Issue #107. Set 3h of session timeout for non-admin users.

esporx-tv · Mar 4, 2013 · 0420327 · 0420327
1 parent 7d18793
commit 0420327
Show file tree

Hide file tree

Showing 3 changed files with 52 additions and 0 deletions.
diff --git a/src/main/java/tv/esporx/collections/functions/GrantedAuthorityAsRole.java b/src/main/java/tv/esporx/collections/functions/GrantedAuthorityAsRole.java
@@ -0,0 +1,12 @@
+package tv.esporx.collections.functions;
+
+import com.google.common.base.Function;
+import org.springframework.security.core.GrantedAuthority;
+
+public class GrantedAuthorityAsRole implements Function<GrantedAuthority, String> {
+
+    @Override
+    public String apply(GrantedAuthority authority) {
+        return authority.getAuthority();
+    }
+}
diff --git a/src/main/java/tv/esporx/filters/LogoutPolicyFilter.java b/src/main/java/tv/esporx/filters/LogoutPolicyFilter.java
@@ -0,0 +1,36 @@
+package tv.esporx.filters;
+
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.web.filter.GenericFilterBean;
+import tv.esporx.collections.functions.GrantedAuthorityAsRole;
+
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import java.io.IOException;
+import java.util.Collection;
+
+import static com.google.common.collect.Collections2.transform;
+
+public class LogoutPolicyFilter extends GenericFilterBean {
+
+    @Override
+    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
+
+        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
+
+        if (authentication != null) {
+            Collection<String> roles = transform(authentication.getAuthorities(), new GrantedAuthorityAsRole());
+            if (!roles.contains("ROLE_ADMIN")) {
+                HttpServletRequest httpRequest = (HttpServletRequest) request;
+                httpRequest.getSession().setMaxInactiveInterval(3 * 60 * 60);
+            }
+        }
+
+
+        chain.doFilter(request, response);
+    }
+}
diff --git a/src/main/resources/esporx-security.xml b/src/main/resources/esporx-security.xml
@@ -23,8 +23,12 @@
         <intercept-url pattern="/user/register" access="isAnonymous()" />
         <intercept-url pattern="/user/confirm" access="isAnonymous()" />
         <intercept-url pattern="/**" access="hasRole('ROLE_USER')" />
+
+        <custom-filter ref="logoutPolicyFilter" position="LAST" />
 	</http>
 
+    <beans:bean id="logoutPolicyFilter" class="tv.esporx.filters.LogoutPolicyFilter" />
+
     <beans:bean id="encoder" class="org.springframework.security.crypto.password.StandardPasswordEncoder">
         <beans:constructor-arg value="runNingMarm3l4d3Sh0e" />
     </beans:bean>