Package org.silverpeas.core.web.authentication

Class SilverpeasSessionOpener

  • @Technical
@Bean
public class SilverpeasSessionOpener
extends Object
    Service used to open an HTTP session in the Silverpeas platform.

    It asks for a session opening to the session manager and then it creates all the required session resources for Silverpeas and stores them into the user session.

    Author:
    ehugonnet

    • Method Detail

      • openSession

        public String openSession​(HttpRequest request,
                          String authKey)
        Opens a session in Silverpeas for the authenticated user behinds the specified HTTP request.

        In order a session to be opened in Silverpeas, the user has to be authenticated. The authentication of the user is represented by an authentication key that is unique for each user so that a user can be also identified by its key.

        With its authentication key and some attributes from the request,a session in Silverpeas can be opened and set for the user.

        In the case a session was already opened for the user with the same web browser, the current session is then taken into account and the user access information is updated. In this case, no new session is opened and the previous one isn't invalidated. If this behavior isn't what you expect, then you have to close explicitly the current session of the user before calling this method. In the case the user is already connected but with another web browser, a new session is opened without invalidating the other one.

        Parameters:
        request - the HTTP request asking a session opening.
        authKey - the authentication key computed from a user authentication process and that is unique to the user.
        Returns:
        the URL of the user home page in Silverpeas or the URL of an error page if a problem occurred during the session opening (for example, the user wasn't authenticated).

      • prepareFromExistingSessionInfo

        public String prepareFromExistingSessionInfo​(HttpRequest request,
                                             SessionInfo sessionInfo)
        Prepares current session in Silverpeas from a SessionInfo obtained by an other service in charge of authentication of Users (like HTTPAuthentication from WEB services).

        In the case a session was already opened for the user with the same web browser, the current session is then taken into account and the user access information is updated. In this case, no new session is opened and the previous one isn't invalidated. If this behavior isn't what you expect, then you have to close explicitly the current session of the user before calling this method. In the case the user is already connected but with another web browser, a new session is opened without invalidating the other one.

        Parameters:
        request - the HTTP request asking to prepare a session from a SessionInfo.
        sessionInfo - an existing session info.
        Returns:
        the URL of the user home page in Silverpeas or the URL of an error page if a problem occurred during the session opening (for example, the user wasn't really authenticated).

      • closeSession

        public void closeSession​(javax.servlet.http.HttpSession session)
        Closes the specified session. All the resources allocated for the maintain the user session in Silverpeas are then freed.
        Parameters:
        session - the HTTP session to close.