1
2
3
4
5
6
7
8
9
10
11
12
13
14 package org.eclipse.jetty.server.session;
15
16 import java.io.IOException;
17 import java.util.EventListener;
18
19 import javax.servlet.ServletException;
20 import javax.servlet.http.Cookie;
21 import javax.servlet.http.HttpServletRequest;
22 import javax.servlet.http.HttpServletResponse;
23 import javax.servlet.http.HttpSession;
24
25 import org.eclipse.jetty.http.HttpCookie;
26 import org.eclipse.jetty.server.DispatcherType;
27 import org.eclipse.jetty.server.Request;
28 import org.eclipse.jetty.server.Server;
29 import org.eclipse.jetty.server.SessionManager;
30 import org.eclipse.jetty.server.handler.HandlerWrapper;
31 import org.eclipse.jetty.server.handler.ScopedHandler;
32 import org.eclipse.jetty.util.log.Log;
33
34
35
36
37 public class SessionHandler extends ScopedHandler
38 {
39
40 private SessionManager _sessionManager;
41
42
43
44
45
46
47 public SessionHandler()
48 {
49 this(new HashSessionManager());
50 }
51
52
53
54
55
56 public SessionHandler(SessionManager manager)
57 {
58 setSessionManager(manager);
59 }
60
61
62
63
64
65 public SessionManager getSessionManager()
66 {
67 return _sessionManager;
68 }
69
70
71
72
73
74 public void setSessionManager(SessionManager sessionManager)
75 {
76 if (isStarted())
77 throw new IllegalStateException();
78 SessionManager old_session_manager = _sessionManager;
79
80 if (getServer()!=null)
81 getServer().getContainer().update(this, old_session_manager, sessionManager, "sessionManager",true);
82
83 if (sessionManager!=null)
84 sessionManager.setSessionHandler(this);
85
86 _sessionManager = sessionManager;
87
88 if (old_session_manager!=null)
89 old_session_manager.setSessionHandler(null);
90 }
91
92
93
94 @Override
95 public void setServer(Server server)
96 {
97 Server old_server=getServer();
98 if (old_server!=null && old_server!=server)
99 old_server.getContainer().update(this, _sessionManager, null, "sessionManager",true);
100 super.setServer(server);
101 if (server!=null && server!=old_server)
102 server.getContainer().update(this, null,_sessionManager, "sessionManager",true);
103 }
104
105
106
107
108
109
110 @Override
111 protected void doStart() throws Exception
112 {
113 _sessionManager.start();
114 super.doStart();
115 }
116
117
118
119
120 @Override
121 protected void doStop() throws Exception
122 {
123 super.doStop();
124 _sessionManager.stop();
125 }
126
127
128
129
130
131
132 @Override
133 public void doScope(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response)
134 throws IOException, ServletException
135 {
136 setRequestedId(baseRequest,request);
137
138 SessionManager old_session_manager=null;
139 HttpSession old_session=null;
140
141 try
142 {
143 old_session_manager = baseRequest.getSessionManager();
144 old_session = baseRequest.getSession(false);
145
146 if (old_session_manager != _sessionManager)
147 {
148
149 baseRequest.setSessionManager(_sessionManager);
150 baseRequest.setSession(null);
151 }
152
153
154 HttpSession session=null;
155 if (_sessionManager!=null)
156 {
157 session=baseRequest.getSession(false);
158 if (session!=null)
159 {
160 if(session!=old_session)
161 {
162 HttpCookie cookie = _sessionManager.access(session,request.isSecure());
163 if (cookie!=null )
164 baseRequest.getResponse().addCookie(cookie);
165 }
166 }
167 else
168 {
169 session=baseRequest.recoverNewSession(_sessionManager);
170 if (session!=null)
171 baseRequest.setSession(session);
172 }
173 }
174
175 if(Log.isDebugEnabled())
176 {
177 Log.debug("sessionManager="+_sessionManager);
178 Log.debug("session="+session);
179 }
180
181
182 if (_nextScope!=null)
183 _nextScope.doScope(target,baseRequest,request, response);
184 else if (_outerScope!=null)
185 _outerScope.doHandle(target,baseRequest,request, response);
186 else
187 doHandle(target,baseRequest,request, response);
188
189
190 }
191 finally
192 {
193 HttpSession session=request.getSession(false);
194
195 if (old_session_manager != _sessionManager)
196 {
197
198 if (session!=null)
199 _sessionManager.complete(session);
200
201
202 if (old_session_manager!=null )
203 {
204 baseRequest.setSessionManager(old_session_manager);
205 baseRequest.setSession(old_session);
206 }
207 }
208 }
209 }
210
211
212
213
214
215 @Override
216 public void doHandle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response)
217 throws IOException, ServletException
218 {
219
220
221 if (false)
222 nextHandle(target,baseRequest,request,response);
223 else if (_nextScope!=null && _nextScope==_handler)
224 _nextScope.doHandle(target,baseRequest,request, response);
225 else if (_handler!=null)
226 _handler.handle(target,baseRequest, request, response);
227
228 }
229
230
231
232
233
234
235 protected void setRequestedId(Request baseRequest, HttpServletRequest request)
236 {
237 String requested_session_id=request.getRequestedSessionId();
238 if (!DispatcherType.REQUEST.equals(baseRequest.getDispatcherType()) || requested_session_id!=null)
239 return;
240
241 SessionManager sessionManager = getSessionManager();
242 boolean requested_session_id_from_cookie=false;
243 HttpSession session=null;
244
245
246 if (_sessionManager.isUsingCookies())
247 {
248 Cookie[] cookies=request.getCookies();
249 if (cookies!=null && cookies.length>0)
250 {
251 for (int i=0;i<cookies.length;i++)
252 {
253 if (sessionManager.getSessionCookie().equalsIgnoreCase(cookies[i].getName()))
254 {
255 if (requested_session_id!=null)
256 {
257
258
259
260 if (sessionManager.getHttpSession(requested_session_id)!=null)
261 break;
262 }
263
264 requested_session_id=cookies[i].getValue();
265 requested_session_id_from_cookie = true;
266 if(Log.isDebugEnabled())Log.debug("Got Session ID "+requested_session_id+" from cookie");
267
268 session=sessionManager.getHttpSession(requested_session_id);
269 if (session!=null)
270 baseRequest.setSession(session);
271 }
272 }
273 }
274 }
275
276 if (requested_session_id==null || session==null)
277 {
278 String uri = request.getRequestURI();
279
280 String prefix=sessionManager.getSessionIdPathParameterNamePrefix();
281 if (prefix!=null)
282 {
283 int s = uri.indexOf(prefix);
284 if (s>=0)
285 {
286 s+=prefix.length();
287 int i=s;
288 while (i<uri.length())
289 {
290 char c=uri.charAt(i);
291 if (c==';'||c=='#'||c=='?'||c=='/')
292 break;
293 i++;
294 }
295
296 requested_session_id = uri.substring(s,i);
297 requested_session_id_from_cookie = false;
298 if(Log.isDebugEnabled())
299 Log.debug("Got Session ID "+requested_session_id+" from URL");
300 }
301 }
302 }
303
304 baseRequest.setRequestedSessionId(requested_session_id);
305 baseRequest.setRequestedSessionIdFromCookie(requested_session_id!=null && requested_session_id_from_cookie);
306 }
307
308
309
310
311
312 public void addEventListener(EventListener listener)
313 {
314 if(_sessionManager!=null)
315 _sessionManager.addEventListener(listener);
316 }
317
318
319 public void clearEventListeners()
320 {
321 if(_sessionManager!=null)
322 _sessionManager.clearEventListeners();
323 }
324 }