public HttpSession getSession(
final ServletContextImpl originalServletContext,
final HttpServerExchange exchange,
boolean create) {
SessionConfig c = originalServletContext.getSessionConfig();
ConvergedHttpSessionFacade httpSession = exchange.getAttachment(sessionAttachmentKey);
if (httpSession != null && httpSession.isValidIntern()) {
exchange.removeAttachment(sessionAttachmentKey);
httpSession = null;
}
if (httpSession == null) {
final SessionManager sessionManager = context.getDeployment().getSessionManager();
Session session = sessionManager.getSession(exchange, c);
if (session != null) {
httpSession =
(ConvergedHttpSessionFacade)
SecurityActions.forSession(session, this, false, sessionManager);
exchange.putAttachment(sessionAttachmentKey, httpSession);
} else if (create) {
String existing = c.findSessionId(exchange);
if (originalServletContext != this.context) {
// this is a cross context request
// we need to make sure there is a top level session
originalServletContext.getSession(originalServletContext, exchange, true);
} else if (existing != null) {
c.clearSession(exchange, existing);
}
final Session newSession = sessionManager.createSession(exchange, c);
httpSession =
(ConvergedHttpSessionFacade)
SecurityActions.forSession(newSession, this, true, sessionManager);
// call access after creation to set LastAccessTime at sipAppSession.
httpSession.access();
// add delegate to InMemorySession to call sipAppSession.access(), when necessary:
((ConvergedInMemorySessionManager) sessionManager)
.addConvergedSessionDeletegateToSession(
newSession.getId(), httpSession.getConvergedSessionDelegate());
exchange.putAttachment(sessionAttachmentKey, httpSession);
}
}
return httpSession;
}
