Increase session time for sso and non-sso login.

merge-requests/774/head
MalshaPiumini 4 years ago
parent a136fa4901
commit a1567d8a3d

@ -31,6 +31,7 @@ public class UIConfiguration {
private AppRegistration appRegistration; private AppRegistration appRegistration;
private List<String> scopes; private List<String> scopes;
private boolean isSsoEnable; private boolean isSsoEnable;
private int sessionTimeOut;
@XmlElement(name = "AppRegistration", required=true) @XmlElement(name = "AppRegistration", required=true)
public AppRegistration getAppRegistration() { public AppRegistration getAppRegistration() {
@ -59,4 +60,13 @@ public class UIConfiguration {
public void setSsoEnable(boolean ssoEnable) { public void setSsoEnable(boolean ssoEnable) {
isSsoEnable = ssoEnable; isSsoEnable = ssoEnable;
} }
@XmlElement(name = "SessionTimeOut")
public int getSessionTimeOut() {
return sessionTimeOut;
}
public void setSessionTimeOut(int sessionTimeOut) {
this.sessionTimeOut = sessionTimeOut;
}
} }

@ -39,6 +39,7 @@ import org.apache.http.entity.ContentType;
import org.apache.http.entity.StringEntity; import org.apache.http.entity.StringEntity;
import org.apache.http.protocol.HTTP; import org.apache.http.protocol.HTTP;
import io.entgra.ui.request.interceptor.beans.ProxyResponse; import io.entgra.ui.request.interceptor.beans.ProxyResponse;
import org.json.JSONString;
import javax.servlet.annotation.MultipartConfig; import javax.servlet.annotation.MultipartConfig;
import javax.servlet.annotation.WebServlet; import javax.servlet.annotation.WebServlet;
@ -69,13 +70,14 @@ public class LoginHandler extends HttpServlet {
httpSession.invalidate(); httpSession.invalidate();
} }
httpSession = req.getSession(true); httpSession = req.getSession(true);
//setting session to expiry in 5 minutes
httpSession.setMaxInactiveInterval(Math.toIntExact(HandlerConstants.TIMEOUT));
JsonObject uiConfigJsonObject = HandlerUtil.getUIConfigAndPersistInSession(uiConfigUrl, gatewayUrl, httpSession, resp); JsonObject uiConfigJsonObject = HandlerUtil.getUIConfigAndPersistInSession(uiConfigUrl, gatewayUrl, httpSession, resp);
JsonArray tags = uiConfigJsonObject.get("appRegistration").getAsJsonObject().get("tags").getAsJsonArray(); JsonArray tags = uiConfigJsonObject.get("appRegistration").getAsJsonObject().get("tags").getAsJsonArray();
JsonArray scopes = uiConfigJsonObject.get("scopes").getAsJsonArray(); JsonArray scopes = uiConfigJsonObject.get("scopes").getAsJsonArray();
int sessionTimeOut = Integer.parseInt(String.valueOf(uiConfigJsonObject.get("sessionTimeOut")));
//setting session to expire in 1h
httpSession.setMaxInactiveInterval(sessionTimeOut);
// Check if OAuth app cache exists. If not create a new application. // Check if OAuth app cache exists. If not create a new application.
LoginCacheManager loginCacheManager = new LoginCacheManager(); LoginCacheManager loginCacheManager = new LoginCacheManager();

@ -72,6 +72,7 @@ public class SsoLoginHandler extends HttpServlet {
private static String adminPassword; private static String adminPassword;
private static String gatewayUrl; private static String gatewayUrl;
private static String iotsCoreUrl; private static String iotsCoreUrl;
private static int sessionTimeOut;
private static String encodedAdminCredentials; private static String encodedAdminCredentials;
private static String encodedClientApp; private static String encodedClientApp;
private static String applicationId; private static String applicationId;
@ -93,7 +94,7 @@ public class SsoLoginHandler extends HttpServlet {
} }
httpSession = req.getSession(true); httpSession = req.getSession(true);
httpSession.setMaxInactiveInterval(Math.toIntExact(HandlerConstants.TIMEOUT));
initializeAdminCredentials(); initializeAdminCredentials();
baseContextPath = req.getContextPath(); baseContextPath = req.getContextPath();
applicationName = baseContextPath.substring(1, baseContextPath.indexOf("-ui-request-handler")); applicationName = baseContextPath.substring(1, baseContextPath.indexOf("-ui-request-handler"));
@ -157,6 +158,7 @@ public class SsoLoginHandler extends HttpServlet {
uiConfigJsonObject = HandlerUtil.getUIConfigAndPersistInSession(uiConfigUrl, gatewayUrl, httpSession, resp); uiConfigJsonObject = HandlerUtil.getUIConfigAndPersistInSession(uiConfigUrl, gatewayUrl, httpSession, resp);
JsonArray tags = uiConfigJsonObject.get("appRegistration").getAsJsonObject().get("tags").getAsJsonArray(); JsonArray tags = uiConfigJsonObject.get("appRegistration").getAsJsonObject().get("tags").getAsJsonArray();
JsonArray scopes = uiConfigJsonObject.get("scopes").getAsJsonArray(); JsonArray scopes = uiConfigJsonObject.get("scopes").getAsJsonArray();
sessionTimeOut = Integer.parseInt(String.valueOf(uiConfigJsonObject.get("sessionTimeOut")));
// Register the client application // Register the client application
HttpPost apiRegEndpoint = new HttpPost(gatewayUrl + HandlerConstants.APP_REG_ENDPOINT); HttpPost apiRegEndpoint = new HttpPost(gatewayUrl + HandlerConstants.APP_REG_ENDPOINT);
@ -294,6 +296,7 @@ public class SsoLoginHandler extends HttpServlet {
httpSession.setAttribute("encodedClientApp", encodedClientApp); httpSession.setAttribute("encodedClientApp", encodedClientApp);
httpSession.setAttribute("scope", scopes); httpSession.setAttribute("scope", scopes);
httpSession.setAttribute("redirectUrl", req.getParameter("redirect")); httpSession.setAttribute("redirectUrl", req.getParameter("redirect"));
httpSession.setMaxInactiveInterval(sessionTimeOut);
} }
/*** /***

@ -20,6 +20,8 @@
<UIConfiguration> <UIConfiguration>
<EnableOAuth>true</EnableOAuth> <EnableOAuth>true</EnableOAuth>
<EnableSSO>true</EnableSSO> <EnableSSO>true</EnableSSO>
<!-- session time out in seconds -->
<SessionTimeOut>3600</SessionTimeOut>
<AppRegistration> <AppRegistration>
<Tags> <Tags>
<Tag>application_management</Tag> <Tag>application_management</Tag>

Loading…
Cancel
Save