use of org.jboss.as.web.session.SimpleSessionIdentifierCodec in project wildfly by wildfly.
the class HttpInvokerHostService method setupRoutes.
private HttpHandler setupRoutes(HttpHandler handler) {
final SimpleSessionIdentifierCodec codec = new SimpleSessionIdentifierCodec(new SimpleRoutingSupport(), this.host.get().getServer().getRoute());
final SecureRandomSessionIdGenerator generator = new SecureRandomSessionIdGenerator();
return exchange -> {
exchange.addResponseCommitListener(ex -> {
Cookie cookie = ex.getResponseCookies().get(JSESSIONID);
if (cookie != null) {
cookie.setValue(codec.encode(cookie.getValue()).toString());
} else if (ex.getStatusCode() == StatusCodes.UNAUTHORIZED) {
// add a session cookie in order to avoid sticky session issue after 401 Unauthorized response
cookie = new CookieImpl("JSESSIONID", codec.encode(generator.createSessionId()).toString());
cookie.setPath(ex.getResolvedPath());
exchange.getResponseCookies().put("JSESSIONID", cookie);
}
});
handler.handleRequest(exchange);
};
}
Aggregations