List of usage examples for org.springframework.web.util WebUtils getSessionMutex
public static Object getSessionMutex(HttpSession session)
From source file:org.mzd.shap.spring.web.WorkBenchController.java
@SuppressWarnings("unchecked") protected Collection<Integer> getSessionItemIds(HttpSession session) { Object mutex = WebUtils.getSessionMutex(session); synchronized (mutex) { Object obj = session.getAttribute(SESSION_ATTR_ITEMID); if (obj == null) { obj = new TreeSet<Integer>(); session.setAttribute(SESSION_ATTR_ITEMID, obj); }/*from ww w . j a v a2 s . c o m*/ return (Collection<Integer>) obj; } }
From source file:de.codecentric.boot.admin.zuul.OptionsDispatchingZuulController.java
@Override public ModelAndView handleRequest(HttpServletRequest request, HttpServletResponse response) throws Exception { // Delegate to WebContentGenerator for checking and preparing. checkRequest(request);//from w w w.jav a 2 s . c o m prepareResponse(response); // Execute handleRequestInternal in synchronized block if required. if (this.isSynchronizeOnSession()) { HttpSession session = request.getSession(false); if (session != null) { Object mutex = WebUtils.getSessionMutex(session); synchronized (mutex) { return handleRequestInternal(request, response); } } } return handleRequestInternal(request, response); }
From source file:org.mzd.shap.spring.web.WorkBenchController.java
@RequestMapping("/clear_ajax") @ResponseBody// w w w . j av a 2 s . c o m public Integer clearIds(HttpSession session) { Object mutex = WebUtils.getSessionMutex(session); synchronized (mutex) { getSessionItemIds(session).clear(); } return countActive(session); }
From source file:org.mzd.shap.spring.web.WorkBenchController.java
@RequestMapping("/del_ajax") @ResponseBody//from w w w. j av a2 s.c o m public Integer deleteIds(@RequestParam List<Integer> itemIds, HttpSession session) { Object mutex = WebUtils.getSessionMutex(session); synchronized (mutex) { getSessionItemIds(session).removeAll(itemIds); } return countActive(session); }
From source file:ch.ralscha.extdirectspring.controller.SSEHandler.java
public void handle(String beanName, String method, HttpServletRequest request, HttpServletResponse response, Locale locale) throws Exception { MethodInfo methodInfo = MethodInfoCache.INSTANCE.get(beanName, method); SSEvent result = null;/*from ww w . ja v a 2 s . c o m*/ SSEWriter sseWriter = new SSEWriter(response); if (methodInfo != null) { try { Object[] parameters = configurationService.getParametersResolver().prepareParameters(request, response, locale, methodInfo, sseWriter); Object methodReturnValue = null; if (configurationService.getConfiguration().isSynchronizeOnSession() || methodInfo.isSynchronizeOnSession()) { HttpSession session = request.getSession(false); if (session != null) { Object mutex = WebUtils.getSessionMutex(session); synchronized (mutex) { methodReturnValue = ExtDirectSpringUtil.invoke( configurationService.getApplicationContext(), beanName, methodInfo, parameters); } } else { methodReturnValue = ExtDirectSpringUtil.invoke(configurationService.getApplicationContext(), beanName, methodInfo, parameters); } } else { methodReturnValue = ExtDirectSpringUtil.invoke(configurationService.getApplicationContext(), beanName, methodInfo, parameters); } if (methodReturnValue instanceof SSEvent) { result = (SSEvent) methodReturnValue; } else if (methodReturnValue != null) { result = new SSEvent(); result.setData(methodReturnValue.toString()); } } catch (Exception e) { log.error("Error polling method '" + beanName + "." + method + "'", e.getCause() != null ? e.getCause() : e); Throwable cause; if (e.getCause() != null) { cause = e.getCause(); } else { cause = e; } result = new SSEvent(); result.setEvent("error"); result.setData(configurationService.getConfiguration().getMessage(cause)); if (configurationService.getConfiguration().isSendStacktrace()) { result.setComment(ExtDirectSpringUtil.getStackTrace(cause)); } } } else { log.error("Error invoking method '" + beanName + "." + method + "'. Method or Bean not found"); result = new SSEvent(); result.setEvent("error"); result.setData(configurationService.getConfiguration().getDefaultExceptionMessage()); if (configurationService.getConfiguration().isSendStacktrace()) { result.setComment("Bean or Method '" + beanName + "." + method + "' not found"); } } if (result != null) { sseWriter.write(result); } }
From source file:org.mzd.shap.spring.web.WorkBenchController.java
@RequestMapping("/add_ajax") @ResponseBody/* ww w . j a v a 2 s. com*/ public Integer addIds(@RequestParam List<Integer> itemIds, HttpSession session) { Object mutex = WebUtils.getSessionMutex(session); synchronized (mutex) { getSessionItemIds(session).addAll(itemIds); } return countActive(session); }
From source file:com.gsma.mobileconnect.demo.App.java
private MobileConnectConfig getMobileConnectConfig(HttpSession session) { // The Mobile Connect Interface methods expects a configuration object. // This can be unique per call or shared between calls as required. // Most of the values in the configuration object are optional. MobileConnectConfig mobileConnectConfig = null; synchronized (WebUtils.getSessionMutex(session)) { mobileConnectConfig = (MobileConnectConfig) session.getAttribute(SESSION_KEY); if (null == mobileConnectConfig) { mobileConnectConfig = new MobileConnectConfig(); // Registered application client id mobileConnectConfig.setClientId("f6a93eee"); // Registered application client secret mobileConnectConfig.setClientSecret("e0db5e4fa07768d6459f989cda046acc"); // Registered application url mobileConnectConfig.setApplicationURL("http://localhost:8080/mobile_connect"); // URL of the Mobile Connect Discovery End Point mobileConnectConfig.setDiscoveryURL("http://discovery.sandbox.mobileconnect.io/v2/discovery"); // URL to inform the Discovery End Point to redirect to, this should route to the "/discovery_redirect" handler below mobileConnectConfig//from www. ja v a 2 s .co m .setDiscoveryRedirectURL("http://localhost:8080/mobileconnect/discovery_redirect"); // Authorization State would typically set to a unique value mobileConnectConfig.setAuthorizationState(MobileConnectInterface.generateUniqueString("state_")); // Authorization Nonce would typically set to a unique value mobileConnectConfig.setAuthorizationNonce(MobileConnectInterface.generateUniqueString("nonce_")); session.setAttribute(SESSION_KEY, mobileConnectConfig); } } return mobileConnectConfig; }
From source file:com.deep.two.authority.impl.FareAbstractSessionFixationProtection.java
/** * Called when a user is newly authenticated. * <p>/* ww w . ja v a 2 s . c o m*/ * If a session already exists, and matches the session Id from the client, * a new session will be created, and the session attributes copied to it * (if {@code migrateSessionAttributes} is set). If the client's requested * session Id is invalid, nothing will be done, since there is no need to * change the session Id if it doesn't match the current session. * <p> * If there is no session, no action is taken unless the * {@code alwaysCreateSession} property is set, in which case a session will * be created if one doesn't already exist. */ public void onAuthentication(Authentication authentication, HttpServletRequest request, HttpServletResponse response) { /*String queryString = request.getQueryString(); String userName = ""; if (queryString != null) { int index = queryString.indexOf("userName="); if (index != -1) { userName = queryString.substring(index + 9); } } else { userName = request.getParameter("j_username"); } HttpSession session = SessionHelper.sessionMap.get(userName);*/ boolean hadSessionAlready = request.getSession(false) != null; if (!hadSessionAlready && !alwaysCreateSession) { // Session fixation isn't a problem if there's no session return; } // Create new session if necessary HttpSession session = request.getSession(); if (hadSessionAlready && request.isRequestedSessionIdValid()) { String originalSessionId; String newSessionId; Object mutex = WebUtils.getSessionMutex(session); synchronized (mutex) { // We need to migrate to a new session originalSessionId = session.getId(); session = applySessionFixation(session, request); newSessionId = session.getId(); } if (originalSessionId.equals(newSessionId)) { logger.warn( "Your servlet container did not change the session ID when a new session was created. You will" + " not be adequately protected against session-fixation attacks"); } onSessionChange(originalSessionId, session, authentication); } }
From source file:com.jaspersoft.jasperserver.war.util.LRUSessionObjectAccessor.java
protected ObjectSerie getObjectSerie(HttpSession session) { Object mutex = WebUtils.getSessionMutex(session); ObjectSerie serie;/*ww w. ja v a2 s . c om*/ boolean created = false; synchronized (mutex) { serie = (ObjectSerie) session.getAttribute(getListSessionName()); if (serie == null) { created = true; serie = new ObjectSerie(getMaxSize(), getListener()); session.setAttribute(getListSessionName(), serie); } } if (created && log.isDebugEnabled()) { log.debug(listSessionName + " created object serie " + serie + " for session " + session.getId()); } return serie; }