fix(ZNTA-634): increase session timeout

For authenticated users. Value is determined by components.xml Session timeout gets increased after logging in, and reverts back after logging out.
zanata · Oct 2, 2015 · 6e2d075 · 6e2d075
1 parent 8d8550f
commit 6e2d075
Show file tree

Hide file tree

Showing 4 changed files with 33 additions and 10 deletions.
diff --git a/zanata-war/src/main/java/org/zanata/ApplicationConfiguration.java b/zanata-war/src/main/java/org/zanata/ApplicationConfiguration.java
@@ -51,6 +51,8 @@
 import org.zanata.config.JaasConfig;
 import org.zanata.config.JndiBackedConfig;
 import org.zanata.events.ConfigurationChanged;
+import org.zanata.events.LogoutEvent;
+import org.zanata.events.PostAuthenticateEvent;
 import org.zanata.i18n.Messages;
 import org.zanata.log4j.ZanataHTMLLayout;
 import org.zanata.log4j.ZanataSMTPAppender;
@@ -76,6 +78,9 @@ public class ApplicationConfiguration implements Serializable {
     @Getter
     private static final int defaultMaxFilesPerUpload = 100;
 
+    @Getter
+    private static final int defaultAnonymousSessionTimeoutMinutes = 30;
+
     @In
     private DatabaseBackedConfig databaseBackedConfig;
     @In
@@ -408,4 +413,25 @@ public String copyrightNotice() {
         return msgs.format("jsf.CopyrightNotice",
                 String.valueOf(Calendar.getInstance().get(Calendar.YEAR)));
     }
+
+    @Observer(PostAuthenticateEvent.EVENT_NAME)
+    public void setAuthenticatedSessionTimeout(
+            @Observes PostAuthenticateEvent payload) {
+        ServletContexts
+                .getInstance()
+                .getRequest()
+                .getSession()
+                .setMaxInactiveInterval(
+                        authenticatedSessionTimeoutMinutes * 60);
+    }
+
+    @Observer(LogoutEvent.EVENT_NAME)
+    public void setUnauthenticatedSessionTimeout(@Observes LogoutEvent payload) {
+        ServletContexts
+                .getInstance()
+                .getRequest()
+                .getSession()
+                .setMaxInactiveInterval(
+                        defaultAnonymousSessionTimeoutMinutes * 60);
+    }
 }
diff --git a/...c/main/java/org/zanata/events/Logout.java → ...n/java/org/zanata/events/LogoutEvent.java b/...c/main/java/org/zanata/events/Logout.java → ...n/java/org/zanata/events/LogoutEvent.java
@@ -22,13 +22,11 @@
 
 import lombok.Value;
 
-import org.zanata.security.AuthenticationType;
-
 /**
  * @author Sean Flanigan <a href="mailto:sflaniga@redhat.com">sflaniga@redhat.com</a>
  */
 @Value
-public class Logout {
+public class LogoutEvent {
     // TODO remove constant after switching to CDI
     // NB must be a constant string equal to class name
     public static final String EVENT_NAME = "org.zanata.events.Logout";

diff --git a/zanata-war/src/main/java/org/zanata/security/ZanataIdentity.java b/zanata-war/src/main/java/org/zanata/security/ZanataIdentity.java
@@ -53,7 +53,7 @@
 import org.zanata.events.AlreadyLoggedInEvent;
 import org.zanata.events.LoginFailedEvent;
 import org.zanata.events.LoginSuccessfulEvent;
-import org.zanata.events.Logout;
+import org.zanata.events.LogoutEvent;
 import org.zanata.events.NotLoggedInEvent;
 import org.zanata.model.HAccount;
 import org.zanata.model.HasUserFriendlyToString;
@@ -181,15 +181,15 @@ public void acceptExternallyAuthenticatedPrincipal(Principal principal) {
     @Observer("org.jboss.seam.preDestroyContext.SESSION")
     public void logout() {
         if (getCredentials() != null) {
-            getLogoutEvent().fire(new Logout(getCredentials().getUsername()));
+            getLogoutEvent().fire(new LogoutEvent(getCredentials().getUsername()));
         }
         if (isLoggedIn()) {
             unAuthenticate();
             Session.instance().invalidate();
         }
     }
 
-    private Event<Logout> getLogoutEvent() {
+    private Event<LogoutEvent> getLogoutEvent() {
         return ServiceLocator.instance().getInstance("event", Event.class);
     }
 

diff --git a/zanata-war/src/main/java/org/zanata/webtrans/server/TranslationWorkspaceManagerImpl.java b/zanata-war/src/main/java/org/zanata/webtrans/server/TranslationWorkspaceManagerImpl.java
@@ -23,9 +23,8 @@
 import org.zanata.common.EntityStatus;
 import org.zanata.common.ProjectType;
 import org.zanata.dao.AccountDAO;
-import org.zanata.dao.ProjectDAO;
 import org.zanata.dao.ProjectIterationDAO;
-import org.zanata.events.Logout;
+import org.zanata.events.LogoutEvent;
 import org.zanata.events.ProjectIterationUpdate;
 import org.zanata.events.ProjectUpdate;
 import org.zanata.events.ServerStarted;
@@ -130,8 +129,8 @@ public void start(@Observes ServerStarted payload) {
         log.info("starting...");
     }
 
-    @Observer(Logout.EVENT_NAME)
-    public void exitWorkspace(@Observes Logout payload) {
+    @Observer(LogoutEvent.EVENT_NAME)
+    public void exitWorkspace(@Observes LogoutEvent payload) {
         exitWorkspace(payload.getUsername());
     }