCRM(); //PAGINATION session.removeAttribute(SESSION_PAGINATION_CURRENT_PAGE_INDEX + nIdStatus); session.removeAttribute(SESSION_PAGINATION_ITEMS_PER_PAGE + nIdStatus); session.removeAttribute(SESSION_PAGINATION_PAGINATOR + nIdStatus); //SORT session.removeAttribute(SESSION_SORT_ATTRIBUTE + nIdStatus); session.removeAttribute(SESSION_SORT_ASC + nIdStatus); } //FILTER this.cleanSessionFilter(); }
From source file:fr.paris.lutece.portal.web.user.AdminLoginJspBean.java
/** * Returns the view of login form/*from w w w. j ava 2s. c om*/ * * @param request The request * @return The HTML form */ public String getLogin(HttpServletRequest request) { HashMap<String, Object> model = new HashMap<String, Object>(); // Invalidate a previous session HttpSession session = request.getSession(); if (session != null) { session.removeAttribute(SESSION_ATTRIBUTE_USER); // Put real base url in session request.getSession().setAttribute(AppPathService.SESSION_BASE_URL, AppPathService.getBaseUrl(request)); } Locale locale = AdminUserService.getLocale(request); Enumeration<String> enumParams = request.getParameterNames(); ReferenceList listParams = new ReferenceList(); String strParamName; while (enumParams.hasMoreElements()) { strParamName = enumParams.nextElement(); String strParamValue = request.getParameter(strParamName); listParams.addItem(strParamName, strParamValue); } StringBuilder sbUrl = new StringBuilder(); if (AppHTTPSService.isHTTPSSupportEnabled()) { sbUrl.append(AppHTTPSService.getHTTPSUrl(request)); } else { sbUrl.append(AppPathService.getBaseUrl(request)); } if (!sbUrl.toString().endsWith(CONSTANT_SLASH)) { sbUrl.append(CONSTANT_SLASH); } sbUrl.append(JSP_URL_DO_ADMIN_LOGIN); model.put(MARK_PARAM_VERSION, AppInfo.getVersion()); model.put(MARK_SITE_NAME, PortalService.getSiteName()); model.put(MARK_PARAMS_LIST, listParams); model.put(MARK_FORGOT_PASSWORD_URL, AdminAuthenticationService.getInstance().getLostPasswordPageUrl()); model.put(MARK_FORGOT_LOGIN_URL, AdminAuthenticationService.getInstance().getLostLoginPageUrl()); model.put(MARK_DO_ADMIN_LOGIN_URL, sbUrl.toString()); HtmlTemplate template = AppTemplateService.getTemplate(TEMPLATE_ADMIN_LOGIN, locale, model); return template.getHtml(); }
From source file:com.glweb.web.struts.actions.UserAction.java
/** * @see org.apache.struts.action.Action#execute(ActionMapping, ActionForm, HttpServletRequest, HttpServletResponse) */// ww w.j a v a 2 s. co m public ActionForward execute(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { HttpSession _session = request.getSession(); String _action = (String) PropertyUtils.getSimpleProperty(form, "action"); if (null == _action) { return (mapping.getInputForward()); } // Was this transaction cancelled? if (isCancelled(request)) { if (getLogger().isInfoEnabled()) { getLogger().info(" " + mapping.getAttribute() + " - User transaction was cancelled"); } removeFormBean(mapping, request); _session.removeAttribute(Constants.USER_KEY); return (mapping.findForward("/view/user/cancel")); } User _user = null; String _name = (String) PropertyUtils.getSimpleProperty(form, "name"); _user = new User(); _user.setName(_name); if (getLogger().isInfoEnabled()) { getLogger().info("user = " + _user); } _session.setAttribute(Constants.USER_KEY, _user); return (mapping.findForward("/view/user/success")); }
From source file:com.huateng.ebank.framework.session.SessionManager.java
public boolean destroySessionData(HttpServletRequest req) { if (logger.isDebugEnabled()) { logger.debug("destroySessionData(HttpServletRequest) - start"); //$NON-NLS-1$ }/*from w ww .ja v a2 s. co m*/ HttpSession session = req.getSession(false); if (null == session) return false; String strAttrName = null; Enumeration names = session.getAttributeNames(); while (names.hasMoreElements()) { strAttrName = (String) names.nextElement(); session.removeAttribute(strAttrName); } if (logger.isDebugEnabled()) { logger.debug("destroySessionData(HttpServletRequest) - end"); //$NON-NLS-1$ } return true; }
From source file:se.inera.certificate.web.security.BrowserClosedInterceptor.java
@Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws IOException { HttpSession session = request.getSession(); DateTime then = (DateTime) session.getAttribute(BROWSER_CLOSED_TIMESTAMP); if (then != null) { if (then.plusSeconds(timeoutSeconds).isBefore(DateTime.now())) { LOG.warn("Browser closed and protected page revisited, user logged out"); // log out user logoutHandler.logout(request, response, null); response.sendRedirect(redirectLocation); return false; } else {//www.j av a 2 s .c o m // valid reqest remove timestamp session.removeAttribute(BROWSER_CLOSED_TIMESTAMP); LOG.debug("Valid refresh of browser"); return true; } } // normal request return true; }
From source file:org.jasig.cas.support.oauth.web.OAuth20AuthorizeCallbackActionController.java
@Override protected ModelAndView handleRequestInternal(final HttpServletRequest request, final HttpServletResponse response) throws Exception { final HttpSession session = request.getSession(); // get action final String action = request.getParameter(OAuthConstants.OAUTH20_APPROVAL_PROMPT_ACTION); LOGGER.debug("{} : {}", OAuthConstants.OAUTH20_APPROVAL_PROMPT_ACTION, action); final String responseType = (String) session.getAttribute(OAuthConstants.OAUTH20_RESPONSE_TYPE); LOGGER.debug("{} : {}", OAuthConstants.OAUTH20_RESPONSE_TYPE, responseType); session.removeAttribute(OAuthConstants.OAUTH20_RESPONSE_TYPE); final String clientId = (String) session.getAttribute(OAuthConstants.OAUTH20_CLIENT_ID); LOGGER.debug("{} : {}", OAuthConstants.OAUTH20_CLIENT_ID, clientId); session.removeAttribute(OAuthConstants.OAUTH20_CLIENT_ID); // retrieve state from session (csrf equivalent) final String state = (String) session.getAttribute(OAuthConstants.OAUTH20_STATE); LOGGER.debug("{} : {}", OAuthConstants.OAUTH20_STATE, state); session.removeAttribute(OAuthConstants.OAUTH20_STATE); final String redirectUri = (String) session.getAttribute(OAuthConstants.OAUTH20_REDIRECT_URI); LOGGER.debug("{} : {}", OAuthConstants.OAUTH20_REDIRECT_URI, redirectUri); session.removeAttribute(OAuthConstants.OAUTH20_REDIRECT_URI); final TokenType tokenType = (TokenType) session.getAttribute(OAuthConstants.OAUTH20_TOKEN_TYPE); LOGGER.debug("{} : {}", OAuthConstants.OAUTH20_TOKEN_TYPE, tokenType); session.removeAttribute(OAuthConstants.OAUTH20_TOKEN_TYPE); final String loginTicketId = (String) session.getAttribute(OAuthConstants.OAUTH20_LOGIN_TICKET_ID); LOGGER.debug("{} : {}", OAuthConstants.OAUTH20_LOGIN_TICKET_ID, loginTicketId); session.removeAttribute(OAuthConstants.OAUTH20_LOGIN_TICKET_ID); @SuppressWarnings("unchecked") final Set<String> scopeSet = (Set<String>) session.getAttribute(OAuthConstants.OAUTH20_SCOPE_SET); LOGGER.debug("{} : {}", OAuthConstants.OAUTH20_SCOPE_SET, scopeSet); session.removeAttribute(OAuthConstants.OAUTH20_SCOPE_SET); if (!action.equalsIgnoreCase(OAuthConstants.OAUTH20_APPROVAL_PROMPT_ACTION_ALLOW)) { LOGGER.warn("Approval Prompt Action was denied by the user."); final String deniedCallbackUrl = OAuthUtils.addParameter(redirectUri, OAuthConstants.ERROR, OAuthConstants.ACCESS_DENIED); LOGGER.debug("{} : {}", OAuthConstants.OAUTH20_REDIRECT_URI, deniedCallbackUrl); return OAuthUtils.redirectTo(deniedCallbackUrl); }/*from w w w .j a v a 2 s . c o m*/ if (StringUtils.isBlank(clientId)) { LOGGER.error("{} is missing from the session and can not be retrieved.", OAuthConstants.OAUTH20_CLIENT_ID); throw new InvalidParameterException(OAuthConstants.OAUTH20_CLIENT_ID); } if (StringUtils.isBlank(redirectUri)) { LOGGER.error("{} is missing from the session and can not be retrieved.", OAuthConstants.OAUTH20_REDIRECT_URI); throw new InvalidParameterException(OAuthConstants.OAUTH20_REDIRECT_URI); } if ("token".equals(responseType)) { final AuthorizationCode authorizationCode = centralOAuthService.grantAuthorizationCode(TokenType.ONLINE, clientId, loginTicketId, redirectUri, scopeSet); final AccessToken accessToken = centralOAuthService.grantOnlineAccessToken(authorizationCode); String callbackUrl = redirectUri; callbackUrl += "#" + OAuthConstants.ACCESS_TOKEN + "=" + accessToken.getId(); callbackUrl += "&" + OAuthConstants.EXPIRES_IN + "=" + (int) (timeout - TimeUnit.MILLISECONDS .toSeconds(System.currentTimeMillis() - accessToken.getTicket().getCreationTime())); callbackUrl += "&" + OAuthConstants.TOKEN_TYPE + "=" + OAuthConstants.BEARER_TOKEN; if (!StringUtils.isBlank(state)) { callbackUrl += "&" + OAuthConstants.STATE + "=" + state; } LOGGER.debug("Redirecting Client to : {}", callbackUrl); return OAuthUtils.redirectTo(callbackUrl); } // response type is code final AuthorizationCode authorizationCode = centralOAuthService.grantAuthorizationCode(tokenType, clientId, loginTicketId, redirectUri, scopeSet); String callbackUrl = OAuthUtils.addParameter(redirectUri, OAuthConstants.CODE, authorizationCode.getId()); if (!StringUtils.isBlank(state)) { callbackUrl = OAuthUtils.addParameter(callbackUrl, OAuthConstants.STATE, state); } LOGGER.debug("Redirecting Client to : {}", callbackUrl); return OAuthUtils.redirectTo(callbackUrl); }
From source file:com.ofbizcn.securityext.login.LoginEvents.java
/** * Save USERNAME and PASSWORD for use by auth pages even if we start in non-auth pages. * * @param request The HTTP request object for the current JSP or Servlet request. * @param response The HTTP response object for the current JSP or Servlet request. * @return String//from w w w . java 2s .c o m */ public static String saveEntryParams(HttpServletRequest request, HttpServletResponse response) { GenericValue userLogin = (GenericValue) request.getSession().getAttribute("userLogin"); HttpSession session = request.getSession(); Delegator delegator = (Delegator) request.getAttribute("delegator"); // save entry login parameters if we don't have a valid login object if (userLogin == null) { String username = request.getParameter("USERNAME"); String password = request.getParameter("PASSWORD"); if ((username != null) && ("true".equalsIgnoreCase(EntityUtilProperties .getPropertyValue("security.properties", "username.lowercase", delegator)))) { username = username.toLowerCase(); } if ((password != null) && ("true".equalsIgnoreCase(EntityUtilProperties .getPropertyValue("security.properties", "password.lowercase", delegator)))) { password = password.toLowerCase(); } // save parameters into the session - so they can be used later, if needed if (username != null) session.setAttribute("USERNAME", username); if (password != null) session.setAttribute("PASSWORD", password); } else { // if the login object is valid, remove attributes session.removeAttribute("USERNAME"); session.removeAttribute("PASSWORD"); } return "success"; }
From source file:gov.nih.nci.cabig.caaers.web.ae.CaptureAdverseEventController.java
@Override protected ModelAndView handleRequestInternal(HttpServletRequest request, HttpServletResponse response) throws Exception { //force clear off the session attribute if the request is re-directed (from Manage Report/Review And Report). String displayReportingPeriod = WebUtils.getStringParameter(request, "displayReportingPeriod"); if (StringUtils.isNotEmpty(displayReportingPeriod)) { String formAttributeName = getFormSessionAttributeName(request); HttpSession session = request.getSession(); if (session != null) { session.removeAttribute(formAttributeName); }/*from w w w. j av a 2s. c om*/ } return super.handleRequestInternal(request, response); }
From source file:com.adito.core.CoreUtil.java
/** * Remove an upload given its id, removing the upload manager if it is * empty.//from w ww .j a v a 2s .c om * * @param session session * @param uploadId upload id * @return removed upload details */ public static UploadDetails removeUpload(HttpSession session, int uploadId) { UploadManager mgr = (UploadManager) session.getAttribute(Constants.UPLOAD_MANAGER); if (mgr != null) { UploadDetails details = mgr.removeUpload(uploadId); if (mgr.isEmpty()) { session.removeAttribute(Constants.UPLOAD_MANAGER); } return details; } return null; }