UsageSessionSerivce needs a new method that does not demand an Authorization not a httprequest as a parameter.
For now the code is living in SakaiPortalLogin.jws and SakaiLogin.jws so these can be used in older versions of Sakai.
Need to add the method the the BASE API, test it out, then commit it – then sometime later – likey *after* 2.3 – remove the code from the two web service calls.
vi ./event-impl/impl/src/java/org/sakaiproject/event/impl/UsageSessionServiceAdaptor.java
public boolean login(Authentication authn, HttpServletRequest req)
{
// establish the user’s session – this has been known to fail
UsageSession session = startSession(authn.getUid(), req.getRemoteAddr(), req.getHeader(“user-agent”));
if (session == null)
{
return false;
}
// set the user information into the current session
Session sakaiSession = sessionManager().getCurrentSession();
sakaiSession.setUserId(authn.getUid());
sakaiSession.setUserEid(authn.getEid());
// update the user’s externally provided realm definitions
authzGroupService().refreshUser(authn.getUid());
// post the login event
eventTrackingService().post(eventTrackingService().newEvent(EVENT_LOGIN, null, true));
return true;
}
public UsageSession startSession(String userId, String remoteAddress, String userAgent)
{
// do we have a current session?
Session s = sessionManager().getCurrentSession();
if (s != null)
{
UsageSession session = (UsageSession) s.getAttribute(USAGE_SESSION_KEY);
if (session != null)
{
// If we have a session for this user, simply reuse
if (userId != null && userId.equals(session.getUserId()))
{
return session;
}
// if it is for another user, we will create a new session, log a warning, and unbound/close the existing one
s.setAttribute(USAGE_SESSION_KEY, null);
M_log.warn(“startSession: replacing existing UsageSession: ” + session.getId() + ” user: ” + session.getUserId()
+ ” for new user: ” + userId);
}
// create the usage session and bind it to the session
session = new BaseUsageSession(idManager().createUuid(), serverConfigurationService().getServerIdInstance(), userId,
remoteAddress, userAgent, null, null);
// store
if (m_storage.addSession(session))
{
// set as the current session
s.setAttribute(USAGE_SESSION_KEY, session);
return session;
}
}
return null;
}
SakaiLogin.jws:
UsageSessionService_loginDirect(user.getId(), id, ipAddress, “SakaiLogin.jws”);
// This code is adapted from the file:
// ./event-impl/impl/src/java/org/sakaiproject/event/impl/UsageSessionServiceAdaptor.java
// Method
// public boolean login(Authentication authn, HttpServletRequest req)
// We want to do exactly what this routine *does* but we do not have an HttpServletRequest
// to hand it
public boolean UsageSessionService_loginDirect(String userId, String userEid, String ipAddress, String userAgent)
{
// establish the user’s session – this has been known to fail
UsageSession session = UsageSessionService.startSession(userId,ipAddress,userAgent);
if (session == null)
{
return false;
}
// set the user information into the current session
Session sakaiSession = SessionManager.getCurrentSession();
sakaiSession.setUserId(userId);
sakaiSession.setUserEid(userEid);
// update the user’s externally provided realm definitions
AuthzGroupService.refreshUser(userId);
String EVENT_LOGIN = “user.login”;
// post the login event
EventTrackingService.post(EventTrackingService.newEvent(EVENT_LOGIN, null, true));
return true;
}
}