Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
[INLONG-7883][Manager] Invalidate user session when deleting user (#7884
)
  • Loading branch information
fuweng11 committed Apr 21, 2023
1 parent ab170aa commit f75f06b
Show file tree
Hide file tree
Showing 2 changed files with 33 additions and 2 deletions.
Expand Up @@ -58,7 +58,13 @@
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.session.Session;
import org.apache.shiro.session.mgt.eis.SessionDAO;
import org.apache.shiro.subject.SimplePrincipalCollection;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.subject.support.DefaultSubjectContext;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
Expand All @@ -67,6 +73,7 @@
import java.nio.charset.StandardCharsets;
import java.time.Duration;
import java.time.LocalDateTime;
import java.util.Collection;
import java.util.Date;
import java.util.List;
import java.util.Map;
Expand Down Expand Up @@ -276,7 +283,6 @@ public Integer update(UserRequest request, String currentUser) {
@Override
public Boolean delete(Integer userId, String currentUser) {
Preconditions.expectNotNull(userId, "User id should not be empty");

// Whether the current user is an administrator
UserEntity curUser = userMapper.selectByName(currentUser);
UserEntity entity = userMapper.selectById(userId);
Expand All @@ -291,7 +297,7 @@ public Boolean delete(Integer userId, String currentUser) {
removeInChargeForDataNode(userName, currentUser);
removeInChargeForConsume(userName, currentUser);
userMapper.deleteById(userId);

removeUserFromSession(userId, currentUser);
LOGGER.debug("success to delete user by id={}, current user={}", userId, currentUser);
return true;
}
Expand Down Expand Up @@ -460,4 +466,28 @@ public void removeInChargeForConsume(String user, String operator) {
}
}

public void removeUserFromSession(Integer userId, String operator) {
DefaultWebSecurityManager securityManager = (DefaultWebSecurityManager) SecurityUtils.getSecurityManager();
DefaultWebSessionManager sessionManager = (DefaultWebSessionManager) securityManager.getSessionManager();
SessionDAO sessionDAO = sessionManager.getSessionDAO();
Collection<Session> sessions = sessionDAO.getActiveSessions();
if (sessions.size() >= 1) {
UserInfo user = null;
for (Session onlineSession : sessions) {
Object attribute = onlineSession.getAttribute(DefaultSubjectContext.PRINCIPALS_SESSION_KEY);
if (attribute == null) {
continue;
}
user = (UserInfo) ((SimplePrincipalCollection) attribute).getPrimaryPrincipal();
if (user == null) {
continue;
}
if (Objects.equals(user.getId(), userId)) {
sessionDAO.delete(onlineSession);
LOGGER.info("success remove user from session by id={}, current user={}", user.getId(), operator);
}
}
}
}

}
Expand Up @@ -48,6 +48,7 @@ public Collection<Realm> shiroRealms() {
@Bean
public WebSecurityManager securityManager() {
DefaultWebSecurityManager securityManager = (DefaultWebSecurityManager) inlongShiro.getWebSecurityManager();
securityManager.setSessionManager(new DefaultWebSessionManager());
securityManager.setRealms(shiroRealms());
return securityManager;
}
Expand Down

0 comments on commit f75f06b

Please sign in to comment.