| 1 | package gov.va.med.edp.web.servlet.listener;
|
|---|
| 2 |
|
|---|
| 3 | import gov.va.med.authentication.kernel.LoginUserInfoVO;
|
|---|
| 4 | import gov.va.med.edp.dao.SessionDao;
|
|---|
| 5 | import gov.va.med.edp.vo.SessionVO;
|
|---|
| 6 | import gov.va.med.edp.web.controller.SessionConstants;
|
|---|
| 7 | import org.apache.commons.logging.Log;
|
|---|
| 8 | import org.apache.commons.logging.LogFactory;
|
|---|
| 9 | import org.springframework.web.context.WebApplicationContext;
|
|---|
| 10 | import org.springframework.web.context.support.WebApplicationContextUtils;
|
|---|
| 11 | import org.springframework.dao.DataAccessException;
|
|---|
| 12 |
|
|---|
| 13 | import javax.servlet.http.HttpSessionAttributeListener;
|
|---|
| 14 | import javax.servlet.http.HttpSessionBindingEvent;
|
|---|
| 15 |
|
|---|
| 16 | public class TimeOutIntegrationSessionAttributeListener implements HttpSessionAttributeListener {
|
|---|
| 17 | private static final String SESSION_DAO_BEAN_NAME = "sessionDao";
|
|---|
| 18 |
|
|---|
| 19 | private static final Log log = LogFactory.getLog(TimeOutIntegrationSessionAttributeListener.class);
|
|---|
| 20 |
|
|---|
| 21 | public void attributeAdded(HttpSessionBindingEvent event) {
|
|---|
| 22 | if (!event.getName().equals(LoginUserInfoVO.SESSION_KEY)) return;
|
|---|
| 23 |
|
|---|
| 24 | setTimeOut(event);
|
|---|
| 25 | }
|
|---|
| 26 |
|
|---|
| 27 | public void attributeRemoved(HttpSessionBindingEvent event) {
|
|---|
| 28 | if (!event.getName().equals(LoginUserInfoVO.SESSION_KEY)) return;
|
|---|
| 29 | }
|
|---|
| 30 |
|
|---|
| 31 | public void attributeReplaced(HttpSessionBindingEvent event) {
|
|---|
| 32 | if (!event.getName().equals(LoginUserInfoVO.SESSION_KEY)) return;
|
|---|
| 33 |
|
|---|
| 34 | setTimeOut(event);
|
|---|
| 35 | }
|
|---|
| 36 |
|
|---|
| 37 | private void setTimeOut(HttpSessionBindingEvent event) {
|
|---|
| 38 | LoginUserInfoVO userInfo = (LoginUserInfoVO) event.getValue();
|
|---|
| 39 |
|
|---|
| 40 | try {
|
|---|
| 41 | WebApplicationContext ac = getApplicationContext(event);
|
|---|
| 42 | SessionDao dao = (SessionDao) ac.getBean(SESSION_DAO_BEAN_NAME, SessionDao.class);
|
|---|
| 43 |
|
|---|
| 44 | SessionVO sessionInfo = dao.getSessionInfo(userInfo.getLoginStationNumber(), userInfo.getUserDuz());
|
|---|
| 45 |
|
|---|
| 46 | String serverPackageVersion = sessionInfo.getServerPackageVersion();
|
|---|
| 47 | if (log.isDebugEnabled()) log.debug("set server package version to '" + serverPackageVersion + "'");
|
|---|
| 48 | event.getSession().setAttribute(SessionConstants.SERVER_PACKAGE_VERSION_KEY, serverPackageVersion);
|
|---|
| 49 |
|
|---|
| 50 | int timeOut = sessionInfo.getMaxInactiveInterval();
|
|---|
| 51 | event.getSession().setMaxInactiveInterval(timeOut);
|
|---|
| 52 | if (log.isDebugEnabled()) log.debug("set timeout for user " + userInfo.getUserDuz() + " to " + timeOut + " seconds.");
|
|---|
| 53 | } catch (DataAccessException e) {
|
|---|
| 54 | log.error("unable to fetch session info", e);
|
|---|
| 55 | event.getSession().setAttribute(SessionConstants.SERVER_ERROR_KEY, e);
|
|---|
| 56 | }
|
|---|
| 57 | }
|
|---|
| 58 |
|
|---|
| 59 | private WebApplicationContext getApplicationContext(HttpSessionBindingEvent event) throws IllegalStateException {
|
|---|
| 60 | return WebApplicationContextUtils.getRequiredWebApplicationContext(event.getSession().getServletContext());
|
|---|
| 61 | }
|
|---|
| 62 |
|
|---|
| 63 | }
|
|---|
