diff --git a/dotCMS/src/main/java/com/dotcms/auth/providers/jwt/services/JsonWebTokenAuthCredentialProcessorImpl.java b/dotCMS/src/main/java/com/dotcms/auth/providers/jwt/services/JsonWebTokenAuthCredentialProcessorImpl.java index 32c50c9bd78e..816d71785109 100644 --- a/dotCMS/src/main/java/com/dotcms/auth/providers/jwt/services/JsonWebTokenAuthCredentialProcessorImpl.java +++ b/dotCMS/src/main/java/com/dotcms/auth/providers/jwt/services/JsonWebTokenAuthCredentialProcessorImpl.java @@ -72,8 +72,10 @@ public User processAuthCredentialsFromJWT(final String authorizationHeader, throw new SecurityException("Invalid Json Web Token", Response.Status.BAD_REQUEST); } - httpSession.setAttribute(WebKeys.CMS_USER, user); - httpSession.setAttribute(com.liferay.portal.util.WebKeys.USER_ID, user.getUserId()); + if (null != httpSession) { + httpSession.setAttribute(WebKeys.CMS_USER, user); + httpSession.setAttribute(com.liferay.portal.util.WebKeys.USER_ID, user.getUserId()); + } } return user; diff --git a/dotCMS/src/main/java/com/dotcms/rest/api/v1/system/websocket/DotCmsWebSocketConfigurator.java b/dotCMS/src/main/java/com/dotcms/rest/api/v1/system/websocket/DotCmsWebSocketConfigurator.java index 26471c2a959e..35cb62615364 100644 --- a/dotCMS/src/main/java/com/dotcms/rest/api/v1/system/websocket/DotCmsWebSocketConfigurator.java +++ b/dotCMS/src/main/java/com/dotcms/rest/api/v1/system/websocket/DotCmsWebSocketConfigurator.java @@ -1,28 +1,23 @@ package com.dotcms.rest.api.v1.system.websocket; -import javax.servlet.http.HttpSession; -import javax.websocket.HandshakeResponse; -import javax.websocket.server.HandshakeRequest; -import javax.websocket.server.ServerEndpointConfig; -import javax.websocket.server.ServerEndpointConfig.Configurator; - import com.dotcms.auth.providers.jwt.JsonWebTokenAuthCredentialProcessor; -import com.dotcms.auth.providers.jwt.JsonWebTokenUtils; import com.dotcms.auth.providers.jwt.services.JsonWebTokenAuthCredentialProcessorImpl; import com.dotcms.business.LazyUserAPIWrapper; import com.dotcms.repackage.com.google.common.annotations.VisibleForTesting; import com.dotcms.repackage.org.glassfish.jersey.server.ContainerRequest; import com.dotmarketing.business.APILocator; import com.dotmarketing.business.UserAPI; -import com.dotmarketing.business.web.UserWebAPI; -import com.dotmarketing.business.web.WebAPILocator; import com.dotmarketing.exception.DotDataException; import com.dotmarketing.exception.DotSecurityException; import com.dotmarketing.util.Logger; import com.dotmarketing.util.UtilMethods; -import com.dotmarketing.util.WebKeys; import com.liferay.portal.model.User; +import javax.servlet.http.HttpSession; +import javax.websocket.HandshakeResponse; +import javax.websocket.server.HandshakeRequest; +import javax.websocket.server.ServerEndpointConfig; +import javax.websocket.server.ServerEndpointConfig.Configurator; import java.util.List; /** @@ -69,7 +64,7 @@ public void modifyHandshake(final ServerEndpointConfig serverEndpointConfig, super.modifyHandshake(serverEndpointConfig, request, response); - User user = null; + User user = null; String authorizationHeader = null; final List headers = request.getHeaders().get(ContainerRequest.AUTHORIZATION); final Object session = request.getHttpSession(); @@ -80,25 +75,11 @@ public void modifyHandshake(final ServerEndpointConfig serverEndpointConfig, try { httpSession = HttpSession.class.cast(session); - user = (User) httpSession.getAttribute(WebKeys.CMS_USER); + user = (User) httpSession.getAttribute(com.liferay.portal.util.WebKeys.USER); if (!UtilMethods.isSet(user)) { user = this.getUserFromId(httpSession); - - if (!UtilMethods.isSet(user) && ((null != headers) && (headers.size() > 0))) { - - authorizationHeader = headers.get(0); - user = this.authCredentialProcessor.processAuthCredentialsFromJWT - (authorizationHeader, (HttpSession) session); - - } - } - - if (UtilMethods.isSet(user)) { - - serverEndpointConfig.getUserProperties().put - (SystemEventsWebSocketEndPoint.USER, user); } } catch (Exception e) { @@ -108,6 +89,28 @@ public void modifyHandshake(final ServerEndpointConfig serverEndpointConfig, } } } + + try { + + if (!UtilMethods.isSet(user) && ((null != headers) && (headers.size() > 0))) { + + authorizationHeader = headers.get(0); + user = this.authCredentialProcessor.processAuthCredentialsFromJWT + (authorizationHeader, httpSession); + } + + if (UtilMethods.isSet(user)) { + + serverEndpointConfig.getUserProperties().put + (SystemEventsWebSocketEndPoint.USER, user); + } + } catch (Exception e) { + + if (Logger.isErrorEnabled(this.getClass())) { + + Logger.error(this.getClass(), e.getMessage(), e); + } + } } // modifyHandshake. private User getUserFromId(final HttpSession httpSession) throws DotSecurityException, DotDataException { @@ -119,7 +122,6 @@ private User getUserFromId(final HttpSession httpSession) throws DotSecurityExce if (UtilMethods.isSet(userId)) { user = this.userAPI.loadUserById(userId); - httpSession.setAttribute(WebKeys.CMS_USER, user); } return user; diff --git a/dotCMS/src/main/java/com/dotcms/rest/api/v1/system/websocket/SystemEventsWebSocketEndPoint.java b/dotCMS/src/main/java/com/dotcms/rest/api/v1/system/websocket/SystemEventsWebSocketEndPoint.java index 952fbe31e37b..d7c54cacd3b3 100644 --- a/dotCMS/src/main/java/com/dotcms/rest/api/v1/system/websocket/SystemEventsWebSocketEndPoint.java +++ b/dotCMS/src/main/java/com/dotcms/rest/api/v1/system/websocket/SystemEventsWebSocketEndPoint.java @@ -141,6 +141,8 @@ public void open(final Session session) { user = (User) session.getUserProperties().get(USER); this.queue.add(new SessionWrapper(session, user)); isLoggedIn = true; + Logger.debug(this, "New session open: " + session + + ", with user: " + user.getEmailAddress()); } catch (Exception e) { if (Logger.isErrorEnabled(this.getClass())) { @@ -169,9 +171,6 @@ public void open(final Session session) { } throw new IllegalStateException(e); } - } else { - // if session succesfully we start the ping pong (if it enables) - this.doPing(session); } } // open.