1
2
3
4
5
6
7
8
9
10
11
12
13
14 package org.eclipse.jetty.server.session;
15
16 import java.io.IOException;
17 import java.util.EventListener;
18
19 import javax.servlet.ServletException;
20 import javax.servlet.http.Cookie;
21 import javax.servlet.http.HttpServletRequest;
22 import javax.servlet.http.HttpServletResponse;
23 import javax.servlet.http.HttpSession;
24
25 import org.eclipse.jetty.http.HttpCookie;
26 import org.eclipse.jetty.server.DispatcherType;
27 import org.eclipse.jetty.server.Request;
28 import org.eclipse.jetty.server.Server;
29 import org.eclipse.jetty.server.SessionManager;
30 import org.eclipse.jetty.server.handler.ScopedHandler;
31 import org.eclipse.jetty.util.log.Log;
32 import org.eclipse.jetty.util.log.Logger;
33
34
35
36
37 public class SessionHandler extends ScopedHandler
38 {
39 final static Logger LOG = Log.getLogger("org.eclipse.jetty.server.session");
40
41
42 private SessionManager _sessionManager;
43
44
45
46
47
48
49 public SessionHandler()
50 {
51 this(new HashSessionManager());
52 }
53
54
55
56
57
58 public SessionHandler(SessionManager manager)
59 {
60 setSessionManager(manager);
61 }
62
63
64
65
66
67 public SessionManager getSessionManager()
68 {
69 return _sessionManager;
70 }
71
72
73
74
75
76 public void setSessionManager(SessionManager sessionManager)
77 {
78 if (isStarted())
79 throw new IllegalStateException();
80 SessionManager old_session_manager = _sessionManager;
81
82 if (getServer()!=null)
83 getServer().getContainer().update(this, old_session_manager, sessionManager, "sessionManager",true);
84
85 if (sessionManager!=null)
86 sessionManager.setSessionHandler(this);
87
88 _sessionManager = sessionManager;
89
90 if (old_session_manager!=null)
91 old_session_manager.setSessionHandler(null);
92 }
93
94
95
96 @Override
97 public void setServer(Server server)
98 {
99 Server old_server=getServer();
100 if (old_server!=null && old_server!=server)
101 old_server.getContainer().update(this, _sessionManager, null, "sessionManager",true);
102 super.setServer(server);
103 if (server!=null && server!=old_server)
104 server.getContainer().update(this, null,_sessionManager, "sessionManager",true);
105 }
106
107
108
109
110
111
112 @Override
113 protected void doStart() throws Exception
114 {
115 _sessionManager.start();
116 super.doStart();
117 }
118
119
120
121
122 @Override
123 protected void doStop() throws Exception
124 {
125
126 _sessionManager.stop();
127 super.doStop();
128 }
129
130
131
132
133
134
135 @Override
136 public void doScope(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response)
137 throws IOException, ServletException
138 {
139 SessionManager old_session_manager=null;
140 HttpSession old_session=null;
141 HttpSession access=null;
142 try
143 {
144 old_session_manager = baseRequest.getSessionManager();
145 old_session = baseRequest.getSession(false);
146
147 if (old_session_manager != _sessionManager)
148 {
149
150 baseRequest.setSessionManager(_sessionManager);
151 baseRequest.setSession(null);
152 checkRequestedSessionId(baseRequest,request);
153 }
154
155
156 HttpSession session=null;
157 if (_sessionManager!=null)
158 {
159 session=baseRequest.getSession(false);
160 if (session!=null)
161 {
162 if(session!=old_session)
163 {
164 access=session;
165 HttpCookie cookie = _sessionManager.access(session,request.isSecure());
166 if (cookie!=null )
167 baseRequest.getResponse().addCookie(cookie);
168 }
169 }
170 else
171 {
172 session=baseRequest.recoverNewSession(_sessionManager);
173 if (session!=null)
174 baseRequest.setSession(session);
175 }
176 }
177
178 if(LOG.isDebugEnabled())
179 {
180 LOG.debug("sessionManager="+_sessionManager);
181 LOG.debug("session="+session);
182 }
183
184
185 if (_nextScope!=null)
186 _nextScope.doScope(target,baseRequest,request, response);
187 else if (_outerScope!=null)
188 _outerScope.doHandle(target,baseRequest,request, response);
189 else
190 doHandle(target,baseRequest,request, response);
191
192
193 }
194 finally
195 {
196 if (access!=null)
197 _sessionManager.complete(access);
198 else
199 {
200 HttpSession session = baseRequest.getSession(false);
201 if (session!=null && old_session==null)
202 _sessionManager.complete(session);
203 }
204
205 if (old_session_manager!=null && old_session_manager != _sessionManager)
206 {
207 baseRequest.setSessionManager(old_session_manager);
208 baseRequest.setSession(old_session);
209 }
210 }
211 }
212
213
214
215
216
217 @Override
218 public void doHandle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response)
219 throws IOException, ServletException
220 {
221
222 if (never())
223 nextHandle(target,baseRequest,request,response);
224 else if (_nextScope!=null && _nextScope==_handler)
225 _nextScope.doHandle(target,baseRequest,request, response);
226 else if (_handler!=null)
227 _handler.handle(target,baseRequest, request, response);
228
229 }
230
231
232
233
234
235
236 protected void checkRequestedSessionId(Request baseRequest, HttpServletRequest request)
237 {
238 String requested_session_id=request.getRequestedSessionId();
239
240 SessionManager sessionManager = getSessionManager();
241
242 if (requested_session_id!=null && sessionManager!=null)
243 {
244 HttpSession session=sessionManager.getHttpSession(requested_session_id);
245 if (session!=null && sessionManager.isValid(session))
246 baseRequest.setSession(session);
247 return;
248 }
249 else if (!DispatcherType.REQUEST.equals(baseRequest.getDispatcherType()))
250 return;
251
252 boolean requested_session_id_from_cookie=false;
253 HttpSession session=null;
254
255
256 if (_sessionManager.isUsingCookies())
257 {
258 Cookie[] cookies=request.getCookies();
259 if (cookies!=null && cookies.length>0)
260 {
261 for (int i=0;i<cookies.length;i++)
262 {
263 if (sessionManager.getSessionCookie().equalsIgnoreCase(cookies[i].getName()))
264 {
265 requested_session_id=cookies[i].getValue();
266 requested_session_id_from_cookie = true;
267 if(LOG.isDebugEnabled())
268 LOG.debug("Got Session ID {} from cookie",requested_session_id);
269
270 session=sessionManager.getHttpSession(requested_session_id);
271 if (session!=null && sessionManager.isValid(session))
272 break;
273 }
274 }
275 }
276 }
277
278 if (requested_session_id==null || session==null)
279 {
280 String uri = request.getRequestURI();
281
282 String prefix=sessionManager.getSessionIdPathParameterNamePrefix();
283 if (prefix!=null)
284 {
285 int s = uri.indexOf(prefix);
286 if (s>=0)
287 {
288 s+=prefix.length();
289 int i=s;
290 while (i<uri.length())
291 {
292 char c=uri.charAt(i);
293 if (c==';'||c=='#'||c=='?'||c=='/')
294 break;
295 i++;
296 }
297
298 requested_session_id = uri.substring(s,i);
299 requested_session_id_from_cookie = false;
300 session=sessionManager.getHttpSession(requested_session_id);
301 if(LOG.isDebugEnabled())
302 LOG.debug("Got Session ID {} from URL",requested_session_id);
303 }
304 }
305 }
306
307 baseRequest.setRequestedSessionId(requested_session_id);
308 baseRequest.setRequestedSessionIdFromCookie(requested_session_id!=null && requested_session_id_from_cookie);
309 if (session!=null && sessionManager.isValid(session))
310 baseRequest.setSession(session);
311 }
312
313
314
315
316
317 public void addEventListener(EventListener listener)
318 {
319 if(_sessionManager!=null)
320 _sessionManager.addEventListener(listener);
321 }
322
323
324 public void clearEventListeners()
325 {
326 if(_sessionManager!=null)
327 _sessionManager.clearEventListeners();
328 }
329 }