001
014
015 package com.liferay.portal.servlet.filters.sessionid;
016
017 import com.liferay.portal.kernel.log.Log;
018 import com.liferay.portal.kernel.log.LogFactoryUtil;
019 import com.liferay.portal.kernel.util.CookieKeys;
020 import com.liferay.portal.kernel.util.StringPool;
021 import com.liferay.portal.kernel.util.Validator;
022
023 import javax.servlet.http.Cookie;
024 import javax.servlet.http.HttpServletRequest;
025 import javax.servlet.http.HttpServletRequestWrapper;
026 import javax.servlet.http.HttpServletResponse;
027 import javax.servlet.http.HttpSession;
028
029
032 public class SessionIdServletRequest extends HttpServletRequestWrapper {
033
034 public SessionIdServletRequest(
035 HttpServletRequest request, HttpServletResponse response) {
036
037 super(request);
038
039 _response = response;
040 }
041
042 @Override
043 public HttpSession getSession() {
044 HttpSession session = super.getSession();
045
046 process(session);
047
048 return session;
049 }
050
051 @Override
052 public HttpSession getSession(boolean create) {
053 HttpSession session = super.getSession(create);
054
055 process(session);
056
057 return session;
058 }
059
060 protected void process(HttpSession session) {
061 if ((session == null) || !session.isNew() || !isSecure() ||
062 isRequestedSessionIdFromCookie()) {
063
064 return;
065 }
066
067 Object jsessionIdAlreadySet = getAttribute(_JESSIONID_ALREADY_SET);
068
069 if (jsessionIdAlreadySet != null) {
070 return;
071 }
072
073 if (_log.isDebugEnabled()) {
074 _log.debug("Processing " + session.getId());
075 }
076
077 Cookie cookie = new Cookie(_JESSIONID, session.getId());
078
079 cookie.setMaxAge(-1);
080
081 String contextPath = getContextPath();
082
083 if (Validator.isNotNull(contextPath)) {
084 cookie.setPath(contextPath);
085 }
086 else {
087 cookie.setPath(StringPool.SLASH);
088 }
089
090 CookieKeys.addCookie(
091 (HttpServletRequest)super.getRequest(), _response, cookie);
092
093 setAttribute(_JESSIONID_ALREADY_SET, Boolean.TRUE);
094 }
095
096 private static final String _JESSIONID = "JSESSIONID";
097
098 private static final String _JESSIONID_ALREADY_SET =
099 "JESSIONID_ALREADY_SET";
100
101 private static Log _log = LogFactoryUtil.getLog(
102 SessionIdServletRequest.class);
103
104 private HttpServletResponse _response;
105
106 }