Search in sources :

Example 1 with SimpleSessionIdentifierCodec

use of org.jboss.as.web.session.SimpleSessionIdentifierCodec in project wildfly by wildfly.

the class HttpInvokerHostService method setupRoutes.

private HttpHandler setupRoutes(HttpHandler handler) {
    final SimpleSessionIdentifierCodec codec = new SimpleSessionIdentifierCodec(new SimpleRoutingSupport(), this.host.get().getServer().getRoute());
    final SecureRandomSessionIdGenerator generator = new SecureRandomSessionIdGenerator();
    return exchange -> {
        exchange.addResponseCommitListener(ex -> {
            Cookie cookie = ex.getResponseCookies().get(JSESSIONID);
            if (cookie != null) {
                cookie.setValue(codec.encode(cookie.getValue()).toString());
            } else if (ex.getStatusCode() == StatusCodes.UNAUTHORIZED) {
                // add a session cookie in order to avoid sticky session issue after 401 Unauthorized response
                cookie = new CookieImpl("JSESSIONID", codec.encode(generator.createSessionId()).toString());
                cookie.setPath(ex.getResolvedPath());
                exchange.getResponseCookies().put("JSESSIONID", cookie);
            }
        });
        handler.handleRequest(exchange);
    };
}
Also used : CookieImpl(io.undertow.server.handlers.CookieImpl) StopContext(org.jboss.msc.service.StopContext) AuthenticationConstraintHandler(io.undertow.security.handlers.AuthenticationConstraintHandler) StartContext(org.jboss.msc.service.StartContext) SecureRandomSessionIdGenerator(io.undertow.server.session.SecureRandomSessionIdGenerator) Service(org.jboss.msc.Service) HttpAuthenticationFactory(org.wildfly.security.auth.server.HttpAuthenticationFactory) Supplier(java.util.function.Supplier) Collectors(java.util.stream.Collectors) Cookie(io.undertow.server.handlers.Cookie) HttpHandler(io.undertow.server.HttpHandler) SimpleRoutingSupport(org.jboss.as.web.session.SimpleRoutingSupport) List(java.util.List) PathHandler(io.undertow.server.handlers.PathHandler) ElytronContextAssociationHandler(org.wildfly.elytron.web.undertow.server.ElytronContextAssociationHandler) ElytronIdentityHandler(org.wildfly.httpclient.common.ElytronIdentityHandler) HttpServerAuthenticationMechanism(org.wildfly.security.http.HttpServerAuthenticationMechanism) SimpleSessionIdentifierCodec(org.jboss.as.web.session.SimpleSessionIdentifierCodec) AuthenticationCallHandler(io.undertow.security.handlers.AuthenticationCallHandler) ElytronHttpExchange(org.wildfly.elytron.web.undertow.server.ElytronHttpExchange) SecurityIdentity(org.wildfly.security.auth.server.SecurityIdentity) StatusCodes(io.undertow.util.StatusCodes) Cookie(io.undertow.server.handlers.Cookie) SimpleRoutingSupport(org.jboss.as.web.session.SimpleRoutingSupport) CookieImpl(io.undertow.server.handlers.CookieImpl) SecureRandomSessionIdGenerator(io.undertow.server.session.SecureRandomSessionIdGenerator) SimpleSessionIdentifierCodec(org.jboss.as.web.session.SimpleSessionIdentifierCodec)

Aggregations

AuthenticationCallHandler (io.undertow.security.handlers.AuthenticationCallHandler)1 AuthenticationConstraintHandler (io.undertow.security.handlers.AuthenticationConstraintHandler)1 HttpHandler (io.undertow.server.HttpHandler)1 Cookie (io.undertow.server.handlers.Cookie)1 CookieImpl (io.undertow.server.handlers.CookieImpl)1 PathHandler (io.undertow.server.handlers.PathHandler)1 SecureRandomSessionIdGenerator (io.undertow.server.session.SecureRandomSessionIdGenerator)1 StatusCodes (io.undertow.util.StatusCodes)1 List (java.util.List)1 Supplier (java.util.function.Supplier)1 Collectors (java.util.stream.Collectors)1 SimpleRoutingSupport (org.jboss.as.web.session.SimpleRoutingSupport)1 SimpleSessionIdentifierCodec (org.jboss.as.web.session.SimpleSessionIdentifierCodec)1 Service (org.jboss.msc.Service)1 StartContext (org.jboss.msc.service.StartContext)1 StopContext (org.jboss.msc.service.StopContext)1 ElytronContextAssociationHandler (org.wildfly.elytron.web.undertow.server.ElytronContextAssociationHandler)1 ElytronHttpExchange (org.wildfly.elytron.web.undertow.server.ElytronHttpExchange)1 ElytronIdentityHandler (org.wildfly.httpclient.common.ElytronIdentityHandler)1 HttpAuthenticationFactory (org.wildfly.security.auth.server.HttpAuthenticationFactory)1