001
014
015 package com.liferay.portal.servlet.filters.sessionid;
016
017 import com.liferay.portal.kernel.log.Log;
018 import com.liferay.portal.kernel.log.LogFactoryUtil;
019 import com.liferay.portal.kernel.util.StringPool;
020 import com.liferay.portal.kernel.util.Validator;
021 import com.liferay.portal.util.CookieKeys;
022
023 import javax.servlet.http.Cookie;
024 import javax.servlet.http.HttpServletRequest;
025 import javax.servlet.http.HttpServletRequestWrapper;
026 import javax.servlet.http.HttpServletResponse;
027 import javax.servlet.http.HttpSession;
028
029
032 public class SessionIdServletRequest extends HttpServletRequestWrapper {
033
034 public SessionIdServletRequest(
035 HttpServletRequest request, HttpServletResponse response) {
036
037 super(request);
038
039 _response = response;
040 }
041
042 @Override
043 public HttpSession getSession() {
044 HttpSession session = super.getSession();
045
046 process(session);
047
048 return session;
049 }
050
051 @Override
052 public HttpSession getSession(boolean create) {
053 HttpSession session = super.getSession(create);
054
055 process(session);
056
057 return session;
058 }
059
060 protected void process(HttpSession session) {
061 if ((session == null) || !session.isNew() || !isSecure() ||
062 isRequestedSessionIdFromCookie()) {
063
064 return;
065 }
066
067 Object jsessionIdAlreadySet = getAttribute(_JESSIONID_ALREADY_SET);
068
069 if (jsessionIdAlreadySet == null) {
070 if (_log.isDebugEnabled()) {
071 _log.debug("Processing " + session.getId());
072 }
073
074 Cookie cookie = new Cookie(_JESSIONID, session.getId());
075
076 cookie.setMaxAge(-1);
077
078 String contextPath = getContextPath();
079
080 if (Validator.isNotNull(contextPath)) {
081 cookie.setPath(contextPath);
082 }
083 else {
084 cookie.setPath(StringPool.SLASH);
085 }
086
087 CookieKeys.addCookie(
088 (HttpServletRequest)super.getRequest(), _response, cookie);
089
090 setAttribute(_JESSIONID_ALREADY_SET, Boolean.TRUE);
091 }
092 }
093
094 private static final String _JESSIONID = "JSESSIONID";
095
096 private static final String _JESSIONID_ALREADY_SET =
097 "JESSIONID_ALREADY_SET";
098
099 private static Log _log = LogFactoryUtil.getLog(
100 SessionIdServletRequest.class);
101
102 private HttpServletResponse _response;
103
104 }