secretSessionId = createSessionId("null" /*subjectCtx.getName()*/);
connectQos.getSessionQos().setSecretSessionId(secretSessionId); // assure consistency
if (log.isLoggable(Level.FINE)) log.fine("Empty secretSessionId - generated secretSessionId=" + secretSessionId);
}
I_Session sessionCtx = null;
I_Manager securityMgr = null;
SessionInfo sessionInfo = null;
// [4] Authenticate new client with password
try {
// Get suitable SecurityManager and context ...
securityMgr = plgnLdr.getManager(connectQos.getClientPluginType(), connectQos.getClientPluginVersion());
if (securityMgr == null) {
log.warning("Access is denied, there is no security manager configured for this connect QoS: " + connectQos.toXml());
throw new XmlBlasterException(glob, ErrorCode.USER_SECURITY_AUTHENTICATION_ACCESSDENIED, ME, "There is no security manager configured with the given connect QoS");
}
sessionCtx = securityMgr.reserveSession(secretSessionId); // always creates a new I_Session instance
connectQos = sessionCtx.init(connectQos, null);
if (connectQos.bypassCredentialCheck()) {
// This happens when a session is auto created by a PtP message
// Only ConnectQosServer (which is under control of the core) can set this flag
if (log.isLoggable(Level.FINE)) log.fine("SECURITY SWITCH OFF: Granted access to xmlBlaster without password, bypassCredentialCheck=true");
}
else {
String securityInfo = sessionCtx.init(connectQos.getSecurityQos()); // throws XmlBlasterExceptions if authentication fails
if (securityInfo != null && securityInfo.length() > 1) log.warning("Ignoring security info: " + securityInfo);
}
// Now the client is authenticated
}
catch (XmlBlasterException e) {
// If access is denied: cleanup resources
log.warning("Access is denied: " + e.getMessage() + ": " + connectQos.toString());
if (securityMgr != null) securityMgr.releaseSession(secretSessionId, null); // allways creates a new I_Session instance
throw e;
}
catch (Throwable e) {
log.severe("PANIC: Access is denied: " + e.getMessage() + "\n" + ServerScope.getStackTraceAsString(e));
e.printStackTrace();
// On error: cleanup resources
securityMgr.releaseSession(secretSessionId, null); // allways creates a new I_Session instance
throw XmlBlasterException.convert(glob, ME, ErrorCode.INTERNAL_CONNECTIONFAILURE.toString(), e);
}
if (log.isLoggable(Level.FINE)) log.fine("Checking if user is known ...");
SubjectInfo subjectInfo = null;
try {
/*
// Check if user is known, otherwise create an entry ...
I_Subject subjectCtx = sessionCtx.getSubject();
SessionName subjectName = new SessionName(glob, connectQos.getSessionName(), 0L); // Force to be of type subject (no public session ID)
boolean subjectIsAlive = false;
synchronized(this.loginNameSubjectInfoMap) { // Protect against two simultaneous logins
subjectInfo = (SubjectInfo)this.loginNameSubjectInfoMap.get(subjectName.getLoginName());
//log.error(ME, "DEBUG ONLY, subjectName=" + subjectName.toString() + " loginName=" + subjectName.getLoginName() + " state=" + toXml());
if (subjectInfo == null) {
subjectInfo = new SubjectInfo(getGlobal(), this, subjectName);
this.loginNameSubjectInfoMap.put(subjectInfo.getLoginName(), subjectInfo); // Protect against two simultaneous logins
}
subjectIsAlive = subjectInfo.isAlive();
} // synchronized(this.loginNameSubjectInfoMap)
if (!subjectInfo.isAlive()) {
try {
subjectInfo.toAlive(subjectCtx, connectQos.getSubjectQueueProperty());
}
catch(Throwable e) {
synchronized(this.loginNameSubjectInfoMap) {
this.loginNameSubjectInfoMap.remove(subjectInfo.getLoginName());
}
throw e;
}
}
*/
// [5] New client is authenticated, create the SessioInfo
boolean returnLocked = true;
subjectInfo = getOrCreateSubjectInfoByName(connectQos.getSessionName(),
returnLocked, sessionCtx.getSubject(), connectQos.getSubjectQueueProperty());
try { // subjectInfo.getLock().release())
if (subjectInfo.isAlive()) {
if (connectQos.getData().hasSubjectQueueProperty())
subjectInfo.setSubjectQueueProperty(connectQos.getSubjectQueueProperty()); // overwrites only if not null
}