protected Session doGetSession(Serializable sessionId) throws InvalidSessionException {
// Ignore session id since there is no way to acquire a session based on an id in a servlet
// container
// (that is implementation agnostic)
ServletRequest request = WebUtils.getRequiredServletRequest();
ServletResponse response = WebUtils.getRequiredServletResponse();
return getSession(request, response);
}
public Session getSession(ServletRequest request, ServletResponse response)
throws AuthorizationException {
Session session = null;
HttpSession httpSession = ((HttpServletRequest) request).getSession(false);
if (httpSession != null) {
session = createSession(httpSession, WebUtils.getInetAddress(request));
}
return session;
}
protected Session createSession(InetAddress originatingHost)
throws HostUnauthorizedException, IllegalArgumentException {
ServletRequest request = WebUtils.getRequiredServletRequest();
HttpSession httpSession = ((HttpServletRequest) request).getSession();
return createSession(httpSession, originatingHost);
}
