Refine search
public String getSessionId(HttpServletRequest httpRequest) { String sessionId = null; HttpSession session = httpRequest.getSession(createSession); if (session != null) { sessionId = session.getId(); } return sessionId; }
/** * Determine the session id of the given request, if any. * @param request current HTTP request * @return the session id, or {@code null} if none */ @Nullable public static String getSessionId(HttpServletRequest request) { Assert.notNull(request, "Request must not be null"); HttpSession session = request.getSession(false); return (session != null ? session.getId() : null); }
/** * Determine the session id of the given request, if any. * @param request current HTTP request * @return the session id, or {@code null} if none */ @Nullable public static String getSessionId(HttpServletRequest request) { Assert.notNull(request, "Request must not be null"); HttpSession session = request.getSession(false); return (session != null ? session.getId() : null); }
private String getSessionId(HttpServletRequest httpServletRequest) { final HttpSession session = httpServletRequest.getSession(false); return session != null ? session.getId() : null; }
@Override protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException { final HttpSession session = request.getSession(); LOGGER.debug("Session info for url: {}, Current session: {}, Requested session id: {}", request.getRequestURI(), session.getId(), request.getRequestedSessionId()); filterChain.doFilter(request, response); }
@Override public String getDescription(boolean includeClientInfo) { HttpServletRequest request = getRequest(); StringBuilder sb = new StringBuilder(); sb.append("uri=").append(request.getRequestURI()); if (includeClientInfo) { String client = request.getRemoteAddr(); if (StringUtils.hasLength(client)) { sb.append(";client=").append(client); } HttpSession session = request.getSession(false); if (session != null) { sb.append(";session=").append(session.getId()); } String user = request.getRemoteUser(); if (StringUtils.hasLength(user)) { sb.append(";user=").append(user); } } return sb.toString(); }
/** * Detects if session ID exist in the URL. It works more reliable * than <code>servletRequest.isRequestedSessionIdFromURL()</code>. */ protected boolean isRequestedSessionIdFromURL(final HttpServletRequest servletRequest) { if (servletRequest.isRequestedSessionIdFromURL()) { return true; } HttpSession session = servletRequest.getSession(false); if (session != null) { String sessionId = session.getId(); StringBuffer requestUri = servletRequest.getRequestURL(); return requestUri.indexOf(sessionId) != -1; } return false; }
@Override public String getDescription(boolean includeClientInfo) { HttpServletRequest request = getRequest(); StringBuilder sb = new StringBuilder(); sb.append("uri=").append(request.getRequestURI()); if (includeClientInfo) { String client = request.getRemoteAddr(); if (StringUtils.hasLength(client)) { sb.append(";client=").append(client); } HttpSession session = request.getSession(false); if (session != null) { sb.append(";session=").append(session.getId()); } String user = request.getRemoteUser(); if (StringUtils.hasLength(user)) { sb.append(";user=").append(user); } } return sb.toString(); }
@Override public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.getWriter().write("This is a public servlet \n"); String webName = null; boolean isCustomPrincipal = false; if (request.getUserPrincipal() != null) { Principal principal = request.getUserPrincipal(); isCustomPrincipal = principal instanceof MyPrincipal; webName = principal.getName(); } boolean webHasRole = request.isUserInRole("architect"); response.getWriter().write("isCustomPrincipal: " + isCustomPrincipal + "\n"); response.getWriter().write("web username: " + webName + "\n"); response.getWriter().write("web user has role \"architect\": " + webHasRole + "\n"); HttpSession session = request.getSession(false); if (session != null) { response.getWriter().write("Session ID: " + session.getId()); } else { response.getWriter().write("No session"); } }
@Override public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.getWriter().write("This is a protected servlet \n"); String webName = null; boolean isCustomPrincipal = false; if (request.getUserPrincipal() != null) { Principal principal = request.getUserPrincipal(); isCustomPrincipal = principal instanceof MyPrincipal; webName = request.getUserPrincipal().getName(); } boolean webHasRole = request.isUserInRole("architect"); response.getWriter().write("isCustomPrincipal: " + isCustomPrincipal + "\n"); response.getWriter().write("web username: " + webName + "\n"); response.getWriter().write("web user has role \"architect\": " + webHasRole + "\n"); HttpSession session = request.getSession(false); if (session != null) { response.getWriter().write("Session ID: " + session.getId()); } else { response.getWriter().write("No session"); } }
msg.append(";client=").append(client); HttpSession session = request.getSession(false); if (session != null) { msg.append(";session=").append(session.getId());
/** * Creates a new session from http request. * * @param httpReq Request. * @return New session. */ private WebSession createSession(HttpServletRequest httpReq) { HttpSession ses = httpReq.getSession(true); String sesId = transformSessionId(ses.getId()); return createSession(ses, sesId); }
@Override protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException { if (!SessionUtils.hasAuthenticationToken(request)) { LOGGER.debug("Authentication token is not created for the request."); filterChain.doFilter(request, response); return; } final AuthenticationToken<?> authenticationToken = SessionUtils.getAuthenticationToken(request); Assert.notNull(authenticationToken); synchronized (request.getSession(false).getId().intern()) { long localCopyOfLastChangedTime = lastChangedTime;//This is so that the volatile variable is accessed only once. Long previousLastChangedTime = (Long) request.getSession().getAttribute(SECURITY_CONFIG_LAST_CHANGE); if (previousLastChangedTime == null) { request.getSession().setAttribute(SECURITY_CONFIG_LAST_CHANGE, localCopyOfLastChangedTime); } else if (previousLastChangedTime < localCopyOfLastChangedTime) { request.getSession().setAttribute(SECURITY_CONFIG_LAST_CHANGE, localCopyOfLastChangedTime); LOGGER.debug("Invalidating existing token {}", authenticationToken); authenticationToken.invalidate(); } } filterChain.doFilter(request, response); }
@Override public void doFilter(HttpServletRequest wrappedRequest, HttpServletResponse wrappedResponse) throws IOException { wrappedRequest.getSession().getId(); } });
@Override public void doFilter(HttpServletRequest wrappedRequest, HttpServletResponse wrappedResponse) throws IOException { wrappedRequest.getSession().getId(); } });
@Override public boolean beforeHandshake(ServerHttpRequest request, ServerHttpResponse response, WebSocketHandler wsHandler, Map<String, Object> attributes) throws Exception { if (request instanceof ServletServerHttpRequest) { ServletServerHttpRequest servletRequest = (ServletServerHttpRequest) request; HttpSession session = servletRequest.getServletRequest().getSession(false); if (session != null) { setSessionId(attributes, session.getId()); } } return true; }
@Override public void doFilter(HttpServletRequest wrappedRequest, HttpServletResponse wrappedResponse) throws IOException { wrappedRequest.getSession().getId(); } });
private void performReauthentication(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws IOException, ServletException { synchronized (request.getSession(false).getId().intern()) { if (SessionUtils.isAuthenticated(request, clock, systemEnvironment)) { LOGGER.debug("Continuing chain because user is authenticated."); filterChain.doFilter(request, response); } else { LOGGER.debug("Attempting reauthentication."); final AuthenticationToken reauthenticatedToken = attemptAuthentication(request, response); if (reauthenticatedToken == null) { LOGGER.debug("Reauthentication failed."); onAuthenticationFailure(request, response, "Unable to re-authenticate user after timeout."); } else { SessionUtils.setAuthenticationTokenWithoutRecreatingSession(reauthenticatedToken, request); filterChain.doFilter(request, response); } } } }
int timeout = request.getSession().getMaxInactiveInterval() * 1000; String sessionId = request.getSession().getId();
@Override public void doFilter(HttpServletRequest wrappedRequest) { HttpSession session = wrappedRequest.getSession(); session.invalidate(); // no exception session.getId(); } });