Example usage for org.apache.shiro.web.servlet ShiroHttpServletRequest REFERENCED_SESSION_ID

List of usage examples for org.apache.shiro.web.servlet ShiroHttpServletRequest REFERENCED_SESSION_ID

  1. HOME
  2. Java
  3. org.apache.shiro
  4. org.apache.shiro.web.servlet.*
  5. ShiroHttpServletRequest
  6. REFERENCED_SESSION_ID

Introduction

In this page you can find the example usage for org.apache.shiro.web.servlet ShiroHttpServletRequest REFERENCED_SESSION_ID.

Prototype

String REFERENCED_SESSION_ID

To view the source code for org.apache.shiro.web.servlet ShiroHttpServletRequest REFERENCED_SESSION_ID.

Click Source Link

Usage

From source file:com.fengduo.spark.commons.shiro.session.SessionManager.java

License:Open Source License

@Override
protected Serializable getSessionId(ServletRequest request, ServletResponse response) {
    // ??__sid??sid? http://localhost/project?__sid=xxx&__cookie=true
    String sid = request.getParameter("__sid");
    if (StringUtils.isNotBlank(sid)) {
        // ?sid?cookie???
        if (WebUtils.isTrue(request, "__cookie")) {
            HttpServletRequest rq = (HttpServletRequest) request;
            HttpServletResponse rs = (HttpServletResponse) response;
            Cookie template = getSessionIdCookie();
            Cookie cookie = new SimpleCookie(template);
            cookie.setValue(sid);//from   w  w w . j  a  va  2  s  .  c o  m
            cookie.saveTo(rq, rs);
        }
        // ?session?
        request.setAttribute(ShiroHttpServletRequest.REFERENCED_SESSION_ID_SOURCE,
                ShiroHttpServletRequest.URL_SESSION_ID_SOURCE); // session??url
        request.setAttribute(ShiroHttpServletRequest.REFERENCED_SESSION_ID, sid);
        request.setAttribute(ShiroHttpServletRequest.REFERENCED_SESSION_ID_IS_VALID, Boolean.TRUE);
        return sid;
    } else {
        return super.getSessionId(request, response);
    }
}

From source file:org.sonatype.nexus.security.StatelessAndStatefulWebSessionManager.java

License:Open Source License

private Serializable getReferencedSessionId(ServletRequest request, ServletResponse response) {

    String id = getSessionIdCookieValue(request, response);
    if (id != null) {
        request.setAttribute(ShiroHttpServletRequest.REFERENCED_SESSION_ID_SOURCE,
                ShiroHttpServletRequest.COOKIE_SESSION_ID_SOURCE);
    } else {//from  w  w  w  .j a va2s  .  c o  m
        // not in a cookie, or cookie is disabled - try the request params as a fallback (i.e. URL rewriting):
        id = request.getParameter(ShiroHttpSession.DEFAULT_SESSION_ID_NAME);
        if (id == null) {
            // try lowercase:
            id = request.getParameter(ShiroHttpSession.DEFAULT_SESSION_ID_NAME.toLowerCase());
        }
        if (id != null) {
            request.setAttribute(ShiroHttpServletRequest.REFERENCED_SESSION_ID_SOURCE,
                    ShiroHttpServletRequest.URL_SESSION_ID_SOURCE);
        }
    }
    if (id != null) {
        request.setAttribute(ShiroHttpServletRequest.REFERENCED_SESSION_ID, id);
        // automatically mark it valid here. If it is invalid, the
        // onUnknownSession method below will be invoked and we'll remove the attribute at that time.
        request.setAttribute(ShiroHttpServletRequest.REFERENCED_SESSION_ID_IS_VALID, Boolean.TRUE);
    }
    return id;
}