List of usage examples for org.apache.shiro.web.util WebUtils getHttpRequest
public static HttpServletRequest getHttpRequest(Object requestPairSource)
From source file:com.sonicle.webtop.core.app.shiro.WTContainerSessionManager.java
License:Open Source License
@Override public Session getSession(SessionKey key) throws SessionException { // This override roughly refers to upstream implementation except the // createSession call. We need to access to the original servlet request // that originating the session. Unfortunately we do not have any other // options except this way. if (!WebUtils.isHttp(key)) { String msg = "SessionKey must be an HTTP compatible implementation."; throw new IllegalArgumentException(msg); }//from w w w . j a v a2s . c om HttpServletRequest request = WebUtils.getHttpRequest(key); Session session = null; HttpSession httpSession = request.getSession(false); if (httpSession != null) { session = createSession(httpSession, request); } return session; }
From source file:com.sonicle.webtop.core.app.shiro.WTContainerSessionManager.java
License:Open Source License
@Override protected Session createSession(SessionContext sessionContext) throws AuthorizationException { // This override roughly refers to upstream implementation except the // createSession call. We need to access to the original servlet request // that originating the session. Unfortunately we do not have any other // options except this way. if (!WebUtils.isHttp(sessionContext)) { String msg = "SessionContext must be an HTTP compatible implementation."; throw new IllegalArgumentException(msg); }/*from w w w .ja va2 s . co m*/ HttpServletRequest request = WebUtils.getHttpRequest(sessionContext); HttpSession httpSession = request.getSession(); String host = getHost(sessionContext); return createSession(httpSession, request, host); }
From source file:org.apache.usergrid.rest.security.shiro.session.HttpRequestSessionManager.java
License:Apache License
@Override public Session start(SessionContext context) throws AuthorizationException { if (!WebUtils.isHttp(context)) { String msg = "SessionContext must be an HTTP compatible implementation."; throw new IllegalArgumentException(msg); }/*from w ww . j ava2s . c om*/ HttpServletRequest request = WebUtils.getHttpRequest(context); String host = getHost(context); Session session = createSession(request, host); request.setAttribute(REQUEST_ATTRIBUTE_KEY, session); return session; }
From source file:org.apache.usergrid.rest.security.shiro.session.HttpRequestSessionManager.java
License:Apache License
@Override public Session getSession(SessionKey key) throws SessionException { if (!WebUtils.isHttp(key)) { String msg = "SessionKey must be an HTTP compatible implementation."; throw new IllegalArgumentException(msg); }// ww w. j a v a2 s . c o m HttpServletRequest request = WebUtils.getHttpRequest(key); return (Session) request.getAttribute(REQUEST_ATTRIBUTE_KEY); }
From source file:org.sonatype.nexus.security.StatelessAndStatefulWebSessionManager.java
License:Open Source License
protected Session doCreateSession(SessionContext context) { Session session;//ww w . ja v a 2s. c o m if (WebUtils.isHttp(context)) { session = newSessionInstance(context); if (log.isTraceEnabled()) { log.trace("Creating session for host {}", session.getHost()); } HttpServletRequest request = WebUtils.getHttpRequest(context); if (isStatelessClient(request)) { // we still need to set the session id, WHY? ((SimpleSession) session).setId(fakeSessionIdGenerator.generateId(session)); log.debug("Stateless client session {} is not persisted.", session.getId()); session.setAttribute(DO_NOT_STORE_SESSION_KEY, Boolean.TRUE); } else { create(session); } // add a little more logging. if (log.isTraceEnabled()) { log.trace("Session {} was created for User-Agent {}", session.getId(), getUserAgent(request)); } } else { log.trace("Non http request, falling back to default implementation."); session = super.doCreateSession(context); } return session; }
From source file:org.sonatype.nexus.security.StatelessAndStatefulWebSessionManager.java
License:Open Source License
@Override protected void onStart(Session session, SessionContext context) { if (!WebUtils.isHttp(context)) { log.debug("SessionContext argument is not HTTP compatible or does not have an HTTP request/response " + "pair. No session ID cookie will be set."); return;/* ww w .j a v a 2 s .c o m*/ } HttpServletRequest request = WebUtils.getHttpRequest(context); HttpServletResponse response = WebUtils.getHttpResponse(context); if (isSessionIdCookieEnabled(request, response)) { Serializable sessionId = session.getId(); storeSessionId(sessionId, request, response); } else { log.debug("Session ID cookie is disabled. No cookie has been set for new session with id {}", session.getId()); } request.removeAttribute(ShiroHttpServletRequest.REFERENCED_SESSION_ID_SOURCE); request.setAttribute(ShiroHttpServletRequest.REFERENCED_SESSION_IS_NEW, Boolean.TRUE); }
From source file:org.tolven.shiro.web.session.mgt.TolvenWebSessionManager.java
License:Open Source License
@Override protected void onStart(Session session, SessionContext context) { super.onStart(session, context); HttpServletRequest request = WebUtils.getHttpRequest(context); HttpServletResponse response = WebUtils.getHttpResponse(context); //Remove cookie added by super class Cookie template = getSessionIdCookie(); Cookie cookie = new SimpleCookie(template); cookie.removeFrom(request, response); /*/*from w w w . j av a 2 s . com*/ * Now place the secret key in a cookie by combining it with the sessionId using a * two way algorithm */ if (logger.isDebugEnabled()) { logger.debug("Creating secret key cookie for cookie template name: " + template.getName()); } String sessionId = session.getId().toString(); cookie.setValue(SecretKeyThreadLocal.getExtendedSessionId(sessionId, SecretKeyThreadLocal.get())); cookie.saveTo(request, response); if (logger.isDebugEnabled()) { logger.debug("Saved secret key cookie to response for session: " + sessionId); } }