/** * Return the locked document lock. Must be called before beforeUpdate(). * * @param parameters incoming Ajax request * @return the document lock, already locked */ public Lock acquireDocumentLock(RequestParameters parameters) { assert parameters.getUUID() != null; // Check that the session is associated with the requested UUID. This enforces the rule that an // incoming request // for a given UUID must belong to the same session that created the document. If the session // expires, the // key goes away as well, and the key won't be present. If we don't do this check, the XForms // server might // handle requests for a given UUID within a separate session, therefore providing access to // other sessions, // which is not desirable. Further, we now have a lock stored in the session. final Lock lock = getDocumentLock(parameters.getUUID()); if (lock == null) throw new OXFException("Document session has expired. Unable to process incoming request."); // Lock document for at most the max retry delay plus an increment try { final boolean acquired = lock.tryLock( XFormsProperties.getAjaxTimeout() + XFormsProperties.getRetryDelayIncrement(), TimeUnit.MILLISECONDS); if (acquired) return lock; else return null; } catch (InterruptedException e) { throw new OXFException(e); } }