Mercurial Hosting > luan

comparison src/org/eclipse/jetty/server/session/SessionHandler.java @ 802:3428c60d7cfc

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
replace jetty jars with source
author Franklin Schmidt <fschmidt@gmail.com>
date Wed, 07 Sep 2016 21:15:48 -0600
parents
children
comparison
equal deleted inserted replaced
801:6a21393191c1 802:3428c60d7cfc
1 //
2 // ========================================================================
3 // Copyright (c) 1995-2014 Mort Bay Consulting Pty. Ltd.
4 // ------------------------------------------------------------------------
5 // All rights reserved. This program and the accompanying materials
6 // are made available under the terms of the Eclipse Public License v1.0
7 // and Apache License v2.0 which accompanies this distribution.
8 //
9 // The Eclipse Public License is available at
10 // http://www.eclipse.org/legal/epl-v10.html
11 //
12 // The Apache License v2.0 is available at
13 // http://www.opensource.org/licenses/apache2.0.php
14 //
15 // You may elect to redistribute this code under either of these licenses.
16 // ========================================================================
17 //
18
19 package org.eclipse.jetty.server.session;
20
21 import java.io.IOException;
22 import java.util.EnumSet;
23 import java.util.EventListener;
24 import javax.servlet.DispatcherType;
25 import javax.servlet.ServletException;
26 import javax.servlet.SessionTrackingMode;
27 import javax.servlet.http.Cookie;
28 import javax.servlet.http.HttpServletRequest;
29 import javax.servlet.http.HttpServletResponse;
30 import javax.servlet.http.HttpSession;
31
32 import org.eclipse.jetty.http.HttpCookie;
33 import org.eclipse.jetty.server.Request;
34 import org.eclipse.jetty.server.Server;
35 import org.eclipse.jetty.server.SessionManager;
36 import org.eclipse.jetty.server.handler.ScopedHandler;
37 import org.eclipse.jetty.util.log.Log;
38 import org.eclipse.jetty.util.log.Logger;
39
40 /* ------------------------------------------------------------ */
41 /**
42 * SessionHandler.
43 */
44 public class SessionHandler extends ScopedHandler
45 {
46 final static Logger LOG = Log.getLogger("org.eclipse.jetty.server.session");
47
48 public final static EnumSet<SessionTrackingMode> DEFAULT_TRACKING = EnumSet.of(SessionTrackingMode.COOKIE,SessionTrackingMode.URL);
49
50 /* -------------------------------------------------------------- */
51 private SessionManager _sessionManager;
52
53 /* ------------------------------------------------------------ */
54 /**
55 * Constructor. Construct a SessionHandler witha a HashSessionManager with a standard java.util.Random generator is created.
56 */
57 public SessionHandler()
58 {
59 this(new HashSessionManager());
60 }
61
62 /* ------------------------------------------------------------ */
63 /**
64 * @param manager
65 * The session manager
66 */
67 public SessionHandler(SessionManager manager)
68 {
69 setSessionManager(manager);
70 }
71
72 /* ------------------------------------------------------------ */
73 /**
74 * @return Returns the sessionManager.
75 */
76 public SessionManager getSessionManager()
77 {
78 return _sessionManager;
79 }
80
81 /* ------------------------------------------------------------ */
82 /**
83 * @param sessionManager
84 * The sessionManager to set.
85 */
86 public void setSessionManager(SessionManager sessionManager)
87 {
88 if (isStarted())
89 throw new IllegalStateException();
90 SessionManager old_session_manager = _sessionManager;
91
92 if (getServer() != null)
93 getServer().getContainer().update(this,old_session_manager,sessionManager,"sessionManager",true);
94
95 if (sessionManager != null)
96 sessionManager.setSessionHandler(this);
97
98 _sessionManager = sessionManager;
99
100 if (old_session_manager != null)
101 old_session_manager.setSessionHandler(null);
102 }
103
104 /* ------------------------------------------------------------ */
105 @Override
106 public void setServer(Server server)
107 {
108 Server old_server = getServer();
109 if (old_server != null && old_server != server)
110 old_server.getContainer().update(this,_sessionManager,null,"sessionManager",true);
111 super.setServer(server);
112 if (server != null && server != old_server)
113 server.getContainer().update(this,null,_sessionManager,"sessionManager",true);
114 }
115
116 /* ------------------------------------------------------------ */
117 /*
118 * @see org.eclipse.thread.AbstractLifeCycle#doStart()
119 */
120 @Override
121 protected void doStart() throws Exception
122 {
123 _sessionManager.start();
124 super.doStart();
125 }
126
127 /* ------------------------------------------------------------ */
128 /*
129 * @see org.eclipse.thread.AbstractLifeCycle#doStop()
130 */
131 @Override
132 protected void doStop() throws Exception
133 {
134 // Destroy sessions before destroying servlets/filters see JETTY-1266
135 _sessionManager.stop();
136 super.doStop();
137 }
138
139 /* ------------------------------------------------------------ */
140 /*
141 * @see org.eclipse.jetty.server.Handler#handle(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, int)
142 */
143 @Override
144 public void doScope(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
145 {
146 SessionManager old_session_manager = null;
147 HttpSession old_session = null;
148 HttpSession access = null;
149 try
150 {
151 old_session_manager = baseRequest.getSessionManager();
152 old_session = baseRequest.getSession(false);
153
154 if (old_session_manager != _sessionManager)
155 {
156 // new session context
157 baseRequest.setSessionManager(_sessionManager);
158 baseRequest.setSession(null);
159 checkRequestedSessionId(baseRequest,request);
160 }
161
162 // access any existing session
163 HttpSession session = null;
164 if (_sessionManager != null)
165 {
166 session = baseRequest.getSession(false);
167 if (session != null)
168 {
169 if (session != old_session)
170 {
171 access = session;
172 HttpCookie cookie = _sessionManager.access(session,request.isSecure());
173 if (cookie != null) // Handle changed ID or max-age refresh
174 baseRequest.getResponse().addCookie(cookie);
175 }
176 }
177 else
178 {
179 session = baseRequest.recoverNewSession(_sessionManager);
180 if (session != null)
181 baseRequest.setSession(session);
182 }
183 }
184
185 if (LOG.isDebugEnabled())
186 {
187 LOG.debug("sessionManager=" + _sessionManager);
188 LOG.debug("session=" + session);
189 }
190
191 // start manual inline of nextScope(target,baseRequest,request,response);
192 if (_nextScope != null)
193 _nextScope.doScope(target,baseRequest,request,response);
194 else if (_outerScope != null)
195 _outerScope.doHandle(target,baseRequest,request,response);
196 else
197 doHandle(target,baseRequest,request,response);
198 // end manual inline (pathentic attempt to reduce stack depth)
199
200 }
201 finally
202 {
203 if (access != null)
204 _sessionManager.complete(access);
205
206 HttpSession session = baseRequest.getSession(false);
207 if (session != null && old_session == null && session != access)
208 _sessionManager.complete(session);
209
210 if (old_session_manager != null && old_session_manager != _sessionManager)
211 {
212 baseRequest.setSessionManager(old_session_manager);
213 baseRequest.setSession(old_session);
214 }
215 }
216 }
217
218 /* ------------------------------------------------------------ */
219 /*
220 * @see org.eclipse.jetty.server.Handler#handle(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, int)
221 */
222 @Override
223 public void doHandle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
224 {
225 // start manual inline of nextHandle(target,baseRequest,request,response);
226 if (never())
227 nextHandle(target,baseRequest,request,response);
228 else if (_nextScope != null && _nextScope == _handler)
229 _nextScope.doHandle(target,baseRequest,request,response);
230 else if (_handler != null)
231 _handler.handle(target,baseRequest,request,response);
232 // end manual inline
233 }
234
235 /* ------------------------------------------------------------ */
236 /**
237 * Look for a requested session ID in cookies and URI parameters
238 *
239 * @param baseRequest
240 * @param request
241 */
242 protected void checkRequestedSessionId(Request baseRequest, HttpServletRequest request)
243 {
244 String requested_session_id = request.getRequestedSessionId();
245
246 SessionManager sessionManager = getSessionManager();
247
248 if (requested_session_id != null && sessionManager != null)
249 {
250 HttpSession session = sessionManager.getHttpSession(requested_session_id);
251 if (session != null && sessionManager.isValid(session))
252 baseRequest.setSession(session);
253 return;
254 }
255 else if (!DispatcherType.REQUEST.equals(baseRequest.getDispatcherType()))
256 return;
257
258 boolean requested_session_id_from_cookie = false;
259 HttpSession session = null;
260
261 // Look for session id cookie
262 if (_sessionManager.isUsingCookies())
263 {
264 Cookie[] cookies = request.getCookies();
265 if (cookies != null && cookies.length > 0)
266 {
267 final String sessionCookie=sessionManager.getSessionCookieConfig().getName();
268 for (int i = 0; i < cookies.length; i++)
269 {
270 if (sessionCookie.equalsIgnoreCase(cookies[i].getName()))
271 {
272 requested_session_id = cookies[i].getValue();
273 requested_session_id_from_cookie = true;
274
275 LOG.debug("Got Session ID {} from cookie",requested_session_id);
276
277 if (requested_session_id != null)
278 {
279 session = sessionManager.getHttpSession(requested_session_id);
280
281 if (session != null && sessionManager.isValid(session))
282 {
283 break;
284 }
285 }
286 else
287 {
288 LOG.warn("null session id from cookie");
289 }
290 }
291 }
292 }
293 }
294
295 if (requested_session_id == null || session == null)
296 {
297 String uri = request.getRequestURI();
298
299 String prefix = sessionManager.getSessionIdPathParameterNamePrefix();
300 if (prefix != null)
301 {
302 int s = uri.indexOf(prefix);
303 if (s >= 0)
304 {
305 s += prefix.length();
306 int i = s;
307 while (i < uri.length())
308 {
309 char c = uri.charAt(i);
310 if (c == ';' || c == '#' || c == '?' || c == '/')
311 break;
312 i++;
313 }
314
315 requested_session_id = uri.substring(s,i);
316 requested_session_id_from_cookie = false;
317 session = sessionManager.getHttpSession(requested_session_id);
318 if (LOG.isDebugEnabled())
319 LOG.debug("Got Session ID {} from URL",requested_session_id);
320 }
321 }
322 }
323
324 baseRequest.setRequestedSessionId(requested_session_id);
325 baseRequest.setRequestedSessionIdFromCookie(requested_session_id != null && requested_session_id_from_cookie);
326 if (session != null && sessionManager.isValid(session))
327 baseRequest.setSession(session);
328 }
329
330 /* ------------------------------------------------------------ */
331 /**
332 * @param listener
333 */
334 public void addEventListener(EventListener listener)
335 {
336 if (_sessionManager != null)
337 _sessionManager.addEventListener(listener);
338 }
339
340 /* ------------------------------------------------------------ */
341 public void clearEventListeners()
342 {
343 if (_sessionManager != null)
344 _sessionManager.clearEventListeners();
345 }
346 }