protected ModelAndView handleRequestInternal(
     HttpServletRequest request, HttpServletResponse response) throws Exception {
   String[] sidWebApps = ServletRequestUtils.getStringParameters(request, "sid_webapp");
   for (int i = 0; i < sidWebApps.length; i++) {
     if (sidWebApps[i] != null) {
       String[] ss = sidWebApps[i].split(";");
       if (ss.length == 2) {
         String sessionId = ss[0];
         String appName = ss[1];
         Context context = getContainerWrapper().getTomcatContainer().findContext(appName);
         if (context != null) {
           Manager manager = context.getManager();
           Session session = manager.findSession(sessionId);
           if (session != null && session.isValid()) {
             session.expire();
           }
         } else {
           return new ModelAndView("errors/paramerror");
         }
       } else {
         return new ModelAndView("errors/paramerror");
       }
     }
   }
   return new ModelAndView(new InternalResourceView(getViewName()));
 }
Пример #2
0
  /**
   * Returns true if the request specifies a JSESSIONID that is valid within the context of this
   * ApplicationHttpRequest, false otherwise.
   *
   * @return true if the request specifies a JSESSIONID that is valid within the context of this
   *     ApplicationHttpRequest, false otherwise.
   */
  public boolean isRequestedSessionIdValid() {

    if (crossContext) {

      String requestedSessionId = getRequestedSessionId();
      if (requestedSessionId == null) return (false);
      if (context == null) return (false);
      Manager manager = context.getManager();
      if (manager == null) return (false);
      Session session = null;
      try {
        session = manager.findSession(requestedSessionId);
      } catch (IOException e) {
        session = null;
      }
      if ((session != null) && session.isValid()) {
        return (true);
      } else {
        return (false);
      }

    } else {
      return super.isRequestedSessionIdValid();
    }
  }
Пример #3
0
  /**
   * Return the session associated with this Request, creating one if necessary and requested.
   *
   * @param create Create a new session if one does not exist
   */
  public HttpSession getSession(boolean create) {

    if (crossContext) {

      // There cannot be a session if no context has been assigned yet
      if (context == null) return (null);

      // Return the current session if it exists and is valid
      if (session != null && session.isValid()) {
        return (session.getSession());
      }

      HttpSession other = super.getSession(false);
      if (create && (other == null)) {
        // First create a session in the first context: the problem is
        // that the top level request is the only one which can
        // create the cookie safely
        other = super.getSession(true);
      }
      if (other != null) {
        Session localSession = null;
        try {
          localSession = context.getManager().findSession(other.getId());
          if (localSession != null && !localSession.isValid()) {
            localSession = null;
          }
        } catch (IOException e) {
          // Ignore
        }
        if (localSession == null && create) {
          localSession = context.getManager().createSession(other.getId());
        }
        if (localSession != null) {
          localSession.access();
          session = localSession;
          return session.getSession();
        }
      }
      return null;

    } else {
      return super.getSession(create);
    }
  }
Пример #4
0
  public static ApplicationSession getApplicationSession(
      Session session, boolean calcSize, boolean addAttributes) {

    ApplicationSession sbean = null;
    if (session != null && session.isValid()) {
      sbean = new ApplicationSession();

      sbean.setId(session.getId());
      sbean.setCreationTime(new Date(session.getCreationTime()));
      sbean.setLastAccessTime(new Date(session.getLastAccessedTime()));
      sbean.setMaxIdleTime(session.getMaxInactiveInterval() * 1000);
      sbean.setManagerType(session.getManager().getClass().getName());
      // sbean.setInfo(session.getInfo());
      // TODO:fixmee

      boolean sessionSerializable = true;
      int attributeCount = 0;
      long size = 0;

      HttpSession httpSession = session.getSession();
      Set processedObjects = new HashSet(1000);

      // Exclude references back to the session itself
      processedObjects.add(httpSession);
      try {
        for (Enumeration e = httpSession.getAttributeNames(); e.hasMoreElements(); ) {
          String name = (String) e.nextElement();
          Object obj = httpSession.getAttribute(name);
          sessionSerializable = sessionSerializable && obj instanceof Serializable;

          long objSize = 0;
          if (calcSize) {
            try {
              objSize += Instruments.sizeOf(name, processedObjects);
              objSize += Instruments.sizeOf(obj, processedObjects);
            } catch (Throwable th) {
              logger.error("Cannot estimate size of attribute \"" + name + "\"", th);
              //
              // make sure we always re-throw ThreadDeath
              //
              if (e instanceof ThreadDeath) {
                throw (ThreadDeath) e;
              }
            }
          }

          if (addAttributes) {
            Attribute saBean = new Attribute();
            saBean.setName(name);
            saBean.setType(ClassUtils.getQualifiedName(obj.getClass()));
            saBean.setValue(obj);
            saBean.setSize(objSize);
            saBean.setSerializable(obj instanceof Serializable);
            sbean.addAttribute(saBean);
          }
          attributeCount++;
          size += objSize;
        }
        String lastAccessedIp =
            (String) httpSession.getAttribute(ApplicationSession.LAST_ACCESSED_BY_IP);
        if (lastAccessedIp != null) {
          sbean.setLastAccessedIp(lastAccessedIp);
        }
        try {
          sbean.setLastAccessedIpLocale(
              InetAddressLocator.getLocale(InetAddress.getByName(lastAccessedIp).getAddress()));
        } catch (Throwable e) {
          logger.error("Cannot determine Locale of " + lastAccessedIp);
          //
          // make sure we always re-throw ThreadDeath
          //
          if (e instanceof ThreadDeath) {
            throw (ThreadDeath) e;
          }
        }

      } catch (IllegalStateException e) {
        logger.info("Session appears to be invalidated, ignore");
      }

      sbean.setObjectCount(attributeCount);
      sbean.setSize(size);
      sbean.setSerializable(sessionSerializable);
    }

    return sbean;
  }
 /**
  * This method is called by the received thread when a SessionMessage has been received from one
  * of the other nodes in the cluster.
  *
  * @param msg - the message received
  * @param sender - the sender of the message, this is used if we receive a EVT_GET_ALL_SESSION
  *     message, so that we only reply to the requesting node
  */
 protected void messageReceived(SessionMessage msg, Member sender) {
   try {
     if (log.isInfoEnabled()) {
       log.debug("Received SessionMessage of type=" + msg.getEventTypeString());
       log.debug("Received SessionMessage sender=" + sender);
     }
     switch (msg.getEventType()) {
       case SessionMessage.EVT_GET_ALL_SESSIONS:
         {
           // get a list of all the session from this manager
           Object[] sessions = findSessions();
           java.io.ByteArrayOutputStream bout = new java.io.ByteArrayOutputStream();
           java.io.ObjectOutputStream oout = new java.io.ObjectOutputStream(bout);
           oout.writeInt(sessions.length);
           for (int i = 0; i < sessions.length; i++) {
             ReplicatedSession ses = (ReplicatedSession) sessions[i];
             oout.writeUTF(ses.getIdInternal());
             byte[] data = writeSession(ses);
             oout.writeObject(data);
           } // for
           // don't send a message if we don't have to
           oout.flush();
           oout.close();
           byte[] data = bout.toByteArray();
           SessionMessage newmsg =
               new SessionMessageImpl(
                   name,
                   SessionMessage.EVT_ALL_SESSION_DATA,
                   data,
                   "SESSION-STATE",
                   "SESSION-STATE-" + getName());
           cluster.send(newmsg, sender);
           break;
         }
       case SessionMessage.EVT_ALL_SESSION_DATA:
         {
           java.io.ByteArrayInputStream bin = new java.io.ByteArrayInputStream(msg.getSession());
           java.io.ObjectInputStream oin = new java.io.ObjectInputStream(bin);
           int size = oin.readInt();
           for (int i = 0; i < size; i++) {
             String id = oin.readUTF();
             byte[] data = (byte[]) oin.readObject();
             Session session = readSession(data, id);
           } // for
           stateTransferred = true;
           break;
         }
       case SessionMessage.EVT_SESSION_CREATED:
         {
           Session session = this.readSession(msg.getSession(), msg.getSessionID());
           if (log.isDebugEnabled()) {
             log.debug("Received replicated session=" + session + " isValid=" + session.isValid());
           }
           break;
         }
       case SessionMessage.EVT_SESSION_EXPIRED:
         {
           Session session = findSession(msg.getSessionID());
           if (session != null) {
             session.expire();
             this.remove(session);
           } // end if
           break;
         }
       case SessionMessage.EVT_SESSION_ACCESSED:
         {
           Session session = findSession(msg.getSessionID());
           if (session != null) {
             session.access();
             session.endAccess();
           }
           break;
         }
       default:
         {
           // we didn't recognize the message type, do nothing
           break;
         }
     } // switch
   } catch (Exception x) {
     log.error("Unable to receive message through TCP channel", x);
   }
 }
Пример #6
0
  /**
   * Save a session to the Store.
   *
   * @param session the session to be stored
   * @exception IOException if an input/output error occurs
   */
  public void save(Session session) throws IOException {
    String saveSql =
        "INSERT INTO "
            + sessionTable
            + " ("
            + sessionIdCol
            + ", "
            + sessionAppCol
            + ", "
            + sessionDataCol
            + ", "
            + sessionValidCol
            + ", "
            + sessionMaxInactiveCol
            + ", "
            + sessionLastAccessedCol
            + ") VALUES (?, ?, ?, ?, ?, ?)";
    ObjectOutputStream oos = null;
    ByteArrayOutputStream bos = null;
    ByteArrayInputStream bis = null;
    InputStream in = null;

    synchronized (this) {
      Connection _conn = getConnection();
      if (_conn == null) {
        return;
      }

      // If sessions already exist in DB, remove and insert again.
      // TODO:
      // * Check if ID exists in database and if so use UPDATE.
      remove(session.getId());

      try {
        bos = new ByteArrayOutputStream();
        oos = new ObjectOutputStream(new BufferedOutputStream(bos));

        ((StandardSession) session).writeObjectData(oos);
        oos.close();

        byte[] obs = bos.toByteArray();
        int size = obs.length;
        bis = new ByteArrayInputStream(obs, 0, size);
        in = new BufferedInputStream(bis, size);

        if (preparedSaveSql == null) {
          preparedSaveSql = _conn.prepareStatement(saveSql);
        }

        preparedSaveSql.setString(1, session.getId());
        preparedSaveSql.setString(2, getName());
        preparedSaveSql.setBinaryStream(3, in, size);
        preparedSaveSql.setString(4, session.isValid() ? "1" : "0");
        preparedSaveSql.setInt(5, session.getMaxInactiveInterval());
        preparedSaveSql.setLong(6, session.getLastAccessedTime());
        preparedSaveSql.execute();
      } catch (SQLException e) {
        log(sm.getString(getStoreName() + ".SQLException", e));
      } catch (IOException e) {;
      } finally {
        if (bis != null) {
          bis.close();
        }
        if (in != null) {
          in.close();
        }

        release(_conn);
      }
    }

    if (debug > 0) {
      log(sm.getString(getStoreName() + ".saving", session.getId(), sessionTable));
    }
  }