1
14
15 package com.liferay.portal.servlet.filters.sessionid;
16
17 import com.liferay.portal.kernel.log.Log;
18 import com.liferay.portal.kernel.log.LogFactoryUtil;
19 import com.liferay.portal.kernel.util.StringPool;
20 import com.liferay.portal.kernel.util.Validator;
21 import com.liferay.portal.util.CookieKeys;
22
23 import javax.servlet.http.Cookie;
24 import javax.servlet.http.HttpServletRequest;
25 import javax.servlet.http.HttpServletRequestWrapper;
26 import javax.servlet.http.HttpServletResponse;
27 import javax.servlet.http.HttpSession;
28
29
34 public class SessionIdServletRequest extends HttpServletRequestWrapper {
35
36 public SessionIdServletRequest(
37 HttpServletRequest request, HttpServletResponse response) {
38
39 super(request);
40
41 _response = response;
42 }
43
44 public HttpSession getSession() {
45 HttpSession session = super.getSession();
46
47 process(session);
48
49 return session;
50 }
51
52 public HttpSession getSession(boolean create) {
53 HttpSession session = super.getSession(create);
54
55 process(session);
56
57 return session;
58 }
59
60 protected void process(HttpSession session) {
61 if ((session == null) || !session.isNew() || !isSecure() ||
62 isRequestedSessionIdFromCookie()) {
63
64 return;
65 }
66
67 Object jsessionIdAlreadySet = getAttribute(_JESSIONID_ALREADY_SET);
68
69 if (jsessionIdAlreadySet == null) {
70 if (_log.isDebugEnabled()) {
71 _log.debug("Processing " + session.getId());
72 }
73
74 Cookie cookie = new Cookie(_JESSIONID, session.getId());
75
76 cookie.setMaxAge(-1);
77
78 String contextPath = getContextPath();
79
80 if (Validator.isNotNull(contextPath)) {
81 cookie.setPath(contextPath);
82 }
83 else {
84 cookie.setPath(StringPool.SLASH);
85 }
86
87 CookieKeys.addCookie(
88 (HttpServletRequest)super.getRequest(), _response, cookie);
89
90 setAttribute(_JESSIONID_ALREADY_SET, Boolean.TRUE);
91 }
92 }
93
94 private static final String _JESSIONID = "JSESSIONID";
95
96 private static final String _JESSIONID_ALREADY_SET =
97 "JESSIONID_ALREADY_SET";
98
99 private static Log _log = LogFactoryUtil.getLog(
100 SessionIdServletRequest.class);
101
102 private HttpServletResponse _response;
103
104 }