diff --git a/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/user/UserServiceImpl.java b/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/user/UserServiceImpl.java index 43899750d04..29626ef9882 100644 --- a/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/user/UserServiceImpl.java +++ b/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/user/UserServiceImpl.java @@ -58,7 +58,13 @@ import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.UsernamePasswordToken; +import org.apache.shiro.session.Session; +import org.apache.shiro.session.mgt.eis.SessionDAO; +import org.apache.shiro.subject.SimplePrincipalCollection; import org.apache.shiro.subject.Subject; +import org.apache.shiro.subject.support.DefaultSubjectContext; +import org.apache.shiro.web.mgt.DefaultWebSecurityManager; +import org.apache.shiro.web.session.mgt.DefaultWebSessionManager; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; @@ -67,6 +73,7 @@ import java.nio.charset.StandardCharsets; import java.time.Duration; import java.time.LocalDateTime; +import java.util.Collection; import java.util.Date; import java.util.List; import java.util.Map; @@ -276,7 +283,6 @@ public Integer update(UserRequest request, String currentUser) { @Override public Boolean delete(Integer userId, String currentUser) { Preconditions.expectNotNull(userId, "User id should not be empty"); - // Whether the current user is an administrator UserEntity curUser = userMapper.selectByName(currentUser); UserEntity entity = userMapper.selectById(userId); @@ -291,7 +297,7 @@ public Boolean delete(Integer userId, String currentUser) { removeInChargeForDataNode(userName, currentUser); removeInChargeForConsume(userName, currentUser); userMapper.deleteById(userId); - + removeUserFromSession(userId, currentUser); LOGGER.debug("success to delete user by id={}, current user={}", userId, currentUser); return true; } @@ -460,4 +466,28 @@ public void removeInChargeForConsume(String user, String operator) { } } + public void removeUserFromSession(Integer userId, String operator) { + DefaultWebSecurityManager securityManager = (DefaultWebSecurityManager) SecurityUtils.getSecurityManager(); + DefaultWebSessionManager sessionManager = (DefaultWebSessionManager) securityManager.getSessionManager(); + SessionDAO sessionDAO = sessionManager.getSessionDAO(); + Collection sessions = sessionDAO.getActiveSessions(); + if (sessions.size() >= 1) { + UserInfo user = null; + for (Session onlineSession : sessions) { + Object attribute = onlineSession.getAttribute(DefaultSubjectContext.PRINCIPALS_SESSION_KEY); + if (attribute == null) { + continue; + } + user = (UserInfo) ((SimplePrincipalCollection) attribute).getPrimaryPrincipal(); + if (user == null) { + continue; + } + if (Objects.equals(user.getId(), userId)) { + sessionDAO.delete(onlineSession); + LOGGER.info("success remove user from session by id={}, current user={}", user.getId(), operator); + } + } + } + } + } diff --git a/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/auth/ShiroConfig.java b/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/auth/ShiroConfig.java index cd808489a0f..b6e5420ce7f 100644 --- a/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/auth/ShiroConfig.java +++ b/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/auth/ShiroConfig.java @@ -48,6 +48,7 @@ public Collection shiroRealms() { @Bean public WebSecurityManager securityManager() { DefaultWebSecurityManager securityManager = (DefaultWebSecurityManager) inlongShiro.getWebSecurityManager(); + securityManager.setSessionManager(new DefaultWebSessionManager()); securityManager.setRealms(shiroRealms()); return securityManager; }