001
014
015 package com.liferay.portal.kernel.servlet;
016
017 import com.liferay.portal.kernel.log.Log;
018 import com.liferay.portal.kernel.log.LogFactoryUtil;
019 import com.liferay.portal.kernel.util.GetterUtil;
020
021 import java.io.Serializable;
022
023 import javax.servlet.ServletContext;
024 import javax.servlet.http.HttpSession;
025 import javax.servlet.http.HttpSessionAttributeListener;
026 import javax.servlet.http.HttpSessionBindingEvent;
027
028
031 public class SerializableSessionAttributeListener
032 implements HttpSessionAttributeListener {
033
034 @Override
035 public void attributeAdded(
036 HttpSessionBindingEvent httpSessionBindingEvent) {
037
038 String name = httpSessionBindingEvent.getName();
039 Object value = httpSessionBindingEvent.getValue();
040
041 if (value instanceof Serializable) {
042 return;
043 }
044
045 Class<?> clazz = value.getClass();
046
047 _log.error(
048 clazz.getName() +
049 " is not serializable and will prevent this session from " +
050 "being replicated");
051
052 if (_requiresSerializable == null) {
053 HttpSession session = httpSessionBindingEvent.getSession();
054
055 ServletContext servletContext = session.getServletContext();
056
057 _requiresSerializable = Boolean.valueOf(
058 GetterUtil.getBoolean(
059 servletContext.getInitParameter(
060 "session-attributes-requires-serializable")));
061 }
062
063 if (_requiresSerializable) {
064 HttpSession session = httpSessionBindingEvent.getSession();
065
066 session.removeAttribute(name);
067 }
068 }
069
070 @Override
071 public void attributeRemoved(
072 HttpSessionBindingEvent httpSessionBindingEvent) {
073 }
074
075 @Override
076 public void attributeReplaced(
077 HttpSessionBindingEvent httpSessionBindingEvent) {
078
079 attributeAdded(httpSessionBindingEvent);
080 }
081
082 private static final Log _log = LogFactoryUtil.getLog(
083 SerializableSessionAttributeListener.class);
084
085 private Boolean _requiresSerializable;
086
087 }