@Override
  public void handleRequest(HttpServerExchange exchange) throws Exception {
    final String incomingSessionId = servletContext.getSessionConfig().findSessionId(exchange);
    if (incomingSessionId == null || !data.containsKey(incomingSessionId)) {
      next.handleRequest(exchange);
      return;
    }

    // we have some old data
    PersistentSession result = data.remove(incomingSessionId);
    if (result != null) {
      long time = System.currentTimeMillis();
      if (time < result.getExpiration().getTime()) {
        final HttpSessionImpl session = servletContext.getSession(exchange, true);
        final HttpSessionEvent event = new HttpSessionEvent(session);
        for (Map.Entry<String, Object> entry : result.getSessionData().entrySet()) {

          if (entry.getValue() instanceof HttpSessionActivationListener) {
            ((HttpSessionActivationListener) entry.getValue()).sessionDidActivate(event);
          }
          if (entry.getKey().startsWith(HttpSessionImpl.IO_UNDERTOW)) {
            session.getSession().setAttribute(entry.getKey(), entry.getValue());
          } else {
            session.setAttribute(entry.getKey(), entry.getValue());
          }
        }
      }
    }
    next.handleRequest(exchange);
  }
  public HttpSession getSession(
      final ServletContextImpl originalServletContext,
      final HttpServerExchange exchange,
      boolean create) {
    SessionConfig c = originalServletContext.getSessionConfig();
    ConvergedHttpSessionFacade httpSession = exchange.getAttachment(sessionAttachmentKey);
    if (httpSession != null && httpSession.isValidIntern()) {
      exchange.removeAttachment(sessionAttachmentKey);
      httpSession = null;
    }
    if (httpSession == null) {
      final SessionManager sessionManager = context.getDeployment().getSessionManager();
      Session session = sessionManager.getSession(exchange, c);
      if (session != null) {
        httpSession =
            (ConvergedHttpSessionFacade)
                SecurityActions.forSession(session, this, false, sessionManager);
        exchange.putAttachment(sessionAttachmentKey, httpSession);
      } else if (create) {

        String existing = c.findSessionId(exchange);
        if (originalServletContext != this.context) {
          // this is a cross context request
          // we need to make sure there is a top level session
          originalServletContext.getSession(originalServletContext, exchange, true);
        } else if (existing != null) {
          c.clearSession(exchange, existing);
        }

        final Session newSession = sessionManager.createSession(exchange, c);
        httpSession =
            (ConvergedHttpSessionFacade)
                SecurityActions.forSession(newSession, this, true, sessionManager);
        // call access after creation to set LastAccessTime at sipAppSession.
        httpSession.access();
        // add delegate to InMemorySession to call sipAppSession.access(), when necessary:
        ((ConvergedInMemorySessionManager) sessionManager)
            .addConvergedSessionDeletegateToSession(
                newSession.getId(), httpSession.getConvergedSessionDelegate());

        exchange.putAttachment(sessionAttachmentKey, httpSession);
      }
    }
    return httpSession;
  }