def SessionClosed(self, clientID, reason, isRemote=0):
if self.clientIDs.has_key(clientID):
del self.clientIDs[clientID]
if self.machoNet.transportIDbyClientID.has_key(clientID):
del self.machoNet.transportIDbyClientID[clientID]
blue.net.PurgeClient(clientID)
sess = None
if clientID in self.sessions:
sess = self.sessions[clientID]
del self.sessions[clientID]
if not sess and clientID in self.contextSessions:
sess = self.contextSessions[clientID]
del self.contextSessions[clientID]
if sess:
with MachoCallOrNotification(self, sess, None):
mask = sess.Masquerade()
try:
if self.transportName == 'ip:packet:server':
sm.ScatterEvent('OnDisconnect',
getattr(self, 'disconnectsilently', 0),
reason)
if macho.mode != 'client':
sess.LogSessionHistory(reason)
base.CloseSession(sess, isRemote)
else:
sess.ClearAttributes(dontSendMessage=True)
finally:
mask.UnMask()
def CheckCredentials(username, password):
sess = CreateSession(username, password)
if macho.mode == 'client':
cherrypy.session['machoSession'] = sess
return
auth = base.GetServiceSession('cherry').ConnectToAnyService(
'authentication')
sptype = const.userConnectTypeServerPages
try:
sessstuff, _ = auth.Login(sess.sid, username, password, None, sptype,
cherrypy.request.remote.ip)
except UserError:
return u'Incorrect username or password'
except Exception:
return u'Incorrect username or password'
session = CreateSession(username, password)
sessstuff['role'] |= sess.role
for otherSession in base.FindSessions('userid', [sessstuff['userid']]):
otherSession.LogSessionHistory(
'Usurped by user %s via HTTP using local authentication' %
username)
base.CloseSession(otherSession)
cherrypy.session['machoSession'] = sess
sess.SetAttributes(sessstuff)
def OnSessionEnd(self, sessionID):
if self.sessionsBySID.has_key(sessionID):
sess = self.sessionsBySID[sessionID]
del self.sessionsBySID[sessionID]
if getattr(sess, 'esps', None):
kaka = sess.esps.GetFlatkaka()
if kaka in self.sessionsByFlatkaka:
del self.sessionsByFlatkaka[kaka]
sess.LogSessionHistory('Session closed during OnSessionEnd')
base.CloseSession(sess)
def _CleanupSession(self, theID):
if macho.mode != 'client':
sess = None
if theID in self.sessions:
sess = self.sessions[theID]
del self.sessions[theID]
if not sess and theID in self.contextSessions:
sess = self.contextSessions[theID]
del self.contextSessions[theID]
if sess:
base.CloseSession(sess)
def logout(self, from_page = '/'):
sess = cherrypy.session
username = sess.get(SESSION_KEY, None)
sess[SESSION_KEY] = None
if username:
cherrypy.request.login = None
self.on_logout(username)
if 'machoSession' in cherrypy.session:
sess = cherrypy.session['machoSession']
sess.LogSessionHistory('Web session closed by logging out %s' % str(session.userid))
base.CloseSession(sess)
EndSession()
raise cherrypy.HTTPRedirect(from_page or '/')
def Release(self):
sm.UnregisterNotify(self)
if self.session is not None:
base.CloseSession(self.session)
blue.pyos.exceptionHandler = None
def GetSession(parent, request, response, sessionsBySID, sessionsByFlatkaka):
parent.LogInfo('GetSession')
if request.cookie.has_key('flatkaka'):
flatkaka = request.cookie['flatkaka']
if sessionsByFlatkaka.has_key(flatkaka):
sess = sessionsByFlatkaka[flatkaka]
if macho.mode == 'client':
return sess
uspa = request.Authorization()
if uspa != None:
u = sess.esps.contents['username']
p = sess.esps.contents['password']
if uspa[0] != u or uspa[1] != p:
parent.LogWarn("User %s is trying to hijack %s's session, with sessID=%d" % (uspa[0], u, sess.sid))
else:
parent.LogInfo('cookie information verified')
return sess
sess = None
success = False
if macho.mode == 'client':
sess = base.CreateSession(None, const.session.SESSION_TYPE_ESP, None)
sess.esps = ESPSession(parent, sess.sid)
success = True
else:
usernameAndPassword = request.Authorization()
reason = 'Access denied'
statusCode = '401 Unauthorized'
if usernameAndPassword != None:
parent.LogInfo('GetSession uap<>n')
username = usernameAndPassword[0]
password = usernameAndPassword[1]
for s in sessionsBySID.itervalues():
if hasattr(s, 'esps') and s.esps.contents['username'] == username:
if s.userid and s.esps.contents['password'] == password:
return s
break
if macho.mode == 'server' and ('authentication' not in sm.services or sm.services['authentication'].state != service.SERVICE_RUNNING):
blue.pyos.synchro.SleepWallclock(3000)
raise UserError('AutClusterStarting')
try:
if sm.services['http'].session.ConnectToProxyServerService('machoNet').CheckACL(request.ep.address, espCheck=True):
blue.pyos.synchro.SleepWallclock(3000)
raise UserError('AutClusterStarting')
except UnMachoDestination:
blue.pyos.synchro.SleepWallclock(3000)
raise UserError('AutClusterStarting')
sessionID = base.GetNewSid()
sess = base.CreateSession(sessionID, const.session.SESSION_TYPE_ESP)
sess.esps = ESPSession(parent, sess.sid)
auth = base.GetServiceSession('httpService').ConnectToAnyService('authentication')
try:
try:
sessstuff, _ = auth.Login(sessionID, username, password, None, const.userConnectTypeServerPages, request.ep.address)
sessstuff['role'] |= sess.role
except UserError as e:
if e.msg != 'CharacterInDifferentRegion':
raise
sys.exc_clear()
for each in base.FindSessions('userid', [sessstuff['userid']]):
each.LogSessionHistory('Usurped by user %s via HTTP using local authentication' % username)
base.CloseSession(each)
sess.LogSessionHistory('Authenticating user %s via HTTP using local authentication' % username)
sess.SetAttributes(sessstuff)
sess.LogSessionHistory('Authenticated user %s via HTTP using local authentication' % username)
success = True
except UnMachoDestination:
reason = 'The proxy server was unable to connect to any Sol Server Node to handle your authentication request.'
statusCode = '500 No Sol Server available'
sys.exc_clear()
except UserError as e:
if e.msg != 'LoginAuthFailed':
raise
sys.exc_clear()
if not success:
sess.LogSessionHistory('Session closed due to local authentication failure')
base.CloseSession(sess)
parent.LogInfo('GetSession done auth %s' % success)
if success:
sessID = sess.sid
while sessionsBySID.has_key(sessID):
parent.LogWarn('Session %d already exits, adding 1 to it' % sessID)
sessID += 1
sessionsBySID[sessID] = sess
sessionsByFlatkaka[sess.esps.GetFlatkaka()] = sess
parent.OnSessionBegin(sessID)
session = sess
session.cacheList = []
session.requestCount = 0
session.esps.contents['timeoutTimer'] = None
if macho.mode != 'client':
session.esps.contents['username'] = username
session.esps.contents['password'] = password
return session
else:
response.Clear()
response.status = statusCode
response.Write(reason)
response.authenticate = 1
response.Flush()
return
