Index: umc/app.js =================================================================== --- umc/app.js (Revision 34049) +++ umc/app.js (Arbeitskopie) @@ -91,26 +91,7 @@ umc.tools.status('overview', umc.tools.isTrue(props.overview)); } - if (props.username && props.password && dojo.isString(props.username) && dojo.isString(props.password)) { - // username and password are given, try to login directly - umc.dialog.login().then(dojo.hitch(this, 'onLogin')); - return; - } - - // check whether we still have a possibly valid cookie - var sessionCookie = dojo.cookie('UMCSessionId'); - var usernameCookie = dojo.cookie('UMCUsername'); - if (undefined !== sessionCookie && usernameCookie !== undefined - && (!umc.tools.status('username') || umc.tools.status('username') == usernameCookie)) { - // the following conditions need to be given for an automatic login - // * session and username need to be set via cookie - // * if a username is given via the query string, it needs to match the - // username saved in the cookie - this.onLogin(dojo.cookie('UMCUsername')); - } - else { - umc.dialog.login().then(dojo.hitch(this, 'onLogin')); - } + umc.dialog.login().then(dojo.hitch(this, 'onLogin')); }, onLogin: function(username) { @@ -118,11 +99,6 @@ dojo.cookie('UMCUsername', username, { expires: 100, path: '/' }); umc.tools.status('username', username); - // set the UCR session timeout value - umc.tools.ucr('umc/http/session/timeout').then( function(res) { - umc.tools._sessionTimeout = parseInt( res['umc/http/session/timeout'] , 10 ); - } ); - // start the timer for session checking umc.tools.checkSession(true); Index: umc/widgets/Uploader.js =================================================================== --- umc/widgets/Uploader.js (Revision 34049) +++ umc/widgets/Uploader.js (Arbeitskopie) @@ -175,9 +175,10 @@ dojo.mixin(params, this.dynamicOptions); } } - // mixin the iframe information + // mixin the iframe information and sessionID dojo.mixin(params, { - iframe: (this._uploader.uploadType === 'iframe') ? true : false + iframe: (this._uploader.uploadType === 'iframe'), + 'X-UMC-Session-Id': umc.tools.getSessionId() }); this._uploader.upload(params); this.onUploadStarted(data[0]); Index: umc/widgets/LoginDialog.js =================================================================== --- umc/widgets/LoginDialog.js (Revision 34049) +++ umc/widgets/LoginDialog.js (Arbeitskopie) @@ -232,7 +232,9 @@ this.standby(true); umc.tools.umcpCommand('auth', { username: username, - password: password + password: password, + // send also the version of the UMC frontend package + version: umc.tools.status('version') }).then(dojo.hitch(this, function(data) { // disable standby in any case this.standby(false); Index: umc/dialog.js =================================================================== --- umc/dialog.js (Revision 34049) +++ umc/dialog.js (Arbeitskopie) @@ -68,7 +68,8 @@ // try to authenticate via long polling... i.e., in case of an error try again until it works this._loginDeferred = umc.tools.umcpCommand('auth', { username: username, - password: password + password: password, + version: umc.tools.status('version') }, false, undefined, { message: this._('So far the authentification failed. Continuing nevertheless.'), noLogin: true Index: umc/tools.js =================================================================== --- umc/tools.js (Revision 34049) +++ umc/tools.js (Arbeitskopie) @@ -42,9 +42,8 @@ })); dojo.mixin(umc.tools, { - // default value for the session timeout - // it will be replaced by the ucr variable 'umc/http/session/timeout' onLogin - _sessionTimeout: 300, + _sessionID: '', + _sessionDuration: 0, _status: { username: null, @@ -54,7 +53,8 @@ displayUsername: true, width: null, setupGui: false, - loggingIn: false + loggingIn: false, + version: '' }, status: function(/*String?*/ key, /*Mixed?*/ value) { @@ -66,6 +66,7 @@ // With two parameters, sets the value of the specified key. // Also contains the properties given // to `umc.app.start()`. The following properties exist: + // * version (String): The version of the UMC frontend package. // * username (String): The username of the authenticated user. // * hostname (String): The hostname on which the UMC is running. // * domainname (String): The domainname on which the UMC is running. @@ -90,41 +91,40 @@ return undefined; }, + getSessionId: function() { + return this._sessionID; + }, + + setSession: function(/*String*/ sessionID, /*Integer*/ duration) { + // summary: + // sets the sessionid and sessiontimeout + // sessionID: String + // the session id + // duration: Integer + // the session timeout in milliseconds + this._sessionID = sessionID; + this._sessionDuration = duration; + }, + + checkSessionActive: function() { + return this._sessionID && this._sessionDuration > 0; + }, + closeSession: function() { // summary: - // Reset the session cookie in order to close the session from the client side. - dojo.cookie('UMCSessionId', null, { - expires: -1, - path: '/' - }); + // Reset the session in order to close the session from the client side. + this.setSession('', -1); }, - holdSession: function(/*String?*/ id) { + holdSession: function(/*String*/ id) { // summary: - // Set the expiration time of the current session cookie in to 24 hours. + // Set the expiration time of the current session in to 24 hours. // id: String // If specified, the session ID will be set to this value, otherwise the - // ID will be read from the cookie automatically. - var date = new Date((new Date()).getTime() + 1000 * 60 * 60 * 24); - dojo.cookie('UMCSessionId', id || dojo.cookie('UMCSessionId'), { - expires: date.toUTCString(), - path: '/' - }); + // ID will not change. + this.setSession(id || this._sessionID, 1000 * 60 * 60 * 24); }, - _renewIESession : function() { - // summary: - // Reset the Internet Explorer Session. Internet Explorer can not handle max-age cookies. - // This is required for automatically show the login dialogue when the session is expired. - if(dojo.isIE !== undefined) { - var date = new Date((new Date()).getTime() + 1000 * this._sessionTimeout); - dojo.cookie('UMCSessionId', dojo.cookie('UMCSessionId'), { - expires: date.toUTCString(), - path: '/' - }); - } - }, - _checkSessionTimer: null, checkSession: function(enable) { @@ -143,7 +143,7 @@ // create a new timer instance this._checkSessionTimer = new dojox.timing.Timer(1000); this._checkSessionTimer.onTick = function() { - if (!dojo.isString(dojo.cookie('UMCSessionId'))) { + if (!umc.tools.checkSessionActive()) { umc.tools._checkSessionTimer.stop(); if (umc.tools.status['loggingIn']) { // login dialog is already running @@ -156,6 +156,8 @@ umc.tools._checkSessionTimer.start(); } }); + } else { + umc.tools._sessionDuration -= 1000; } }; } @@ -170,7 +172,7 @@ _PollingHandler: function(url, content, finishedDeferred, opts) { // save the current session ID locally, as the cookie might expire when // the time and timezone settings are updated - var _oldSessionID = dojo.cookie('UMCSessionId'); + var _oldSessionID = umc.tools.getSessionId(); return { finishedDeferred: finishedDeferred, @@ -221,12 +223,12 @@ sendRequest: function() { // switch off the automatic check for session timeout... - // the proble here is as follows, we do not receive a response, + // the problem here is as follows, we do not receive a response, // therefore the cookie is not updated (which is checked for the // session timeout), however, the server will renew the session // with each valid request that it receives - var currentSessionID = dojo.cookie('UMCSessionId'); - if (!currentSessionID || 'undefined' == currentSessionID) { + var currentSessionID = umc.tools.getSessionId(); + if (!currentSessionID) { // restore last valid session ID currentSessionID = _oldSessionID; } @@ -235,18 +237,23 @@ // send AJAX command this._lastRequestTime = (new Date()).getTime(); - dojo.xhrPost({ + var xhrRequest = dojo.xhrPost({ url: this.url, preventCache: true, handleAs: 'json', headers: { - 'Content-Type': 'application/json' + 'Content-Type': 'application/json', + 'X-UMC-Session-Id': umc.tools.getSessionId() }, postData: this.content, timeout: 1000 * this.xhrTimeout - }).then(dojo.hitch(this, function(data) { + }); + xhrRequest.then(dojo.hitch(this, function(data) { // request finished - umc.tools._renewIESession(); + if (xhrRequest.ioArgs.xhr.getResponseHeader('X-UMC-Session-Id')) { + // reset the sessionId and sessionTimeout + umc.tools.setSession(xhrRequest.ioArgs.xhr.getResponseHeader('X-UMC-Session-Id'), 1000 * parseInt(xhrRequest.ioArgs.xhr.getResponseHeader('X-UMC-Session-Timeout'))); + } this._dialog.hide(); this._dialog.destroyRecursive(); this.finishedDeferred.resolve(data); @@ -349,18 +356,22 @@ } else { // normal AJAX call - var call = dojo.xhrPost({ + var xcall = dojo.xhrPost({ url: url, preventCache: true, handleAs: 'json', headers: { - 'Content-Type': 'application/json' + 'Content-Type': 'application/json', + 'X-UMC-Session-Id': umc.tools.getSessionId() }, postData: body }); - call = call.then(function(data) { - umc.tools._renewIESession(); + var call = xcall.then(function(data) { + if (xcall.ioArgs.xhr.getResponseHeader('X-UMC-Session-Id')) { + // reset the sessionId and sessionTimeout + umc.tools.setSession(xcall.ioArgs.xhr.getResponseHeader('X-UMC-Session-Id'), 1000 * parseInt(xcall.ioArgs.xhr.getResponseHeader('X-UMC-Session-Timeout'))); + } return data; });