Coverage Report

 /*
  * Licensed to the Apache Software Foundation (ASF) under one
  * or more contributor license agreements.  See the NOTICE file
  * distributed with this work for additional information
  * regarding copyright ownership.  The ASF licenses this file
  * to you under the Apache License, Version 2.0 (the
  * "License"); you may not use this file except in compliance
  * with the License.  You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing,
  * software distributed under the License is distributed on an
  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  * KIND, either express or implied.  See the License for the
  * specific language governing permissions and limitations
  * under the License.
  */
 package org.apache.shiro.web.servlet;
 
 import org.apache.shiro.session.InvalidSessionException;
 import org.apache.shiro.session.Session;
 import org.apache.shiro.web.session.HttpServletSession;
 
 import javax.servlet.ServletContext;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpSession;
 import javax.servlet.http.HttpSessionBindingEvent;
 import javax.servlet.http.HttpSessionBindingListener;
 import java.util.*;
 
 
 /**
  * Wrapper class that uses a Shiro {@link Session Session} under the hood for all session operations instead of the
  * Servlet Container's session mechanism.  This is required in heterogeneous client environments where the Session
  * is used on both the business tier as well as in multiple client technologies (web, swing, flash, etc) since
  * Servlet container sessions alone cannot support this feature.
  *
  * @since 0.2
  */
 public class ShiroHttpSession implements HttpSession {
 
     //TODO - complete JavaDoc
 
     public static final String DEFAULT_SESSION_ID_NAME = "JSESSIONID";
 
     private static final Enumeration EMPTY_ENUMERATION = new Enumeration() {
         public boolean hasMoreElements() {
             return false;
         }
 
         public Object nextElement() {
             return null;
         }
     };
 
     @SuppressWarnings({"deprecation"})
     private static final javax.servlet.http.HttpSessionContext HTTP_SESSION_CONTEXT =
             new javax.servlet.http.HttpSessionContext() {
                 public HttpSession getSession(String s) {
                     return null;
                 }
 
                 public Enumeration getIds() {
                     return EMPTY_ENUMERATION;
                 }
             };
 
     protected ServletContext servletContext = null;
     protected HttpServletRequest currentRequest = null;
     protected Session session = null; //'real' Shiro Session
 
     public ShiroHttpSession(Session session, HttpServletRequest currentRequest, ServletContext servletContext) {
         if (session instanceof HttpServletSession) {
             String msg = "Session constructor argument cannot be an instance of HttpServletSession.  This is enforced to " +
                     "prevent circular dependencies and infinite loops.";
             throw new IllegalArgumentException(msg);
         }
         this.session = session;
         this.currentRequest = currentRequest;
         this.servletContext = servletContext;
     }
 
     public Session getSession() {
         return this.session;
     }
 
     public long getCreationTime() {
         try {
             return getSession().getStartTimestamp().getTime();
         } catch (Exception e) {
             throw new IllegalStateException(e);
         }
     }
 
     public String getId() {
         return getSession().getId().toString();
     }
 
     public long getLastAccessedTime() {
         return getSession().getLastAccessTime().getTime();
     }
 
     public ServletContext getServletContext() {
         return this.servletContext;
     }
 
     public void setMaxInactiveInterval(int i) {
         try {
             getSession().setTimeout(i * 1000);
         } catch (InvalidSessionException e) {
             throw new IllegalStateException(e);
         }
     }
 
     public int getMaxInactiveInterval() {
         try {
             return (new Long(getSession().getTimeout() / 1000)).intValue();
         } catch (InvalidSessionException e) {
             throw new IllegalStateException(e);
         }
     }
 
     @SuppressWarnings({"deprecation"})
     public javax.servlet.http.HttpSessionContext getSessionContext() {
         return HTTP_SESSION_CONTEXT;
     }
 
     public Object getAttribute(String s) {
         try {
             return getSession().getAttribute(s);
         } catch (InvalidSessionException e) {
             throw new IllegalStateException(e);
         }
     }
 
     public Object getValue(String s) {
         return getAttribute(s);
     }
 
     @SuppressWarnings({"unchecked"})
     protected Set<String> getKeyNames() {
         Collection<Object> keySet;
         try {
             keySet = getSession().getAttributeKeys();
         } catch (InvalidSessionException e) {
             throw new IllegalStateException(e);
         }
         Set<String> keyNames;
         if (keySet != null && !keySet.isEmpty()) {
             keyNames = new HashSet<String>(keySet.size());
             for (Object o : keySet) {
                 keyNames.add(o.toString());
             }
         } else {
             keyNames = Collections.EMPTY_SET;
         }
         return keyNames;
     }
 
     public Enumeration getAttributeNames() {
         Set<String> keyNames = getKeyNames();
         final Iterator iterator = keyNames.iterator();
         return new Enumeration() {
             public boolean hasMoreElements() {
                 return iterator.hasNext();
             }
 
             public Object nextElement() {
                 return iterator.next();
             }
         };
     }
 
     public String[] getValueNames() {
         Set<String> keyNames = getKeyNames();
         String[] array = new String[keyNames.size()];
         if (keyNames.size() > 0) {
             array = keyNames.toArray(array);
         }
         return array;
     }
 
     protected void afterBound(String s, Object o) {
         if (o instanceof HttpSessionBindingListener) {
             HttpSessionBindingListener listener = (HttpSessionBindingListener) o;
             HttpSessionBindingEvent event = new HttpSessionBindingEvent(this, s, o);
             listener.valueBound(event);
         }
     }
 
     protected void afterUnbound(String s, Object o) {
         if (o instanceof HttpSessionBindingListener) {
             HttpSessionBindingListener listener = (HttpSessionBindingListener) o;
             HttpSessionBindingEvent event = new HttpSessionBindingEvent(this, s, o);
             listener.valueUnbound(event);
         }
     }
 
     public void setAttribute(String s, Object o) {
         try {
             getSession().setAttribute(s, o);
             afterBound(s, o);
         } catch (InvalidSessionException e) {
             //noinspection finally
             try {
                 afterUnbound(s, o);
             } finally {
                 //noinspection ThrowFromFinallyBlock
                 throw new IllegalStateException(e);
             }
         }
     }
 
     public void putValue(String s, Object o) {
         setAttribute(s, o);
     }
 
     public void removeAttribute(String s) {
         try {
             Object attribute = getSession().removeAttribute(s);
             afterUnbound(s, attribute);
         } catch (InvalidSessionException e) {
             throw new IllegalStateException(e);
         }
     }
 
     public void removeValue(String s) {
         removeAttribute(s);
     }
 
     public void invalidate() {
         try {
             getSession().stop();
         } catch (InvalidSessionException e) {
             throw new IllegalStateException(e);
         }
     }
 
     public boolean isNew() {
         Boolean value = (Boolean) currentRequest.getAttribute(ShiroHttpServletRequest.REFERENCED_SESSION_IS_NEW);
         return value != null && value.equals(Boolean.TRUE);
     }
 }

1		/*
2		* Licensed to the Apache Software Foundation (ASF) under one
3		* or more contributor license agreements. See the NOTICE file
4		* distributed with this work for additional information
5		* regarding copyright ownership. The ASF licenses this file
6		* to you under the Apache License, Version 2.0 (the
7		* "License"); you may not use this file except in compliance
8		* with the License. You may obtain a copy of the License at
9		*
10		* http://www.apache.org/licenses/LICENSE-2.0
11		*
12		* Unless required by applicable law or agreed to in writing,
13		* software distributed under the License is distributed on an
14		* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15		* KIND, either express or implied. See the License for the
16		* specific language governing permissions and limitations
17		* under the License.
18		*/
19		package org.apache.shiro.web.servlet;
20
21		import org.apache.shiro.session.InvalidSessionException;
22		import org.apache.shiro.session.Session;
23		import org.apache.shiro.web.session.HttpServletSession;
24
25		import javax.servlet.ServletContext;
26		import javax.servlet.http.HttpServletRequest;
27		import javax.servlet.http.HttpSession;
28		import javax.servlet.http.HttpSessionBindingEvent;
29		import javax.servlet.http.HttpSessionBindingListener;
30		import java.util.*;
31
32
33		/**
34		* Wrapper class that uses a Shiro {@link Session Session} under the hood for all session operations instead of the
35		* Servlet Container's session mechanism. This is required in heterogeneous client environments where the Session
36		* is used on both the business tier as well as in multiple client technologies (web, swing, flash, etc) since
37		* Servlet container sessions alone cannot support this feature.
38		*
39		* @since 0.2
40		*/
41	0	public class ShiroHttpSession implements HttpSession {
42
43		//TODO - complete JavaDoc
44
45		public static final String DEFAULT_SESSION_ID_NAME = "JSESSIONID";
46
47	1	private static final Enumeration EMPTY_ENUMERATION = new Enumeration() {
48		public boolean hasMoreElements() {
49	0	return false;
50		}
51
52		public Object nextElement() {
53	0	return null;
54		}
55		};
56
57		@SuppressWarnings({"deprecation"})
58	1	private static final javax.servlet.http.HttpSessionContext HTTP_SESSION_CONTEXT =
59	1	new javax.servlet.http.HttpSessionContext() {
60		public HttpSession getSession(String s) {
61	0	return null;
62		}
63
64		public Enumeration getIds() {
65	0	return EMPTY_ENUMERATION;
66		}
67		};
68
69	0	protected ServletContext servletContext = null;
70	0	protected HttpServletRequest currentRequest = null;
71	0	protected Session session = null; //'real' Shiro Session
72
73	0	public ShiroHttpSession(Session session, HttpServletRequest currentRequest, ServletContext servletContext) {
74	0	if (session instanceof HttpServletSession) {
75	0	String msg = "Session constructor argument cannot be an instance of HttpServletSession. This is enforced to " +
76		"prevent circular dependencies and infinite loops.";
77	0	throw new IllegalArgumentException(msg);
78		}
79	0	this.session = session;
80	0	this.currentRequest = currentRequest;
81	0	this.servletContext = servletContext;
82	0	}
83
84		public Session getSession() {
85	0	return this.session;
86		}
87
88		public long getCreationTime() {
89		try {
90	0	return getSession().getStartTimestamp().getTime();
91	0	} catch (Exception e) {
92	0	throw new IllegalStateException(e);
93		}
94		}
95
96		public String getId() {
97	0	return getSession().getId().toString();
98		}
99
100		public long getLastAccessedTime() {
101	0	return getSession().getLastAccessTime().getTime();
102		}
103
104		public ServletContext getServletContext() {
105	0	return this.servletContext;
106		}
107
108		public void setMaxInactiveInterval(int i) {
109		try {
110	0	getSession().setTimeout(i * 1000);
111	0	} catch (InvalidSessionException e) {
112	0	throw new IllegalStateException(e);
113	0	}
114	0	}
115
116		public int getMaxInactiveInterval() {
117		try {
118	0	return (new Long(getSession().getTimeout() / 1000)).intValue();
119	0	} catch (InvalidSessionException e) {
120	0	throw new IllegalStateException(e);
121		}
122		}
123
124		@SuppressWarnings({"deprecation"})
125		public javax.servlet.http.HttpSessionContext getSessionContext() {
126	0	return HTTP_SESSION_CONTEXT;
127		}
128
129		public Object getAttribute(String s) {
130		try {
131	0	return getSession().getAttribute(s);
132	0	} catch (InvalidSessionException e) {
133	0	throw new IllegalStateException(e);
134		}
135		}
136
137		public Object getValue(String s) {
138	0	return getAttribute(s);
139		}
140
141		@SuppressWarnings({"unchecked"})
142		protected Set<String> getKeyNames() {
143		Collection<Object> keySet;
144		try {
145	0	keySet = getSession().getAttributeKeys();
146	0	} catch (InvalidSessionException e) {
147	0	throw new IllegalStateException(e);
148	0	}
149		Set<String> keyNames;
150	0	if (keySet != null && !keySet.isEmpty()) {
151	0	keyNames = new HashSet<String>(keySet.size());
152	0	for (Object o : keySet) {
153	0	keyNames.add(o.toString());
154	0	}
155		} else {
156	0	keyNames = Collections.EMPTY_SET;
157		}
158	0	return keyNames;
159		}
160
161		public Enumeration getAttributeNames() {
162	0	Set<String> keyNames = getKeyNames();
163	0	final Iterator iterator = keyNames.iterator();
164	0	return new Enumeration() {
165		public boolean hasMoreElements() {
166	0	return iterator.hasNext();
167		}
168
169		public Object nextElement() {
170	0	return iterator.next();
171		}
172		};
173		}
174
175		public String[] getValueNames() {
176	0	Set<String> keyNames = getKeyNames();
177	0	String[] array = new String[keyNames.size()];
178	0	if (keyNames.size() > 0) {
179	0	array = keyNames.toArray(array);
180		}
181	0	return array;
182		}
183
184		protected void afterBound(String s, Object o) {
185	0	if (o instanceof HttpSessionBindingListener) {
186	0	HttpSessionBindingListener listener = (HttpSessionBindingListener) o;
187	0	HttpSessionBindingEvent event = new HttpSessionBindingEvent(this, s, o);
188	0	listener.valueBound(event);
189		}
190	0	}
191
192		protected void afterUnbound(String s, Object o) {
193	0	if (o instanceof HttpSessionBindingListener) {
194	0	HttpSessionBindingListener listener = (HttpSessionBindingListener) o;
195	0	HttpSessionBindingEvent event = new HttpSessionBindingEvent(this, s, o);
196	0	listener.valueUnbound(event);
197		}
198	0	}
199
200		public void setAttribute(String s, Object o) {
201		try {
202	0	getSession().setAttribute(s, o);
203	0	afterBound(s, o);
204	0	} catch (InvalidSessionException e) {
205		//noinspection finally
206		try {
207	0	afterUnbound(s, o);
208		} finally {
209		//noinspection ThrowFromFinallyBlock
210	0	throw new IllegalStateException(e);
211		}
212	0	}
213	0	}
214
215		public void putValue(String s, Object o) {
216	0	setAttribute(s, o);
217	0	}
218
219		public void removeAttribute(String s) {
220		try {
221	0	Object attribute = getSession().removeAttribute(s);
222	0	afterUnbound(s, attribute);
223	0	} catch (InvalidSessionException e) {
224	0	throw new IllegalStateException(e);
225	0	}
226	0	}
227
228		public void removeValue(String s) {
229	0	removeAttribute(s);
230	0	}
231
232		public void invalidate() {
233		try {
234	0	getSession().stop();
235	0	} catch (InvalidSessionException e) {
236	0	throw new IllegalStateException(e);
237	0	}
238	0	}
239
240		public boolean isNew() {
241	0	Boolean value = (Boolean) currentRequest.getAttribute(ShiroHttpServletRequest.REFERENCED_SESSION_IS_NEW);
242	0	return value != null && value.equals(Boolean.TRUE);
243		}
244		}