jetty 9.4 share sessions among different contexts - jetty

I recently upgraded from jetty 9.3.11 to 9.4.6 . Since 9.4.x does not support HashSessionManager, I created my own custom SessionHandler. But when i attach this SessionHandler to the WebAppContext then the context becomes null when trying to access from servlets. there are no errors thrown in the logs.
Relevant section of code:
MyCustomSessionHandler sessionHandler = new MyCustomSessionHandler();
HandlerCollection handlers_ = new HandlerCollection(true);
COntextHandlerCollection chc_ = new ContextHandlerCollection();
for(WebAppConfig wap: webAppConfigs) //webappconfig a POJO from where I am getting webapp configs
{
String path = wap.getPath();
String warFile = wap.getWarFile();
WebAppContext context =
new WebAppContext(chc_, warFile, path);
// context.setSessionHandler(new SessionHandler()); // this one works.
context.setSessionHandler(sessionHandler); // this one doesnt work.
for (ServletConfig servletConfig: wap.getServletConfigs()) //ServletConfig is another POJO to get servlet configs
{
String servletName = servletConfig.getName();
String servletPath = servletConfig.getPath();
Servlet servlet = servletConfig.getServlet();
ServletHolder servletHolder = new ServletHolder(servlet);
context.addServlet(servletHolder, servletPath);
}
}
handlers_.setHandlers(new Handler[] { chc_, new DefaultHandler()});
server_.setHandler(handlers_);
Sample of my custom Session handler
public class MyCUstomSessionHandler extends SessionHandler
{
public MyCustomSessionHandler()
{
super();
}
public void setSecureCookies(boolean secureCookies)
{
getSessionCookieConfig().setSecure(secureCookies);
}
public void setHttpOnly(boolean httpOnly)
{
getSessionCookieConfig().setHttpOnly(httpOnly);
}
public void setMaxCookieAge(int age)
{
getSessionCookieConfig().setMaxAge(age);
}
}
Further clarification: It happens because I create a singleton sessionhandler and share it across different WepAppContext as a way of sharing sessions among them. This method seemed work fine without issues in 9.3 but doesn't work with new session management in 9.4.
Any help to solve this problem is appreciated.

I solved it by
setting cookie path to root ("/")
extending the getSession() function of SessionHandler to loop through all the contexts to check if session is created for the cookie in any other context.
/* check all contexts for sessions*/
public Session getSession(String id)
{
Session session = getLocalSession(id);
if (session == null)
{
for (SessionHandler manager: getSessionIdManager().getSessionHandlers())
{
if (manager.equals(this) ||
!(manager instanceof CustomSessionHandler))
{
continue;
}
session = ((CustomSessionHandler)manager).getLocalSession(id);
if (session != null)
{
break;
}
}
// should we duplicate sessions in each context?
// will we end up with inconsistent sessions?
/*
if (externalSession != null)
{
try
{
getSessionCache().put(id, externalSession);
}
catch (Exception e)
{
LOG.warn("Unable to save session to local cache.");
}
}
*/
}
return session;
}
/* ------------------------------------------------------------ */
/**
* Get a known existing session
* #param id The session ID stripped of any worker name.
* #return A Session or null if none exists.
*/
public Session getLocalSession(String id)
{
return super.getSession(id);
}

Related

how to collect sitecore information for anonymous

I need to get sitecore information that collected from anonymous users to give him availability to export it or opt out - [GDPR]
any idea about contact ID for anonymous !
The way of doing it is dependent on the sitecore version.
Sitcore 9 you can use right to be forgotten
Sitecore 8+ you have to implement the feature from scratch.
Regarding Anonymous user - If the user is really anonymous, then you done need to worry about the GDPR (my view). But sometimes we map user email and sensitive personal info to anonymous user by using forms or WFFM. You can use email address of that user to query xDB (Contact Identifiers) to get the contact and contactID. Then reset informations.
Also: please note that based on WFFFM save action config, anonymous user will store in Core DB and Contact List.
To forget a user, you can use the following code. It will execute the ExecuteRightToBeForgotten function on the contact and scrub their data.
Forget User
public bool ForgetUser()
{
var id = _contactIdentificationRepository.GetContactId();
if (id == null)
{
return false;
}
var contactReference = new IdentifiedContactReference(id.Source, id.Identifier);
using (var client = _contactIdentificationRepository.CreateContext())
{
var contact = client.Get(contactReference, new ContactExpandOptions());
if (contact != null)
{
client.ExecuteRightToBeForgotten(contact);
client.Submit();
}
}
return false;
}
Fake up some data
public void FakeUserInfo()
{
var contactReference = _contactIdentificationRepository.GetContactReference();
using (var client = SitecoreXConnectClientConfiguration.GetClient())
{
// we can have 1 to many facets
// PersonalInformation.DefaultFacetKey
// EmailAddressList.DefaultFacetKey
// Avatar.DefaultFacetKey
// PhoneNumberList.DefaultFacetKey
// AddressList.DefaultFacetKey
// plus custom ones
var facets = new List<string> { PersonalInformation.DefaultFacetKey };
// get the contact
var contact = client.Get(contactReference, new ContactExpandOptions(facets.ToArray()));
// pull the facet from the contact (if it exists)
var facet = contact.GetFacet<PersonalInformation>(PersonalInformation.DefaultFacetKey);
// if it exists, change it, else make a new one
if (facet != null)
{
facet.FirstName = $"Myrtle-{DateTime.Now.Date.ToString(CultureInfo.InvariantCulture)}";
facet.LastName = $"McSitecore-{DateTime.Now.Date.ToString(CultureInfo.InvariantCulture)}";
// set the facet on the client connection
client.SetFacet(contact, PersonalInformation.DefaultFacetKey, facet);
}
else
{
// make a new one
var personalInfoFacet = new PersonalInformation()
{
FirstName = "Myrtle",
LastName = "McSitecore"
};
// set the facet on the client connection
client.SetFacet(contact, PersonalInformation.DefaultFacetKey, personalInfoFacet);
}
if (contact != null)
{
// submit the changes to xConnect
client.Submit();
// reset the contact
_contactIdentificationRepository.Manager.RemoveFromSession(Analytics.Tracker.Current.Contact.ContactId);
Analytics.Tracker.Current.Session.Contact = _contactIdentificationRepository.Manager.LoadContact(Analytics.Tracker.Current.Contact.ContactId);
}
}
}
ContactIdentificationRepository
using System.Linq;
using Sitecore.Analytics;
using Sitecore.Analytics.Model;
using Sitecore.Analytics.Tracking;
using Sitecore.Configuration;
using Sitecore.XConnect;
using Sitecore.XConnect.Client.Configuration;
namespace Sitecore.Foundation.Accounts.Repositories
{
public class ContactIdentificationRepository
{
private readonly ContactManager contactManager;
public ContactManager Manager => contactManager;
public ContactIdentificationRepository()
{
contactManager = Factory.CreateObject("tracking/contactManager", true) as ContactManager;
}
public IdentifiedContactReference GetContactReference()
{
// get the contact id from the current contact
var id = GetContactId();
// if the contact is new or has no identifiers
var anon = Tracker.Current.Contact.IsNew || Tracker.Current.Contact.Identifiers.Count == 0;
// if the user is anon, get the xD.Tracker identifier, else get the one we found
return anon
? new IdentifiedContactReference(Sitecore.Analytics.XConnect.DataAccess.Constants.IdentifierSource, Tracker.Current.Contact.ContactId.ToString("N"))
: new IdentifiedContactReference(id.Source, id.Identifier);
}
public Analytics.Model.Entities.ContactIdentifier GetContactId()
{
if (Tracker.Current?.Contact == null)
{
return null;
}
if (Tracker.Current.Contact.IsNew)
{
// write the contact to xConnect so we can work with it
this.SaveContact();
}
return Tracker.Current.Contact.Identifiers.FirstOrDefault();
}
public void SaveContact()
{
// we need the contract to be saved to xConnect. It is only in session now
Tracker.Current.Contact.ContactSaveMode = ContactSaveMode.AlwaysSave;
this.contactManager.SaveContactToCollectionDb(Tracker.Current.Contact);
}
public IXdbContext CreateContext()
{
return SitecoreXConnectClientConfiguration.GetClient();
}
}
}

DataSource connections pool

I have a data source configured with its connections pool ready to use, and it is exposed to my application via JDNI, but the code my colleagues wrote actually opens and closes a connection for every query. How does WSO2 handle this? Does it really close the connection given by the pool, or it ignores the close and just considers this connection free to be added back to the pool and ready to be used by any other client?
Connection conn = null;
CallableStatement cStmt = null;
try {
Hashtable<String, String> environment = new Hashtable<String, String>();
environment.put("java.naming.factory.initial", "org.wso2.carbon.tomcat.jndi.CarbonJavaURLContextFactory");
Context initContext = new InitialContext(environment);
DataSource ds = (DataSource) initContext.lookup("jdbc/tvaccount");
if (ds != null) {
conn = ds.getConnection();
cStmt = conn.prepareCall("{call getAccountStatusAttr(?)}");
cStmt.setString("pUserLogin", userName);
cStmt.execute();
}
} catch (Exception e) {
log.error("Exception while getting account status: ", e);
} finally {
if (cStmt != null) {
try {
cStmt.close();
} catch (SQLException e) {
}
}
if (conn != null) {
try {
conn.close();
} catch (SQLException e) {
}
}
}
Have you added this java code as a JAR file in WSO2 ESB and then accessed the method by using class mediator? if this is the case then it behaves like a normal java code wherein once the query is executed the connection will be closed.

How to get last location on Glass reliably?

Method getLastLocation() from LocationManager often return null and it's quite tricky to select best provider. The documentation says:
Warning: Do not use the LocationManager.getBestProvider() method or the constants GPS_PROVIDER or NETWORK_PROVIDER to listen for location updates. Glass uses a dynamic set of providers and listening only to a single provider may cause your application to miss location updates.
How to get best last location?
Because Glass uses dynamic set of providers, you need to get location from all of them and select the location with best accuracy:
public static Location getLastLocation(Context context) {
LocationManager manager = (LocationManager) context.getSystemService(Context.LOCATION_SERVICE);
Criteria criteria = new Criteria();
criteria.setAccuracy(Criteria.NO_REQUIREMENT);
List<String> providers = manager.getProviders(criteria, true);
List<Location> locations = new ArrayList<Location>();
for (String provider : providers) {
Location location = manager.getLastKnownLocation(provider);
if (location != null && location.getAccuracy()!=0.0) {
locations.add(location);
}
}
Collections.sort(locations, new Comparator<Location>() {
#Override
public int compare(Location location, Location location2) {
return (int) (location.getAccuracy() - location2.getAccuracy());
}
});
if (locations.size() > 0) {
return locations.get(0);
}
return null;
}
Destil's answer above correctly handles the case where at least one provider returns a valid location for getLastKnownLocation().
However, I've also seen Glass return null for getLastKnownLocation() for all providers (in XE16 in particular).
In this case, your only option is to register a LocationListener and wait for a new location update.
For example, in context of getting a location when creating a new Activity, it would look like the following:
public class MyActivity extends Activity implements LocationListener {
...
LocationManager mLocationManager;
Location mLastKnownLocation;
#Override
protected void onCreate(Bundle savedInstanceState) {
// Activity setup
...
// Use Destil's answer to get last known location, using all providers
mLastKnownLocation = getLastLocation(this);
if (mLastKnownLocation != null) {
// Do something with location
doSomethingWithLocation(mLastKnownLocation);
} else {
// All providers returned null - start a LocationListener to force a refresh of location
mLocationManager = (LocationManager) getSystemService(Context.LOCATION_SERVICE);
List<String> providers = mLocationManager.getProviders(true);
for (Iterator<String> i = providers.iterator(); i.hasNext(); ) {
mLocationManager.requestLocationUpdates(i.next(), 0, 0, this);
}
}
...
}
...
}
You'll then need to handle the LocationListener callbacks:
#Override
public void onLocationChanged(Location location) {
if (mLastKnownLocation == null) {
// At least one location should be available now
// Use Destil's answer to get last known location again, using all providers
mLastKnownLocation = getLastLocation(this);
if (mLastKnownLocation == null) {
// This shouldn't happen if LocationManager is saving locations correctly, but if it does, use the location that was just passed in
mLastKnownLocation = location;
}
// Stop listening for updates
mLocationManager.removeUpdates(this);
// Do something with location
doSomethingWithLocation(mLastKnownLocation);
}
}
#Override
public void onStatusChanged(String provider, int status, Bundle extras) {}
#Override
public void onProviderEnabled(String provider) {}
#Override
public void onProviderDisabled(String provider) {}
It can be a little tricky to change to the asynchronous model to avoid blocking the UI thread while waiting for the update, and it may require moving some of your app logic around.
The code in the answer should be adjusted to handle an accuracy of "0.0" which represents "NO Accuracy" known!
Here is an alternative that includes this adjustment
public static Location getLastLocation(Context context) {
Location result = null;
LocationManager locationManager;
Criteria locationCriteria;
List<String> providers;
locationManager = (LocationManager) context.getSystemService(Context.LOCATION_SERVICE);
locationCriteria = new Criteria();
locationCriteria.setAccuracy(Criteria.NO_REQUIREMENT);
providers = locationManager.getProviders(locationCriteria, true);
// Note that providers = locatoinManager.getAllProviders(); is not used because the
// list might contain disabled providers or providers that are not allowed to be called.
//Note that getAccuracy can return 0, indicating that there is no known accuracy.
for (String provider : providers) {
Location location = locationManager.getLastKnownLocation(provider);
if (result == null) {
result = location;
}
else if (result.getAccuracy() == 0.0) {
if (location.getAccuracy() != 0.0) {
result = location;
break;
} else {
if (result.getAccuracy() > location.getAccuracy()) {
result = location;
}
}
}
}
return result;
}

RavenDB keeps throwing a ConcurrencyException

I keep getting a ConcurrencyException trying to update the same document multiple times in succession. PUT attempted on document '<id>' using a non current etag is the message.
On every save from our UI we publish an event using MassTransit. This event is sent to the subscriberqueues, but I put the Eventhandlers offline (testing offline subscribers). Once the eventhandler comes online the queue is read and the messages are processed as intended.
However since the same object is in the queue multiple times the first write succeeds, the next doesn't and throws this concurrencyexception.
I use a factory class to have a consistent IDocumentStore and IDocumentSession in all my applications. I specifically set the UseOptimisticConcurrency = false in the GetSession() method.
public static class RavenFactory
{
public static IDocumentStore CreateDocumentStore()
{
var store = new DocumentStore() { ConnectionStringName = "RavenDB" };
// Setting Conventions
store.Conventions.RegisterIdConvention<MyType>((db, cmd, e) => e.MyProperty.ToString());
store.Conventions.RegisterAsyncIdConvention<MyType>((db, cmd, e) => new CompletedTask<string>(e.MyProperty.ToString()));
// Registering Listeners
store
.RegisterListener(new TakeNewestConflictResolutionListener())
.RegisterListener(new DocumentConversionListener())
.RegisterListener(new DocumentStoreListener());
// Initialize and return
store.Initialize();
return store;
}
public static IDocumentSession GetSession(IDocumentStore store)
{
var session = store.OpenSession();
session.Advanced.UseOptimisticConcurrency = false;
return session;
}
}
The eventhandler looks like this. The IDocumentSession gets injected using Dependency Injection.
Here is the logic to get an instance of IDocumentSession.
private static void InitializeRavenDB(IUnityContainer container)
{
container.RegisterInstance<IDocumentStore>(RavenFactory.CreateDocumentStore(), new ContainerControlledLifetimeManager());
container.RegisterType<IDocumentSession, DocumentSession>(new PerResolveLifetimeManager(), new InjectionFactory(c => RavenFactory.GetSession(c.Resolve<IDocumentStore>())));
}
And here is the actual EventHandler which has the ConcurrencyException.
public class MyEventHandler:Consumes<MyEvent>.All, IConsumer
{
private readonly IDocumentSession _session;
public MyEventHandler(IDocumentSession session)
{
if (session == null) throw new ArgumentNullException("session");
_session = session;
}
public void Consume(MyEvent message)
{
Console.WriteLine("MyEvent received: Id = '{0}'", message.MyProperty);
try
{
_session.Store(message);
_session.SaveChanges();
}
catch (Exception ex)
{
var exc = ex.ToString();
// Deal with concurrent writes ...
throw;
}
}
}
I want to ignore any concurrencyexception for now until we can sort out with the business on how to tackle concurrency.
So, any ideas why I get the ConcurrencyException? I want the save to happen no matter whether the document has been updated before or not.
I am unfamiliar with configuring Unity, but you always want Singleton of the IDocumentStore. Below, I have coded the Singleton out manually, but I'm sure Unity would support it:
public static class RavenFactory
{
private static IDocumentStore store;
private static object syncLock = new object();
public static IDocumentStore CreateDocumentStore()
{
if(RavenFactory.store != null)
return RavenFactory.store;
lock(syncLock)
{
if(RavenFactory.store != null)
return RavenFactory.store;
var localStore = new DocumentStore() { ConnectionStringName = "RavenDB" };
// Setting Conventions
localStore .Conventions.RegisterIdConvention<MyType>((db, cmd, e) => e.MyProperty.ToString());
localStore .Conventions.RegisterAsyncIdConvention<MyType>((db, cmd, e) => new CompletedTask<string>(e.MyProperty.ToString()));
// Registering Listeners
localStore
.RegisterListener(new TakeNewestConflictResolutionListener())
.RegisterListener(new DocumentConversionListener())
.RegisterListener(new DocumentStoreListener());
// Initialize and return
localStore.Initialize();
RavenFactory.store = localStore;
return RavenFactory.store;
}
}
// As before
// public static IDocumentSession GetSession(IDocumentStore store)
//
}

Embedded jetty implementing HttpSessionListener

I am trying to implementing HttpSessionListener interface with embedded jetty with proxy servlet, I have registered SessionListener, but it is not getting invoked at all, here is the code,
public class JettyProxy {
public static void main(String[] args) throws Exception {
Server server = new Server();
CustomProxyServlet customProxyServlet = new CustomProxyServlet();
ServerConnector connector = new ServerConnector(server);
connector.setPort(8888);
server.addConnector(connector);
ConnectHandler proxy = new ConnectHandler();
server.setHandler(proxy);
ServletContextHandler context = new ServletContextHandler(proxy, "/",
ServletContextHandler.SESSIONS);
ServletHolder proxyServlet = new ServletHolder(customProxyServlet);
context.addServlet(proxyServlet, "/*");
if (context.getSessionHandler() == null) {
System.out.println("Session handler is null");
} else {
System.out.println("Session handler is not null");
}
if (context.getSessionHandler().getSessionManager() == null) {
System.out.println("Managaer it null");
} else {
System.out.println("Manager is not null");
}
context.getSessionHandler().addEventListener(new CustomSessionHandler());
server.start();
server.join();
}
}
SessionHandler is not null, session creating events are not getting triggered, please help me, what is the procedure get session events?
you should have a SessionManager. i usually use :
org.eclipse.jetty.server.session.HashSessionManager.HashSessionManager()
and
org.eclipse.jetty.server.session.SessionHandler.SessionHandler(SessionManager manager)
then you should set the handler for the context
context.setHandler(sessionHandler);
sessionHandler.addEventListener("Your Session Listener");