下面列出了javax.servlet.http.HttpServletRequest#changeSessionId() 实例代码,或者点击链接到github查看源代码,也可以在右侧发表评论。
/** {@inheritDoc} */
@Override public String changeSessionId() {
final HttpServletRequest req = (HttpServletRequest) getRequest();
final String newId = req.changeSessionId();
if (!F.eq(newId, ses.getId())) {
try {
ses = createSessionV2(ses, newId);
}
catch (IOException e) {
throw new IgniteException(e);
}
}
return newId;
}
@Override
protected void doGet(final HttpServletRequest req, final HttpServletResponse resp) throws ServletException, IOException {
HttpSession session = req.getSession(true);
String old = session.getId();
req.changeSessionId();
String newId = session.getId();
resp.getWriter().write(old + " "+ newId);
}
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
switch (req.getParameter("action")) {
case "create":
req.getSession(true);
resp.getWriter().write(req.getRequestedSessionId());
break;
case "destroy":
req.getSession().invalidate();
resp.getWriter().write(req.getRequestedSessionId());
break;
case "destroycreate":
req.getSession().invalidate();
req.getSession(true);
resp.getWriter().write(req.getRequestedSessionId());
break;
case "change":
req.changeSessionId();
resp.getWriter().write(req.getRequestedSessionId());
break;
case "timeout":
req.getSession(true).setMaxInactiveInterval(1);
resp.getWriter().write(req.getRequestedSessionId());
break;
case "isvalid":
resp.getWriter().write(req.isRequestedSessionIdValid() + "");
break;
case "default":
resp.getWriter().write(req.getRequestedSessionId());
break;
}
}
/**
* @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse
* response)
*/
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
log(request);
PrintWriter w = response.getWriter();
request.changeSessionId();
w.println("Previous value of attribute: " + request.getSession().getAttribute("A"));
request.getSession(true).setAttribute("A", "S");
w.println("New value of attribute: " + request.getSession().getAttribute("A"));
w.println("Encoded url: " + response.encodeURL("/"));
w.append("Served at: ").append(request.getContextPath()).append(" ");
}
protected void presentLoginForm(MCRServletJob job)
throws IOException, TransformerException, SAXException, JAXBException {
HttpServletRequest req = job.getRequest();
HttpServletResponse res = job.getResponse();
if (LOCAL_LOGIN_SECURE_ONLY && !req.isSecure()) {
res.sendError(HttpServletResponse.SC_FORBIDDEN, getErrorI18N("component.user2.login", "httpsOnly"));
return;
}
String returnURL = getReturnURL(req);
String formAction = req.getRequestURI();
MCRLogin loginForm = new MCRLogin(MCRSessionMgr.getCurrentSession().getUserInformation(), returnURL,
formAction);
String uid = getProperty(req, "uid");
String pwd = getProperty(req, "pwd");
if (uid != null) {
MCRUser user = MCRUserManager.login(uid, pwd);
if (user == null) {
res.setStatus(HttpServletResponse.SC_BAD_REQUEST);
loginForm.setLoginFailed(true);
} else {
//user logged in
// MCR-1154
req.changeSessionId();
LOGGER.info("user {} logged in successfully.", uid);
res.sendRedirect(res.encodeRedirectURL(getReturnURL(req)));
return;
}
}
addFormFields(loginForm, job.getRequest().getParameter(REALM_URL_PARAMETER));
getLayoutService().doLayout(req, res, new MCRJAXBContent<>(JAXBContext.newInstance(MCRLogin.class), loginForm));
}
public void doGetPost(MCRServletJob job) throws Exception {
HttpServletRequest req = job.getRequest();
HttpServletResponse res = job.getResponse();
String ticket = req.getParameter("ticket");
if ((ticket == null) || (ticket.trim().length() == 0)) {
res.sendError(HttpServletResponse.SC_BAD_REQUEST);
return;
}
// Validate ticket at CAS server
Cas20ProxyTicketValidator sv = new Cas20ProxyTicketValidator(serverURL);
sv.setAcceptAnyProxy(true);
Assertion a = sv.validate(ticket, clientURL);
AttributePrincipal principal = a.getPrincipal();
// Get user name logged in
String userName = principal.getName();
LOGGER.info("Login {}", userName);
MCRUser user;
boolean userExists = MCRUserManager.exists(userName, realmID);
if (userExists) {
user = MCRUserManager.getUser(userName, realmID);
} else {
user = new MCRUser(userName, realmID);
}
// Get user properties from LDAP server
boolean userChanged = MCRLDAPClient.instance().updateUserProperties(user);
if (userChanged && userExists) {
MCRUserManager.updateUser(user);
}
// Store login user in session and redirect browser to target url
MCRSessionMgr.getCurrentSession().setUserInformation(user);
// MCR-1154
req.changeSessionId();
MCRLoginServlet.redirect(res);
}
/** {@inheritDoc} */
@Override public String changeSessionId() {
HttpServletRequest req = (HttpServletRequest)getRequest();
String newId = req.changeSessionId();
this.ses.setId(newId);
this.ses = createSession(ses, newId);
this.ses.servletContext(ctx);
this.ses.filter(WebSessionFilter.this);
this.ses.resetUpdates();
return newId;
}
/**
* Register the user in the Http session
*
* @param request The Http request
* @param user The current user
*/
public void registerUser( HttpServletRequest request, LuteceUser user )
{
HttpSession session = request.getSession( true );
// change session Id
request.changeSessionId( );
session.setAttribute( ATTRIBUTE_LUTECE_USER, user );
}
@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response) {
String currentSessionId = request.getSession().getId();
log.info("Original session ID {}", currentSessionId);
// changes the session id in the session, returns the new one
String newSessionId = request.changeSessionId();
log.info("New session ID {}", newSessionId);
response.setContentType("text/html");
try (PrintWriter out = response.getWriter()) {
out.println("<html><head>");
out.println("<title>Session Handling</title>");
out.println("<link rel=\"stylesheet\" type=\"text/css\" href=\"resources/css/styles.css\" />");
out.println("</head>");
out.println("<body>");
out.println("<h1>Session Handling</h1>");
out.println("<p><strong>Original Session ID: </strong> " + currentSessionId + "</p>");
out.println("<p><strong>New Session ID: </strong> " + newSessionId + "</p>");
out.println("<p><a href=\"index.jsp\">Home</a></p>");
out.println("</body>");
out.println("</html>");
} catch (IOException ex) {
log.error(ex.getMessage(), ex);
}
}
public void doGetPost(MCRServletJob job) throws Exception {
HttpServletRequest req = job.getRequest();
HttpServletResponse res = job.getResponse();
String msg = null;
String uid = (String) req.getAttribute("uid");
String userId = uid != null ? uid : req.getRemoteUser();
if (userId != null) {
final String realmId = userId.contains("@") ? userId.substring(userId.indexOf("@") + 1) : null;
if (realmId != null && MCRRealmFactory.getRealm(realmId) != null) {
userId = realmId != null ? userId.replace("@" + realmId, "") : userId;
final Map<String, Object> attributes = new HashMap<>();
final MCRUserAttributeMapper attributeMapper = MCRRealmFactory.getAttributeMapper(realmId);
for (final String key : attributeMapper.getAttributeNames()) {
final Object value = req.getAttribute(key);
if (value != null) {
LOGGER.info("received {}:{}", key, value);
attributes.put(key, value);
}
}
MCRUserInformation userinfo;
MCRUser user = MCRUserManager.getUser(userId, realmId);
if (user != null) {
LOGGER.debug("login existing user \"{}\"", user.getUserID());
attributeMapper.mapAttributes(user, attributes);
user.setLastLogin();
MCRUserManager.updateUser(user);
userinfo = user;
} else {
userinfo = new MCRShibbolethUserInformation(userId, realmId, attributes);
}
MCRSessionMgr.getCurrentSession().setUserInformation(userinfo);
// MCR-1154
req.changeSessionId();
res.sendRedirect(res.encodeRedirectURL(req.getParameter("url")));
return;
} else {
msg = "Login from realm \"" + realmId + "\" is not allowed.";
}
} else {
msg = "Principal could not be received from IDP.";
}
job.getResponse().sendError(HttpServletResponse.SC_UNAUTHORIZED, msg);
}
/** {@inheritDoc} */
@Override protected void doGet(HttpServletRequest req, HttpServletResponse res)
throws ServletException, IOException {
HttpSession ses = req.getSession();
assertNotNull(ses);
if (req.getPathInfo().equals("/chngsesid")) {
ses.setAttribute("key1", "val1");
X.println(">>>", "Created session: " + ses.getId(), ">>>");
res.getWriter().println(req.getSession().getId());
String newId = req.changeSessionId();
// new id from genuine session.
res.getWriter().println(newId);
// new id from WebSession.
res.getWriter().println(req.getSession().getId());
res.getWriter().flush();
}
else if (req.getPathInfo().equals("/simple")) {
res.getWriter().println(req.getSession().getId());
res.getWriter().println(req.getSession().getAttribute("key1"));
res.getWriter().println(req.isRequestedSessionIdValid());
try {
req.getSession().invalidate();
res.getWriter().println(INVALIDATED);
}
catch (Exception ignored) {
res.getWriter().println(FAILED);
}
res.getWriter().flush();
}
else
throw new ServletException("Nonexisting path: " + req.getPathInfo());
}
/**
* Process GET method.
*
* @param request the request.
* @param response the response.
* @throws IOException when an I/O error occurs.
* @throws ServletException when a Servlet error occurs.
*/
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response)
throws IOException, ServletException {
request.getServletContext().setAttribute("originalSessionId",
request.getSession().getId());
request.changeSessionId();
}