1   /**
2    * Copyright (c) 2000-2010 Liferay, Inc. All rights reserved.
3    *
4    * The contents of this file are subject to the terms of the Liferay Enterprise
5    * Subscription License ("License"). You may not use this file except in
6    * compliance with the License. You can obtain a copy of the License by
7    * contacting Liferay, Inc. See the License for the specific language governing
8    * permissions and limitations under the License, including but not limited to
9    * distribution rights of the Software.
10   *
11   *
12   *
13   */
14  
15  package com.liferay.portal.servlet.filters.sessionid;
16  
17  import com.liferay.portal.kernel.log.Log;
18  import com.liferay.portal.kernel.log.LogFactoryUtil;
19  import com.liferay.portal.kernel.util.StringPool;
20  import com.liferay.portal.kernel.util.Validator;
21  import com.liferay.portal.util.CookieKeys;
22  
23  import javax.servlet.http.Cookie;
24  import javax.servlet.http.HttpServletRequest;
25  import javax.servlet.http.HttpServletRequestWrapper;
26  import javax.servlet.http.HttpServletResponse;
27  import javax.servlet.http.HttpSession;
28  
29  /**
30   * <a href="SessionIdServletRequest.java.html"><b><i>View Source</i></b></a>
31   *
32   * @author Brian Wing Shun Chan
33   */
34  public class SessionIdServletRequest extends HttpServletRequestWrapper {
35  
36      public SessionIdServletRequest(
37          HttpServletRequest request, HttpServletResponse response) {
38  
39          super(request);
40  
41          _response = response;
42      }
43  
44      public HttpSession getSession() {
45          HttpSession session = super.getSession();
46  
47          process(session);
48  
49          return session;
50      }
51  
52      public HttpSession getSession(boolean create) {
53          HttpSession session = super.getSession(create);
54  
55          process(session);
56  
57          return session;
58      }
59  
60      protected void process(HttpSession session) {
61          if ((session == null) || !session.isNew() || !isSecure() ||
62              isRequestedSessionIdFromCookie()) {
63  
64              return;
65          }
66  
67          Object jsessionIdAlreadySet = getAttribute(_JESSIONID_ALREADY_SET);
68  
69          if (jsessionIdAlreadySet == null) {
70              if (_log.isDebugEnabled()) {
71                  _log.debug("Processing " + session.getId());
72              }
73  
74              Cookie cookie = new Cookie(_JESSIONID, session.getId());
75  
76              cookie.setMaxAge(-1);
77  
78              String contextPath = getContextPath();
79  
80              if (Validator.isNotNull(contextPath)) {
81                  cookie.setPath(contextPath);
82              }
83              else {
84                  cookie.setPath(StringPool.SLASH);
85              }
86  
87              CookieKeys.addCookie(
88                  (HttpServletRequest)super.getRequest(), _response, cookie);
89  
90              setAttribute(_JESSIONID_ALREADY_SET, Boolean.TRUE);
91          }
92      }
93  
94      private static final String _JESSIONID = "JSESSIONID";
95  
96      private static final String _JESSIONID_ALREADY_SET =
97          "JESSIONID_ALREADY_SET";
98  
99      private static Log _log = LogFactoryUtil.getLog(
100         SessionIdServletRequest.class);
101 
102     private HttpServletResponse _response;
103 
104 }