1
19
20 package com.liferay.portal.servlet.filters.sessionid;
21
22 import com.liferay.portal.kernel.log.Log;
23 import com.liferay.portal.kernel.log.LogFactoryUtil;
24 import com.liferay.portal.kernel.util.StringPool;
25 import com.liferay.portal.kernel.util.Validator;
26 import com.liferay.portal.util.CookieKeys;
27
28 import javax.servlet.http.Cookie;
29 import javax.servlet.http.HttpServletRequest;
30 import javax.servlet.http.HttpServletRequestWrapper;
31 import javax.servlet.http.HttpServletResponse;
32 import javax.servlet.http.HttpSession;
33
34
40 public class SessionIdServletRequest extends HttpServletRequestWrapper {
41
42 public SessionIdServletRequest(
43 HttpServletRequest request, HttpServletResponse response) {
44
45 super(request);
46
47 _response = response;
48 }
49
50 public HttpSession getSession() {
51 HttpSession session = super.getSession();
52
53 process(session);
54
55 return session;
56 }
57
58 public HttpSession getSession(boolean create) {
59 HttpSession session = super.getSession(create);
60
61 process(session);
62
63 return session;
64 }
65
66 protected void process(HttpSession session) {
67 if ((session == null) || !session.isNew() || !isSecure() ||
68 isRequestedSessionIdFromCookie()) {
69
70 return;
71 }
72
73 Object jsessionIdAlreadySet = getAttribute(_JESSIONID_ALREADY_SET);
74
75 if (jsessionIdAlreadySet == null) {
76 if (_log.isDebugEnabled()) {
77 _log.debug("Processing " + session.getId());
78 }
79
80 Cookie cookie = new Cookie(_JESSIONID, session.getId());
81
82 cookie.setMaxAge(-1);
83
84 String contextPath = getContextPath();
85
86 if (Validator.isNotNull(contextPath)) {
87 cookie.setPath(contextPath);
88 }
89 else {
90 cookie.setPath(StringPool.SLASH);
91 }
92
93 CookieKeys.addCookie(
94 (HttpServletRequest)super.getRequest(), _response, cookie);
95
96 setAttribute(_JESSIONID_ALREADY_SET, Boolean.TRUE);
97 }
98 }
99
100 private static final String _JESSIONID = "JSESSIONID";
101
102 private static final String _JESSIONID_ALREADY_SET =
103 "JESSIONID_ALREADY_SET";
104
105 private static Log _log =
106 LogFactoryUtil.getLog(SessionIdServletRequest.class);
107
108 private HttpServletResponse _response;
109
110 }