001
014
015 package com.liferay.portal.servlet.filters.sessionid;
016
017 import com.liferay.portal.kernel.log.Log;
018 import com.liferay.portal.kernel.log.LogFactoryUtil;
019 import com.liferay.portal.kernel.util.StringPool;
020 import com.liferay.portal.kernel.util.Validator;
021 import com.liferay.portal.util.CookieKeys;
022
023 import javax.servlet.http.Cookie;
024 import javax.servlet.http.HttpServletRequest;
025 import javax.servlet.http.HttpServletRequestWrapper;
026 import javax.servlet.http.HttpServletResponse;
027 import javax.servlet.http.HttpSession;
028
029
032 public class SessionIdServletRequest extends HttpServletRequestWrapper {
033
034 public SessionIdServletRequest(
035 HttpServletRequest request, HttpServletResponse response) {
036
037 super(request);
038
039 _response = response;
040 }
041
042 public HttpSession getSession() {
043 HttpSession session = super.getSession();
044
045 process(session);
046
047 return session;
048 }
049
050 public HttpSession getSession(boolean create) {
051 HttpSession session = super.getSession(create);
052
053 process(session);
054
055 return session;
056 }
057
058 protected void process(HttpSession session) {
059 if ((session == null) || !session.isNew() || !isSecure() ||
060 isRequestedSessionIdFromCookie()) {
061
062 return;
063 }
064
065 Object jsessionIdAlreadySet = getAttribute(_JESSIONID_ALREADY_SET);
066
067 if (jsessionIdAlreadySet == null) {
068 if (_log.isDebugEnabled()) {
069 _log.debug("Processing " + session.getId());
070 }
071
072 Cookie cookie = new Cookie(_JESSIONID, session.getId());
073
074 cookie.setMaxAge(-1);
075
076 String contextPath = getContextPath();
077
078 if (Validator.isNotNull(contextPath)) {
079 cookie.setPath(contextPath);
080 }
081 else {
082 cookie.setPath(StringPool.SLASH);
083 }
084
085 CookieKeys.addCookie(
086 (HttpServletRequest)super.getRequest(), _response, cookie);
087
088 setAttribute(_JESSIONID_ALREADY_SET, Boolean.TRUE);
089 }
090 }
091
092 private static final String _JESSIONID = "JSESSIONID";
093
094 private static final String _JESSIONID_ALREADY_SET =
095 "JESSIONID_ALREADY_SET";
096
097 private static Log _log = LogFactoryUtil.getLog(
098 SessionIdServletRequest.class);
099
100 private HttpServletResponse _response;
101
102 }