webAppContext.setInitParameter("org.eclipse.jetty.servlet.Default.useFileMappedBuffer", "false"); SessionManager sessionManager = webAppContext.getSessionHandler().getSessionManager(); sessionManager.setSessionIdPathParameterName(null);
@Override public void setSessionConfig() { SessionHandler sessionHandler = webAppContext.getSessionHandler(); SessionCookieConfig sessionCookieConfig = sessionHandler.getSessionCookieConfig(); sessionCookieConfig.setHttpOnly(true); sessionCookieConfig.setSecure(systemEnvironment.isSessionCookieSecure()); sessionCookieConfig.setMaxAge(systemEnvironment.sessionCookieMaxAgeInSeconds()); sessionHandler.setMaxInactiveInterval(systemEnvironment.sessionTimeoutInSeconds()); }
@Test public void shouldSetSessionMaxInactiveInterval() throws Exception { jetty9Server.configure(); jetty9Server.setSessionConfig(); jetty9Server.startHandlers(); WebAppContext webAppContext = (WebAppContext) getLoadedHandlers().get(WebAppContext.class); assertThat(webAppContext.getSessionHandler().getMaxInactiveInterval(), is(1234)); }
@Test public void shouldSetSessionCookieConfig() throws Exception { when(systemEnvironment.isSessionCookieSecure()).thenReturn(true); jetty9Server.configure(); jetty9Server.setSessionConfig(); jetty9Server.startHandlers(); WebAppContext webAppContext = (WebAppContext) getLoadedHandlers().get(WebAppContext.class); SessionCookieConfig sessionCookieConfig = webAppContext.getSessionHandler().getSessionCookieConfig(); assertThat(sessionCookieConfig.isHttpOnly(), is(true)); assertThat(sessionCookieConfig.isSecure(), is(true)); assertThat(sessionCookieConfig.getMaxAge(), is(5678)); when(systemEnvironment.isSessionCookieSecure()).thenReturn(false); jetty9Server.setSessionConfig(); assertThat(sessionCookieConfig.isSecure(), is(false)); }
private void configureSession(WebAppContext context) { SessionHandler handler = context.getSessionHandler(); Duration sessionTimeout = getSession().getTimeout(); handler.setMaxInactiveInterval( isNegative(sessionTimeout) ? -1 : (int) sessionTimeout.getSeconds()); if (getSession().isPersistent()) { DefaultSessionCache cache = new DefaultSessionCache(handler); FileSessionDataStore store = new FileSessionDataStore(); store.setStoreDir(getValidSessionStoreDir()); cache.setSessionDataStore(store); handler.setSessionCache(cache); } }
if (context.getSessionHandler() == null) return; //no session handler, ignore session setup context.getSessionHandler().setMaxInactiveInterval(asDecimal.intValueExact() * 60); modes = new HashSet<SessionTrackingMode>(); else modes = new HashSet<SessionTrackingMode>(context.getSessionHandler().getEffectiveSessionTrackingModes()); context.getMetaData().setOrigin("session.tracking-mode", descriptor); break; context.getSessionHandler().setSessionTrackingModes(modes); context.getSessionHandler().getSessionCookieConfig().setName(name); context.getMetaData().setOrigin("cookie-config.name", descriptor); break; context.getSessionHandler().getSessionCookieConfig().setName(name); context.getMetaData().setOrigin("cookie-config.name", descriptor); if (!context.getSessionHandler().getSessionCookieConfig().getName().equals(name)) throw new IllegalStateException("Conflicting cookie-config name "+name+" in "+descriptor.getResource()); break; context.getSessionHandler().getSessionCookieConfig().setDomain(domain); context.getMetaData().setOrigin("cookie-config.domain", descriptor); break; context.getSessionHandler().getSessionCookieConfig().setDomain(domain);
SessionManager sm = webAppContext.getSessionHandler().getSessionManager(); if (sm instanceof AbstractSessionManager) { AbstractSessionManager asm = (AbstractSessionManager)sm;
private HandlerCollection createHandlers() { final WebAppContext webApp = new WebAppContext(); webApp.setContextPath(contextPath); webApp.setInitParameter("org.eclipse.jetty.servlet.Default.dirAllowed", "false"); webApp.getSessionHandler().setMaxInactiveInterval(sessionTimeout * 60); // GZIP handler final GzipHandler gzipHandler = new GzipHandler(); gzipHandler.addIncludedMimeTypes("text/html", "text/xml", "text/css", "text/plain", "text/javascript", "application/javascript", "application/json", "application/xml"); gzipHandler.setIncludedMethods("GET", "POST"); gzipHandler.setCompressionLevel(9); gzipHandler.setHandler(webApp); if (Strings.isNullOrEmpty(webAppLocation)) { webApp.setWar(getShadedWarUrl()); } else { webApp.setWar(webAppLocation); } // Request log handler final RequestLogHandler log = new RequestLogHandler(); log.setRequestLog(createRequestLog()); // Redirect root context handler MovedContextHandler rootRedirect = new MovedContextHandler(); rootRedirect.setContextPath("/"); rootRedirect.setNewContextURL(contextPath); rootRedirect.setPermanent(true); // Put rootRedirect at the end! return new HandlerCollection(log, gzipHandler, rootRedirect); }
public void contextDestroyed(ServletContextEvent sce) { context.getSessionHandler().clearEventListeners(); } });
public void contextDestroyed(ServletContextEvent sce) { context.getSessionHandler().clearEventListeners(); } });
/** * Set the secure cookies setting on the jetty session manager. */ void setSecureCookies() { webapp.getSessionHandler().setHttpOnly(true); webapp.getSessionHandler().getSessionCookieConfig().setSecure(true); }
public void contextInitialized(ServletContextEvent sce) { // Setup the session listener to inject reference proxies in newly created sessions // Note the listener must be added after the context is started as Jetty web xml configurer clears event listeners List<Injector<HttpSession>> sessionInjectors = List.class.cast(injectors.get(SESSION_CONTEXT_SITE)); InjectingSessionListener listener = new InjectingSessionListener(sessionInjectors); context.getSessionHandler().addEventListener(listener); ServletContext servletContext = context.getServletContext(); try { injectServletContext(servletContext, injectors); } catch (Fabric3Exception e) { monitor.error("Error initializing web component: " + uri, e); } }
public void contextInitialized(ServletContextEvent sce) { // Setup the session listener to inject reference proxies in newly created sessions // Note the listener must be added after the context is started as Jetty web xml configurer clears event listeners List<Injector<HttpSession>> sessionInjectors = List.class.cast(injectors.get(SESSION_CONTEXT_SITE)); InjectingSessionListener listener = new InjectingSessionListener(sessionInjectors); context.getSessionHandler().addEventListener(listener); ServletContext servletContext = context.getServletContext(); try { injectServletContext(servletContext, injectors); } catch (Fabric3Exception e) { monitor.error("Error initializing web component: " + uri, e); } }
SessionHandler sessionHandler = context.getSessionHandler(); sessionHandler.setSecureRequestOnly(allowCookiesToOnlyBePassedSecurely); sessionHandler.setHttpOnly(true);
public void start() throws Exception { server = new Server(port); WebAppContext webAppContext = new WebAppContext(); webAppContext.setContextPath("/"); webAppContext.setWar("zenvisage.war"); webAppContext.setParentLoaderPriority(true); webAppContext.setServer(server); webAppContext.setClassLoader(ClassLoader.getSystemClassLoader()); webAppContext.getSessionHandler().getSessionManager() .setMaxInactiveInterval(10); server.setHandler(webAppContext); server.start(); // ZvMain zvMain = (ZvMain) SpringApplicationContext.getBean("zvMain"); // zvMain.loadData(); DatabaseAutoLoader databaseAutoLoader = new DatabaseAutoLoader(this); databaseAutoLoader.run(); }
wac.setThrowUnavailableOnStartupException(true); // if boot fails, abort the process instead of letting empty Jetty run wac.setMimeTypes(mimeTypes); wac.getSessionHandler().setSessionTrackingModes(Collections.singleton(SessionTrackingMode.COOKIE)); wac.getSessionHandler().setSessionCookie(WinstoneSession.SESSION_COOKIE_NAME); this.webapps.put(wac.getContextPath(),wac); return wac;
private void persistSession(WebAppContext webApp) { String storeDir = getStoreDir(); SessionManager sm = webApp.getSessionHandler().getSessionManager(); if (sm instanceof HashSessionManager) { ((HashSessionManager)sm).setStoreDirectory(new File(storeDir)); return ; } HashSessionManager hsm = new HashSessionManager(); hsm.setStoreDirectory(new File(storeDir)); SessionHandler sh = new SessionHandler(); sh.setSessionManager(hsm); webApp.setSessionHandler(sh); }
context.setSecurityHandler(new RemoteUserSecurityHandler()); SessionManager sessionManager = context.getSessionHandler().getSessionManager();
// To be passed to all scanned webapps. Ensures SSO between contexts SessionManager sessManager = new HashSessionManager(); SessionCookieConfig config = sessManager.getSessionCookieConfig(); config.setPath("/webapps/"); // Ensures all webapps share the same cookie // Create the Handler (a.k.a the WebAppContext). App app = new App(deployer, provider, module.getFile().getAbsolutePath()); WebAppContext handler = (WebAppContext)app.getContextHandler(); // getContextHandler does the extraction // Consolidating all scanned webapps under a single context path allows SSO handler.setContextPath("/webapps" + handler.getContextPath()); // Cookies need to be shared between webapps for SSO SessionHandler sessHandler = handler.getSessionHandler(); sessHandler.setSessionManager(sessManager);
webappContext.setHandler( securityHandler ); SessionHandler sessionHandler = webappContext.getSessionHandler(); ( (AbstractSessionManager) sessionHandler.getSessionManager() ).setUsingCookies( false );