Java Code Examples for org.apache.catalina.util.SessionConfig#getSessionUriParamName()
The following examples show how to use
org.apache.catalina.util.SessionConfig#getSessionUriParamName() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: LoadBalancerDrainingValve.java From Tomcat8-Source-Read with MIT License | 4 votes |
|
@Override
public void invoke(Request request, Response response) throws IOException, ServletException {
if ("DIS".equals(request.getAttribute(ATTRIBUTE_KEY_JK_LB_ACTIVATION)) &&
!request.isRequestedSessionIdValid()) {
if (containerLog.isDebugEnabled()) {
containerLog.debug("Load-balancer is in DISABLED state; draining this node");
}
boolean ignoreRebalance = false;
Cookie sessionCookie = null;
final Cookie[] cookies = request.getCookies();
final String sessionCookieName = SessionConfig.getSessionCookieName(request.getContext());
if (null != cookies) {
for (Cookie cookie : cookies) {
final String cookieName = cookie.getName();
if (containerLog.isTraceEnabled()) {
containerLog.trace("Checking cookie " + cookieName + "=" + cookie.getValue());
}
if (sessionCookieName.equals(cookieName) &&
request.getRequestedSessionId().equals(cookie.getValue())) {
sessionCookie = cookie;
} else if (null != _ignoreCookieName &&
_ignoreCookieName.equals(cookieName) &&
null != _ignoreCookieValue &&
_ignoreCookieValue.equals(cookie.getValue())) {
// The client presenting a valid ignore-cookie value?
ignoreRebalance = true;
}
}
}
if (ignoreRebalance) {
if (containerLog.isDebugEnabled()) {
containerLog.debug("Client is presenting a valid " + _ignoreCookieName +
" cookie, re-balancing is being skipped");
}
getNext().invoke(request, response);
return;
}
// Kill any session cookie that was found
// TODO: Consider implications of SSO cookies
if (null != sessionCookie) {
sessionCookie.setPath(SessionConfig.getSessionCookiePath(request.getContext()));
sessionCookie.setMaxAge(0); // Delete
sessionCookie.setValue(""); // Purge the cookie's value
response.addCookie(sessionCookie);
}
// Re-write the URI if it contains a ;jsessionid parameter
String uri = request.getRequestURI();
String sessionURIParamName = SessionConfig.getSessionUriParamName(request.getContext());
if (uri.contains(";" + sessionURIParamName + "=")) {
uri = uri.replaceFirst(";" + sessionURIParamName + "=[^&?]*", "");
}
String queryString = request.getQueryString();
if (null != queryString) {
uri = uri + "?" + queryString;
}
// NOTE: Do not call response.encodeRedirectURL or the bad
// sessionid will be restored
response.setHeader("Location", uri);
response.setStatus(_redirectStatusCode);
} else {
getNext().invoke(request, response);
}
}
Example 2
| Source File: ApplicationPushBuilder.java From Tomcat8-Source-Read with MIT License | 4 votes |
|
public ApplicationPushBuilder(Request catalinaRequest, HttpServletRequest request) {
baseRequest = request;
this.catalinaRequest = catalinaRequest;
coyoteRequest = catalinaRequest.getCoyoteRequest();
// Populate the initial list of HTTP headers
Enumeration<String> headerNames = request.getHeaderNames();
while (headerNames.hasMoreElements()) {
String headerName = headerNames.nextElement();
List<String> values = new ArrayList<>();
headers.put(headerName, values);
Enumeration<String> headerValues = request.getHeaders(headerName);
while (headerValues.hasMoreElements()) {
values.add(headerValues.nextElement());
}
}
// Remove the headers
headers.remove("if-match");
headers.remove("if-none-match");
headers.remove("if-modified-since");
headers.remove("if-unmodified-since");
headers.remove("if-range");
headers.remove("range");
headers.remove("expect");
headers.remove("authorization");
headers.remove("referer");
// Also remove the cookie header since it will be regenerated
headers.remove("cookie");
// set the referer header
StringBuffer referer = request.getRequestURL();
if (request.getQueryString() != null) {
referer.append('?');
referer.append(request.getQueryString());
}
addHeader("referer", referer.toString());
// Session
Context context = catalinaRequest.getContext();
sessionCookieName = SessionConfig.getSessionCookieName(context);
sessionPathParameterName = SessionConfig.getSessionUriParamName(context);
HttpSession session = request.getSession(false);
if (session != null) {
sessionId = session.getId();
}
if (sessionId == null) {
sessionId = request.getRequestedSessionId();
}
if (!request.isRequestedSessionIdFromCookie() && !request.isRequestedSessionIdFromURL() &&
sessionId != null) {
Set<SessionTrackingMode> sessionTrackingModes =
request.getServletContext().getEffectiveSessionTrackingModes();
addSessionCookie = sessionTrackingModes.contains(SessionTrackingMode.COOKIE);
addSessionPathParameter = sessionTrackingModes.contains(SessionTrackingMode.URL);
} else {
addSessionCookie = request.isRequestedSessionIdFromCookie();
addSessionPathParameter = request.isRequestedSessionIdFromURL();
}
// Cookies
if (request.getCookies() != null) {
for (Cookie requestCookie : request.getCookies()) {
cookies.add(requestCookie);
}
}
for (Cookie responseCookie : catalinaRequest.getResponse().getCookies()) {
if (responseCookie.getMaxAge() < 0) {
// Path information not available so can only remove based on
// name.
Iterator<Cookie> cookieIterator = cookies.iterator();
while (cookieIterator.hasNext()) {
Cookie cookie = cookieIterator.next();
if (cookie.getName().equals(responseCookie.getName())) {
cookieIterator.remove();
}
}
} else {
cookies.add(new Cookie(responseCookie.getName(), responseCookie.getValue()));
}
}
List<String> cookieValues = new ArrayList<>(1);
cookieValues.add(generateCookieHeader(cookies,
catalinaRequest.getContext().getCookieProcessor()));
headers.put("cookie", cookieValues);
// Authentication
if (catalinaRequest.getPrincipal() != null) {
if ((session == null) || catalinaRequest.getSessionInternal(false).getPrincipal() == null
|| !(context.getAuthenticator() instanceof AuthenticatorBase)
|| !((AuthenticatorBase) context.getAuthenticator()).getCache()) {
// Set a username only if there is no session cache for the principal
userName = catalinaRequest.getPrincipal().getName();
}
setHeader("authorization", "x-push");
}
}
Example 3
| Source File: Response.java From Tomcat7.0.67 with Apache License 2.0 | 4 votes |
|
private boolean doIsEncodeable(Request hreq, Session session,
String location) {
// Is this a valid absolute URL?
URL url = null;
try {
url = new URL(location);
} catch (MalformedURLException e) {
return (false);
}
// Does this URL match down to (and including) the context path?
if (!hreq.getScheme().equalsIgnoreCase(url.getProtocol())) {
return (false);
}
if (!hreq.getServerName().equalsIgnoreCase(url.getHost())) {
return (false);
}
int serverPort = hreq.getServerPort();
if (serverPort == -1) {
if ("https".equals(hreq.getScheme())) {
serverPort = 443;
} else {
serverPort = 80;
}
}
int urlPort = url.getPort();
if (urlPort == -1) {
if ("https".equals(url.getProtocol())) {
urlPort = 443;
} else {
urlPort = 80;
}
}
if (serverPort != urlPort) {
return (false);
}
String contextPath = getContext().getPath();
if (contextPath != null) {
String file = url.getFile();
if ((file == null) || !file.startsWith(contextPath)) {
return (false);
}
String tok = ";" +
SessionConfig.getSessionUriParamName(request.getContext()) +
"=" + session.getIdInternal();
if( file.indexOf(tok, contextPath.length()) >= 0 ) {
return (false);
}
}
// This URL belongs to our web application, so it is encodeable
return (true);
}
Example 4
| Source File: Response.java From tomcatsrc with Apache License 2.0 | 4 votes |
|
private boolean doIsEncodeable(Request hreq, Session session,
String location) {
// Is this a valid absolute URL?
URL url = null;
try {
url = new URL(location);
} catch (MalformedURLException e) {
return (false);
}
// Does this URL match down to (and including) the context path?
if (!hreq.getScheme().equalsIgnoreCase(url.getProtocol())) {
return (false);
}
if (!hreq.getServerName().equalsIgnoreCase(url.getHost())) {
return (false);
}
int serverPort = hreq.getServerPort();
if (serverPort == -1) {
if ("https".equals(hreq.getScheme())) {
serverPort = 443;
} else {
serverPort = 80;
}
}
int urlPort = url.getPort();
if (urlPort == -1) {
if ("https".equals(url.getProtocol())) {
urlPort = 443;
} else {
urlPort = 80;
}
}
if (serverPort != urlPort) {
return (false);
}
String contextPath = getContext().getPath();
if (contextPath != null) {
String file = url.getFile();
if (!file.startsWith(contextPath)) {
return (false);
}
String tok = ";" +
SessionConfig.getSessionUriParamName(request.getContext()) +
"=" + session.getIdInternal();
if( file.indexOf(tok, contextPath.length()) >= 0 ) {
return (false);
}
}
// This URL belongs to our web application, so it is encodeable
return (true);
}
Example 5
| Source File: ApplicationSessionCookieConfig.java From Tomcat7.0.67 with Apache License 2.0 | 2 votes |
|
/**
* Determine the name to use for the session cookie for the provided
* context.
* @param context
*
* @deprecated Replaced by
* {@link SessionConfig#getSessionUriParamName(Context)}. This
* will be removed in Tomcat 8.0.x.
*/
@Deprecated
public static String getSessionUriParamName(Context context) {
return SessionConfig.getSessionUriParamName(context);
}
Example 6
| Source File: ApplicationSessionCookieConfig.java From tomcatsrc with Apache License 2.0 | 2 votes |
|
/**
* Determine the name to use for the session cookie for the provided
* context.
* @param context
*
* @deprecated Replaced by
* {@link SessionConfig#getSessionUriParamName(Context)}. This
* will be removed in Tomcat 8.0.x.
*/
@Deprecated
public static String getSessionUriParamName(Context context) {
return SessionConfig.getSessionUriParamName(context);
}
