001    /**
002     * Copyright (c) 2000-2010 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.servlet.filters.sessionid;
016    
017    import com.liferay.portal.kernel.log.Log;
018    import com.liferay.portal.kernel.log.LogFactoryUtil;
019    import com.liferay.portal.kernel.util.StringPool;
020    import com.liferay.portal.kernel.util.Validator;
021    import com.liferay.portal.util.CookieKeys;
022    
023    import javax.servlet.http.Cookie;
024    import javax.servlet.http.HttpServletRequest;
025    import javax.servlet.http.HttpServletRequestWrapper;
026    import javax.servlet.http.HttpServletResponse;
027    import javax.servlet.http.HttpSession;
028    
029    /**
030     * @author Brian Wing Shun Chan
031     */
032    public class SessionIdServletRequest extends HttpServletRequestWrapper {
033    
034            public SessionIdServletRequest(
035                    HttpServletRequest request, HttpServletResponse response) {
036    
037                    super(request);
038    
039                    _response = response;
040            }
041    
042            public HttpSession getSession() {
043                    HttpSession session = super.getSession();
044    
045                    process(session);
046    
047                    return session;
048            }
049    
050            public HttpSession getSession(boolean create) {
051                    HttpSession session = super.getSession(create);
052    
053                    process(session);
054    
055                    return session;
056            }
057    
058            protected void process(HttpSession session) {
059                    if ((session == null) || !session.isNew() || !isSecure() ||
060                            isRequestedSessionIdFromCookie()) {
061    
062                            return;
063                    }
064    
065                    Object jsessionIdAlreadySet = getAttribute(_JESSIONID_ALREADY_SET);
066    
067                    if (jsessionIdAlreadySet == null) {
068                            if (_log.isDebugEnabled()) {
069                                    _log.debug("Processing " + session.getId());
070                            }
071    
072                            Cookie cookie = new Cookie(_JESSIONID, session.getId());
073    
074                            cookie.setMaxAge(-1);
075    
076                            String contextPath = getContextPath();
077    
078                            if (Validator.isNotNull(contextPath)) {
079                                    cookie.setPath(contextPath);
080                            }
081                            else {
082                                    cookie.setPath(StringPool.SLASH);
083                            }
084    
085                            CookieKeys.addCookie(
086                                    (HttpServletRequest)super.getRequest(), _response, cookie);
087    
088                            setAttribute(_JESSIONID_ALREADY_SET, Boolean.TRUE);
089                    }
090            }
091    
092            private static final String _JESSIONID = "JSESSIONID";
093    
094            private static final String _JESSIONID_ALREADY_SET =
095                    "JESSIONID_ALREADY_SET";
096    
097            private static Log _log = LogFactoryUtil.getLog(
098                    SessionIdServletRequest.class);
099    
100            private HttpServletResponse _response;
101    
102    }