Repository: zeppelin Updated Branches: refs/heads/master 4b6d3e557 -> d3d6340bd
Remove ticket after logout ### What is this PR for? IMO on logout of user Z-sever should also remove ticket. ### What type of PR is it? [Improvement] ### How should this be tested? On logout and login, Z-sever should return a new ticket for the same user. ### Screenshots (if appropriate) N/A ### Questions: * Does the licenses files need update? N/A * Is there breaking changes for older versions? N/A * Does this needs documentation? N/A Author: Prabhjyot Singh <prabhjyotsi...@gmail.com> Closes #2426 from prabhjyotsingh/fix/removeTicket and squashes the following commits: 64ef34f56 [Prabhjyot Singh] Remove ticket after logout Project: http://git-wip-us.apache.org/repos/asf/zeppelin/repo Commit: http://git-wip-us.apache.org/repos/asf/zeppelin/commit/d3d6340b Tree: http://git-wip-us.apache.org/repos/asf/zeppelin/tree/d3d6340b Diff: http://git-wip-us.apache.org/repos/asf/zeppelin/diff/d3d6340b Branch: refs/heads/master Commit: d3d6340bd783e022b6669e4c9614fd008d50346f Parents: 4b6d3e5 Author: Prabhjyot Singh <prabhjyotsi...@gmail.com> Authored: Wed Jun 21 23:11:16 2017 +0530 Committer: Prabhjyot Singh <prabhjyotsi...@gmail.com> Committed: Sat Jun 24 09:54:38 2017 +0530 ---------------------------------------------------------------------- .../org/apache/zeppelin/rest/LoginRestApi.java | 2 ++ .../apache/zeppelin/ticket/TicketContainer.java | 19 +++++++++++++++++++ 2 files changed, 21 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/zeppelin/blob/d3d6340b/zeppelin-server/src/main/java/org/apache/zeppelin/rest/LoginRestApi.java ---------------------------------------------------------------------- diff --git a/zeppelin-server/src/main/java/org/apache/zeppelin/rest/LoginRestApi.java b/zeppelin-server/src/main/java/org/apache/zeppelin/rest/LoginRestApi.java index e909541..bd96684 100644 --- a/zeppelin-server/src/main/java/org/apache/zeppelin/rest/LoginRestApi.java +++ b/zeppelin-server/src/main/java/org/apache/zeppelin/rest/LoginRestApi.java @@ -126,6 +126,8 @@ public class LoginRestApi { public Response logout() { JsonResponse response; Subject currentUser = org.apache.shiro.SecurityUtils.getSubject(); + TicketContainer.instance.removeTicket(SecurityUtils.getPrincipal()); + currentUser.getSession().stop(); currentUser.logout(); response = new JsonResponse(Response.Status.UNAUTHORIZED, "", ""); LOG.warn(response.toString()); http://git-wip-us.apache.org/repos/asf/zeppelin/blob/d3d6340b/zeppelin-zengine/src/main/java/org/apache/zeppelin/ticket/TicketContainer.java ---------------------------------------------------------------------- diff --git a/zeppelin-zengine/src/main/java/org/apache/zeppelin/ticket/TicketContainer.java b/zeppelin-zengine/src/main/java/org/apache/zeppelin/ticket/TicketContainer.java index 513bb4a..8c4b170 100644 --- a/zeppelin-zengine/src/main/java/org/apache/zeppelin/ticket/TicketContainer.java +++ b/zeppelin-zengine/src/main/java/org/apache/zeppelin/ticket/TicketContainer.java @@ -21,6 +21,8 @@ import java.util.Calendar; import java.util.Map; import java.util.UUID; import java.util.concurrent.ConcurrentHashMap; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; /** * Very simple ticket container @@ -30,6 +32,9 @@ import java.util.concurrent.ConcurrentHashMap; public class TicketContainer { + + private static final Logger LOGGER = LoggerFactory.getLogger(TicketContainer.class); + private static class Entry { public final String ticket; // lastAccessTime still unused @@ -79,4 +84,18 @@ public class TicketContainer { sessions.put(principal, entry); return ticket; } + + /** + * Remove ticket from session cache. + * @param principal + */ + public synchronized void removeTicket(String principal) { + try { + if (sessions.get(principal) != null) { + sessions.remove(principal); + } + } catch (Exception e) { + LOGGER.error("Error removing ticket", e); + } + } }
