Example 6 with HttpSessionImpl
use of io.undertow.servlet.spec.HttpSessionImpl in project undertow by undertow-io.
the class SessionListenerBridge method doDestroy.
private void doDestroy(Session session) {
final HttpSessionImpl httpSession = SecurityActions.forSession(session, servletContext, false);
applicationListeners.sessionDestroyed(httpSession);
//we make a defensive copy here, as there is no guarantee that the underlying session map
//is a concurrent map, and as a result a concurrent modification exception may be thrown
HashSet<String> names = new HashSet<>(session.getAttributeNames());
for (String attribute : names) {
session.removeAttribute(attribute);
}
}
Also used :
HttpSessionImpl(io.undertow.servlet.spec.HttpSessionImpl)
HashSet(java.util.HashSet)
Example 7 with HttpSessionImpl
use of io.undertow.servlet.spec.HttpSessionImpl in project undertow by undertow-io.
the class ServletFormAuthenticationMechanism method handleRedirectBack.
@Override
protected void handleRedirectBack(final HttpServerExchange exchange) {
final ServletRequestContext servletRequestContext = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY);
HttpServletResponse resp = (HttpServletResponse) servletRequestContext.getServletResponse();
HttpSessionImpl httpSession = servletRequestContext.getCurrentServletContext().getSession(exchange, false);
if (httpSession != null) {
Session session;
if (System.getSecurityManager() == null) {
session = httpSession.getSession();
} else {
session = AccessController.doPrivileged(new HttpSessionImpl.UnwrapSessionAction(httpSession));
}
String path = (String) session.getAttribute(SESSION_KEY);
if (path != null) {
try {
resp.sendRedirect(path);
} catch (IOException e) {
throw new RuntimeException(e);
}
}
}
}
Also used :
HttpSessionImpl(io.undertow.servlet.spec.HttpSessionImpl)
ServletRequestContext(io.undertow.servlet.handlers.ServletRequestContext)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
IOException(java.io.IOException)
Session(io.undertow.server.session.Session)
Example 8 with HttpSessionImpl
use of io.undertow.servlet.spec.HttpSessionImpl in project undertow by undertow-io.
the class SessionListenerBridge method attributeAdded.
@Override
public void attributeAdded(final Session session, final String name, final Object value) {
if (name.startsWith(IO_UNDERTOW)) {
return;
}
final HttpSessionImpl httpSession = SecurityActions.forSession(session, servletContext, false);
applicationListeners.httpSessionAttributeAdded(httpSession, name, value);
if (value instanceof HttpSessionBindingListener) {
((HttpSessionBindingListener) value).valueBound(new HttpSessionBindingEvent(httpSession, name, value));
}
}
Also used :
HttpSessionBindingEvent(javax.servlet.http.HttpSessionBindingEvent)
HttpSessionImpl(io.undertow.servlet.spec.HttpSessionImpl)
HttpSessionBindingListener(javax.servlet.http.HttpSessionBindingListener)
Example 9 with HttpSessionImpl
use of io.undertow.servlet.spec.HttpSessionImpl in project undertow by undertow-io.
the class ServletFormAuthenticationMechanism method storeInitialLocation.
@Override
protected void storeInitialLocation(final HttpServerExchange exchange) {
if (!saveOriginalRequest) {
return;
}
final ServletRequestContext servletRequestContext = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY);
HttpSessionImpl httpSession = servletRequestContext.getCurrentServletContext().getSession(exchange, true);
Session session;
if (System.getSecurityManager() == null) {
session = httpSession.getSession();
} else {
session = AccessController.doPrivileged(new HttpSessionImpl.UnwrapSessionAction(httpSession));
}
SessionManager manager = session.getSessionManager();
if (seenSessionManagers.add(manager)) {
manager.registerSessionListener(LISTENER);
}
session.setAttribute(SESSION_KEY, RedirectBuilder.redirect(exchange, exchange.getRelativePath()));
SavedRequest.trySaveRequest(exchange);
}
Also used :
HttpSessionImpl(io.undertow.servlet.spec.HttpSessionImpl)
SessionManager(io.undertow.server.session.SessionManager)
ServletRequestContext(io.undertow.servlet.handlers.ServletRequestContext)
Session(io.undertow.server.session.Session)
Example 10 with HttpSessionImpl
use of io.undertow.servlet.spec.HttpSessionImpl in project undertow by undertow-io.
the class ServletSingleSignOnAuthenticationMechanism method getSession.
@Override
protected Session getSession(HttpServerExchange exchange) {
ServletRequestContext servletRequestContext = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY);
final HttpSessionImpl session = servletRequestContext.getCurrentServletContext().getSession(exchange, true);
if (System.getSecurityManager() == null) {
return session.getSession();
} else {
return AccessController.doPrivileged(new HttpSessionImpl.UnwrapSessionAction(session));
}
}
Also used :
HttpSessionImpl(io.undertow.servlet.spec.HttpSessionImpl)
ServletRequestContext(io.undertow.servlet.handlers.ServletRequestContext)
Aggregations
HttpSessionImpl (io.undertow.servlet.spec.HttpSessionImpl)10
Session (io.undertow.server.session.Session)5
ServletRequestContext (io.undertow.servlet.handlers.ServletRequestContext)5
HeaderMap (io.undertow.util.HeaderMap)2
HeaderValues (io.undertow.util.HeaderValues)2
IOException (java.io.IOException)2
HashMap (java.util.HashMap)2
Map (java.util.Map)2
HttpSession (javax.servlet.http.HttpSession)2
AuthenticatedSessionManager (io.undertow.security.api.AuthenticatedSessionManager)1
Account (io.undertow.security.idm.Account)1
SessionManager (io.undertow.server.session.SessionManager)1
PersistentSession (io.undertow.servlet.api.SessionPersistenceManager.PersistentSession)1
CachedAuthenticatedSessionHandler (io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler)1
HttpString (io.undertow.util.HttpString)1
ImmediatePooledByteBuffer (io.undertow.util.ImmediatePooledByteBuffer)1
InputStream (java.io.InputStream)1
PrivilegedAction (java.security.PrivilegedAction)1
ArrayList (java.util.ArrayList)1
HashSet (java.util.HashSet)1
