Google Git
Sign in
apache / jsecurity / b445b4dd1ded145599ceb25dfd889152df41496b / . / src / org / jsecurity / web / servlet / JSecurityHttpSession.java
blob: 4c409490375a0828621de29a0fef69bff005778d [file] [log] [blame]
/*
* Copyright 2005-2008 Les Hazlewood
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.jsecurity.web.servlet;
import org.jsecurity.session.InvalidSessionException;
import org.jsecurity.session.Session;
import org.jsecurity.web.session.WebSession;
import javax.servlet.ServletContext;
import javax.servlet.http.*;
import java.util.*;
/**
* Wrapper class that uses a JSecurity session under the hood for all session operations instead of the
* Servlet Container's session mechanism. This is preferred in heterogeneous client environments where the Session
* is used on both the business tier as well as in multiple client technologies (web, swing, flash, etc).
*
* @since 0.2
* @author Les Hazlewood
*/
@SuppressWarnings({"deprecated", "deprecation"})
public class JSecurityHttpSession implements HttpSession {
public static final String DEFAULT_SESSION_ID_NAME = "JSESSIONID";
private static final Enumeration EMPTY_ENUMERATION = new Enumeration() {
public boolean hasMoreElements() {
return false;
}
public Object nextElement() {
return null;
}
};
private static final HttpSessionContext HTTP_SESSION_CONTEXT = new HttpSessionContext() {
public HttpSession getSession( String s ) {
return null;
}
public Enumeration getIds() {
return EMPTY_ENUMERATION;
}
};
protected ServletContext servletContext = null;
protected HttpServletRequest currentRequest = null;
protected Session session = null; //'real' JSecurity Session
public JSecurityHttpSession( Session session, HttpServletRequest currentRequest, ServletContext servletContext ) {
if ( session instanceof WebSession) {
String msg = "Session constructor argument cannot be an instance of WebSession. This is enforced to " +
"prevent circular dependencies and infinite loops.";
throw new IllegalArgumentException( msg );
}
this.session = session;
this.currentRequest = currentRequest;
this.servletContext = servletContext;
}
public Session getSession() {
return this.session;
}
public long getCreationTime() {
try {
return getSession().getStartTimestamp().getTime();
} catch ( Exception e ) {
throw new IllegalStateException( e );
}
}
public String getId() {
return getSession().getId().toString();
}
public long getLastAccessedTime() {
return getSession().getLastAccessTime().getTime();
}
public ServletContext getServletContext() {
return this.servletContext;
}
public void setMaxInactiveInterval( int i ) {
try {
getSession().setTimeout( i * 1000 );
} catch ( InvalidSessionException e ) {
throw new IllegalStateException( e );
}
}
public int getMaxInactiveInterval() {
try {
return ( new Long( getSession().getTimeout() / 1000 ) ).intValue();
} catch ( InvalidSessionException e ) {
throw new IllegalStateException( e );
}
}
public HttpSessionContext getSessionContext() {
return HTTP_SESSION_CONTEXT;
}
public Object getAttribute( String s ) {
try {
return getSession().getAttribute( s );
} catch ( InvalidSessionException e ) {
throw new IllegalStateException( e );
}
}
public Object getValue( String s ) {
return getAttribute( s );
}
@SuppressWarnings({"unchecked"})
protected Set<String> getKeyNames() {
Collection<Object> keySet = null;
try {
keySet = getSession().getAttributeKeys();
} catch ( InvalidSessionException e ) {
throw new IllegalStateException( e );
}
Set<String> keyNames = null;
if ( keySet != null && !keySet.isEmpty() ) {
keyNames = new HashSet<String>( keySet.size() );
for ( Object o : keySet ) {
keyNames.add( o.toString() );
}
} else {
keyNames = Collections.EMPTY_SET;
}
return keyNames;
}
public Enumeration getAttributeNames() {
Set<String> keyNames = getKeyNames();
final Iterator iterator = keyNames.iterator();
return new Enumeration() {
public boolean hasMoreElements() {
return iterator.hasNext();
}
public Object nextElement() {
return iterator.next();
}
};
}
public String[] getValueNames() {
Set<String> keyNames = getKeyNames();
String[] array = new String[keyNames.size()];
if ( keyNames.size() > 0 ) {
array = keyNames.toArray( array );
}
return array;
}
protected void beforeBound( String s, Object o ) {
if ( o instanceof HttpSessionBindingListener ) {
HttpSessionBindingListener listener = (HttpSessionBindingListener)o;
HttpSessionBindingEvent event = new HttpSessionBindingEvent( this, s, o );
listener.valueBound( event );
}
}
protected void afterUnbound( String s, Object o ) {
if ( o instanceof HttpSessionBindingListener ) {
HttpSessionBindingListener listener = (HttpSessionBindingListener)o;
HttpSessionBindingEvent event = new HttpSessionBindingEvent( this, s, o );
listener.valueUnbound( event );
}
}
public void setAttribute( String s, Object o ) {
beforeBound( s, o );
try {
getSession().setAttribute( s, o );
} catch ( InvalidSessionException e ) {
afterUnbound( s, o );
throw new IllegalStateException( e );
}
}
public void putValue( String s, Object o ) {
setAttribute( s, o );
}
public void removeAttribute( String s ) {
try {
Object attribute = getSession().removeAttribute( s );
afterUnbound( s, attribute );
} catch ( InvalidSessionException e ) {
throw new IllegalStateException( e );
}
}
public void removeValue( String s ) {
removeAttribute( s );
}
public void invalidate() {
try {
getSession().stop();
} catch ( InvalidSessionException e ) {
throw new IllegalStateException( e );
}
}
public boolean isNew() {
Boolean value = (Boolean)currentRequest.getAttribute( JSecurityHttpServletRequest.REFERENCED_SESSION_IS_NEW );
return value != null && value.equals( Boolean.TRUE );
}
}