public HazelcastHttpSession(WebFilter webFilter, final String sessionId, final HttpSession originalSession, final boolean deferredWrite, final boolean stickySession, final Set<String> transientAttributes) { this.webFilter = webFilter; this.id = sessionId; this.originalSession = originalSession; this.deferredWrite = deferredWrite; this.stickySession = stickySession; this.transientAttributes = transientAttributes; buildLocalCache(); }
/** * Destroys a session, determining if it should be destroyed clusterwide automatically or via expiry. * * @param session the session to be destroyed <i>locally</i> * @param invalidate {@code true} if the session has been invalidated and should be destroyed on all nodes * in the cluster; otherwise, {@code false} to only remove the session globally if this * node was the final node referencing it */ protected void destroySession(HazelcastHttpSession session, boolean invalidate) { if (LOGGER.isFinestEnabled()) { LOGGER.finest("Destroying local session: " + session.getId()); } sessions.remove(session.getId()); originalSessions.remove(session.getOriginalSession().getId()); session.destroy(invalidate); }
public Object getValue(final String name) { return getAttribute(name); }
private HazelcastHttpSession readFromCookie() { String existingHazelcastSessionId = findHazelcastSessionIdFromRequest(); if (existingHazelcastSessionId != null) { hazelcastSession = getSessionWithId(existingHazelcastSessionId); if (hazelcastSession != null && !hazelcastSession.isStickySession()) { hazelcastSession.updateReloadFlag(); return hazelcastSession; } } return null; }
@Override public final void doFilter(ServletRequest req, ServletResponse res, final FilterChain chain) throws IOException, ServletException { HazelcastRequestWrapper requestWrapper = new HazelcastRequestWrapper((HttpServletRequest) req, (HttpServletResponse) res); chain.doFilter(requestWrapper, res); HazelcastHttpSession session = requestWrapper.getSession(false); if (session != null && session.isValid() && config.isDeferredWrite()) { if (LOGGER.isFinestEnabled()) { LOGGER.finest("UPDATING SESSION " + session.getId()); } session.sessionDeferredWrite(); } }
private HazelcastHttpSession readSessionFromLocal() { String invalidatedOriginalSessionId = null; if (hazelcastSession != null && !hazelcastSession.isValid()) { LOGGER.finest("Session is invalid!"); destroySession(hazelcastSession, true); hazelcastSession = getSessionWithId(hazelcastSessionId); if (hazelcastSession != null && !hazelcastSession.isStickySession()) { hazelcastSession.updateReloadFlag();
public String changeSessionId() { Method changeSessionIdMethod = getChangeSessionIdMethod(); if (changeSessionIdMethod == null) { return ""; } HttpServletRequest nonWrappedHttpServletRequest = getNonWrappedHttpServletRequest(); if (nonWrappedHttpServletRequest.getSession() == null) { throw new IllegalStateException("changeSessionId requested for request with no session"); } originalSessions.remove(nonWrappedHttpServletRequest.getSession().getId()); HazelcastHttpSession hazelcastHttpSession = getSession(false); sessions.remove(hazelcastHttpSession.getId()); hazelcastHttpSession.destroy(true); String newHazelcastSessionId = generateSessionId(); String newJSessionId = invokeChangeSessionId(nonWrappedHttpServletRequest, changeSessionIdMethod); HttpSession originalSession = nonWrappedHttpServletRequest.getSession(); HazelcastHttpSession hazelcastSession = createHazelcastHttpSession(newHazelcastSessionId, originalSession); hazelcastSession.setClusterWideNew(true); updateSessionMaps(newJSessionId, hazelcastSession); addSessionCookie(this, newHazelcastSessionId); return newJSessionId; }
@Override protected void destroySession(HazelcastHttpSession session, boolean invalidate) { super.destroySession(session, invalidate); if (invalidate) { ApplicationContext appContext = WebApplicationContextUtils.getWebApplicationContext(servletContext); if (appContext != null) { ensureSessionRegistryInitialized(appContext); if (sessionRegistry != null) { String originalSessionId = session.getOriginalSessionId(); // If original session id is registered already, we don't need it. // So, we should remove it also. sessionRegistry.removeSessionInformation(originalSessionId); /** * Publish an event to notify * {@link org.springframework.security.core.session.SessionRegistry} instance. * So Spring clears information about our Hazelcast session. */ appContext.publishEvent(new HttpSessionDestroyedEvent(session)); LOGGER.finest("Published destroy session event for Spring for session with id " + session.getId()); } } } }
void sessionDeferredWrite() { if (sessionChanged() || isNew()) { Map<String, Object> updates = new HashMap<String, Object>(); Iterator<Map.Entry<String, LocalCacheEntry>> iterator = localCache.entrySet().iterator(); while (iterator.hasNext()) { Map.Entry<String, LocalCacheEntry> entry = iterator.next(); LocalCacheEntry cacheEntry = entry.getValue(); if (cacheEntry.isDirty() && !cacheEntry.isTransient()) { if (cacheEntry.isRemoved()) { updates.put(entry.getKey(), null); } else { updates.put(entry.getKey(), cacheEntry.getValue()); } cacheEntry.setDirty(false); } } try { webFilter.getClusteredSessionService().updateAttributes(id, updates); } catch (Exception ignored) { EmptyStatement.ignore(ignored); } } }
@Override public boolean isRequestedSessionIdValid() { return hazelcastSession != null && hazelcastSession.isValid(); }
private void updateSessionMaps(String originalSessionId, HazelcastHttpSession hazelcastSession) { sessions.put(hazelcastSession.getId(), hazelcastSession); String oldHazelcastSessionId = originalSessions.put(originalSessionId, hazelcastSession.getId()); if (LOGGER.isFinestEnabled()) { if (oldHazelcastSessionId != null) { LOGGER.finest("!!! Overwrote an existing hazelcastSessionId " + oldHazelcastSessionId); } LOGGER.finest("Created new session with id: " + hazelcastSession.getId()); LOGGER.finest(sessions.size() + " is sessions.size and originalSessions.size: " + originalSessions.size()); } }
/** * {@code HazelcastHttpSession instance} creation is split off to a separate method to allow subclasses to return a * customized / extended version of {@code HazelcastHttpSession}. * * @param id the session id * @param originalSession the original session * @return a new HazelcastHttpSession instance */ protected HazelcastHttpSession createHazelcastHttpSession(String id, HttpSession originalSession) { return new HazelcastHttpSession(this, id, originalSession, config.isDeferredWrite(), config.isStickySession(), config.getTransientAttributes()); }
@Override public final void doFilter(ServletRequest req, ServletResponse res, final FilterChain chain) throws IOException, ServletException { HazelcastRequestWrapper requestWrapper = new HazelcastRequestWrapper((HttpServletRequest) req, (HttpServletResponse) res); chain.doFilter(requestWrapper, res); HazelcastHttpSession session = requestWrapper.getSession(false); if (session != null && session.isValid() && config.isDeferredWrite()) { if (LOGGER.isFinestEnabled()) { LOGGER.finest("UPDATING SESSION " + session.getId()); } session.sessionDeferredWrite(); } }
private HazelcastHttpSession readSessionFromLocal() { if (hazelcastSession != null && !hazelcastSession.isValid()) { LOGGER.finest("Session is invalid!"); destroySession(hazelcastSession, true); hazelcastSession = getSessionWithId(hazelcastSessionId); if (hazelcastSession != null && !hazelcastSession.isStickySession()) { hazelcastSession.updateReloadFlag();
@Override protected void destroySession(HazelcastHttpSession session, boolean invalidate) { super.destroySession(session, invalidate); if (invalidate) { ApplicationContext appContext = WebApplicationContextUtils.getWebApplicationContext(servletContext); if (appContext != null) { ensureSessionRegistryInitialized(appContext); if (sessionRegistry != null) { String originalSessionId = session.getOriginalSessionId(); // If original session id is registered already, we don't need it. // So, we should remove it also. sessionRegistry.removeSessionInformation(originalSessionId); /** * Publish an event to notify * {@link org.springframework.security.core.session.SessionRegistry} instance. * So Spring clears information about our Hazelcast session. */ appContext.publishEvent(new HttpSessionDestroyedEvent(session)); LOGGER.finest("Published destroy session event for Spring for session with id " + session.getId()); } } } }
private HazelcastHttpSession readFromCookie() { String existingHazelcastSessionId = findHazelcastSessionIdFromRequest(); if (existingHazelcastSessionId != null) { hazelcastSession = getSessionWithId(existingHazelcastSessionId); if (hazelcastSession != null && !hazelcastSession.isStickySession()) { hazelcastSession.updateReloadFlag(); return hazelcastSession; } } return null; }
void sessionDeferredWrite() { if (sessionChanged() || isNew()) { Map<String, Object> updates = new HashMap<String, Object>(); Iterator<Map.Entry<String, LocalCacheEntry>> iterator = localCache.entrySet().iterator(); while (iterator.hasNext()) { Map.Entry<String, LocalCacheEntry> entry = iterator.next(); LocalCacheEntry cacheEntry = entry.getValue(); if (cacheEntry.isDirty() && !cacheEntry.isTransient()) { if (cacheEntry.isRemoved()) { updates.put(entry.getKey(), null); } else { updates.put(entry.getKey(), cacheEntry.getValue()); } cacheEntry.setDirty(false); } } try { webFilter.getClusteredSessionService().updateAttributes(id, updates); } catch (HazelcastSerializationException e) { LOGGER.warning("Failed to serialize session with ID [" + id + "]:" + e.getMessage(), e); } catch (Exception e) { LOGGER.warning("Unexpected error occurred.", e); } } }
private HazelcastHttpSession getSessionWithId(final String sessionId) { HazelcastHttpSession session = sessions.get(sessionId); if (session != null && !session.isValid()) { destroySession(session, true); session = null; } return session; }
private void updateSessionMaps(String sessionId, HttpSession originalSession, HazelcastHttpSession hazelcastSession) { sessions.put(hazelcastSession.getId(), hazelcastSession); String oldHazelcastSessionId = originalSessions.put(originalSession.getId(), hazelcastSession.getId()); if (LOGGER.isFinestEnabled()) { if (oldHazelcastSessionId != null) { LOGGER.finest("!!! Overwrote an existing hazelcastSessionId " + oldHazelcastSessionId); } LOGGER.finest("Created new session with id: " + sessionId); LOGGER.finest(sessions.size() + " is sessions.size and originalSessions.size: " + originalSessions.size()); } }
/** * {@code HazelcastHttpSession instance} creation is split off to a separate method to allow subclasses to return a * customized / extended version of {@code HazelcastHttpSession}. * * @param id the session id * @param originalSession the original session * @return a new HazelcastHttpSession instance */ protected HazelcastHttpSession createHazelcastHttpSession(String id, HttpSession originalSession) { return new HazelcastHttpSession(this, id, originalSession, config.isDeferredWrite(), config.isStickySession(), config.getTransientAttributes()); }