| SessionIdServletRequest.java |
1 /**
2 * Copyright (c) 2000-2008 Liferay, Inc. All rights reserved.
3 *
4 * Permission is hereby granted, free of charge, to any person obtaining a copy
5 * of this software and associated documentation files (the "Software"), to deal
6 * in the Software without restriction, including without limitation the rights
7 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
8 * copies of the Software, and to permit persons to whom the Software is
9 * furnished to do so, subject to the following conditions:
10 *
11 * The above copyright notice and this permission notice shall be included in
12 * all copies or substantial portions of the Software.
13 *
14 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
17 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
18 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
19 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
20 * SOFTWARE.
21 */
22
23 package com.liferay.portal.servlet.filters.sessionid;
24
25 import com.liferay.portal.kernel.util.StringPool;
26 import com.liferay.portal.kernel.util.Validator;
27
28 import javax.servlet.http.Cookie;
29 import javax.servlet.http.HttpServletRequest;
30 import javax.servlet.http.HttpServletRequestWrapper;
31 import javax.servlet.http.HttpServletResponse;
32 import javax.servlet.http.HttpSession;
33
34 import org.apache.commons.logging.Log;
35 import org.apache.commons.logging.LogFactory;
36
37 /**
38 * <a href="SessionIdServletRequest.java.html"><b><i>View Source</i></b></a>
39 *
40 * @author Brian Wing Shun Chan
41 *
42 */
43 public class SessionIdServletRequest extends HttpServletRequestWrapper {
44
45 public SessionIdServletRequest(HttpServletRequest req,
46 HttpServletResponse res) {
47
48 super(req);
49
50 _res = res;
51 }
52
53 public HttpSession getSession() {
54 HttpSession ses = super.getSession();
55
56 process(ses);
57
58 return ses;
59 }
60
61 public HttpSession getSession(boolean create) {
62 HttpSession ses = super.getSession(create);
63
64 process(ses);
65
66 return ses;
67 }
68
69 protected void process(HttpSession ses) {
70 if ((ses == null) || !ses.isNew() || !isSecure() ||
71 isRequestedSessionIdFromCookie()) {
72
73 return;
74 }
75
76 Object jsessionIdAlreadySet = getAttribute(_JESSIONID_ALREADY_SET);
77
78 if (jsessionIdAlreadySet == null) {
79 if (_log.isDebugEnabled()) {
80 _log.debug("Processing " + ses.getId());
81 }
82
83 Cookie cookie = new Cookie(_JESSIONID, ses.getId());
84
85 cookie.setMaxAge(-1);
86
87 String contextPath = getContextPath();
88
89 if (Validator.isNotNull(contextPath)) {
90 cookie.setPath(contextPath);
91 }
92 else {
93 cookie.setPath(StringPool.SLASH);
94 }
95
96 _res.addCookie(cookie);
97
98 setAttribute(_JESSIONID_ALREADY_SET, Boolean.TRUE);
99 }
100 }
101
102 private static final String _JESSIONID = "JSESSIONID";
103
104 private static final String _JESSIONID_ALREADY_SET =
105 "JESSIONID_ALREADY_SET";
106
107 private static Log _log = LogFactory.getLog(SessionIdServletRequest.class);
108
109 private HttpServletResponse _res;
110
111 }