Eclipse
/
jetty.project
mirror of https://github.com/jetty/jetty.project.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Jetty 12 - Added a core Session abstraction (#9223) 

* Added a core Session abstraction

Sessions were already a core mechanism, but there was no API for them.
There is now a new Session interface that is available via the Request API.  It is intended only for users of sessions.
The previous concrete class Session has been renamed to ManagedSession and it is used by classes that extend AbstractSessionManager.

* Fixed tests

* Use static method

* Updates from review

* Updates from review

Improved javadoc
used util Attributes interface.
This commit is contained in:
Greg Wilkins 2023-02-02 21:40:17 +11:00 committed by GitHub
parent b1739aca53
commit ebc6cca478
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
57 changed files with 839 additions and 666 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
jetty-core/jetty-server/src/main/java/org/eclipse/jetty/server/Request.java
View File

@ -258,6 +258,15 @@ public interface Request extends Attributes, Content.Source
void addHttpStreamWrapper(Function<HttpStream, HttpStream> wrapper);
/**
* <p>Get a {@link Session} associated with the request.
* Sessions may not be supported by a given configuration, in which case
* {@code null} will be returned.</p>
* @param create True if the session should be created for the request.
* @return The session associated with the request or {@code null}.
*/
Session getSession(boolean create);
static String getLocalAddr(Request request)
{
if (request == null)
@ -643,6 +652,12 @@ public interface Request extends Attributes, Content.Source
getWrapped().addHttpStreamWrapper(wrapper);
}
@Override
public Session getSession(boolean create)
{
return getWrapped().getSession(create);
}
@Override
public Request getWrapped()
{

110
jetty-core/jetty-server/src/main/java/org/eclipse/jetty/server/Session.java Normal file
View File

@ -0,0 +1,110 @@
//
// ========================================================================
// Copyright (c) 1995-2022 Mort Bay Consulting Pty Ltd and others.
//
// This program and the accompanying materials are made available under the
// terms of the Eclipse Public License v. 2.0 which is available at
// https://www.eclipse.org/legal/epl-2.0, or the Apache License, Version 2.0
// which is available at https://www.apache.org/licenses/LICENSE-2.0.
//
// SPDX-License-Identifier: EPL-2.0 OR Apache-2.0
// ========================================================================
//
package org.eclipse.jetty.server;
import org.eclipse.jetty.util.Attributes;
/**
* <p>The interface to a generic session associated with a request.
* This interface may be used directly, or it may be wrapped by an API specific
* representation of a session. Such wrappers must implement the {@link API}
* sub interface.</p>
* <p>Depending on the implementation the attribute values may be stored locally in memory or in a remote
* database. The instances of the attribute values may be different to those passed to {@link #setAttribute(String, Object)}
* or to those returned in previous {@link #getAttribute(String)} calls.</p>
*/
public interface Session extends Attributes
{
/**
* <p>Get the session associated with an API session wrapper.</p>
* @param session The API wrapper of the session
* @return The associated Session.
*/
static Session getSession(Object session)
{
if (session instanceof API wrapper)
return wrapper.getSession();
return null;
}
/**
* <p>An API wrapper of the core session.</p>
* <p>API wrappers of the {@link Session} must implement this interface and return
* the {@link Session} that they wrap.</p>
*/
interface API
{
Session getSession();
}
/**
* @param <T> The type of the API wrapper.
* @return An API wrapper of this session or null if there is none.
*/
@SuppressWarnings("unchecked")
<T extends API> T getApi();
/**
* @return true if the session is has not been invalidated nor expired due to inactivity.
*/
boolean isValid();
/**
* @return A identifier for the session. Depending on the implementation may be unique within the context, the server, the
* JVM or a cluster.
* @see #getExtendedId()
*/
String getId();
/**
* @return The session identifier as returned by {@link #getId()} extended with additional routing information. The
* additional information does not form part of the identity, but may be used by implementations and associated
* infrastructure to help route request for the same session to the same server.
*/
String getExtendedId();
/**
* @return the time, as represented by {@link System#currentTimeMillis()}, that the session was last accessed by a request.
*/
long getLastAccessedTime();
/**
* @param secs The period in secs in which the session will remain valid (unless explicitly invalidated)
* when not accessed by any requests.
*/
void setMaxInactiveInterval(int secs);
/**
* @return The period in secs in which the session will remain valid (unless explicitly invalidated)
* when not accessed by any requests.
*/
int getMaxInactiveInterval();
/**
* Renew the identity of the session. Typically, this is done after a change of authentication or confidentiality.
* @param request The request from which the session was obtained.
* @param response The response which may be updated with the new session identity.
*/
void renewId(Request request, Response response);
/**
* <p>Invalidate this session in the current context and all sessions of the same identity with associated contexts.</p>
*/
void invalidate();
/**
* @return {@code true} if the session has been newly created within the scope of the current request.
*/
boolean isNew() throws IllegalStateException;
}

4
jetty-core/jetty-server/src/main/java/org/eclipse/jetty/server/handler/ContextHandler.java
View File

@ -94,7 +94,9 @@ public class ContextHandler extends Handler.Wrapper implements Attributes, Grace
public static ContextHandler getContextHandler(Request request)
{
ContextRequest contextRequest = Request.as(request, ContextRequest.class);
return (contextRequest == null) ? null : contextRequest.getContext().getContextHandler();
if (contextRequest == null)
return null;
return contextRequest.getContext() instanceof ScopedContext scoped ? scoped.getContextHandler() : null;
}
public static String getServerInfo()

3
jetty-core/jetty-server/src/main/java/org/eclipse/jetty/server/handler/ContextRequest.java
View File

@ -15,6 +15,7 @@ package org.eclipse.jetty.server.handler;
import java.util.function.Predicate;
import org.eclipse.jetty.server.Context;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.util.thread.Invocable;
import org.slf4j.Logger;
@ -51,7 +52,7 @@ public class ContextRequest extends Request.Wrapper implements Invocable
}
@Override
public ContextHandler.ScopedContext getContext()
public Context getContext()
{
return _context;
}

7
jetty-core/jetty-server/src/main/java/org/eclipse/jetty/server/internal/HttpChannelState.java
View File

@ -53,6 +53,7 @@ import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.RequestLog;
import org.eclipse.jetty.server.Response;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.Session;
import org.eclipse.jetty.server.TunnelSupport;
import org.eclipse.jetty.util.Attributes;
import org.eclipse.jetty.util.BufferUtil;
@ -955,6 +956,12 @@ public class HttpChannelState implements HttpChannel, Components
getHttpChannel().addHttpStreamWrapper(wrapper);
}
@Override
public Session getSession(boolean create)
{
return null;
}
@Override
public String toString()
{

53
jetty-core/jetty-session/src/main/java/org/eclipse/jetty/session/AbstractSessionCache.java
View File

@ -19,6 +19,7 @@ import java.util.Set;
import java.util.concurrent.atomic.AtomicReference;
import java.util.function.Function;
import org.eclipse.jetty.server.Session;
import org.eclipse.jetty.util.StringUtil;
import org.eclipse.jetty.util.annotation.ManagedAttribute;
import org.eclipse.jetty.util.annotation.ManagedObject;
@ -107,7 +108,7 @@ public abstract class AbstractSessionCache extends ContainerLifeCycle implements
* @return a new Session object
*/
@Override
public abstract Session newSession(SessionData data);
public abstract ManagedSession newSession(SessionData data);
/**
* Get the session matching the key from the cache. Does not load
@ -116,7 +117,7 @@ public abstract class AbstractSessionCache extends ContainerLifeCycle implements
* @param id session id
* @return the Session object matching the id
*/
protected abstract Session doGet(String id);
protected abstract ManagedSession doGet(String id);
/**
* Put the session into the map if it wasn't already there
@ -125,7 +126,7 @@ public abstract class AbstractSessionCache extends ContainerLifeCycle implements
* @param session the session object
* @return null if the session wasn't already in the map, or the existing entry otherwise
*/
protected abstract Session doPutIfAbsent(String id, Session session);
protected abstract Session doPutIfAbsent(String id, ManagedSession session);
/**
* Compute the mappingFunction to create a Session object iff the session
@ -137,7 +138,7 @@ public abstract class AbstractSessionCache extends ContainerLifeCycle implements
* @param mappingFunction the function to load the data for the session
* @return an existing Session from the cache
*/
protected abstract Session doComputeIfAbsent(String id, Function<String, Session> mappingFunction);
protected abstract ManagedSession doComputeIfAbsent(String id, Function<String, ManagedSession> mappingFunction);
/**
* Replace the mapping from id to oldValue with newValue
@ -147,7 +148,7 @@ public abstract class AbstractSessionCache extends ContainerLifeCycle implements
* @param newValue the new value
* @return true if replacement was done
*/
protected abstract boolean doReplace(String id, Session oldValue, Session newValue);
protected abstract boolean doReplace(String id, ManagedSession oldValue, ManagedSession newValue);
/**
* Remove the session with this identity from the store
@ -155,7 +156,7 @@ public abstract class AbstractSessionCache extends ContainerLifeCycle implements
* @param id the id
* @return Session that was removed or null
*/
public abstract Session doDelete(String id);
public abstract ManagedSession doDelete(String id);
/**
* @param handler the {@link SessionManager} to use
@ -296,7 +297,7 @@ public abstract class AbstractSessionCache extends ContainerLifeCycle implements
*
*/
@Override
public Session get(String id) throws Exception
public ManagedSession get(String id) throws Exception
{
return getAndEnter(id, true);
}
@ -312,9 +313,9 @@ public abstract class AbstractSessionCache extends ContainerLifeCycle implements
* @return the session if it exists, null otherwise
* @throws Exception if the session cannot be loaded
*/
protected Session getAndEnter(String id, boolean enter) throws Exception
protected ManagedSession getAndEnter(String id, boolean enter) throws Exception
{
Session session = null;
ManagedSession session = null;
AtomicReference<Exception> exception = new AtomicReference<Exception>();
session = doComputeIfAbsent(id, k ->
@ -324,7 +325,7 @@ public abstract class AbstractSessionCache extends ContainerLifeCycle implements
try
{
Session s = loadSession(k);
ManagedSession s = loadSession(k);
if (s != null)
{
try (AutoLock lock = s.lock())
@ -376,11 +377,11 @@ public abstract class AbstractSessionCache extends ContainerLifeCycle implements
* @param id the id
* @return a Session object filled with data or null if the session doesn't exist
*/
private Session loadSession(String id)
private ManagedSession loadSession(String id)
throws Exception
{
SessionData data = null;
Session session = null;
ManagedSession session = null;
if (_sessionDataStore == null)
return null; //can't load it
@ -413,7 +414,7 @@ public abstract class AbstractSessionCache extends ContainerLifeCycle implements
* @param session the session
*/
@Override
public void add(String id, Session session) throws Exception
public void add(String id, ManagedSession session) throws Exception
{
if (id == null || session == null)
throw new IllegalArgumentException("Add key=" + id + " session=" + (session == null ? "null" : session.getId()));
@ -444,7 +445,7 @@ public abstract class AbstractSessionCache extends ContainerLifeCycle implements
* or on other nodes.
*/
@Override
public void commit(Session session) throws Exception
public void commit(ManagedSession session) throws Exception
{
if (session == null)
return;
@ -487,7 +488,7 @@ public abstract class AbstractSessionCache extends ContainerLifeCycle implements
*
*/
@Override
public void release(Session session) throws Exception
public void release(ManagedSession session) throws Exception
{
if (session == null || session.getId() == null)
throw new IllegalArgumentException((session == null ? "Null session" : "Null session id"));
@ -499,7 +500,7 @@ public abstract class AbstractSessionCache extends ContainerLifeCycle implements
if (session.getSessionManager() == null)
throw new IllegalStateException("Session " + id + " is not managed");
if (session.isInvalid())
if (session.isInvalidOrInvalidating())
return;
session.release();
@ -578,7 +579,7 @@ public abstract class AbstractSessionCache extends ContainerLifeCycle implements
public boolean exists(String id) throws Exception
{
//try the object store first
Session s = doGet(id);
ManagedSession s = doGet(id);
if (s != null)
{
try (AutoLock lock = s.lock())
@ -609,10 +610,10 @@ public abstract class AbstractSessionCache extends ContainerLifeCycle implements
*
*/
@Override
public Session delete(String id) throws Exception
public ManagedSession delete(String id) throws Exception
{
//get the session, if its not in memory, this will load it
Session session = getAndEnter(id, false);
ManagedSession session = getAndEnter(id, false);
//Always delete it from the backing data store
if (_sessionDataStore != null)
@ -645,7 +646,7 @@ public abstract class AbstractSessionCache extends ContainerLifeCycle implements
{
for (String c : allCandidates)
{
Session s = doGet(c);
ManagedSession s = doGet(c);
if (s != null && s.getRequests() > 0) //if the session is in my cache, check its not in use first
sessionsInUse.add(c);
}
@ -671,7 +672,7 @@ public abstract class AbstractSessionCache extends ContainerLifeCycle implements
* @param session session to check
*/
@Override
public void checkInactiveSession(Session session)
public void checkInactiveSession(ManagedSession session)
{
if (session == null)
return;
@ -713,7 +714,7 @@ public abstract class AbstractSessionCache extends ContainerLifeCycle implements
}
@Override
public Session renewSessionId(String oldId, String newId, String oldExtendedId, String newExtendedId)
public ManagedSession renewSessionId(String oldId, String newId, String oldExtendedId, String newExtendedId)
throws Exception
{
if (StringUtil.isBlank(oldId))
@ -721,7 +722,7 @@ public abstract class AbstractSessionCache extends ContainerLifeCycle implements
if (StringUtil.isBlank(newId))
throw new IllegalArgumentException("New session id is null");
Session session = getAndEnter(oldId, true);
ManagedSession session = getAndEnter(oldId, true);
renewSessionId(session, newId, newExtendedId);
return session;
@ -735,7 +736,7 @@ public abstract class AbstractSessionCache extends ContainerLifeCycle implements
* @param newExtendedId the full id plus node id
* @throws Exception if there was a failure saving the change
*/
protected void renewSessionId(Session session, String newId, String newExtendedId)
protected void renewSessionId(ManagedSession session, String newId, String newExtendedId)
throws Exception
{
if (session == null)
@ -796,11 +797,11 @@ public abstract class AbstractSessionCache extends ContainerLifeCycle implements
}
@Override
public Session newSession(String id, long time, long maxInactiveMs)
public ManagedSession newSession(String id, long time, long maxInactiveMs)
{
if (LOG.isDebugEnabled())
LOG.debug("Creating new session id={}", id);
Session session = newSession(_sessionDataStore.newSessionData(id, time, time, time, maxInactiveMs));
ManagedSession session = newSession(_sessionDataStore.newSessionData(id, time, time, time, maxInactiveMs));
session.getSessionData().setLastNode(_context.getWorkerName());
try
{

44
jetty-core/jetty-session/src/main/java/org/eclipse/jetty/session/AbstractSessionManager.java
View File

@ -95,9 +95,9 @@ public abstract class AbstractSessionManager extends ContainerLifeCycle implemen
* @param secure whether the request is secure or not
* @return the session cookie. If not null, this cookie should be set on the response to either migrate
* the session or to refresh a session cookie that may expire.
* @see #complete(Session)
* @see #complete(ManagedSession)
*/
public HttpCookie access(Session session, boolean secure)
public HttpCookie access(ManagedSession session, boolean secure)
{
if (session == null)
return null;
@ -192,7 +192,7 @@ public abstract class AbstractSessionManager extends ContainerLifeCycle implemen
* will see the modifications.
*/
@Override
public void commit(Session session)
public void commit(ManagedSession session)
{
if (session == null)
return;
@ -213,7 +213,7 @@ public abstract class AbstractSessionManager extends ContainerLifeCycle implemen
* @param session the session object
*/
@Override
public void complete(Session session)
public void complete(ManagedSession session)
{
if (LOG.isDebugEnabled())
LOG.debug("Complete called with session {}", session);
@ -373,12 +373,12 @@ public abstract class AbstractSessionManager extends ContainerLifeCycle implemen
* @return the Session matching the id or null if none exists
*/
@Override
public Session getSession(String extendedId)
public ManagedSession getManagedSession(String extendedId)
{
String id = getSessionIdManager().getId(extendedId);
try
{
Session session = _sessionCache.get(id);
ManagedSession session = _sessionCache.get(id);
if (session != null)
{
//If the session we got back has expired
@ -649,7 +649,7 @@ public abstract class AbstractSessionManager extends ContainerLifeCycle implemen
{
// Remove the Session object from the session cache and any backing
// data store
Session session = _sessionCache.delete(id);
ManagedSession session = _sessionCache.delete(id);
if (session != null)
{
//start invalidating if it is not already begun, and call the listeners
@ -829,11 +829,11 @@ public abstract class AbstractSessionManager extends ContainerLifeCycle implemen
* @param requestedSessionId the session id used by the request
*/
@Override
public void newSession(Request request, String requestedSessionId, Consumer<Session> consumer)
public void newSession(Request request, String requestedSessionId, Consumer<ManagedSession> consumer)
{
long created = System.currentTimeMillis();
String id = _sessionIdManager.newSessionId(request, requestedSessionId, created);
Session session = _sessionCache.newSession(id, created, (_dftMaxIdleSecs > 0 ? _dftMaxIdleSecs * 1000L : -1));
ManagedSession session = _sessionCache.newSession(id, created, (_dftMaxIdleSecs > 0 ? _dftMaxIdleSecs * 1000L : -1));
session.setExtendedId(_sessionIdManager.getExtendedId(id, request));
session.getSessionData().setLastNode(_sessionIdManager.getWorkerName());
try
@ -843,7 +843,7 @@ public abstract class AbstractSessionManager extends ContainerLifeCycle implemen
_sessionsCreatedStats.increment();
if (request != null && request.getConnectionMetaData().isSecure())
session.setAttribute(Session.SESSION_CREATED_SECURE, Boolean.TRUE);
session.setAttribute(ManagedSession.SESSION_CREATED_SECURE, Boolean.TRUE);
consumer.accept(session);
callSessionCreatedListeners(session);
@ -859,7 +859,7 @@ public abstract class AbstractSessionManager extends ContainerLifeCycle implemen
* @param session the session to time
*/
@Override
public SessionInactivityTimer newSessionInactivityTimer(Session session)
public SessionInactivityTimer newSessionInactivityTimer(ManagedSession session)
{
return new SessionInactivityTimer(this, session, _scheduler);
}
@ -871,7 +871,7 @@ public abstract class AbstractSessionManager extends ContainerLifeCycle implemen
* @param session the session whose time to record
*/
@Override
public void recordSessionTime(Session session)
public void recordSessionTime(ManagedSession session)
{
_sessionTimeStats.record(Math.round((System.currentTimeMillis() - session.getSessionData().getCreated()) / 1000.0));
}
@ -887,7 +887,7 @@ public abstract class AbstractSessionManager extends ContainerLifeCycle implemen
@Override
public void renewSessionId(String oldId, String oldExtendedId, String newId, String newExtendedId)
{
Session session = null;
ManagedSession session = null;
try
{
//the use count for the session will be incremented in renewSessionId
@ -984,7 +984,7 @@ public abstract class AbstractSessionManager extends ContainerLifeCycle implemen
* @param now the time at which to check for expiry
*/
@Override
public void sessionTimerExpired(Session session, long now)
public void sessionTimerExpired(ManagedSession session, long now)
{
if (session == null)
return;
@ -1042,7 +1042,7 @@ public abstract class AbstractSessionManager extends ContainerLifeCycle implemen
{
String requestedSessionId = null;
boolean requestedSessionIdFromCookie = false;
Session session = null;
ManagedSession session = null;
//first try getting id from a cookie
if (isUsingCookies())
@ -1064,7 +1064,7 @@ public abstract class AbstractSessionManager extends ContainerLifeCycle implemen
if (session == null)
{
//we currently do not have a session selected, use this one if it is valid
Session s = getSession(id);
ManagedSession s = getManagedSession(id);
if (s != null && s.isValid())
{
//associate it with the request so its reference count is decremented as the
@ -1096,7 +1096,7 @@ public abstract class AbstractSessionManager extends ContainerLifeCycle implemen
LOG.debug("Multiple different valid session ids: {}, {}", requestedSessionId, id);
//load the session to see if it is valid or not
Session s = getSession(id);
ManagedSession s = getManagedSession(id);
if (s != null && s.isValid())
{
//release both sessions straight away??
@ -1152,7 +1152,7 @@ public abstract class AbstractSessionManager extends ContainerLifeCycle implemen
if (LOG.isDebugEnabled())
LOG.debug("Got Session ID {} from URL", requestedSessionId);
session = getSession(requestedSessionId);
session = getManagedSession(requestedSessionId);
}
}
@ -1169,7 +1169,7 @@ public abstract class AbstractSessionManager extends ContainerLifeCycle implemen
_sessionCache.shutdown();
}
public record RequestedSession(Session session, String sessionId, boolean sessionIdFromCookie)
public record RequestedSession(ManagedSession session, String sessionId, boolean sessionIdFromCookie)
{
}
@ -1205,7 +1205,7 @@ public abstract class AbstractSessionManager extends ContainerLifeCycle implemen
* with the <code>session</code>. If cookies are not in use, this method returns <code>null</code>.
*/
@Override
public HttpCookie getSessionCookie(Session session, boolean requestIsSecure)
public HttpCookie getSessionCookie(ManagedSession session, boolean requestIsSecure)
{
if (isUsingCookies())
{
@ -1269,12 +1269,12 @@ public abstract class AbstractSessionManager extends ContainerLifeCycle implemen
private void doCommit()
{
commit(_sessionManager.getSession(_request));
commit(_sessionManager.getManagedSession(_request));
}
private void doComplete()
{
complete(_sessionManager.getSession(_request));
complete(_sessionManager.getManagedSession(_request));
}
}
}

25
jetty-core/jetty-session/src/main/java/org/eclipse/jetty/session/DefaultSessionCache.java
View File

@ -18,6 +18,7 @@ import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentMap;
import java.util.function.Function;
import org.eclipse.jetty.server.Session;
import org.eclipse.jetty.util.annotation.ManagedAttribute;
import org.eclipse.jetty.util.annotation.ManagedObject;
import org.eclipse.jetty.util.annotation.ManagedOperation;
@ -38,7 +39,7 @@ public class DefaultSessionCache extends AbstractSessionCache
/**
* The cache of sessions in a concurrent map
*/
private final ConcurrentMap<String, Session> _sessions;
private final ConcurrentMap<String, ManagedSession> _sessions;
private final CounterStatistic _stats = new CounterStatistic();
@ -54,7 +55,7 @@ public class DefaultSessionCache extends AbstractSessionCache
* @param manager The SessionHandler related to this SessionCache
* @param sessions The session map implementation to use
*/
public DefaultSessionCache(SessionManager manager, ConcurrentMap<String, Session> sessions)
public DefaultSessionCache(SessionManager manager, ConcurrentMap<String, ManagedSession> sessions)
{
super(manager);
_sessions = Objects.requireNonNull(sessions, "Session Map may not be null");
@ -94,7 +95,7 @@ public class DefaultSessionCache extends AbstractSessionCache
}
@Override
public Session doGet(String id)
public ManagedSession doGet(String id)
{
if (id == null)
return null;
@ -102,7 +103,7 @@ public class DefaultSessionCache extends AbstractSessionCache
}
@Override
public Session doPutIfAbsent(String id, Session session)
public Session doPutIfAbsent(String id, ManagedSession session)
{
Session s = _sessions.putIfAbsent(id, session);
if (s == null)
@ -111,11 +112,11 @@ public class DefaultSessionCache extends AbstractSessionCache
}
@Override
protected Session doComputeIfAbsent(String id, Function<String, Session> mappingFunction)
protected ManagedSession doComputeIfAbsent(String id, Function<String, ManagedSession> mappingFunction)
{
return _sessions.computeIfAbsent(id, k ->
{
Session s = mappingFunction.apply(k);
ManagedSession s = mappingFunction.apply(k);
if (s != null)
_stats.increment();
return s;
@ -123,9 +124,9 @@ public class DefaultSessionCache extends AbstractSessionCache
}
@Override
public Session doDelete(String id)
public ManagedSession doDelete(String id)
{
Session s = _sessions.remove(id);
ManagedSession s = _sessions.remove(id);
if (s != null)
_stats.decrement();
return s;
@ -143,7 +144,7 @@ public class DefaultSessionCache extends AbstractSessionCache
while (!_sessions.isEmpty() && loop-- > 0)
{
for (Session session : _sessions.values())
for (ManagedSession session : _sessions.values())
{
if (isInvalidateOnShutdown())
{
@ -178,14 +179,14 @@ public class DefaultSessionCache extends AbstractSessionCache
}
@Override
public Session newSession(SessionData data)
public ManagedSession newSession(SessionData data)
{
Session session = new Session(getSessionManager(), data);
ManagedSession session = new ManagedSession(getSessionManager(), data);
return session;
}
@Override
public boolean doReplace(String id, Session oldValue, Session newValue)
public boolean doReplace(String id, ManagedSession oldValue, ManagedSession newValue)
{
return _sessions.replace(id, oldValue, newValue);
}

96
jetty-core/jetty-session/src/main/java/org/eclipse/jetty/session/Session.java → jetty-core/jetty-session/src/main/java/org/eclipse/jetty/session/ManagedSession.java
View File

@ -20,6 +20,8 @@ import java.util.concurrent.locks.Condition;
import org.eclipse.jetty.http.HttpCookie;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.Response;
import org.eclipse.jetty.server.Session;
import org.eclipse.jetty.util.thread.AutoLock;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@ -39,14 +41,10 @@ import org.slf4j.LoggerFactory;
* @see SessionManager
* @see org.eclipse.jetty.session.SessionIdManager
*/
public class Session
public class ManagedSession implements Session
{
public interface APISession
{
Session getCoreSession();
}
private static final Logger LOG = LoggerFactory.getLogger(Session.class);
private static final Logger LOG = LoggerFactory.getLogger(ManagedSession.class);
/**
* Attribute set if the session is secure
@ -70,7 +68,7 @@ public class Session
SET, CHANGING
}
private Object _apiSession;
private final API _api;
protected final SessionData _sessionData; // the actual data associated with
// a session
@ -101,7 +99,7 @@ public class Session
* @param manager the SessionHandler that manages this session
* @param data the session data
*/
public Session(SessionManager manager, SessionData data)
public ManagedSession(SessionManager manager, SessionData data)
{
_manager = manager;
_sessionData = data;
@ -111,25 +109,22 @@ public class Session
_sessionData.setDirty(true);
}
_sessionInactivityTimer = manager.newSessionInactivityTimer(this);
_apiSession = _manager.newSessionAPIWrapper(this);
}
public static Session getSession(Object session)
{
if (session instanceof APISession wrapper)
return wrapper.getCoreSession();
return null;
_api = _manager.newSessionAPIWrapper(this);
if (_api != null && _api.getSession() != this)
throw new IllegalStateException("Session.API must wrap this session");
}
/**
* <p>A {@link ManagedSession} may have an API wrapper (e.g. Servlet API), that is created by the
* {@link SessionManager#newSessionAPIWrapper(ManagedSession)} method during construction of a {@link ManagedSession} instance.</p>
* @param <T> The type of the {@link API}
* @return The {@link API} wrapper of this core {@link ManagedSession}.
*/
@Override
@SuppressWarnings("unchecked")
public <T> T getAPISession()
public <T extends API> T getApi()
{
return (T)_apiSession;
}
public void setAPISession(Object o)
{
_apiSession = o;
return (T)_api;
}
/**
@ -327,6 +322,7 @@ public class Session
}
}
@Override
public boolean isValid()
{
try (AutoLock l = _lock.lock())
@ -335,10 +331,11 @@ public class Session
}
}
public boolean isInvalid()
public boolean isInvalidOrInvalidating()
{
try (AutoLock l = _lock.lock())
{
// TODO review if this can be replaced by !isValid()
return _state == State.INVALID || _state == State.INVALIDATING;
}
}
@ -360,6 +357,7 @@ public class Session
}
}
@Override
public String getId()
{
try (AutoLock l = _lock.lock())
@ -368,21 +366,18 @@ public class Session
}
}
@Override
public String getExtendedId()
{
return _extendedId;
}
public String getContextPath()
{
return _sessionData.getContextPath();
}
public String getVHost()
{
return _sessionData.getVhost();
}
@Override
public long getLastAccessedTime()
{
try (AutoLock l = _lock.lock())
@ -392,6 +387,7 @@ public class Session
}
}
@Override
public void setMaxInactiveInterval(int secs)
{
try (AutoLock l = _lock.lock())
@ -434,6 +430,7 @@ public class Session
return time;
}
@Override
public int getMaxInactiveInterval()
{
try (AutoLock l = _lock.lock())
@ -493,6 +490,7 @@ public class Session
throw new IllegalStateException("Invalid for read: id=" + _sessionData.getId() + " not resident");
}
@Override
public Object getAttribute(String name)
{
try (AutoLock l = _lock.lock())
@ -502,12 +500,8 @@ public class Session
}
}
public int getAttributes()
{
return _sessionData.getKeys().size();
}
public Set<String> getNames()
@Override
public Set<String> getAttributeNameSet()
{
try (AutoLock l = _lock.lock())
{
@ -516,7 +510,8 @@ public class Session
}
}
public void setAttribute(String name, Object value)
@Override
public Object setAttribute(String name, Object value)
{
Object old = null;
try (AutoLock l = _lock.lock())
@ -526,14 +521,16 @@ public class Session
old = _sessionData.setAttribute(name, value);
}
if (value == null && old == null)
return; // if same as remove attribute but attribute was already
return null; // if same as remove attribute but attribute was already
// removed, no change
callSessionAttributeListeners(name, value, old);
return old;
}
public void removeAttribute(String name)
@Override
public Object removeAttribute(String name)
{
setAttribute(name, null);
return setAttribute(name, null);
}
/**
@ -541,12 +538,16 @@ public class Session
*
* @param request the Request associated with the call to change id.
*/
public void renewId(Request request)
@Override
public void renewId(Request request, Response response)
{
if (_manager == null)
throw new IllegalStateException("No session manager for session " + _sessionData.getId());
String id = null;
if (response != null && response.isCommitted())
throw new IllegalStateException("Response committed " + _sessionData.getId());
String oldId = null;
String extendedId = null;
try (AutoLock l = _lock.lock())
{
@ -578,18 +579,18 @@ public class Session
break;
}
id = _sessionData.getId(); // grab the values as they are now
oldId = _sessionData.getId(); // grab the values as they are now
extendedId = getExtendedId();
}
String newId = _manager.getSessionIdManager().renewSessionId(id, extendedId, request);
String newId = _manager.getSessionIdManager().renewSessionId(oldId, extendedId, request);
try (AutoLock l = _lock.lock())
{
switch (_state)
{
case CHANGING:
if (id.equals(newId))
if (oldId.equals(newId))
throw new IllegalStateException("Unable to change session id");
// this shouldn't be necessary to do here EXCEPT that when a
@ -613,6 +614,11 @@ public class Session
throw new IllegalStateException();
}
}
if (response != null && isSetCookieNeeded())
Response.replaceCookie(response, getSessionManager().getSessionCookie(this, request.isSecure()));
if (LOG.isDebugEnabled())
LOG.debug("renew {}->{}", oldId, newId);
}
/**
@ -621,6 +627,7 @@ public class Session
* manager as a result of scavenger expiring session
*/
@Override
public void invalidate()
{
if (_manager == null)
@ -769,6 +776,7 @@ public class Session
}
}
@Override
public boolean isNew() throws IllegalStateException
{
try (AutoLock l = _lock.lock())

15
jetty-core/jetty-session/src/main/java/org/eclipse/jetty/session/NullSessionCache.java
View File

@ -15,6 +15,7 @@ package org.eclipse.jetty.session;
import java.util.function.Function;
import org.eclipse.jetty.server.Session;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@ -40,34 +41,34 @@ public class NullSessionCache extends AbstractSessionCache
}
@Override
public Session newSession(SessionData data)
public ManagedSession newSession(SessionData data)
{
return new Session(getSessionManager(), data);
return new ManagedSession(getSessionManager(), data);
}
@Override
public Session doGet(String id)
public ManagedSession doGet(String id)
{
//do not cache anything
return null;
}
@Override
public Session doPutIfAbsent(String id, Session session)
public Session doPutIfAbsent(String id, ManagedSession session)
{
//nothing was stored previously
return null;
}
@Override
public boolean doReplace(String id, Session oldValue, Session newValue)
public boolean doReplace(String id, ManagedSession oldValue, ManagedSession newValue)
{
//always accept new value
return true;
}
@Override
public Session doDelete(String id)
public ManagedSession doDelete(String id)
{
return null;
}
@ -80,7 +81,7 @@ public class NullSessionCache extends AbstractSessionCache
}
@Override
protected Session doComputeIfAbsent(String id, Function<String, Session> mappingFunction)
protected ManagedSession doComputeIfAbsent(String id, Function<String, ManagedSession> mappingFunction)
{
return mappingFunction.apply(id);
}

20
jetty-core/jetty-session/src/main/java/org/eclipse/jetty/session/SessionCache.java
View File

@ -20,7 +20,7 @@ import org.eclipse.jetty.util.component.LifeCycle;
/**
* SessionCache
*
* A working set of {@link Session} objects for a context.
* A working set of {@link ManagedSession} objects for a context.
*
* Ideally, multiple requests for the same session id in the same context will always
* share the same Session object from the SessionCache, but it would be possible
@ -68,7 +68,7 @@ public interface SessionCache extends LifeCycle
* @param maxInactiveMs the max inactive time in milliseconds
* @return a new Session
*/
Session newSession(String id, long time, long maxInactiveMs);
ManagedSession newSession(String id, long time, long maxInactiveMs);
/**
* Re-materialize a Session that has previously existed.
@ -76,7 +76,7 @@ public interface SessionCache extends LifeCycle
* @param data the data associated with the session
* @return a Session object for the data supplied
*/
Session newSession(SessionData data);
ManagedSession newSession(SessionData data);
/**
* Change the id of a Session.
@ -88,7 +88,7 @@ public interface SessionCache extends LifeCycle
* @return the Session after changing its id
* @throws Exception if any error occurred
*/
Session renewSessionId(String oldId, String newId, String oldExtendedId, String newExtendedId) throws Exception;
ManagedSession renewSessionId(String oldId, String newId, String oldExtendedId, String newExtendedId) throws Exception;
/**
* Adds a new Session, with a never-before-used id,
@ -97,7 +97,7 @@ public interface SessionCache extends LifeCycle
* @param id id
* @param session session
*/
void add(String id, Session session) throws Exception;
void add(String id, ManagedSession session) throws Exception;
/**
* Get an existing Session. If necessary, the cache will load the data for
@ -107,7 +107,7 @@ public interface SessionCache extends LifeCycle
* @return the Session if one exists, null otherwise
* @throws Exception if any error occurred
*/
Session get(String id) throws Exception;
ManagedSession get(String id) throws Exception;
/**
* Finish using a Session. This is called by the SessionHandler
@ -117,7 +117,7 @@ public interface SessionCache extends LifeCycle
* @param session the current session object
* @throws Exception if any error occurred
*/
void release(Session session) throws Exception;
void release(ManagedSession session) throws Exception;
/**
* Called when a response is about to be committed. The
@ -128,7 +128,7 @@ public interface SessionCache extends LifeCycle
* different server, it will be able to see the session
* changes via the shared store.
*/
void commit(Session session) throws Exception;
void commit(ManagedSession session) throws Exception;
/**
* Check to see if a Session is in the cache. Does NOT consult
@ -159,7 +159,7 @@ public interface SessionCache extends LifeCycle
* @return the Session that was removed, null otherwise
* @throws Exception if any error occurred
*/
Session delete(String id) throws Exception;
ManagedSession delete(String id) throws Exception;
/**
* Check a list of session ids that belong to potentially expired
@ -179,7 +179,7 @@ public interface SessionCache extends LifeCycle
*
* @param session the session to check
*/
void checkInactiveSession(Session session);
void checkInactiveSession(ManagedSession session);
/**
* A SessionDataStore that is the authoritative source

4
jetty-core/jetty-session/src/main/java/org/eclipse/jetty/session/SessionInactivityTimer.java
View File

@ -38,9 +38,9 @@ public class SessionInactivityTimer
private final SessionManager _sessionManager;
private final Scheduler _scheduler;
private final CyclicTimeout _timer;
private final Session _session;
private final ManagedSession _session;
public SessionInactivityTimer(SessionManager sessionManager, Session session, Scheduler scheduler)
public SessionInactivityTimer(SessionManager sessionManager, ManagedSession session, Scheduler scheduler)
{
_sessionManager = sessionManager;
_session = session;

21
jetty-core/jetty-session/src/main/java/org/eclipse/jetty/session/SessionManager.java
View File

@ -18,6 +18,7 @@ import java.util.function.Consumer;
import org.eclipse.jetty.http.HttpCookie;
import org.eclipse.jetty.server.Context;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.Session;
import org.eclipse.jetty.util.component.LifeCycle;
/**
@ -75,19 +76,19 @@ public interface SessionManager extends LifeCycle, SessionConfig
*/
String __MaxAgeProperty = "org.eclipse.jetty.servlet.MaxAge";
Session getSession(String id) throws Exception;
ManagedSession getManagedSession(String id) throws Exception;
void newSession(Request request, String requestedSessionId, Consumer<Session> consumer);
void newSession(Request request, String requestedSessionId, Consumer<ManagedSession> consumer);
Session getSession(Request request);
ManagedSession getManagedSession(Request request);
Session.APISession newSessionAPIWrapper(Session session);
Session.API newSessionAPIWrapper(ManagedSession session);
void sessionTimerExpired(Session session, long now);
void sessionTimerExpired(ManagedSession session, long now);
void commit(Session session);
void commit(ManagedSession session);
void complete(Session session);
void complete(ManagedSession session);
void invalidate(String id) throws Exception;
@ -95,13 +96,13 @@ public interface SessionManager extends LifeCycle, SessionConfig
boolean isIdInUse(String id) throws Exception;
HttpCookie getSessionCookie(Session session, boolean requestIsSecure);
HttpCookie getSessionCookie(ManagedSession session, boolean requestIsSecure);
void renewSessionId(String oldId, String oldExtendedId, String newId, String newExtendedId) throws Exception;
long calculateInactivityTimeout(String id, long timeRemaining, long maxInactiveMs);
SessionInactivityTimer newSessionInactivityTimer(Session session);
SessionInactivityTimer newSessionInactivityTimer(ManagedSession session);
Context getContext();
@ -145,7 +146,7 @@ public interface SessionManager extends LifeCycle, SessionConfig
{
}
void recordSessionTime(Session session);
void recordSessionTime(ManagedSession session);
int getSessionsCreated();

23
jetty-core/jetty-session/src/test/java/org/eclipse/jetty/session/AbstractSessionCacheTest.java
View File

@ -19,6 +19,7 @@ import java.util.concurrent.TimeUnit;
import org.eclipse.jetty.logging.StacklessLogging;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.Session;
import org.junit.jupiter.api.Test;
import static org.hamcrest.MatcherAssert.assertThat;
@ -143,7 +144,7 @@ public abstract class AbstractSessionCacheTest
{
//check that session 1234 cannot be read, ie returns null AND
//that it is deleted in the datastore
Session session = sessionManager.getSession("1234");
Session session = sessionManager.getManagedSession("1234");
assertNull(session);
assertFalse(store.exists("1234"));
}
@ -212,7 +213,7 @@ public abstract class AbstractSessionCacheTest
assertFalse(cache.contains("1234"));
Session session = cache.get("1234");
ManagedSession session = cache.get("1234");
assertEquals(1, session.getRequests());
assertNotNull(session);
assertEquals("1234", session.getId());
@ -246,7 +247,7 @@ public abstract class AbstractSessionCacheTest
//call commit: session has not changed, should not be written
store._numSaves.set(0); //clear save counter
Session session = createUnExpiredSession(cache, store, "1234", 100); //simulate previously saved);
ManagedSession session = createUnExpiredSession(cache, store, "1234", 100); //simulate previously saved);
cache.add("1234", session);
commitAndCheckSaveState(cache, store, session, false, true, false, true, 0, 0);
@ -318,7 +319,7 @@ public abstract class AbstractSessionCacheTest
//to be committed:
//call commit: session has not changed, should not be written
Session session = createUnExpiredSession(cache, store, "1234", 100);
ManagedSession session = createUnExpiredSession(cache, store, "1234", 100);
cache.add("1234", session);
commitAndCheckSaveState(cache, store, session, false, true, false, true, 0, 0);
//call release: session has not changed, but metadata has, should be written
@ -449,7 +450,7 @@ public abstract class AbstractSessionCacheTest
assertTrue(cache.exists("1234"));
//test one that exists in the cache also
Session session = cache.newSession(data);
ManagedSession session = cache.newSession(data);
cache.add("1234", session);
assertTrue(cache.exists("1234"));
}
@ -476,7 +477,7 @@ public abstract class AbstractSessionCacheTest
server.start();
//test remove non-existent session
Session session = cache.delete("1234");
ManagedSession session = cache.delete("1234");
assertNull(session);
//test remove of existing session in store only
@ -525,7 +526,7 @@ public abstract class AbstractSessionCacheTest
long now = System.currentTimeMillis();
SessionData data = store.newSessionData("1234", now - 20, now - 10, now - 20, TimeUnit.MINUTES.toMillis(10));
data.setExpiry(now + TimeUnit.DAYS.toMillis(1));
Session session = cache.newSession(data);
ManagedSession session = cache.newSession(data);
cache.add("1234", session);
cache.release(session);
assertTrue(cache.exists("1234"));
@ -617,7 +618,7 @@ public abstract class AbstractSessionCacheTest
//put a session in the cache and store
long now = System.currentTimeMillis();
SessionData data = store.newSessionData("1234", now - 20, now - 10, now - 20, TimeUnit.MINUTES.toMillis(10));
Session session = cache.newSession(data);
ManagedSession session = cache.newSession(data);
cache.add("1234", session);
session.setAttribute("aaa", "111"); //add an attribute to be called with passivate/activate
cache.release(session);
@ -658,7 +659,7 @@ public abstract class AbstractSessionCacheTest
//Make a session in the store and cache and check that it is invalidated on shutdown
long now = System.currentTimeMillis();
SessionData data = store.newSessionData("8888", now - 20, now - 10, now - 20, TimeUnit.MINUTES.toMillis(10));
Session session = cache.newSession(data);
ManagedSession session = cache.newSession(data);
cache.add("8888", session);
session.setAttribute("aaa", "111");
cache.release(session);
@ -669,7 +670,7 @@ public abstract class AbstractSessionCacheTest
checkSessionAfterShutdown("8888", store, cache, sessionManager);
}
public void commitAndCheckSaveState(SessionCache cache, TestableSessionDataStore store, Session session,
public void commitAndCheckSaveState(SessionCache cache, TestableSessionDataStore store, ManagedSession session,
boolean expectedBeforeDirty, boolean expectedBeforeMetaDirty,
boolean expectedAfterDirty, boolean expectedAfterMetaDirty,
int expectedBeforeNumSaves, int expectedAfterNumSaves)
@ -684,7 +685,7 @@ public abstract class AbstractSessionCacheTest
assertEquals(expectedAfterNumSaves, store._numSaves.get());
}
public Session createUnExpiredSession(SessionCache cache, SessionDataStore store, String id, int lastSave)
public ManagedSession createUnExpiredSession(SessionCache cache, SessionDataStore store, String id, int lastSave)
{
long now = System.currentTimeMillis();
SessionData data = store.newSessionData(id, now - 20, now - 10, now - 20, TimeUnit.MINUTES.toMillis(10));

21
jetty-core/jetty-session/src/test/java/org/eclipse/jetty/session/AbstractSessionManagerTest.java
View File

@ -18,6 +18,7 @@ import java.util.function.Function;
import org.eclipse.jetty.http.HttpCookie;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.Session;
import org.junit.jupiter.api.Test;
import static org.junit.jupiter.api.Assertions.assertEquals;
@ -38,7 +39,7 @@ public class AbstractSessionManagerTest
SessionData sessionData = new SessionData("1234", "_test", "0.0.0.0", 100, 200, 200, -1);
TestableSessionManager sessionManager = new TestableSessionManager();
sessionManager.setSessionPath("/test");
Session session = new Session(sessionManager, sessionData);
ManagedSession session = new ManagedSession(sessionManager, sessionData);
session.setExtendedId("1234.foo");
session.getSessionData().setLastNode("foo");
@ -83,7 +84,7 @@ public class AbstractSessionManagerTest
//Make a session
SessionData sessionData = new SessionData("1234", "_test", "0.0.0.0", 100, 200, 200, -1);
TestableSessionManager sessionManager = new TestableSessionManager();
Session session = new Session(sessionManager, sessionData);
ManagedSession session = new ManagedSession(sessionManager, sessionData);
session.setExtendedId("1234.foo");
session.getSessionData().setLastNode("foo");
session.setResident(true); //pretend its in a cache
@ -121,37 +122,37 @@ public class AbstractSessionManagerTest
}
@Override
public Session newSession(SessionData data)
public ManagedSession newSession(SessionData data)
{
return null;
}
@Override
protected Session doGet(String id)
protected ManagedSession doGet(String id)
{
return null;
}
@Override
protected Session doPutIfAbsent(String id, Session session)
protected Session doPutIfAbsent(String id, ManagedSession session)
{
return null;
}
@Override
protected Session doComputeIfAbsent(String id, Function<String, Session> mappingFunction)
protected ManagedSession doComputeIfAbsent(String id, Function<String, ManagedSession> mappingFunction)
{
return null;
}
@Override
protected boolean doReplace(String id, Session oldValue, Session newValue)
protected boolean doReplace(String id, ManagedSession oldValue, ManagedSession newValue)
{
return false;
}
@Override
public Session doDelete(String id)
public ManagedSession doDelete(String id)
{
return null;
}
@ -313,7 +314,7 @@ public class AbstractSessionManagerTest
TestableSessionConsumer consumer = new TestableSessionConsumer();
sessionManager.newSession(null, "1234", consumer);
Session session = consumer.getSession();
ManagedSession session = consumer.getSession();
String id = session.getId();
sessionManager.commit(session);
sessionManager.complete(session); //exit the session
@ -334,7 +335,7 @@ public class AbstractSessionManagerTest
Thread.sleep(waitMs);
//test the session
session = sessionManager.getSession(id);
session = sessionManager.getManagedSession(id);
if (expectExist)
{
assertNotNull(session);

29
jetty-core/jetty-session/src/test/java/org/eclipse/jetty/session/DefaultSessionCacheTest.java
View File

@ -20,6 +20,7 @@ import java.util.concurrent.TimeUnit;
import org.eclipse.jetty.logging.StacklessLogging;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.Session;
import org.junit.jupiter.api.Test;
import static org.junit.jupiter.api.Assertions.assertEquals;
@ -174,7 +175,7 @@ public class DefaultSessionCacheTest extends AbstractSessionCacheTest
//put a session in the cache and store
long now = System.currentTimeMillis();
SessionData data = store.newSessionData("1234", now - 20, now - 10, now - 20, TimeUnit.MINUTES.toMillis(10));
Session session = cache.newSession(data);
ManagedSession session = cache.newSession(data);
cache.add("1234", session);
assertTrue(cache.contains("1234"));
assertEquals(1, session.getRequests());
@ -200,7 +201,7 @@ public class DefaultSessionCacheTest extends AbstractSessionCacheTest
//Session may already be invalid depending on timing
try
{
s1.renewId(new TestableRequest());
s1.renewId(new TestableRequest(), null);
//After this call, the session must have changed id, and it may also be
//invalid, depending on timing.
assertFalse(oldid.equals(s1.getId()));
@ -271,7 +272,7 @@ public class DefaultSessionCacheTest extends AbstractSessionCacheTest
//put a session in the cache and store
long now = System.currentTimeMillis();
SessionData data = store.newSessionData("1234", now - 20, now - 10, now - 20, TimeUnit.MINUTES.toMillis(10));
Session session = cache.newSession(data);
ManagedSession session = cache.newSession(data);
cache.add("1234", session);
assertTrue(cache.contains("1234"));
@ -307,7 +308,7 @@ public class DefaultSessionCacheTest extends AbstractSessionCacheTest
long now = System.currentTimeMillis();
SessionData data = store.newSessionData("1234", now - 20, now - 10, now - 20, TimeUnit.MINUTES.toMillis(10));
Session session = cache.newSession(data);
ManagedSession session = cache.newSession(data);
//ensure the session is in the cache
cache.add("1234", session);
@ -340,7 +341,7 @@ public class DefaultSessionCacheTest extends AbstractSessionCacheTest
server.start();
long now = System.currentTimeMillis();
Session session = cache.newSession("1234", now, -1); //create an immortal session
ManagedSession session = cache.newSession("1234", now, -1); //create an immortal session
cache.add("1234", session); //add it to the cache
//now fake another request coming in for the same session
@ -377,7 +378,7 @@ public class DefaultSessionCacheTest extends AbstractSessionCacheTest
data.setExpiry(now + TimeUnit.DAYS.toMillis(1));
//create a session for the existing session data, add it to the cache
Session session = cache.newSession(data);
ManagedSession session = cache.newSession(data);
cache.add("1234", session);
assertEquals(1, session.getRequests());
@ -415,7 +416,7 @@ public class DefaultSessionCacheTest extends AbstractSessionCacheTest
data.setExpiry(now + TimeUnit.DAYS.toMillis(1));
//make a session for the existing id, add to cache
Session session = cache.newSession(data);
ManagedSession session = cache.newSession(data);
cache.add("1234", session);
//release use of newly added session
@ -466,7 +467,7 @@ public class DefaultSessionCacheTest extends AbstractSessionCacheTest
//test one that is contained
long now = System.currentTimeMillis();
SessionData data = store.newSessionData("1234", now - 20, now - 10, now - 20, TimeUnit.MINUTES.toMillis(10));
Session session = cache.newSession(data);
ManagedSession session = cache.newSession(data);
cache.add("1234", session);
assertTrue(cache.contains("1234"));
}
@ -498,7 +499,7 @@ public class DefaultSessionCacheTest extends AbstractSessionCacheTest
long now = System.currentTimeMillis();
SessionData data = store.newSessionData("1234", now - 20, now - 10, now - 20, TimeUnit.MINUTES.toMillis(10));
data.setExpiry(now + TimeUnit.DAYS.toMillis(1));
Session session = cache.newSession(data);
ManagedSession session = cache.newSession(data);
cache.checkInactiveSession(session);
assertFalse(store.exists("1234"));
assertFalse(cache.contains("1234"));
@ -508,7 +509,7 @@ public class DefaultSessionCacheTest extends AbstractSessionCacheTest
//test session that is resident but not valid
cache.add("1234", session);
cache.release(session); //this will write session
session._state = Session.State.INVALID;
session._state = ManagedSession.State.INVALID;
cache.checkInactiveSession(session);
assertTrue(store.exists("1234"));
assertTrue(cache.contains("1234"));
@ -517,7 +518,7 @@ public class DefaultSessionCacheTest extends AbstractSessionCacheTest
//ie nothing happens to the session
//test session that is resident, is valid, but NEVER_EVICT
session._state = Session.State.VALID;
session._state = ManagedSession.State.VALID;
cache.checkInactiveSession(session);
assertTrue(store.exists("1234"));
assertTrue(cache.contains("1234"));
@ -536,7 +537,7 @@ public class DefaultSessionCacheTest extends AbstractSessionCacheTest
//this should not affect the session because it this is an idle test only
SessionData data2 = store.newSessionData("567", now, now - TimeUnit.SECONDS.toMillis(30), now - TimeUnit.SECONDS.toMillis(40), TimeUnit.MINUTES.toMillis(10));
data2.setExpiry(now + TimeUnit.DAYS.toMillis(1)); //not expired
Session session2 = cache.newSession(data2);
ManagedSession session2 = cache.newSession(data2);
cache.add("567", session2); //ensure session is in cache
cache.setEvictionPolicy(SessionCache.EVICT_ON_SESSION_EXIT);
session2.access(System.currentTimeMillis()); //simulate 1 request in session
@ -581,7 +582,7 @@ public class DefaultSessionCacheTest extends AbstractSessionCacheTest
long now = System.currentTimeMillis();
SessionData data = store.newSessionData("1234", now - 20, now - 10, now - 20, TimeUnit.MINUTES.toMillis(10));
data.setExpiry(now + TimeUnit.DAYS.toMillis(1));
Session session = cache.newSession(data);
ManagedSession session = cache.newSession(data);
cache.add("1234", session); //make it resident
assertTrue(cache.contains("1234"));
long accessed = now - TimeUnit.SECONDS.toMillis(30); //make it idle
@ -626,7 +627,7 @@ public class DefaultSessionCacheTest extends AbstractSessionCacheTest
long now = System.currentTimeMillis();
SessionData data = sessionDataStore.newSessionData("1234", now - 20, now - 10, now - 20, TimeUnit.MINUTES.toMillis(10));
data.setExpiry(now + TimeUnit.DAYS.toMillis(1));
Session session = cache.newSession(data);
ManagedSession session = cache.newSession(data);
String id = session.getId();
cache.add("1234", session); //make it resident
session.setAttribute("aaa", "one");

2
jetty-core/jetty-session/src/test/java/org/eclipse/jetty/session/DirtyAttributeTest.java
View File

@ -48,7 +48,7 @@ public class DirtyAttributeTest
//make a session
TestableSessionConsumer consumer = new TestableSessionConsumer();
sessionManager.newSession(null, "1234", consumer);
Session session = consumer.getSession();
ManagedSession session = consumer.getSession();
String id = session.getId();
assertTrue(session.isValid());
assertTrue(sessionDataStore.exists(id));

5
jetty-core/jetty-session/src/test/java/org/eclipse/jetty/session/NullSessionCacheTest.java
View File

@ -16,6 +16,7 @@ package org.eclipse.jetty.session;
import java.util.concurrent.TimeUnit;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.Session;
import org.junit.jupiter.api.Test;
import static org.junit.jupiter.api.Assertions.assertEquals;
@ -88,7 +89,7 @@ public class NullSessionCacheTest extends AbstractSessionCacheTest
long now = System.currentTimeMillis();
SessionData data = store.newSessionData("1234", now - 20, now - 10, now - 20, TimeUnit.MINUTES.toMillis(10));
data.setExpiry(now + TimeUnit.DAYS.toMillis(1));
Session session = cache.newSession(data); //mimic a request making a session
ManagedSession session = cache.newSession(data); //mimic a request making a session
cache.add("1234", session);
assertFalse(cache.contains("1234")); //null cache doesn't actually retain the session
@ -132,7 +133,7 @@ public class NullSessionCacheTest extends AbstractSessionCacheTest
//test one that exists
long now = System.currentTimeMillis();
SessionData data = store.newSessionData("1234", now - 20, now - 10, now - 20, TimeUnit.MINUTES.toMillis(10));
Session session = cache.newSession(data);
ManagedSession session = cache.newSession(data);
cache.add("1234", session);
assertFalse(cache.contains("1234"));
}

3
jetty-core/jetty-session/src/test/java/org/eclipse/jetty/session/SessionListenerTest.java
View File

@ -14,6 +14,7 @@
package org.eclipse.jetty.session;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.Session;
import org.eclipse.jetty.util.component.LifeCycle;
import org.junit.jupiter.api.Test;
@ -112,7 +113,7 @@ public class SessionListenerTest
store.store("1234", data);
//try to get the expired session, ensure that it wasn't used and that listeners were called for its expiry
Session session = sessionManager.getSession("1234");
Session session = sessionManager.getManagedSession("1234");
assertNull(session);
assertEquals(1L, sessionManager._sessionDestroyedListenersCalled.stream().filter(s -> s.equals("1234")).count());
assertEquals(1L, sessionManager._sessionUnboundListenersCalled.stream().filter(s -> s.equals("1234")).count());

62
jetty-core/jetty-session/src/test/java/org/eclipse/jetty/session/SimpleSessionHandler.java
View File

@ -21,6 +21,7 @@ import org.eclipse.jetty.server.Handler;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.Response;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.Session;
import org.eclipse.jetty.util.Callback;
/**
@ -68,20 +69,20 @@ public class SimpleSessionHandler extends AbstractSessionManager implements Hand
}
@Override
public Session getSession(Request request)
public ManagedSession getManagedSession(Request request)
{
return Request.get(request, SessionRequest.class, SessionRequest::getCoreSession);
return Request.get(request, SessionRequest.class, SessionRequest::getManagedSession);
}
@Override
public Session.APISession newSessionAPIWrapper(Session session)
public Session.API newSessionAPIWrapper(ManagedSession session)
{
return new SessionAPI(session);
}
public class SessionRequest extends Request.Wrapper
{
private final AtomicReference<Session> _session = new AtomicReference<>();
private final AtomicReference<ManagedSession> _session = new AtomicReference<>();
private String _requestedSessionId;
private Response _response;
@ -90,33 +91,34 @@ public class SimpleSessionHandler extends AbstractSessionManager implements Hand
super(request);
}
private Session getCoreSession()
{
return _session.get();
}
public void setCoreSession(Session session)
void setManagedSession(ManagedSession session)
{
_session.set(session);
}
public SessionAPI getSession(boolean create)
ManagedSession getManagedSession()
{
return _session.get();
}
@Override
public Session getSession(boolean create)
{
if (_response == null)
throw new IllegalStateException("!processing");
Session session = _session.get();
ManagedSession session = _session.get();
if (session == null && create)
{
newSession(this, _requestedSessionId, this::setCoreSession);
newSession(this, _requestedSessionId, this::setManagedSession);
session = _session.get();
HttpCookie cookie = getSessionCookie(session, getConnectionMetaData().isSecure());
if (cookie != null)
Response.replaceCookie(_response, cookie);
}
return session == null || session.isInvalid() ? null : session.getAPISession();
return session == null || !session.isValid() ? null : session;
}
public boolean process(Handler handler, Response response, Callback callback) throws Exception
@ -125,11 +127,11 @@ public class SimpleSessionHandler extends AbstractSessionManager implements Hand
RequestedSession requestedSession = resolveRequestedSessionId(this);
_requestedSessionId = requestedSession.sessionId();
Session session = requestedSession.session();
_session.set(session);
ManagedSession session = requestedSession.session();
if (session != null)
{
_session.set(session);
HttpCookie cookie = access(session, getConnectionMetaData().isSecure());
if (cookie != null)
Response.replaceCookie(_response, cookie);
@ -139,53 +141,49 @@ public class SimpleSessionHandler extends AbstractSessionManager implements Hand
}
}
public static class SessionAPI implements Session.APISession
public static class SessionAPI implements Session.API
{
private final Session _coreSession;
private final Session _session;
public SessionAPI(Session coreSession)
public SessionAPI(Session session)
{
_coreSession = coreSession;
_session = session;
}
@Override
public Session getCoreSession()
public Session getSession()
{
return _coreSession;
return _session;
}
public String getId()
{
return _coreSession.getId();
return _session.getId();
}
public Set<String> getAttributeNames()
{
return _coreSession.getNames();
return _session.getAttributeNameSet();
}
public Object getAttribute(String name)
{
return _coreSession.getAttribute(name);
return _session.getAttribute(name);
}
public void setAttribute(String name, Object value)
{
_coreSession.setAttribute(name, value);
_session.setAttribute(name, value);
}
public void invalidate()
{
_coreSession.invalidate();
_session.invalidate();
}
public void renewId(Request request, Response response)
{
_coreSession.renewId(request);
SessionManager sessionManager = _coreSession.getSessionManager();
if (sessionManager.isUsingCookies())
Response.replaceCookie(response, sessionManager.getSessionCookie(getCoreSession(), request.isSecure()));
_session.renewId(request, response);
}
}
}

8
jetty-core/jetty-session/src/test/java/org/eclipse/jetty/session/SimpleSessionHandlerTest.java
View File

@ -21,6 +21,7 @@ import org.eclipse.jetty.server.LocalConnector;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.Response;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.Session;
import org.eclipse.jetty.session.SimpleSessionHandler.SessionAPI;
import org.eclipse.jetty.session.SimpleSessionHandler.SessionRequest;
import org.eclipse.jetty.util.Callback;
@ -67,7 +68,8 @@ public class SimpleSessionHandlerTest
String[] split = pathInContext.substring(1).split("/");
SessionRequest sessionRequest = Request.as(request, SessionRequest.class);
SessionAPI session = sessionRequest.getSession(false);
Session session = sessionRequest.getSession(false);
SessionAPI api = session == null ? null : session.getApi();
if (split.length > 0)
{
@ -124,7 +126,7 @@ public class SimpleSessionHandlerTest
callback.failed(new IllegalStateException("No Session"));
return true;
}
session.renewId(request, response);
api.renewId(request, response);
}
}
}
@ -135,7 +137,7 @@ public class SimpleSessionHandlerTest
else
{
out.append("Session=").append(session.getId()).append('\n');
for (String name : session.getAttributeNames())
for (String name : session.getAttributeNameSet())
out.append("Attribute ").append(name).append(" = ").append(session.getAttribute(name)).append('\n');
}

7
jetty-core/jetty-session/src/test/java/org/eclipse/jetty/session/TestableRequest.java
View File

@ -27,6 +27,7 @@ import org.eclipse.jetty.server.ConnectionMetaData;
import org.eclipse.jetty.server.Context;
import org.eclipse.jetty.server.HttpStream;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.Session;
import org.eclipse.jetty.server.TunnelSupport;
public class TestableRequest implements Request
@ -169,4 +170,10 @@ public class TestableRequest implements Request
public void addHttpStreamWrapper(Function<HttpStream, HttpStream> wrapper)
{
}
@Override
public Session getSession(boolean create)
{
return null;
}
}

8
jetty-core/jetty-session/src/test/java/org/eclipse/jetty/session/TestableSessionConsumer.java
View File

@ -15,17 +15,17 @@ package org.eclipse.jetty.session;
import java.util.function.Consumer;
public class TestableSessionConsumer implements Consumer<Session>
public class TestableSessionConsumer implements Consumer<ManagedSession>
{
private Session _session;
private ManagedSession _session;
@Override
public void accept(Session s)
public void accept(ManagedSession s)
{
_session = s;
}
public Session getSession()
public ManagedSession getSession()
{
return _session;
}

11
jetty-core/jetty-session/src/test/java/org/eclipse/jetty/session/TestableSessionManager.java
View File

@ -19,7 +19,8 @@ import java.util.Map;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.session.Session.APISession;
import org.eclipse.jetty.server.Session;
import org.eclipse.jetty.server.Session.API;
import org.eclipse.jetty.util.StringUtil;
/**
@ -68,12 +69,12 @@ public class TestableSessionManager extends AbstractSessionManager
}
@Override
public APISession newSessionAPIWrapper(Session session)
public API newSessionAPIWrapper(ManagedSession session)
{
return new APISession()
return new API()
{
@Override
public Session getCoreSession()
public ManagedSession getSession()
{
return session;
}
@ -86,7 +87,7 @@ public class TestableSessionManager extends AbstractSessionManager
}
@Override
public Session getSession(Request request)
public ManagedSession getManagedSession(Request request)
{
return null;
}

6
jetty-core/jetty-util/src/main/java/org/eclipse/jetty/util/Attributes.java
View File

@ -128,7 +128,11 @@ public interface Attributes
/**
* Clear all attribute names
*/
void clearAttributes();
default void clearAttributes()
{
for (String name : getAttributeNameSet())
removeAttribute(name);
}
/** Unwrap all {@link Wrapper}s of the attributes
* @param attributes The attributes to unwrap, which may be a {@link Wrapper}.

2
jetty-ee10/jetty-ee10-servlet/src/main/java/org/eclipse/jetty/ee10/servlet/ErrorHandler.java
View File

@ -388,7 +388,7 @@ public class ErrorHandler implements Request.Processor
if (showStacks && !_disableStacks)
writeErrorPageStacks(request, writer);
((ServletApiRequest)request).getRequest().getServletChannel().getHttpConfiguration()
((ServletApiRequest)request).getServletContextRequest().getServletChannel().getHttpConfiguration()
.writePoweredBy(writer, "<hr/>", "<hr/>\n");
}

126
jetty-ee10/jetty-ee10-servlet/src/main/java/org/eclipse/jetty/ee10/servlet/ServletApiRequest.java
View File

@ -68,9 +68,9 @@ import org.eclipse.jetty.http.MimeTypes;
import org.eclipse.jetty.server.ConnectionMetaData;
import org.eclipse.jetty.server.FormFields;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.Response;
import org.eclipse.jetty.session.Session;
import org.eclipse.jetty.session.SessionManager;
import org.eclipse.jetty.server.Session;
import org.eclipse.jetty.session.AbstractSessionManager;
import org.eclipse.jetty.session.ManagedSession;
import org.eclipse.jetty.util.Fields;
import org.eclipse.jetty.util.HostPort;
import org.eclipse.jetty.util.StringUtil;
@ -100,26 +100,14 @@ public class ServletApiRequest implements HttpServletRequest
private Fields _contentParameters;
private Fields _parameters;
private Fields _queryParameters;
private SessionManager _sessionManager;
private Session _coreSession;
private String _requestedSessionId;
private boolean _requestedSessionIdFromCookie;
private Authentication _authentication;
private String _method;
private ServletMultiPartFormData.Parts _parts;
private ServletPathMapping _servletPathMapping;
private boolean _asyncSupported = true;
protected ServletApiRequest(ServletContextRequest servletContextRequest)
{
this._request = servletContextRequest;
}
public static Session getSession(HttpSession httpSession)
{
if (httpSession instanceof Session.APISession apiSession)
return apiSession.getCoreSession();
return null;
_request = servletContextRequest;
}
public Fields getQueryParams()
@ -148,7 +136,7 @@ public class ServletApiRequest implements HttpServletRequest
public String getMethod()
{
if (_method == null)
return getRequest().getMethod();
return getServletContextRequest().getMethod();
else
return _method;
}
@ -159,27 +147,7 @@ public class ServletApiRequest implements HttpServletRequest
_method = method;
}
void setCoreSession(Session session)
{
_coreSession = session;
}
Session getCoreSession()
{
return _coreSession;
}
public SessionManager getSessionManager()
{
return _sessionManager;
}
protected void setSessionManager(SessionManager sessionManager)
{
_sessionManager = sessionManager;
}
public ServletContextRequest getRequest()
public ServletContextRequest getServletContextRequest()
{
return _request;
}
@ -251,7 +219,7 @@ public class ServletApiRequest implements HttpServletRequest
@Override
public Cookie[] getCookies()
{
List<HttpCookie> httpCookies = Request.getCookies(getRequest());
List<HttpCookie> httpCookies = Request.getCookies(getServletContextRequest());
if (httpCookies.isEmpty())
return null;
return httpCookies.stream()
@ -263,7 +231,7 @@ public class ServletApiRequest implements HttpServletRequest
{
Cookie result = new Cookie(cookie.getName(), cookie.getValue());
//RFC2965 defines the cookie header as supporting path and domain but RFC6265 permits only name=value
if (CookieCompliance.RFC2965.equals(getRequest().getConnectionMetaData().getHttpConfiguration().getRequestCookieCompliance()))
if (CookieCompliance.RFC2965.equals(getServletContextRequest().getConnectionMetaData().getHttpConfiguration().getRequestCookieCompliance()))
{
result.setPath(cookie.getPath());
result.setDomain(cookie.getDomain());
@ -370,12 +338,8 @@ public class ServletApiRequest implements HttpServletRequest
@Override
public String getRequestedSessionId()
{
return _requestedSessionId;
}
protected void setRequestedSessionId(String requestedSessionId)
{
_requestedSessionId = requestedSessionId;
AbstractSessionManager.RequestedSession requestedSession = _request.getRequestedSession();
return requestedSession == null ? null : requestedSession.sessionId();
}
@Override
@ -400,33 +364,12 @@ public class ServletApiRequest implements HttpServletRequest
@Override
public HttpSession getSession(boolean create)
{
if (_coreSession != null)
{
if (!_coreSession.isValid())
_coreSession = null;
else
return _coreSession.getAPISession();
}
if (!create)
Session session = _request.getSession(create);
if (session == null)
return null;
if (_request.getResponse().isCommitted())
throw new IllegalStateException("Response is committed");
if (_sessionManager == null)
throw new IllegalStateException("No SessionManager");
_sessionManager.newSession(_request, getRequestedSessionId(), this::setCoreSession);
if (_coreSession == null)
throw new IllegalStateException("Create session failed");
var cookie = _sessionManager.getSessionCookie(_coreSession, isSecure());
if (cookie != null)
Response.replaceCookie(_request.getResponse(), cookie);
return _coreSession.getAPISession();
if (session.isNew() && getAuthentication() instanceof Authentication.User)
session.setAttribute(ManagedSession.SESSION_CREATED_SECURE, Boolean.TRUE);
return session.getApi();
}
@Override
@ -438,24 +381,14 @@ public class ServletApiRequest implements HttpServletRequest
@Override
public String changeSessionId()
{
HttpSession httpSession = getSession(false);
if (httpSession == null)
Session session = _request.getSession(false);
if (session == null)
throw new IllegalStateException("No session");
Session session = SessionHandler.ServletAPISession.getSession(httpSession);
if (session == null)
throw new IllegalStateException("!org.eclipse.jetty.session.Session");
if (getSessionManager() == null)
throw new IllegalStateException("No SessionManager.");
session.renewId(_request);
session.renewId(_request, _request.getResponse());
if (getRemoteUser() != null)
session.setAttribute(Session.SESSION_CREATED_SECURE, Boolean.TRUE);
if (getSessionManager().isUsingCookies())
Response.replaceCookie(_request.getResponse(), getSessionManager().getSessionCookie(session, isSecure()));
session.setAttribute(ManagedSession.SESSION_CREATED_SECURE, Boolean.TRUE);
return session.getId();
}
@ -463,27 +396,22 @@ public class ServletApiRequest implements HttpServletRequest
@Override
public boolean isRequestedSessionIdValid()
{
if (getRequestedSessionId() == null || _coreSession == null)
return false;
//check requestedId (which may have worker suffix) against the actual session id
return _coreSession.isValid() && getSessionManager().getSessionIdManager().getId(getRequestedSessionId()).equals(_coreSession.getId());
AbstractSessionManager.RequestedSession requestedSession = _request.getRequestedSession();
return requestedSession != null && requestedSession.sessionId() != null && !requestedSession.sessionIdFromCookie();
}
@Override
public boolean isRequestedSessionIdFromCookie()
{
return _requestedSessionIdFromCookie;
}
protected void setRequestedSessionIdFromCookie(boolean requestedSessionIdFromCookie)
{
_requestedSessionIdFromCookie = requestedSessionIdFromCookie;
AbstractSessionManager.RequestedSession requestedSession = _request.getRequestedSession();
return requestedSession != null && requestedSession.sessionId() != null && requestedSession.sessionIdFromCookie();
}
@Override
public boolean isRequestedSessionIdFromURL()
{
return getRequestedSessionId() != null && !isRequestedSessionIdFromCookie();
AbstractSessionManager.RequestedSession requestedSession = _request.getRequestedSession();
return requestedSession != null && requestedSession.sessionId() != null && !requestedSession.sessionIdFromCookie();
}
@Override
@ -500,7 +428,7 @@ public class ServletApiRequest implements HttpServletRequest
if (_authentication instanceof Authentication.Deferred)
{
setAuthentication(((Authentication.Deferred)_authentication)
.authenticate(_request, _request.getResponse(), getRequest().getServletChannel().getCallback()));
.authenticate(_request, _request.getResponse(), getServletContextRequest().getServletChannel().getCallback()));
}
//if the authentication did not succeed
@ -853,7 +781,7 @@ public class ServletApiRequest implements HttpServletRequest
{
int maxKeys = _request.getServletRequestState().getContextHandler().getMaxFormKeys();
int maxContentSize = _request.getServletRequestState().getContextHandler().getMaxFormContentSize();
_contentParameters = FormFields.from(getRequest(), maxKeys, maxContentSize).get();
_contentParameters = FormFields.from(getServletContextRequest(), maxKeys, maxContentSize).get();
if (_contentParameters == null || _contentParameters.isEmpty())
_contentParameters = ServletContextRequest.NO_PARAMS;
}

16
jetty-ee10/jetty-ee10-servlet/src/main/java/org/eclipse/jetty/ee10/servlet/ServletApiResponse.java
View File

@ -45,7 +45,8 @@ import org.eclipse.jetty.http.MimeTypes;
import org.eclipse.jetty.io.RuntimeIOException;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.Response;
import org.eclipse.jetty.session.Session;
import org.eclipse.jetty.server.Session;
import org.eclipse.jetty.session.ManagedSession;
import org.eclipse.jetty.session.SessionManager;
import org.eclipse.jetty.util.Blocker;
import org.eclipse.jetty.util.FutureCallback;
@ -158,16 +159,16 @@ public class ServletApiResponse implements HttpServletResponse
HttpSession session = httpServletRequest.getSession(false);
// no session
if (session == null || !(session instanceof Session.APISession))
if (session == null || !(session instanceof Session.API))
return url;
// invalid session
Session.APISession apiSession = (Session.APISession)session;
Session.API api = (Session.API)session;
if (!apiSession.getCoreSession().isValid())
if (!api.getSession().isValid())
return url;
String id = apiSession.getCoreSession().getExtendedId();
String id = api.getSession().getExtendedId();
if (uri == null)
uri = HttpURI.from(url);
@ -559,11 +560,12 @@ public class ServletApiResponse implements HttpServletResponse
_response.reset();
ServletApiRequest servletApiRequest = _response.getServletContextRequest().getServletApiRequest();
Session session = servletApiRequest.getCoreSession();
ManagedSession session = servletApiRequest.getServletContextRequest().getManagedSession();
if (session != null && session.isNew())
{
SessionManager sessionManager = servletApiRequest.getSessionManager();
SessionManager sessionManager = servletApiRequest.getServletContextRequest().getSessionManager();
if (sessionManager != null)
{
HttpCookie cookie = sessionManager.getSessionCookie(session, servletApiRequest.getServletConnection().isSecure());

2
jetty-ee10/jetty-ee10-servlet/src/main/java/org/eclipse/jetty/ee10/servlet/ServletContextHandler.java
View File

@ -1164,7 +1164,7 @@ public class ServletContextHandler extends ContextHandler implements Graceful
String pathInContext,
MatchedResource<ServletHandler.MappedServlet> matchedResource)
{
return new ServletContextRequest(_servletContext, servletChannel, request, response, pathInContext, matchedResource);
return new ServletContextRequest(_servletContext, servletChannel, request, response, pathInContext, matchedResource, getSessionHandler());
}
@Override

76
jetty-ee10/jetty-ee10-servlet/src/main/java/org/eclipse/jetty/ee10/servlet/ServletContextRequest.java
View File

@ -24,6 +24,7 @@ import jakarta.servlet.ServletRequestAttributeListener;
import jakarta.servlet.ServletRequestWrapper;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import org.eclipse.jetty.http.HttpCookie;
import org.eclipse.jetty.http.HttpFields;
import org.eclipse.jetty.http.HttpMethod;
import org.eclipse.jetty.http.pathmap.MatchedPath;
@ -31,8 +32,12 @@ import org.eclipse.jetty.http.pathmap.MatchedResource;
import org.eclipse.jetty.http.pathmap.PathSpec;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.Response;
import org.eclipse.jetty.server.Session;
import org.eclipse.jetty.server.handler.ContextHandler;
import org.eclipse.jetty.server.handler.ContextRequest;
import org.eclipse.jetty.session.AbstractSessionManager;
import org.eclipse.jetty.session.ManagedSession;
import org.eclipse.jetty.session.SessionManager;
import org.eclipse.jetty.util.Fields;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@ -51,7 +56,7 @@ public class ServletContextRequest extends ContextRequest
public static ServletContextRequest getServletContextRequest(ServletRequest request)
{
if (request instanceof ServletApiRequest)
return ((ServletApiRequest)request).getRequest();
return ((ServletApiRequest)request).getServletContextRequest();
Object channel = request.getAttribute(ServletChannel.class.getName());
if (channel instanceof ServletChannel)
@ -63,7 +68,7 @@ public class ServletContextRequest extends ContextRequest
}
if (request instanceof ServletApiRequest)
return ((ServletApiRequest)request).getRequest();
return ((ServletApiRequest)request).getServletContextRequest();
throw new IllegalStateException("could not find %s for %s".formatted(ServletContextRequest.class.getSimpleName(), request));
}
@ -76,9 +81,12 @@ public class ServletContextRequest extends ContextRequest
private final String _pathInContext;
private final ServletChannel _servletChannel;
private final PathSpec _pathSpec;
private final SessionManager _sessionManager;
final MatchedPath _matchedPath;
private Charset _queryEncoding;
private HttpFields _trailers;
private ManagedSession _managedSession;
AbstractSessionManager.RequestedSession _requestedSession;
protected ServletContextRequest(
ServletContextHandler.ServletContextApi servletContextApi,
@ -86,7 +94,8 @@ public class ServletContextRequest extends ContextRequest
Request request,
Response response,
String pathInContext,
MatchedResource<ServletHandler.MappedServlet> matchedResource)
MatchedResource<ServletHandler.MappedServlet> matchedResource,
SessionManager sessionManager)
{
super(servletContextApi.getContext(), request);
_servletChannel = servletChannel;
@ -97,6 +106,7 @@ public class ServletContextRequest extends ContextRequest
_pathSpec = matchedResource.getPathSpec();
_matchedPath = matchedResource.getMatchedPath();
_response = newServletContextResponse(response);
_sessionManager = sessionManager;
}
protected ServletApiRequest newServletApiRequest()
@ -292,4 +302,64 @@ public class ServletContextRequest extends ContextRequest
boolean isNoParams = (fields == NO_PARAMS);
return isNoParams;
}
public ManagedSession getManagedSession()
{
return _managedSession;
}
public void setManagedSession(ManagedSession managedSession)
{
_managedSession = managedSession;
}
public SessionManager getSessionManager()
{
return _sessionManager;
}
public void setRequestedSession(AbstractSessionManager.RequestedSession requestedSession)
{
if (_requestedSession != null)
throw new IllegalStateException();
_requestedSession = requestedSession;
_managedSession = requestedSession.session();
}
public AbstractSessionManager.RequestedSession getRequestedSession()
{
return _requestedSession;
}
@Override
public Session getSession(boolean create)
{
if (_managedSession != null)
{
if (_sessionManager != null && !_managedSession.isValid())
_managedSession = null;
else
return _managedSession;
}
if (!create)
return null;
if (_response.isCommitted())
throw new IllegalStateException("Response is committed");
if (_sessionManager == null)
throw new IllegalStateException("No SessionManager");
_sessionManager.newSession(this, _requestedSession.sessionId(), this::setManagedSession);
if (_managedSession == null)
throw new IllegalStateException("Create session failed");
HttpCookie cookie = _sessionManager.getSessionCookie(_managedSession, isSecure());
if (cookie != null)
Response.replaceCookie(_response, cookie);
return _managedSession;
}
}

7
jetty-ee10/jetty-ee10-servlet/src/main/java/org/eclipse/jetty/ee10/servlet/ServletContextResponse.java
View File

@ -37,6 +37,7 @@ import org.eclipse.jetty.http.MimeTypes;
import org.eclipse.jetty.io.RuntimeIOException;
import org.eclipse.jetty.server.Response;
import org.eclipse.jetty.server.handler.ContextResponse;
import org.eclipse.jetty.session.ManagedSession;
import org.eclipse.jetty.util.Callback;
import org.eclipse.jetty.util.StringUtil;
@ -333,10 +334,10 @@ public class ServletContextResponse extends ContextResponse
SessionHandler sh = _servletChannel.getContextHandler().getSessionHandler();
if (sh != null)
{
// TODO: use Jan's new static method.
if (session instanceof SessionHandler.ServletAPISession apiSession)
ManagedSession managedSession = SessionHandler.ServletSessionApi.getSession(session);
if (managedSession != null)
{
HttpCookie c = sh.getSessionCookie(apiSession.getCoreSession(), _request.isSecure());
HttpCookie c = sh.getSessionCookie(managedSession, _request.isSecure());
if (c != null)
Response.addCookie(_response, c);
}

2
jetty-ee10/jetty-ee10-servlet/src/main/java/org/eclipse/jetty/ee10/servlet/ServletMultiPartFormData.java
View File

@ -96,7 +96,7 @@ public class ServletMultiPartFormData
formData.setMaxMemoryFileSize(config.getFileSizeThreshold());
formData.setMaxFileSize(config.getMaxFileSize());
formData.setMaxLength(config.getMaxRequestSize());
ConnectionMetaData connectionMetaData = request.getRequest().getConnectionMetaData();
ConnectionMetaData connectionMetaData = request.getServletContextRequest().getConnectionMetaData();
formData.setPartHeadersMaxLength(connectionMetaData.getHttpConfiguration().getRequestHeaderSize());
Connection connection = connectionMetaData.getConnection();

61
jetty-ee10/jetty-ee10-servlet/src/main/java/org/eclipse/jetty/ee10/servlet/SessionHandler.java
View File

@ -43,9 +43,10 @@ import org.eclipse.jetty.server.Handler;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.Response;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.Session;
import org.eclipse.jetty.server.handler.ContextHandler;
import org.eclipse.jetty.session.AbstractSessionManager;
import org.eclipse.jetty.session.Session;
import org.eclipse.jetty.session.ManagedSession;
import org.eclipse.jetty.util.Callback;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@ -269,29 +270,29 @@ public class SessionHandler extends AbstractSessionManager implements Handler.Ne
}
}
public static class ServletAPISession implements HttpSession, Session.APISession
public static class ServletSessionApi implements HttpSession, Session.API
{
public static ServletAPISession wrapSession(Session session)
public static ServletSessionApi wrapSession(ManagedSession session)
{
return new ServletAPISession(session);
return new ServletSessionApi(session);
}
public static Session getSession(HttpSession httpSession)
public static ManagedSession getSession(HttpSession httpSession)
{
if (httpSession instanceof ServletAPISession apiSession)
return apiSession.getCoreSession();
if (httpSession instanceof ServletSessionApi apiSession)
return apiSession.getSession();
return null;
}
private final Session _session;
private final ManagedSession _session;
private ServletAPISession(Session session)
private ServletSessionApi(ManagedSession session)
{
_session = session;
}
@Override
public Session getCoreSession()
public ManagedSession getSession()
{
return _session;
}
@ -341,7 +342,7 @@ public class SessionHandler extends AbstractSessionManager implements Handler.Ne
@Override
public Enumeration<String> getAttributeNames()
{
final Iterator<String> itor = _session.getNames().iterator();
final Iterator<String> itor = _session.getAttributeNameSet().iterator();
return new Enumeration<>()
{
@ -390,10 +391,10 @@ public class SessionHandler extends AbstractSessionManager implements Handler.Ne
}
@Override
public Session getSession(Request request)
public ManagedSession getManagedSession(Request request)
{
ServletApiRequest apiRequest = Request.get(request, ServletContextRequest.class, ServletContextRequest::getServletApiRequest);
return apiRequest == null ? null : apiRequest.getCoreSession();
return apiRequest == null ? null : apiRequest.getServletContextRequest().getManagedSession();
}
/**
@ -458,9 +459,9 @@ public class SessionHandler extends AbstractSessionManager implements Handler.Ne
{
}
public Session.APISession newSessionAPIWrapper(Session session)
public Session.API newSessionAPIWrapper(ManagedSession session)
{
return ServletAPISession.wrapSession(session);
return ServletSessionApi.wrapSession(session);
}
@Override
@ -468,7 +469,7 @@ public class SessionHandler extends AbstractSessionManager implements Handler.Ne
{
if (!_sessionAttributeListeners.isEmpty())
{
HttpSessionBindingEvent event = new HttpSessionBindingEvent(session.getAPISession(), name, old == null ? value : old);
HttpSessionBindingEvent event = new HttpSessionBindingEvent(session.getApi(), name, old == null ? value : old);
for (HttpSessionAttributeListener l : _sessionAttributeListeners)
{
@ -494,7 +495,7 @@ public class SessionHandler extends AbstractSessionManager implements Handler.Ne
if (session == null)
return;
HttpSessionEvent event = new HttpSessionEvent(session.getAPISession());
HttpSessionEvent event = new HttpSessionEvent(session.getApi());
for (HttpSessionListener l : _sessionListeners)
{
l.sessionCreated(event);
@ -518,7 +519,7 @@ public class SessionHandler extends AbstractSessionManager implements Handler.Ne
//come from the scavenger, rather than a request thread
getSessionContext().run(() ->
{
HttpSessionEvent event = new HttpSessionEvent(session.getAPISession());
HttpSessionEvent event = new HttpSessionEvent(session.getApi());
for (int i = _sessionListeners.size() - 1; i >= 0; i--)
{
_sessionListeners.get(i).sessionDestroyed(event);
@ -532,7 +533,7 @@ public class SessionHandler extends AbstractSessionManager implements Handler.Ne
//inform the listeners
if (!_sessionIdListeners.isEmpty())
{
HttpSessionEvent event = new HttpSessionEvent(session.getAPISession());
HttpSessionEvent event = new HttpSessionEvent(session.getApi());
for (HttpSessionIdListener l : _sessionIdListeners)
{
l.sessionIdChanged(event, oldId);
@ -544,14 +545,14 @@ public class SessionHandler extends AbstractSessionManager implements Handler.Ne
public void callUnboundBindingListener(Session session, String name, Object value)
{
if (value instanceof HttpSessionBindingListener)
((HttpSessionBindingListener)value).valueUnbound(new HttpSessionBindingEvent(session.getAPISession(), name));
((HttpSessionBindingListener)value).valueUnbound(new HttpSessionBindingEvent(session.getApi(), name));
}
@Override
public void callBoundBindingListener(Session session, String name, Object value)
{
if (value instanceof HttpSessionBindingListener)
((HttpSessionBindingListener)value).valueBound(new HttpSessionBindingEvent(session.getAPISession(), name));
((HttpSessionBindingListener)value).valueBound(new HttpSessionBindingEvent(session.getApi(), name));
}
@Override
@ -559,7 +560,7 @@ public class SessionHandler extends AbstractSessionManager implements Handler.Ne
{
if (value instanceof HttpSessionActivationListener listener)
{
HttpSessionEvent event = new HttpSessionEvent(session.getAPISession());
HttpSessionEvent event = new HttpSessionEvent(session.getApi());
listener.sessionDidActivate(event);
}
}
@ -569,7 +570,7 @@ public class SessionHandler extends AbstractSessionManager implements Handler.Ne
{
if (value instanceof HttpSessionActivationListener listener)
{
HttpSessionEvent event = new HttpSessionEvent(session.getAPISession());
HttpSessionEvent event = new HttpSessionEvent(session.getApi());
listener.sessionWillPassivate(event);
}
}
@ -640,24 +641,14 @@ public class SessionHandler extends AbstractSessionManager implements Handler.Ne
return false;
ServletContextRequest servletContextRequest = Request.as(request, ServletContextRequest.class);
ServletApiRequest servletApiRequest =
(servletContextRequest == null ? null : servletContextRequest.getServletApiRequest());
if (servletApiRequest == null)
throw new IllegalStateException("Request is not a valid ServletContextRequest");
addSessionStreamWrapper(request);
// find and set the session if one exists
RequestedSession requestedSession = resolveRequestedSessionId(request);
servletApiRequest.setCoreSession(requestedSession.session());
servletApiRequest.setSessionManager(this);
servletApiRequest.setRequestedSessionId(requestedSession.sessionId());
servletApiRequest.setRequestedSessionIdFromCookie(requestedSession.sessionIdFromCookie());
HttpCookie cookie = access(requestedSession.session(), request.getConnectionMetaData().isSecure());
servletContextRequest.setRequestedSession(requestedSession);
// Handle changed ID or max-age refresh, but only if this is not a redispatched request
HttpCookie cookie = access(requestedSession.session(), request.getConnectionMetaData().isSecure());
if (cookie != null)
{
ServletContextResponse servletContextResponse = servletContextRequest.getResponse();

16
jetty-ee10/jetty-ee10-servlet/src/main/java/org/eclipse/jetty/ee10/servlet/security/authentication/LoginAuthenticator.java
View File

@ -26,7 +26,8 @@ import org.eclipse.jetty.ee10.servlet.security.LoginService;
import org.eclipse.jetty.ee10.servlet.security.UserIdentity;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.Response;
import org.eclipse.jetty.session.Session;
import org.eclipse.jetty.server.Session;
import org.eclipse.jetty.session.ManagedSession;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@ -82,7 +83,7 @@ public abstract class LoginAuthenticator implements Authenticator
if (session == null)
return;
session.removeAttribute(Session.SESSION_CREATED_SECURE);
session.removeAttribute(ManagedSession.SESSION_CREATED_SECURE);
}
@Override
@ -124,17 +125,12 @@ public abstract class LoginAuthenticator implements Authenticator
{
//if we should renew sessions, and there is an existing session that may have been seen by non-authenticated users
//(indicated by SESSION_SECURED not being set on the session) then we should change id
if (session.getAttribute(Session.SESSION_CREATED_SECURE) != Boolean.TRUE)
if (session.getAttribute(ManagedSession.SESSION_CREATED_SECURE) != Boolean.TRUE)
{
session.setAttribute(ManagedSession.SESSION_CREATED_SECURE, Boolean.TRUE);
ServletContextRequest servletContextRequest = ServletContextRequest.getServletContextRequest(httpRequest);
Response response = servletContextRequest.getResponse().getWrapped();
String oldId = session.getId();
session.renewId(servletContextRequest);
session.setAttribute(Session.SESSION_CREATED_SECURE, Boolean.TRUE);
if (session.isSetCookieNeeded())
Response.replaceCookie(response, session.getSessionManager().getSessionCookie(session, httpRequest.isSecure()));
if (LOG.isDebugEnabled())
LOG.debug("renew {}->{}", oldId, session.getId());
session.renewId(servletContextRequest, response);
return httpSession;
}
}

2
jetty-ee10/jetty-ee10-servlet/src/test/java/org/eclipse/jetty/ee10/servlet/ServletContextHandlerTest.java
View File

@ -2408,7 +2408,7 @@ public class ServletContextHandlerTest
@Override
protected ServletContextRequest newServletContextRequest(ServletChannel servletChannel, Request request, Response response, String pathInContext, MatchedResource<ServletHandler.MappedServlet> matchedResource)
{
return new ServletContextRequest(getContext().getServletContext(), servletChannel, request, response, pathInContext, matchedResource)
return new ServletContextRequest(getContext().getServletContext(), servletChannel, request, response, pathInContext, matchedResource, getSessionHandler())
{
@Override
protected ServletContextResponse newServletContextResponse(Response response)

29
jetty-ee10/jetty-ee10-servlet/src/test/java/org/eclipse/jetty/ee10/servlet/SessionHandlerTest.java
View File

@ -42,13 +42,14 @@ import org.eclipse.jetty.logging.StacklessLogging;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.ServerConnector;
import org.eclipse.jetty.server.Session;
import org.eclipse.jetty.session.AbstractSessionCache;
import org.eclipse.jetty.session.DefaultSessionCacheFactory;
import org.eclipse.jetty.session.DefaultSessionIdManager;
import org.eclipse.jetty.session.HouseKeeper;
import org.eclipse.jetty.session.ManagedSession;
import org.eclipse.jetty.session.NullSessionDataStore;
import org.eclipse.jetty.session.NullSessionDataStoreFactory;
import org.eclipse.jetty.session.Session;
import org.eclipse.jetty.session.SessionCache;
import org.eclipse.jetty.session.SessionData;
import org.eclipse.jetty.session.SessionDataStoreFactory;
@ -73,12 +74,12 @@ public class SessionHandlerTest
{
public WorkDir workDir;
public static class SessionConsumer implements Consumer<Session>
public static class SessionConsumer implements Consumer<ManagedSession>
{
private Session _session;
private ManagedSession _session;
@Override
public void accept(Session s)
public void accept(ManagedSession s)
{
_session = s;
}
@ -208,7 +209,7 @@ public class SessionHandlerTest
}
}
try (StacklessLogging ignore = new StacklessLogging(ServletHandler.class, Session.class))
try (StacklessLogging ignore = new StacklessLogging(ServletHandler.class, ManagedSession.class))
{
Listener1 listener = new Listener1();
sessionHandler.addEventListener(listener);
@ -283,7 +284,7 @@ public class SessionHandlerTest
sessionHandler.addEventListener(new Listener2());
sessionHandler.setServer(server);
server.start();
Session session = new Session(sessionHandler, new SessionData("aa", "_", "0.0", 0, 0, 0, 0));
Session session = new ManagedSession(sessionHandler, new SessionData("aa", "_", "0.0", 0, 0, 0, 0));
sessionHandler.callSessionCreatedListeners(session);
sessionHandler.callSessionDestroyedListeners(session);
assertEquals("Listener1 create;Listener2 create;Listener2 destroy;Listener1 destroy;", result.toString());
@ -396,37 +397,37 @@ public class SessionHandlerTest
}
@Override
public Session doGet(String key)
public ManagedSession doGet(String key)
{
return null;
}
@Override
public Session doPutIfAbsent(String key, Session session)
public Session doPutIfAbsent(String key, ManagedSession session)
{
return null;
}
@Override
public Session doDelete(String key)
public ManagedSession doDelete(String key)
{
return null;
}
@Override
public boolean doReplace(String id, Session oldValue, Session newValue)
public boolean doReplace(String id, ManagedSession oldValue, ManagedSession newValue)
{
return false;
}
@Override
public Session newSession(SessionData data)
public ManagedSession newSession(SessionData data)
{
return null;
}
@Override
protected Session doComputeIfAbsent(String id, Function<String, Session> mappingFunction)
protected ManagedSession doComputeIfAbsent(String id, Function<String, ManagedSession> mappingFunction)
{
return mappingFunction.apply(id);
}
@ -472,7 +473,7 @@ public class SessionHandlerTest
long now = System.currentTimeMillis();
Session session = new Session(mgr, new SessionData("123", "_foo", "0.0.0.0", now, now, now, 30));
ManagedSession session = new ManagedSession(mgr, new SessionData("123", "_foo", "0.0.0.0", now, now, now, 30));
session.setExtendedId("123.node1");
SessionCookieConfig sessionCookieConfig = mgr.getSessionCookieConfig();
sessionCookieConfig.setName("SPECIAL");
@ -511,7 +512,7 @@ public class SessionHandlerTest
long now = System.currentTimeMillis();
Session session = new Session(mgr, new SessionData("123", "_foo", "0.0.0.0", now, now, now, 30));
ManagedSession session = new ManagedSession(mgr, new SessionData("123", "_foo", "0.0.0.0", now, now, now, 30));
SessionCookieConfig sessionCookieConfig = mgr.getSessionCookieConfig();
sessionCookieConfig.setSecure(true);

6
jetty-ee10/jetty-ee10-tests/jetty-ee10-test-sessions/jetty-ee10-test-sessions-common/src/main/java/org/eclipse/jetty/ee10/session/AbstractClusteredSessionScavengingTest.java
View File

@ -35,7 +35,7 @@ import org.eclipse.jetty.ee10.servlet.SessionHandler;
import org.eclipse.jetty.session.AbstractSessionDataStoreFactory;
import org.eclipse.jetty.session.DefaultSessionCache;
import org.eclipse.jetty.session.DefaultSessionCacheFactory;
import org.eclipse.jetty.session.Session;
import org.eclipse.jetty.session.ManagedSession;
import org.eclipse.jetty.session.SessionCache;
import org.eclipse.jetty.session.SessionDataStoreFactory;
import org.eclipse.jetty.session.SessionManager;
@ -67,7 +67,7 @@ public abstract class AbstractClusteredSessionScavengingTest extends AbstractSes
* @param id
* @return session already in the cache
*/
public Session peek(String id)
public ManagedSession peek(String id)
{
return doGet(id);
}
@ -149,7 +149,7 @@ public abstract class AbstractClusteredSessionScavengingTest extends AbstractSes
//Peek at the contents of the cache without doing all the reference counting etc
Session s1 = ((TestSessionCache)m1.getSessionCache()).peek(id);
ManagedSession s1 = ((TestSessionCache)m1.getSessionCache()).peek(id);
assertNotNull(s1);
long expiry = s1.getSessionData().getExpiry();

3
jetty-ee10/jetty-ee10-tests/jetty-ee10-test-sessions/jetty-ee10-test-sessions-common/src/test/java/org/eclipse/jetty/ee10/session/DeleteUnloadableSessionTest.java
View File

@ -32,6 +32,7 @@ import org.eclipse.jetty.logging.StacklessLogging;
import org.eclipse.jetty.session.AbstractSessionDataStore;
import org.eclipse.jetty.session.AbstractSessionDataStoreFactory;
import org.eclipse.jetty.session.DefaultSessionCacheFactory;
import org.eclipse.jetty.session.ManagedSession;
import org.eclipse.jetty.session.SessionCache;
import org.eclipse.jetty.session.SessionData;
import org.eclipse.jetty.session.SessionDataStore;
@ -157,7 +158,7 @@ public class DeleteUnloadableSessionTest
ServletHolder holder = new ServletHolder(servlet);
context.addServlet(holder, servletMapping);
try (StacklessLogging ignored = new StacklessLogging(DeleteUnloadableSessionTest.class.getPackage(), org.eclipse.jetty.session.Session.class.getPackage()))
try (StacklessLogging ignored = new StacklessLogging(DeleteUnloadableSessionTest.class.getPackage(), ManagedSession.class.getPackage()))
{
server.start();
int port = server.getPort();

44
jetty-ee10/jetty-ee10-tests/jetty-ee10-test-sessions/jetty-ee10-test-sessions-common/src/test/java/org/eclipse/jetty/ee10/session/DuplicateCookieTest.java
View File

@ -29,7 +29,7 @@ import org.eclipse.jetty.ee10.servlet.ServletHolder;
import org.eclipse.jetty.logging.StacklessLogging;
import org.eclipse.jetty.session.DefaultSessionCache;
import org.eclipse.jetty.session.DefaultSessionCacheFactory;
import org.eclipse.jetty.session.Session;
import org.eclipse.jetty.session.ManagedSession;
import org.eclipse.jetty.session.SessionCache;
import org.eclipse.jetty.session.SessionData;
import org.eclipse.jetty.session.SessionDataStore;
@ -47,7 +47,7 @@ import static org.junit.jupiter.api.Assertions.assertNotNull;
*/
public class DuplicateCookieTest
{
public class TestSession extends Session
public class TestSession extends ManagedSession
{
public TestSession(SessionManager manager, SessionData data)
@ -57,7 +57,7 @@ public class DuplicateCookieTest
public void makeInvalid()
{
_state = Session.State.INVALID;
_state = ManagedSession.State.INVALID;
}
}
@ -70,7 +70,7 @@ public class DuplicateCookieTest
}
@Override
public Session newSession(SessionData data)
public ManagedSession newSession(SessionData data)
{
return new TestSession(getSessionManager(), data);
}
@ -109,7 +109,7 @@ public class DuplicateCookieTest
try (StacklessLogging ignored = new StacklessLogging(DuplicateCookieTest.class.getPackage()))
{
//create a valid session
Session s4422 = createUnExpiredSession(contextHandler.getSessionHandler().getSessionCache(),
ManagedSession s4422 = createUnExpiredSession(contextHandler.getSessionHandler().getSessionCache(),
contextHandler.getSessionHandler().getSessionCache().getSessionDataStore(),
"4422");
@ -158,15 +158,15 @@ public class DuplicateCookieTest
try (StacklessLogging ignored = new StacklessLogging(DuplicateCookieTest.class.getPackage()))
{
//create a valid session
Session s1122 = createUnExpiredSession(contextHandler.getSessionHandler().getSessionCache(),
ManagedSession s1122 = createUnExpiredSession(contextHandler.getSessionHandler().getSessionCache(),
contextHandler.getSessionHandler().getSessionCache().getSessionDataStore(),
"1122");
//create an invalid session
Session s2233 = createInvalidSession(contextHandler.getSessionHandler().getSessionCache(),
ManagedSession s2233 = createInvalidSession(contextHandler.getSessionHandler().getSessionCache(),
contextHandler.getSessionHandler().getSessionCache().getSessionDataStore(),
"2233");
//create another invalid session
Session s2255 = createInvalidSession(contextHandler.getSessionHandler().getSessionCache(),
ManagedSession s2255 = createInvalidSession(contextHandler.getSessionHandler().getSessionCache(),
contextHandler.getSessionHandler().getSessionCache().getSessionDataStore(),
"2255");
@ -218,15 +218,15 @@ public class DuplicateCookieTest
try (StacklessLogging ignored = new StacklessLogging(DuplicateCookieTest.class.getPackage()))
{
//create a valid session
Session s1122 = createUnExpiredSession(contextHandler.getSessionHandler().getSessionCache(),
ManagedSession s1122 = createUnExpiredSession(contextHandler.getSessionHandler().getSessionCache(),
contextHandler.getSessionHandler().getSessionCache().getSessionDataStore(),
"1122");
//create an invalid session
Session s2233 = createInvalidSession(contextHandler.getSessionHandler().getSessionCache(),
ManagedSession s2233 = createInvalidSession(contextHandler.getSessionHandler().getSessionCache(),
contextHandler.getSessionHandler().getSessionCache().getSessionDataStore(),
"2233");
//create another invalid session
Session s2255 = createInvalidSession(contextHandler.getSessionHandler().getSessionCache(),
ManagedSession s2255 = createInvalidSession(contextHandler.getSessionHandler().getSessionCache(),
contextHandler.getSessionHandler().getSessionCache().getSessionDataStore(),
"2255");
@ -279,15 +279,15 @@ public class DuplicateCookieTest
try (StacklessLogging ignored = new StacklessLogging(DuplicateCookieTest.class.getPackage()))
{
//create a valid session
Session s1122 = createUnExpiredSession(contextHandler.getSessionHandler().getSessionCache(),
ManagedSession s1122 = createUnExpiredSession(contextHandler.getSessionHandler().getSessionCache(),
contextHandler.getSessionHandler().getSessionCache().getSessionDataStore(),
"1122");
//create an invalid session
Session s2233 = createInvalidSession(contextHandler.getSessionHandler().getSessionCache(),
ManagedSession s2233 = createInvalidSession(contextHandler.getSessionHandler().getSessionCache(),
contextHandler.getSessionHandler().getSessionCache().getSessionDataStore(),
"2233");
//create another invalid session
Session s2255 = createInvalidSession(contextHandler.getSessionHandler().getSessionCache(),
ManagedSession s2255 = createInvalidSession(contextHandler.getSessionHandler().getSessionCache(),
contextHandler.getSessionHandler().getSessionCache().getSessionDataStore(),
"2255");
@ -339,13 +339,13 @@ public class DuplicateCookieTest
try (StacklessLogging ignored = new StacklessLogging(DuplicateCookieTest.class.getPackage()))
{
//create some unexpired sessions
Session s1234 = createUnExpiredSession(contextHandler.getSessionHandler().getSessionCache(),
ManagedSession s1234 = createUnExpiredSession(contextHandler.getSessionHandler().getSessionCache(),
contextHandler.getSessionHandler().getSessionCache().getSessionDataStore(),
"1234");
Session s5678 = createUnExpiredSession(contextHandler.getSessionHandler().getSessionCache(),
ManagedSession s5678 = createUnExpiredSession(contextHandler.getSessionHandler().getSessionCache(),
contextHandler.getSessionHandler().getSessionCache().getSessionDataStore(),
"5678");
Session s9111 = createUnExpiredSession(contextHandler.getSessionHandler().getSessionCache(),
ManagedSession s9111 = createUnExpiredSession(contextHandler.getSessionHandler().getSessionCache(),
contextHandler.getSessionHandler().getSessionCache().getSessionDataStore(),
"9111");
@ -398,7 +398,7 @@ public class DuplicateCookieTest
try (StacklessLogging ignored = new StacklessLogging(DuplicateCookieTest.class.getPackage()))
{
//create a valid unexpired session
Session s1234 = createUnExpiredSession(contextHandler.getSessionHandler().getSessionCache(),
ManagedSession s1234 = createUnExpiredSession(contextHandler.getSessionHandler().getSessionCache(),
contextHandler.getSessionHandler().getSessionCache().getSessionDataStore(),
"1234");
@ -425,20 +425,20 @@ public class DuplicateCookieTest
}
}
public Session createUnExpiredSession(SessionCache cache, SessionDataStore store, String id) throws Exception
public ManagedSession createUnExpiredSession(SessionCache cache, SessionDataStore store, String id) throws Exception
{
long now = System.currentTimeMillis();
SessionData data = store.newSessionData(id, now - 20, now - 10, now - 20, TimeUnit.MINUTES.toMillis(10));
data.setExpiry(now + TimeUnit.DAYS.toMillis(1));
Session s = cache.newSession(data);
ManagedSession s = cache.newSession(data);
cache.add(id, s);
cache.release(s); //pretend a request that created the session is finished
return s;
}
public Session createInvalidSession(SessionCache cache, SessionDataStore store, String id) throws Exception
public ManagedSession createInvalidSession(SessionCache cache, SessionDataStore store, String id) throws Exception
{
Session session = createUnExpiredSession(cache, store, id);
ManagedSession session = createUnExpiredSession(cache, store, id);
((TestSession)session).makeInvalid();
return session;

9
jetty-ee10/jetty-ee10-tests/jetty-ee10-test-sessions/jetty-ee10-test-sessions-common/src/test/java/org/eclipse/jetty/ee10/session/IdleSessionTest.java
View File

@ -24,13 +24,13 @@ import jakarta.servlet.http.HttpSession;
import org.eclipse.jetty.client.ContentResponse;
import org.eclipse.jetty.client.HttpClient;
import org.eclipse.jetty.client.Request;
import org.eclipse.jetty.ee10.servlet.ServletApiRequest;
import org.eclipse.jetty.ee10.servlet.ServletContextHandler;
import org.eclipse.jetty.ee10.servlet.ServletHolder;
import org.eclipse.jetty.logging.StacklessLogging;
import org.eclipse.jetty.server.Session;
import org.eclipse.jetty.session.DefaultSessionCacheFactory;
import org.eclipse.jetty.session.ManagedSession;
import org.eclipse.jetty.session.NullSessionCacheFactory;
import org.eclipse.jetty.session.Session;
import org.eclipse.jetty.session.SessionDataStoreFactory;
import org.eclipse.jetty.util.thread.AutoLock;
import org.junit.jupiter.api.Test;
@ -264,7 +264,8 @@ public class IdleSessionTest
session.setAttribute("value", 1);
originalId = session.getId();
Session s = ServletApiRequest.getSession(session);
ManagedSession s = (ManagedSession)((Session.API)session).getSession();
try (AutoLock lock = s.lock())
{
assertTrue(s.isResident());
@ -276,7 +277,7 @@ public class IdleSessionTest
HttpSession session = request.getSession(false);
assertNotNull(session);
assertEquals(originalId, session.getId());
Session s = ServletApiRequest.getSession(session);
ManagedSession s = (ManagedSession)((Session.API)session).getSession();
try (AutoLock lock = s.lock())
{
assertTrue(s.isResident());

4
jetty-ee10/jetty-ee10-tests/jetty-ee10-test-sessions/jetty-ee10-test-sessions-common/src/test/java/org/eclipse/jetty/ee10/session/ModifyMaxInactiveIntervalTest.java
View File

@ -25,9 +25,9 @@ import org.eclipse.jetty.client.ContentResponse;
import org.eclipse.jetty.client.HttpClient;
import org.eclipse.jetty.client.Request;
import org.eclipse.jetty.ee10.servlet.ServletContextHandler;
import org.eclipse.jetty.server.Session;
import org.eclipse.jetty.session.AbstractSessionDataStoreFactory;
import org.eclipse.jetty.session.DefaultSessionCacheFactory;
import org.eclipse.jetty.session.Session;
import org.eclipse.jetty.session.SessionCache;
import org.eclipse.jetty.session.SessionDataStoreFactory;
import org.junit.jupiter.api.Test;
@ -77,7 +77,7 @@ public class ModifyMaxInactiveIntervalTest extends AbstractSessionTestBase
String id = SessionTestSupport.extractSessionId(sessionCookie);
//check that the maxInactive is -1
Session s = ctxA.getSessionHandler().getSession(id);
Session s = ctxA.getSessionHandler().getManagedSession(id);
assertEquals(-1, s.getMaxInactiveInterval());
}
finally

12
jetty-ee10/jetty-ee10-tests/jetty-ee10-test-sessions/jetty-ee10-test-sessions-common/src/test/java/org/eclipse/jetty/ee10/session/SessionRenewTest.java
View File

@ -27,13 +27,13 @@ import jakarta.servlet.http.HttpSessionIdListener;
import org.eclipse.jetty.client.ContentResponse;
import org.eclipse.jetty.client.HttpClient;
import org.eclipse.jetty.client.Request;
import org.eclipse.jetty.ee10.servlet.ServletApiRequest;
import org.eclipse.jetty.ee10.servlet.ServletContextHandler;
import org.eclipse.jetty.ee10.servlet.ServletContextRequest;
import org.eclipse.jetty.session.DefaultSessionCache;
import org.eclipse.jetty.session.DefaultSessionCacheFactory;
import org.eclipse.jetty.session.DefaultSessionIdManager;
import org.eclipse.jetty.session.ManagedSession;
import org.eclipse.jetty.session.NullSessionCacheFactory;
import org.eclipse.jetty.session.Session;
import org.eclipse.jetty.session.SessionCache;
import org.eclipse.jetty.session.SessionCacheFactory;
import org.eclipse.jetty.session.SessionData;
@ -68,7 +68,7 @@ public class SessionRenewTest
* @return previous existing session
* @throws Exception
*/
public Session getWithoutReferenceCount(String sessionId) throws Exception
public ManagedSession getWithoutReferenceCount(String sessionId) throws Exception
{
return getAndEnter(sessionId, false);
}
@ -183,8 +183,8 @@ public class SessionRenewTest
contextA.getSessionHandler().getSessionCache().contains(updatedId);
contextB.getSessionHandler().getSessionCache().contains(updatedId);
Session sessiona = ((TestSessionCache)contextA.getSessionHandler().getSessionCache()).getWithoutReferenceCount(updatedId);
Session sessionb = ((TestSessionCache)contextB.getSessionHandler().getSessionCache()).getWithoutReferenceCount(updatedId);
ManagedSession sessiona = ((TestSessionCache)contextA.getSessionHandler().getSessionCache()).getWithoutReferenceCount(updatedId);
ManagedSession sessionb = ((TestSessionCache)contextB.getSessionHandler().getSessionCache()).getWithoutReferenceCount(updatedId);
//sessions should nor have any usecounts
assertEquals(0, sessiona.getRequests());
@ -322,7 +322,7 @@ public class SessionRenewTest
assertTrue(beforeSession == afterSession); //same object
assertFalse(beforeSessionId.equals(afterSessionId)); //different id
Session coreAfterSession = ServletApiRequest.getSession(afterSession);
ManagedSession coreAfterSession = ServletContextRequest.getServletContextRequest(request).getManagedSession();
SessionManager sessionManager = coreAfterSession.getSessionManager();
DefaultSessionIdManager sessionIdManager = (DefaultSessionIdManager)sessionManager.getSessionIdManager();

94
jetty-ee9/jetty-ee9-nested/src/main/java/org/eclipse/jetty/ee9/nested/ContextHandler.java
View File

@ -58,10 +58,12 @@ import jakarta.servlet.SessionTrackingMode;
import jakarta.servlet.descriptor.JspConfigDescriptor;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import jakarta.servlet.http.HttpSession;
import jakarta.servlet.http.HttpSessionAttributeListener;
import jakarta.servlet.http.HttpSessionIdListener;
import jakarta.servlet.http.HttpSessionListener;
import org.eclipse.jetty.http.BadMessageException;
import org.eclipse.jetty.http.HttpCookie;
import org.eclipse.jetty.http.HttpMethod;
import org.eclipse.jetty.http.HttpStatus;
import org.eclipse.jetty.http.HttpURI;
@ -72,8 +74,12 @@ import org.eclipse.jetty.server.Context;
import org.eclipse.jetty.server.Handler;
import org.eclipse.jetty.server.Response;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.Session;
import org.eclipse.jetty.server.handler.ContextHandlerCollection;
import org.eclipse.jetty.server.handler.ContextRequest;
import org.eclipse.jetty.session.AbstractSessionManager;
import org.eclipse.jetty.session.ManagedSession;
import org.eclipse.jetty.session.SessionManager;
import org.eclipse.jetty.util.Attributes;
import org.eclipse.jetty.util.Callback;
import org.eclipse.jetty.util.ExceptionUtil;
@ -2351,20 +2357,102 @@ public class ContextHandler extends ScopedHandler implements Attributes, Gracefu
public static class CoreContextRequest extends ContextRequest
{
private final HttpChannel _httpChannel;
private SessionManager _sessionManager;
private ManagedSession _managedSession;
AbstractSessionManager.RequestedSession _requestedSession;
protected CoreContextRequest(org.eclipse.jetty.server.handler.ContextHandler contextHandler,
protected CoreContextRequest(org.eclipse.jetty.server.Request wrapped,
org.eclipse.jetty.server.handler.ContextHandler.ScopedContext context,
org.eclipse.jetty.server.Request wrapped,
HttpChannel httpChannel)
{
super(context, wrapped);
_httpChannel = httpChannel;
}
public String changeSessionId()
{
if (_managedSession == null)
return null;
if (!_managedSession.isValid())
return _managedSession.getId();
HttpSession httpSession = _managedSession.getApi();
if (httpSession == null)
throw new IllegalStateException("No session");
ManagedSession session = _managedSession;
session.renewId(this, _httpChannel.getCoreResponse());
return httpSession.getId();
}
public HttpChannel getHttpChannel()
{
return _httpChannel;
}
public ManagedSession getManagedSession()
{
return _managedSession;
}
public void setManagedSession(ManagedSession managedSession)
{
_managedSession = managedSession;
}
public SessionManager getSessionManager()
{
return _sessionManager;
}
public void setRequestedSession(AbstractSessionManager.RequestedSession requestedSession)
{
_requestedSession = requestedSession;
_managedSession = requestedSession.session();
}
public AbstractSessionManager.RequestedSession getRequestedSession()
{
return _requestedSession;
}
public void setSessionManager(SessionManager sessionManager)
{
_sessionManager = sessionManager;
}
@Override
public Session getSession(boolean create)
{
if (_managedSession != null)
{
if (_sessionManager != null && !_managedSession.isValid())
_managedSession = null;
else
return _managedSession;
}
if (!create)
return null;
if (_httpChannel.getResponse().isCommitted())
throw new IllegalStateException("Response is committed");
if (_sessionManager == null)
throw new IllegalStateException("No SessionManager");
_sessionManager.newSession(this, _requestedSession == null ? null : _requestedSession.sessionId(), this::setManagedSession);
if (_managedSession == null)
throw new IllegalStateException("Create session failed");
HttpCookie cookie = _sessionManager.getSessionCookie(_managedSession, isSecure());
if (cookie != null)
_httpChannel.getResponse().replaceCookie(cookie);
return _managedSession;
}
}
public class CoreContextHandler extends org.eclipse.jetty.server.handler.ContextHandler implements org.eclipse.jetty.server.Request.Processor
@ -2465,7 +2553,7 @@ public class ContextHandler extends ScopedHandler implements Attributes, Gracefu
httpChannel = new HttpChannel(ContextHandler.this, request.getConnectionMetaData());
}
CoreContextRequest coreContextRequest = new CoreContextRequest(this, this.getContext(), request, httpChannel);
CoreContextRequest coreContextRequest = new CoreContextRequest(request, this.getContext(), httpChannel);
httpChannel.onRequest(coreContextRequest);
return coreContextRequest;
}

6
jetty-ee9/jetty-ee9-nested/src/main/java/org/eclipse/jetty/ee9/nested/HttpChannel.java
View File

@ -93,7 +93,7 @@ public class HttpChannel implements Runnable, HttpOutput.Interceptor
* Bytes written after interception (eg after compression)
*/
private long _written;
private org.eclipse.jetty.server.Request _coreRequest;
private ContextHandler.CoreContextRequest _coreRequest;
private org.eclipse.jetty.server.Response _coreResponse;
private Callback _coreCallback;
private boolean _expects100Continue;
@ -327,7 +327,7 @@ public class HttpChannel implements Runnable, HttpOutput.Interceptor
return _connector.getServer();
}
public org.eclipse.jetty.server.Request getCoreRequest()
public ContextHandler.CoreContextRequest getCoreRequest()
{
return _coreRequest;
}
@ -926,7 +926,7 @@ public class HttpChannel implements Runnable, HttpOutput.Interceptor
timeStamp == 0 ? 0 : System.currentTimeMillis() - timeStamp);
}
public void onRequest(org.eclipse.jetty.server.Request coreRequest)
public void onRequest(ContextHandler.CoreContextRequest coreRequest)
{
_coreRequest = coreRequest;
_requests.incrementAndGet();

149
jetty-ee9/jetty-ee9-nested/src/main/java/org/eclipse/jetty/ee9/nested/Request.java
View File

@ -80,7 +80,9 @@ import org.eclipse.jetty.http.MimeTypes;
import org.eclipse.jetty.io.Connection;
import org.eclipse.jetty.io.RuntimeIOException;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.session.Session;
import org.eclipse.jetty.server.Session;
import org.eclipse.jetty.session.AbstractSessionManager;
import org.eclipse.jetty.session.ManagedSession;
import org.eclipse.jetty.session.SessionManager;
import org.eclipse.jetty.util.Attributes;
import org.eclipse.jetty.util.AttributesMap;
@ -153,7 +155,7 @@ public class Request implements HttpServletRequest
private final ContextHandler.APIContext _context;
private final List<ServletRequestAttributeListener> _requestAttributeListeners = new ArrayList<>();
private final HttpInput _input;
private org.eclipse.jetty.server.Request _coreRequest;
private ContextHandler.CoreContextRequest _coreRequest;
private MetaData.Request _metaData;
private HttpFields _httpFields;
private HttpFields _trailers;
@ -166,7 +168,6 @@ public class Request implements HttpServletRequest
private boolean _cookiesExtracted = false;
private boolean _handled = false;
private boolean _contentParamsExtracted;
private boolean _requestedSessionIdFromCookie = false;
private Attributes _attributes;
private Authentication _authentication;
private String _contentType;
@ -180,10 +181,7 @@ public class Request implements HttpServletRequest
private MultiMap<String> _contentParameters;
private MultiMap<String> _parameters;
private Charset _queryEncoding;
private String _requestedSessionId;
private UserIdentity.Scope _scope;
private Session _coreSession;
private SessionManager _sessionManager;
private long _timeStamp;
private MultiPartFormInputStream _multiParts; //if the request is a multi-part mime
private AsyncContextState _async;
@ -368,13 +366,13 @@ public class Request implements HttpServletRequest
*
* @param session the session
*/
private void commitSession(Session session)
private void commitSession(ManagedSession session)
{
if (LOG.isDebugEnabled())
LOG.debug("Response {} committing for session {}", this, session);
//try and scope to a request and context before committing the session
HttpSession httpSession = session.getAPISession();
HttpSession httpSession = session.getApi();
ServletContext ctx = httpSession.getServletContext();
ContextHandler handler = ContextHandler.getContextHandler(ctx);
if (handler == null)
@ -1168,7 +1166,8 @@ public class Request implements HttpServletRequest
@Override
public String getRequestedSessionId()
{
return _requestedSessionId;
AbstractSessionManager.RequestedSession requestedSession = _coreRequest.getRequestedSession();
return requestedSession == null ? null : requestedSession.sessionId();
}
@Override
@ -1279,23 +1278,10 @@ public class Request implements HttpServletRequest
@Override
public String changeSessionId()
{
if (_coreSession == null)
return null;
if (_coreSession.isInvalid())
return _coreSession.getId();
HttpSession httpSession = _coreSession.getAPISession();
if (httpSession == null)
throw new IllegalStateException("No session");
Session session = _coreSession;
session.renewId(getCoreRequest());
if (getRemoteUser() != null)
session.setAttribute(Session.SESSION_CREATED_SECURE, Boolean.TRUE);
if (session.isSetCookieNeeded())
_channel.getResponse().replaceCookie(_sessionManager.getSessionCookie(session, isSecure()));
return httpSession.getId();
String newId = _coreRequest.changeSessionId();
if (newId != null && getRemoteUser() != null)
_coreRequest.getManagedSession().setAttribute(ManagedSession.SESSION_CREATED_SECURE, Boolean.TRUE);
return newId;
}
/**
@ -1340,8 +1326,9 @@ public class Request implements HttpServletRequest
*/
public HttpSession getSession(SessionManager sessionManager)
{
if (_coreSession != null && _coreSession.getSessionManager() == sessionManager)
return _coreSession.getAPISession();
ManagedSession managedSession = _coreRequest.getManagedSession();
if (managedSession != null && managedSession.getSessionManager() == sessionManager)
return managedSession.getApi();
return null;
}
@ -1354,41 +1341,10 @@ public class Request implements HttpServletRequest
@Override
public HttpSession getSession(boolean create)
{
if (_coreSession != null)
{
if (_sessionManager != null && !_coreSession.isValid())
_coreSession = null;
else
return _coreSession.getAPISession();
}
if (!create)
return null;
if (getResponse().isCommitted())
throw new IllegalStateException("Response is committed");
if (_sessionManager == null)
throw new IllegalStateException("No SessionManager");
_sessionManager.newSession(getCoreRequest(), getRequestedSessionId(), this::setCoreSession);
if (_coreSession == null)
throw new IllegalStateException("Create session failed");
HttpCookie cookie = _sessionManager.getSessionCookie(_coreSession, isSecure());
if (cookie != null)
_channel.getResponse().replaceCookie(cookie);
return _coreSession.getAPISession();
}
/**
* @return Returns the sessionManager.
*/
public SessionManager getSessionManager()
{
return _sessionManager;
Session session = _coreRequest.getSession(create);
if (session != null && session.isNew() && getAuthentication() instanceof Authentication.User)
session.setAttribute(ManagedSession.SESSION_CREATED_SECURE, Boolean.TRUE);
return session == null ? null : session.getApi();
}
/**
@ -1490,29 +1446,37 @@ public class Request implements HttpServletRequest
@Override
public boolean isRequestedSessionIdFromCookie()
{
return _requestedSessionId != null && _requestedSessionIdFromCookie;
AbstractSessionManager.RequestedSession requestedSession = _coreRequest.getRequestedSession();
return requestedSession != null && requestedSession.sessionId() != null && requestedSession.sessionIdFromCookie();
}
@Override
@Deprecated(since = "Servlet API 2.1")
public boolean isRequestedSessionIdFromUrl()
{
return _requestedSessionId != null && !_requestedSessionIdFromCookie;
return isRequestedSessionIdFromURL();
}
@Override
public boolean isRequestedSessionIdFromURL()
{
return _requestedSessionId != null && !_requestedSessionIdFromCookie;
AbstractSessionManager.RequestedSession requestedSession = _coreRequest.getRequestedSession();
return requestedSession != null && requestedSession.sessionId() != null && !requestedSession.sessionIdFromCookie();
}
@Override
public boolean isRequestedSessionIdValid()
{
if (getRequestedSessionId() == null || _coreSession == null)
return false;
return (_coreSession.isValid() && _sessionManager.getSessionIdManager().getId(getRequestedSessionId()).equals(_coreSession.getId()));
AbstractSessionManager.RequestedSession requestedSession = _coreRequest.getRequestedSession();
SessionManager sessionManager = _coreRequest.getSessionManager();
ManagedSession managedSession = _coreRequest.getManagedSession();
return requestedSession != null &&
sessionManager != null &&
managedSession != null &&
requestedSession.sessionId() != null &&
requestedSession.session() != null &&
requestedSession.session().isValid() &&
sessionManager.getSessionIdManager().getId(requestedSession.sessionId()).equals(managedSession.getId());
}
@Override
@ -1537,7 +1501,7 @@ public class Request implements HttpServletRequest
return false;
}
void onRequest(org.eclipse.jetty.server.Request coreRequest)
void onRequest(ContextHandler.CoreContextRequest coreRequest)
{
_input.reopen();
_channel.getResponse().getHttpOutput().reopen();
@ -1565,7 +1529,7 @@ public class Request implements HttpServletRequest
setSecure(coreRequest.isSecure());
}
public org.eclipse.jetty.server.Request getCoreRequest()
public ContextHandler.CoreContextRequest getCoreRequest()
{
return _coreRequest;
}
@ -1616,7 +1580,6 @@ public class Request implements HttpServletRequest
_cookiesExtracted = false;
_handled = false;
_contentParamsExtracted = false;
_requestedSessionIdFromCookie = false;
_attributes = null;
setAuthentication(Authentication.NOT_CHECKED);
_contentType = null;
@ -1631,10 +1594,7 @@ public class Request implements HttpServletRequest
_contentParameters = null;
_parameters = null;
_queryEncoding = null;
_requestedSessionId = null;
_scope = null;
_coreSession = null;
_sessionManager = null;
_timeStamp = 0;
_multiParts = null;
if (_async != null)
@ -1878,43 +1838,6 @@ public class Request implements HttpServletRequest
_queryEncoding = Charset.forName(queryEncoding);
}
/**
* @param requestedSessionId The requestedSessionId to set.
*/
public void setRequestedSessionId(String requestedSessionId)
{
_requestedSessionId = requestedSessionId;
}
/**
* @param requestedSessionIdCookie The requestedSessionIdCookie to set.
*/
public void setRequestedSessionIdFromCookie(boolean requestedSessionIdCookie)
{
_requestedSessionIdFromCookie = requestedSessionIdCookie;
}
/**
* @param coreSession The session to set.
*/
public void setCoreSession(Session coreSession)
{
_coreSession = coreSession;
}
public Session getCoreSession()
{
return _coreSession;
}
/**
* @param sessionManager The SessionHandler to set.
*/
public void setSessionManager(SessionManager sessionManager)
{
_sessionManager = sessionManager;
}
public void setTimeStamp(long ts)
{
_timeStamp = ts;

13
jetty-ee9/jetty-ee9-nested/src/main/java/org/eclipse/jetty/ee9/nested/Response.java
View File

@ -52,7 +52,7 @@ import org.eclipse.jetty.http.MimeTypes;
import org.eclipse.jetty.http.PreEncodedHttpField;
import org.eclipse.jetty.http.content.HttpContent;
import org.eclipse.jetty.io.RuntimeIOException;
import org.eclipse.jetty.session.Session;
import org.eclipse.jetty.server.Session;
import org.eclipse.jetty.session.SessionManager;
import org.eclipse.jetty.util.AtomicBiInteger;
import org.eclipse.jetty.util.Callback;
@ -317,7 +317,7 @@ public class Response implements HttpServletResponse
public String encodeURL(String url)
{
final Request request = _channel.getRequest();
SessionManager sessionManager = request.getSessionManager();
SessionManager sessionManager = _channel.getCoreRequest().getSessionManager();
if (sessionManager == null)
return url;
@ -374,7 +374,7 @@ public class Response implements HttpServletResponse
// invalid session
Session coreSession = Session.getSession(httpSession);
if (coreSession.isInvalid())
if (!coreSession.isValid())
return url;
String id = coreSession.getExtendedId();
@ -1170,14 +1170,15 @@ public class Response implements HttpServletResponse
}
// recreate session cookies
ContextHandler.CoreContextRequest coreRequest = getHttpChannel().getCoreRequest();
Request request = getHttpChannel().getRequest();
HttpSession httpSession = request.getSession(false);
if (httpSession != null && httpSession.isNew())
{
SessionManager sessionManager = request.getSessionManager();
if (sessionManager != null && httpSession instanceof Session.APISession apiSession)
SessionManager sessionManager = coreRequest.getSessionManager();
if (sessionManager != null)
{
HttpCookie cookie = sessionManager.getSessionCookie(apiSession.getCoreSession(), request.isSecure());
HttpCookie cookie = sessionManager.getSessionCookie(coreRequest.getManagedSession(), request.isSecure());
if (cookie != null)
addCookie(cookie);
}

47
jetty-ee9/jetty-ee9-nested/src/main/java/org/eclipse/jetty/ee9/nested/SessionHandler.java
View File

@ -40,8 +40,9 @@ import jakarta.servlet.http.HttpSessionIdListener;
import jakarta.servlet.http.HttpSessionListener;
import org.eclipse.jetty.http.HttpCookie;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.Session;
import org.eclipse.jetty.session.AbstractSessionManager;
import org.eclipse.jetty.session.Session;
import org.eclipse.jetty.session.ManagedSession;
import org.eclipse.jetty.session.SessionCache;
import org.eclipse.jetty.session.SessionConfig;
import org.eclipse.jetty.session.SessionIdManager;
@ -395,7 +396,7 @@ public class SessionHandler extends ScopedHandler implements SessionConfig.Mutab
{
if (baseRequest.getDispatcherType() == DispatcherType.REQUEST)
{
org.eclipse.jetty.server.Request coreRequest = baseRequest.getHttpChannel().getCoreRequest();
ContextHandler.CoreContextRequest coreRequest = baseRequest.getHttpChannel().getCoreRequest();
// TODO should we use the Stream wrapper? Could use the HttpChannel#onCompleted mechanism instead.
_sessionManager.addSessionStreamWrapper(coreRequest);
@ -403,10 +404,8 @@ public class SessionHandler extends ScopedHandler implements SessionConfig.Mutab
// find and set the session if one exists
AbstractSessionManager.RequestedSession requestedSession = _sessionManager.resolveRequestedSessionId(coreRequest);
baseRequest.setCoreSession(requestedSession.session());
baseRequest.setSessionManager(_sessionManager);
baseRequest.setRequestedSessionId(requestedSession.sessionId());
baseRequest.setRequestedSessionIdFromCookie(requestedSession.sessionIdFromCookie());
coreRequest.setSessionManager(_sessionManager);
coreRequest.setRequestedSession(requestedSession);
HttpCookie cookie = _sessionManager.access(requestedSession.session(), coreRequest.getConnectionMetaData().isSecure());
@ -549,16 +548,16 @@ public class SessionHandler extends ScopedHandler implements SessionConfig.Mutab
}
@Override
public Session getSession(org.eclipse.jetty.server.Request request)
public ManagedSession getManagedSession(org.eclipse.jetty.server.Request request)
{
return org.eclipse.jetty.server.Request.get(request, ContextHandler.CoreContextRequest.class, ContextHandler.CoreContextRequest::getHttpChannel)
.getRequest().getCoreSession();
.getCoreRequest().getManagedSession();
}
@Override
public Session.APISession newSessionAPIWrapper(Session session)
public Session.API newSessionAPIWrapper(ManagedSession session)
{
return new ServletAPISession(session);
return new ServletSessionApi(session);
}
@Override
@ -572,7 +571,7 @@ public class SessionHandler extends ScopedHandler implements SessionConfig.Mutab
{
if (!_sessionAttributeListeners.isEmpty())
{
HttpSessionBindingEvent event = new HttpSessionBindingEvent(session.getAPISession(), name, old == null ? value : old);
HttpSessionBindingEvent event = new HttpSessionBindingEvent(session.getApi(), name, old == null ? value : old);
for (HttpSessionAttributeListener l : _sessionAttributeListeners)
{
@ -598,7 +597,7 @@ public class SessionHandler extends ScopedHandler implements SessionConfig.Mutab
if (session == null)
return;
HttpSessionEvent event = new HttpSessionEvent(session.getAPISession());
HttpSessionEvent event = new HttpSessionEvent(session.getApi());
for (HttpSessionListener l : _sessionListeners)
l.sessionCreated(event);
}
@ -620,7 +619,7 @@ public class SessionHandler extends ScopedHandler implements SessionConfig.Mutab
//come from the scavenger, rather than a request thread
Runnable r = () ->
{
HttpSessionEvent event = new HttpSessionEvent(session.getAPISession());
HttpSessionEvent event = new HttpSessionEvent(session.getApi());
for (int i = _sessionListeners.size() - 1; i >= 0; i--)
{
_sessionListeners.get(i).sessionDestroyed(event);
@ -635,7 +634,7 @@ public class SessionHandler extends ScopedHandler implements SessionConfig.Mutab
//inform the listeners
if (!_sessionIdListeners.isEmpty())
{
HttpSessionEvent event = new HttpSessionEvent(session.getAPISession());
HttpSessionEvent event = new HttpSessionEvent(session.getApi());
for (HttpSessionIdListener l : _sessionIdListeners)
{
l.sessionIdChanged(event, oldId);
@ -647,14 +646,14 @@ public class SessionHandler extends ScopedHandler implements SessionConfig.Mutab
public void callUnboundBindingListener(Session session, String name, Object value)
{
if (value instanceof HttpSessionBindingListener)
((HttpSessionBindingListener)value).valueUnbound(new HttpSessionBindingEvent(session.getAPISession(), name));
((HttpSessionBindingListener)value).valueUnbound(new HttpSessionBindingEvent(session.getApi(), name));
}
@Override
public void callBoundBindingListener(Session session, String name, Object value)
{
if (value instanceof HttpSessionBindingListener)
((HttpSessionBindingListener)value).valueBound(new HttpSessionBindingEvent(session.getAPISession(), name));
((HttpSessionBindingListener)value).valueBound(new HttpSessionBindingEvent(session.getApi(), name));
}
@Override
@ -662,7 +661,7 @@ public class SessionHandler extends ScopedHandler implements SessionConfig.Mutab
{
if (value instanceof HttpSessionActivationListener listener)
{
HttpSessionEvent event = new HttpSessionEvent(session.getAPISession());
HttpSessionEvent event = new HttpSessionEvent(session.getApi());
listener.sessionDidActivate(event);
}
@ -673,23 +672,23 @@ public class SessionHandler extends ScopedHandler implements SessionConfig.Mutab
{
if (value instanceof HttpSessionActivationListener listener)
{
HttpSessionEvent event = new HttpSessionEvent(session.getAPISession());
HttpSessionEvent event = new HttpSessionEvent(session.getApi());
listener.sessionWillPassivate(event);
}
}
}
public class ServletAPISession implements HttpSession, Session.APISession
public class ServletSessionApi implements HttpSession, Session.API
{
private final Session _session;
private final ManagedSession _session;
private ServletAPISession(Session session)
private ServletSessionApi(ManagedSession session)
{
_session = session;
}
@Override
public Session getCoreSession()
public ManagedSession getSession()
{
return _session;
}
@ -739,7 +738,7 @@ public class SessionHandler extends ScopedHandler implements SessionConfig.Mutab
@Override
public Enumeration<String> getAttributeNames()
{
return Collections.enumeration(_session.getNames());
return Collections.enumeration(_session.getAttributeNameSet());
}
@Override
@ -781,7 +780,7 @@ public class SessionHandler extends ScopedHandler implements SessionConfig.Mutab
@Override
public String[] getValueNames()
{
return _session.getNames().toArray(new String[0]);
return _session.getAttributeNameSet().toArray(new String[0]);
}
@Override

3
jetty-ee9/jetty-ee9-nested/src/test/java/org/eclipse/jetty/ee9/nested/RequestTest.java
View File

@ -2253,7 +2253,7 @@ public class RequestTest
}
}
private static class TestCoreRequest implements org.eclipse.jetty.server.Request
private static class TestCoreRequest extends ContextHandler.CoreContextRequest
{
private final Server _server = new Server();
private final ConnectionMetaData _connectionMetaData;
@ -2262,6 +2262,7 @@ public class RequestTest
public TestCoreRequest(String uri, HttpFields.Mutable fields)
{
super(null, null, null);
_uri = uri;
_fields = fields;
_connectionMetaData = new MockConnectionMetaData();

38
jetty-ee9/jetty-ee9-nested/src/test/java/org/eclipse/jetty/ee9/nested/ResponseTest.java
View File

@ -62,11 +62,13 @@ import org.eclipse.jetty.server.HttpStream;
import org.eclipse.jetty.server.LocalConnector;
import org.eclipse.jetty.server.NetworkConnector;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.Session;
import org.eclipse.jetty.server.TunnelSupport;
import org.eclipse.jetty.session.AbstractSessionManager;
import org.eclipse.jetty.session.DefaultSessionCache;
import org.eclipse.jetty.session.DefaultSessionIdManager;
import org.eclipse.jetty.session.ManagedSession;
import org.eclipse.jetty.session.NullSessionDataStore;
import org.eclipse.jetty.session.Session;
import org.eclipse.jetty.util.Attributes;
import org.eclipse.jetty.util.BufferUtil;
import org.eclipse.jetty.util.Callback;
@ -618,7 +620,7 @@ public class ResponseTest
sessionHandler.setUsingCookies(true);
_context.setHandler(sessionHandler);
_server.start();
request.setSessionManager(sessionHandler.getSessionManager());
response.getHttpChannel().getCoreRequest().setSessionManager(sessionHandler.getSessionManager());
HttpSession session = request.getSession(true);
assertThat(session, not(nullValue()));
@ -1604,9 +1606,9 @@ public class ResponseTest
assertEquals("http://myhost:8888/path/info;param?query=0&more=1#target", response.encodeURL("http://myhost:8888/path/info;param?query=0&more=1#target"));
request.setSessionManager(sessionHandler.getSessionManager());
request.setRequestedSessionId("12345");
request.setRequestedSessionIdFromCookie(false);
ContextHandler.CoreContextRequest coreRequest = response.getHttpChannel().getCoreRequest();
coreRequest.setSessionManager(sessionHandler.getSessionManager());
coreRequest.setRequestedSession(new AbstractSessionManager.RequestedSession(null, "12345", false));
assertNotNull(request.getSession(true));
assertThat(request.getSession(false).getId(), is("12345"));
@ -1713,15 +1715,12 @@ public class ResponseTest
uri.host(host).port(port);
request.onDispatch(uri, "/path/info");
request.setSessionManager(sessionHandler.getSessionManager());
request.setRequestedSessionId("12345");
request.setRequestedSessionIdFromCookie(cookie);
Session session = sessionHandler.getSessionManager().getSession("12345");
ContextHandler.CoreContextRequest coreRequest = response.getHttpChannel().getCoreRequest();
coreRequest.setSessionManager(sessionHandler.getSessionManager());
ManagedSession session = sessionHandler.getSessionManager().getManagedSession("12345");
coreRequest.setRequestedSession(new AbstractSessionManager.RequestedSession(session, "12345", cookie));
if (session == null)
request.getSession(true);
else
request.setCoreSession(session);
assertThat(request.getSession(false).getId(), is("12345"));
@ -1785,8 +1784,9 @@ public class ResponseTest
uri.authority(host, port);
uri.pathQuery("/path/info;param;jsessionid=12345?query=0&more=1#target");
request.onDispatch(uri, "/info");
request.setRequestedSessionId("12345");
request.setRequestedSessionIdFromCookie(i > 2);
ContextHandler.CoreContextRequest coreRequest = response.getHttpChannel().getCoreRequest();
coreRequest.setRequestedSession(new AbstractSessionManager.RequestedSession(null, "12345", i > 2));
SessionHandler handler = new SessionHandler();
NullSessionDataStore dataStore = new NullSessionDataStore();
@ -1796,7 +1796,7 @@ public class ResponseTest
DefaultSessionIdManager sessionIdManager = new DefaultSessionIdManager(_server);
sessionIdManager.setWorkerName(null);
handler.getSessionManager().setSessionIdManager(sessionIdManager);
request.setSessionManager(handler.getSessionManager());
coreRequest.setSessionManager(handler.getSessionManager());
handler.setCheckingRemoteSessionIdEncoding(false);
response.sendRedirect(tests[i][0]);
@ -2262,7 +2262,7 @@ public class ResponseTest
org.eclipse.jetty.server.Request coreRequest = new MockRequest(reqMeta, now, _context.getServletContext().getCoreContext());
org.eclipse.jetty.server.Response coreResponse = new MockResponse(coreRequest);
_channel.onRequest(coreRequest);
_channel.onRequest(new ContextHandler.CoreContextRequest(coreRequest, _context.getCoreContextHandler().getContext(), _channel));
_channel.onProcess(coreResponse, Callback.NOOP);
BufferUtil.clear(_content);
@ -2393,6 +2393,12 @@ public class ResponseTest
public void addHttpStreamWrapper(Function<HttpStream, HttpStream> wrapper)
{
}
@Override
public Session getSession(boolean create)
{
return null;
}
}
private class MockResponse implements org.eclipse.jetty.server.Response

19
jetty-ee9/jetty-ee9-nested/src/test/java/org/eclipse/jetty/ee9/nested/SessionHandlerTest.java
View File

@ -33,10 +33,11 @@ import org.eclipse.jetty.http.HttpHeader;
import org.eclipse.jetty.http.HttpTester;
import org.eclipse.jetty.server.LocalConnector;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.Session;
import org.eclipse.jetty.session.AbstractSessionCache;
import org.eclipse.jetty.session.DefaultSessionIdManager;
import org.eclipse.jetty.session.ManagedSession;
import org.eclipse.jetty.session.NullSessionDataStore;
import org.eclipse.jetty.session.Session;
import org.eclipse.jetty.session.SessionData;
import org.eclipse.jetty.session.SessionManager;
import org.junit.jupiter.api.AfterEach;
@ -171,7 +172,7 @@ public class SessionHandlerTest
long now = System.currentTimeMillis();
Session session = new Session(mgr.getSessionManager(), new SessionData("123", "_foo", "0.0.0.0", now, now, now, 30));
ManagedSession session = new ManagedSession(mgr.getSessionManager(), new SessionData("123", "_foo", "0.0.0.0", now, now, now, 30));
session.setExtendedId("123.node1");
SessionCookieConfig sessionCookieConfig = mgr.getSessionCookieConfig();
sessionCookieConfig.setName("SPECIAL");
@ -249,7 +250,7 @@ public class SessionHandlerTest
_sessionHandler.addEventListener(new Listener2());
_server.start();
Session session = new Session(_sessionHandler.getSessionManager(), new SessionData("aa", "_", "0.0", 0, 0, 0, 0));
Session session = new ManagedSession(_sessionHandler.getSessionManager(), new SessionData("aa", "_", "0.0", 0, 0, 0, 0));
_sessionHandler.getSessionManager().callSessionCreatedListeners(session);
_sessionHandler.getSessionManager().callSessionDestroyedListeners(session);
assertEquals("Listener1 create;Listener2 create;Listener2 destroy;Listener1 destroy;", result.toString());
@ -435,37 +436,37 @@ public class SessionHandlerTest
}
@Override
public Session doGet(String key)
public ManagedSession doGet(String key)
{
return null;
}
@Override
public Session doPutIfAbsent(String key, Session session)
public Session doPutIfAbsent(String key, ManagedSession session)
{
return null;
}
@Override
public Session doDelete(String key)
public ManagedSession doDelete(String key)
{
return null;
}
@Override
public boolean doReplace(String id, Session oldValue, Session newValue)
public boolean doReplace(String id, ManagedSession oldValue, ManagedSession newValue)
{
return false;
}
@Override
public Session newSession(SessionData data)
public ManagedSession newSession(SessionData data)
{
return null;
}
@Override
protected Session doComputeIfAbsent(String id, Function<String, Session> mappingFunction)
protected ManagedSession doComputeIfAbsent(String id, Function<String, ManagedSession> mappingFunction)
{
return mappingFunction.apply(id);
}

32
jetty-ee9/jetty-ee9-security/src/main/java/org/eclipse/jetty/ee9/security/authentication/LoginAuthenticator.java
View File

@ -17,13 +17,14 @@ import jakarta.servlet.ServletRequest;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import jakarta.servlet.http.HttpSession;
import org.eclipse.jetty.ee9.nested.HttpChannel;
import org.eclipse.jetty.ee9.nested.Request;
import org.eclipse.jetty.ee9.nested.Response;
import org.eclipse.jetty.ee9.nested.UserIdentity;
import org.eclipse.jetty.ee9.security.Authenticator;
import org.eclipse.jetty.ee9.security.IdentityService;
import org.eclipse.jetty.ee9.security.LoginService;
import org.eclipse.jetty.session.Session;
import org.eclipse.jetty.server.Session;
import org.eclipse.jetty.session.ManagedSession;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@ -76,7 +77,7 @@ public abstract class LoginAuthenticator implements Authenticator
if (session == null)
return;
session.removeAttribute(Session.SESSION_CREATED_SECURE);
session.removeAttribute(ManagedSession.SESSION_CREATED_SECURE);
}
@Override
@ -118,23 +119,20 @@ public abstract class LoginAuthenticator implements Authenticator
{
//if we should renew sessions, and there is an existing session that may have been seen by non-authenticated users
//(indicated by SESSION_SECURED not being set on the session) then we should change id
if (httpSession.getAttribute(Session.SESSION_CREATED_SECURE) != Boolean.TRUE)
if (httpSession.getAttribute(ManagedSession.SESSION_CREATED_SECURE) != Boolean.TRUE)
{
if (httpSession instanceof Session.APISession apiSession)
if (httpSession instanceof Session.API api)
{
Session session = apiSession.getCoreSession();
String oldId = session.getId();
session.renewId(Request.getBaseRequest(request).getHttpChannel().getCoreRequest());
session.setAttribute(Session.SESSION_CREATED_SECURE, Boolean.TRUE);
if (session.isSetCookieNeeded() && (response instanceof Response))
((Response)response).replaceCookie(session.getSessionManager().getSessionCookie(session, request.isSecure()));
if (LOG.isDebugEnabled())
LOG.debug("renew {}->{}", oldId, session.getId());
}
else
{
LOG.warn("Unable to renew session {}", httpSession);
Request baseRequest = Request.getBaseRequest(request);
if (baseRequest != null)
{
httpSession.setAttribute(ManagedSession.SESSION_CREATED_SECURE, Boolean.TRUE);
HttpChannel httpChannel = baseRequest.getHttpChannel();
api.getSession().renewId(httpChannel.getCoreRequest(), httpChannel.getCoreResponse());
return httpSession;
}
}
LOG.warn("Unable to renew session {}", httpSession);
return httpSession;
}
}

6
jetty-ee9/jetty-ee9-tests/jetty-ee9-test-sessions/jetty-ee9-test-sessions-common/src/main/java/org/eclipse/jetty/ee9/session/AbstractClusteredSessionScavengingTest.java
View File

@ -35,7 +35,7 @@ import org.eclipse.jetty.ee9.servlet.ServletHolder;
import org.eclipse.jetty.session.AbstractSessionDataStoreFactory;
import org.eclipse.jetty.session.DefaultSessionCache;
import org.eclipse.jetty.session.DefaultSessionCacheFactory;
import org.eclipse.jetty.session.Session;
import org.eclipse.jetty.session.ManagedSession;
import org.eclipse.jetty.session.SessionCache;
import org.eclipse.jetty.session.SessionDataStoreFactory;
import org.eclipse.jetty.session.SessionManager;
@ -67,7 +67,7 @@ public abstract class AbstractClusteredSessionScavengingTest extends AbstractSes
* @param id
* @return session already in the cache
*/
public Session peek(String id)
public ManagedSession peek(String id)
{
return doGet(id);
}
@ -149,7 +149,7 @@ public abstract class AbstractClusteredSessionScavengingTest extends AbstractSes
//Peek at the contents of the cache without doing all the reference counting etc
Session s1 = ((TestSessionCache)m1.getSessionCache()).peek(id);
ManagedSession s1 = ((TestSessionCache)m1.getSessionCache()).peek(id);
assertNotNull(s1);
long expiry = s1.getSessionData().getExpiry();

3
jetty-ee9/jetty-ee9-tests/jetty-ee9-test-sessions/jetty-ee9-test-sessions-common/src/test/java/org/eclipse/jetty/ee9/session/DeleteUnloadableSessionTest.java
View File

@ -32,6 +32,7 @@ import org.eclipse.jetty.logging.StacklessLogging;
import org.eclipse.jetty.session.AbstractSessionDataStore;
import org.eclipse.jetty.session.AbstractSessionDataStoreFactory;
import org.eclipse.jetty.session.DefaultSessionCacheFactory;
import org.eclipse.jetty.session.ManagedSession;
import org.eclipse.jetty.session.SessionCache;
import org.eclipse.jetty.session.SessionData;
import org.eclipse.jetty.session.SessionDataStore;
@ -157,7 +158,7 @@ public class DeleteUnloadableSessionTest
ServletHolder holder = new ServletHolder(servlet);
context.addServlet(holder, servletMapping);
try (StacklessLogging ignored = new StacklessLogging(DeleteUnloadableSessionTest.class.getPackage(), org.eclipse.jetty.session.Session.class.getPackage()))
try (StacklessLogging ignored = new StacklessLogging(DeleteUnloadableSessionTest.class.getPackage(), ManagedSession.class.getPackage()))
{
server.start();
int port = server.getPort();

44
jetty-ee9/jetty-ee9-tests/jetty-ee9-test-sessions/jetty-ee9-test-sessions-common/src/test/java/org/eclipse/jetty/ee9/session/DuplicateCookieTest.java
View File

@ -29,7 +29,7 @@ import org.eclipse.jetty.ee9.servlet.ServletHolder;
import org.eclipse.jetty.logging.StacklessLogging;
import org.eclipse.jetty.session.DefaultSessionCache;
import org.eclipse.jetty.session.DefaultSessionCacheFactory;
import org.eclipse.jetty.session.Session;
import org.eclipse.jetty.session.ManagedSession;
import org.eclipse.jetty.session.SessionCache;
import org.eclipse.jetty.session.SessionData;
import org.eclipse.jetty.session.SessionDataStore;
@ -47,7 +47,7 @@ import static org.junit.jupiter.api.Assertions.assertNotNull;
*/
public class DuplicateCookieTest
{
public class TestSession extends Session
public class TestSession extends ManagedSession
{
public TestSession(SessionManager manager, SessionData data)
@ -57,7 +57,7 @@ public class DuplicateCookieTest
public void makeInvalid()
{
_state = Session.State.INVALID;
_state = ManagedSession.State.INVALID;
}
}
@ -70,7 +70,7 @@ public class DuplicateCookieTest
}
@Override
public Session newSession(SessionData data)
public ManagedSession newSession(SessionData data)
{
return new TestSession(getSessionManager(), data);
}
@ -109,7 +109,7 @@ public class DuplicateCookieTest
try (StacklessLogging ignored = new StacklessLogging(DuplicateCookieTest.class.getPackage()))
{
//create a valid session
Session s4422 = createUnExpiredSession(contextHandler.getSessionHandler().getSessionManager().getSessionCache(),
ManagedSession s4422 = createUnExpiredSession(contextHandler.getSessionHandler().getSessionManager().getSessionCache(),
contextHandler.getSessionHandler().getSessionManager().getSessionCache().getSessionDataStore(),
"4422");
@ -158,15 +158,15 @@ public class DuplicateCookieTest
try (StacklessLogging ignored = new StacklessLogging(DuplicateCookieTest.class.getPackage()))
{
//create a valid session
Session s1122 = createUnExpiredSession(contextHandler.getSessionHandler().getSessionManager().getSessionCache(),
ManagedSession s1122 = createUnExpiredSession(contextHandler.getSessionHandler().getSessionManager().getSessionCache(),
contextHandler.getSessionHandler().getSessionManager().getSessionCache().getSessionDataStore(),
"1122");
//create an invalid session
Session s2233 = createInvalidSession(contextHandler.getSessionHandler().getSessionManager().getSessionCache(),
ManagedSession s2233 = createInvalidSession(contextHandler.getSessionHandler().getSessionManager().getSessionCache(),
contextHandler.getSessionHandler().getSessionManager().getSessionCache().getSessionDataStore(),
"2233");
//create another invalid session
Session s2255 = createInvalidSession(contextHandler.getSessionHandler().getSessionManager().getSessionCache(),
ManagedSession s2255 = createInvalidSession(contextHandler.getSessionHandler().getSessionManager().getSessionCache(),
contextHandler.getSessionHandler().getSessionManager().getSessionCache().getSessionDataStore(),
"2255");
@ -218,15 +218,15 @@ public class DuplicateCookieTest
try (StacklessLogging ignored = new StacklessLogging(DuplicateCookieTest.class.getPackage()))
{
//create a valid session
Session s1122 = createUnExpiredSession(contextHandler.getSessionHandler().getSessionManager().getSessionCache(),
ManagedSession s1122 = createUnExpiredSession(contextHandler.getSessionHandler().getSessionManager().getSessionCache(),
contextHandler.getSessionHandler().getSessionManager().getSessionCache().getSessionDataStore(),
"1122");
//create an invalid session
Session s2233 = createInvalidSession(contextHandler.getSessionHandler().getSessionManager().getSessionCache(),
ManagedSession s2233 = createInvalidSession(contextHandler.getSessionHandler().getSessionManager().getSessionCache(),
contextHandler.getSessionHandler().getSessionManager().getSessionCache().getSessionDataStore(),
"2233");
//create another invalid session
Session s2255 = createInvalidSession(contextHandler.getSessionHandler().getSessionManager().getSessionCache(),
ManagedSession s2255 = createInvalidSession(contextHandler.getSessionHandler().getSessionManager().getSessionCache(),
contextHandler.getSessionHandler().getSessionManager().getSessionCache().getSessionDataStore(),
"2255");
@ -279,15 +279,15 @@ public class DuplicateCookieTest
try (StacklessLogging ignored = new StacklessLogging(DuplicateCookieTest.class.getPackage()))
{
//create a valid session
Session s1122 = createUnExpiredSession(contextHandler.getSessionHandler().getSessionManager().getSessionCache(),
ManagedSession s1122 = createUnExpiredSession(contextHandler.getSessionHandler().getSessionManager().getSessionCache(),
contextHandler.getSessionHandler().getSessionManager().getSessionCache().getSessionDataStore(),
"1122");
//create an invalid session
Session s2233 = createInvalidSession(contextHandler.getSessionHandler().getSessionManager().getSessionCache(),
ManagedSession s2233 = createInvalidSession(contextHandler.getSessionHandler().getSessionManager().getSessionCache(),
contextHandler.getSessionHandler().getSessionManager().getSessionCache().getSessionDataStore(),
"2233");
//create another invalid session
Session s2255 = createInvalidSession(contextHandler.getSessionHandler().getSessionManager().getSessionCache(),
ManagedSession s2255 = createInvalidSession(contextHandler.getSessionHandler().getSessionManager().getSessionCache(),
contextHandler.getSessionHandler().getSessionManager().getSessionCache().getSessionDataStore(),
"2255");
@ -339,13 +339,13 @@ public class DuplicateCookieTest
try (StacklessLogging ignored = new StacklessLogging(DuplicateCookieTest.class.getPackage()))
{
//create some unexpired sessions
Session s1234 = createUnExpiredSession(contextHandler.getSessionHandler().getSessionManager().getSessionCache(),
ManagedSession s1234 = createUnExpiredSession(contextHandler.getSessionHandler().getSessionManager().getSessionCache(),
contextHandler.getSessionHandler().getSessionManager().getSessionCache().getSessionDataStore(),
"1234");
Session s5678 = createUnExpiredSession(contextHandler.getSessionHandler().getSessionManager().getSessionCache(),
ManagedSession s5678 = createUnExpiredSession(contextHandler.getSessionHandler().getSessionManager().getSessionCache(),
contextHandler.getSessionHandler().getSessionManager().getSessionCache().getSessionDataStore(),
"5678");
Session s9111 = createUnExpiredSession(contextHandler.getSessionHandler().getSessionManager().getSessionCache(),
ManagedSession s9111 = createUnExpiredSession(contextHandler.getSessionHandler().getSessionManager().getSessionCache(),
contextHandler.getSessionHandler().getSessionManager().getSessionCache().getSessionDataStore(),
"9111");
@ -398,7 +398,7 @@ public class DuplicateCookieTest
try (StacklessLogging ignored = new StacklessLogging(DuplicateCookieTest.class.getPackage()))
{
//create a valid unexpired session
Session s1234 = createUnExpiredSession(contextHandler.getSessionHandler().getSessionManager().getSessionCache(),
ManagedSession s1234 = createUnExpiredSession(contextHandler.getSessionHandler().getSessionManager().getSessionCache(),
contextHandler.getSessionHandler().getSessionManager().getSessionCache().getSessionDataStore(),
"1234");
@ -425,20 +425,20 @@ public class DuplicateCookieTest
}
}
public Session createUnExpiredSession(SessionCache cache, SessionDataStore store, String id) throws Exception
public ManagedSession createUnExpiredSession(SessionCache cache, SessionDataStore store, String id) throws Exception
{
long now = System.currentTimeMillis();
SessionData data = store.newSessionData(id, now - 20, now - 10, now - 20, TimeUnit.MINUTES.toMillis(10));
data.setExpiry(now + TimeUnit.DAYS.toMillis(1));
Session s = cache.newSession(data);
ManagedSession s = cache.newSession(data);
cache.add(id, s);
cache.release(s); //pretend a request that created the session is finished
return s;
}
public Session createInvalidSession(SessionCache cache, SessionDataStore store, String id) throws Exception
public ManagedSession createInvalidSession(SessionCache cache, SessionDataStore store, String id) throws Exception
{
Session session = createUnExpiredSession(cache, store, id);
ManagedSession session = createUnExpiredSession(cache, store, id);
((TestSession)session).makeInvalid();
return session;

16
jetty-ee9/jetty-ee9-tests/jetty-ee9-test-sessions/jetty-ee9-test-sessions-common/src/test/java/org/eclipse/jetty/ee9/session/IdleSessionTest.java
View File

@ -28,8 +28,8 @@ import org.eclipse.jetty.ee9.servlet.ServletContextHandler;
import org.eclipse.jetty.ee9.servlet.ServletHolder;
import org.eclipse.jetty.logging.StacklessLogging;
import org.eclipse.jetty.session.DefaultSessionCacheFactory;
import org.eclipse.jetty.session.ManagedSession;
import org.eclipse.jetty.session.NullSessionCacheFactory;
import org.eclipse.jetty.session.Session;
import org.eclipse.jetty.session.SessionDataStoreFactory;
import org.eclipse.jetty.util.thread.AutoLock;
import org.junit.jupiter.api.Test;
@ -64,8 +64,8 @@ public class IdleSessionTest
{
String contextPath = "";
String servletMapping = "/server";
int inactivePeriod = 10;
int scavengePeriod = 1;
int inactivePeriod = 5;
int scavengePeriod = 2;
int evictionSec = 2; //evict from cache if idle for 2 sec
DefaultSessionCacheFactory cacheFactory = new DefaultSessionCacheFactory();
@ -166,8 +166,8 @@ public class IdleSessionTest
//test the NullSessionCache which does not support idle timeout
String contextPath = "";
String servletMapping = "/server";
int inactivePeriod = 20;
int scavengePeriod = 3;
int inactivePeriod = 5;
int scavengePeriod = 2;
NullSessionCacheFactory cacheFactory = new NullSessionCacheFactory();
cacheFactory.setFlushOnResponseCommit(true);
@ -262,8 +262,8 @@ public class IdleSessionTest
HttpSession session = request.getSession(true);
session.setAttribute("value", 1);
originalId = session.getId();
Session s = ((org.eclipse.jetty.ee9.nested.Request)request).getCoreSession();
ManagedSession s = org.eclipse.jetty.ee9.nested.Request.getBaseRequest(request).getCoreRequest().getManagedSession();
try (AutoLock lock = s.lock())
{
assertTrue(s.isResident());
@ -275,7 +275,7 @@ public class IdleSessionTest
HttpSession session = request.getSession(false);
assertNotNull(session);
assertEquals(originalId, session.getId());
Session s = ((org.eclipse.jetty.ee9.nested.Request)request).getCoreSession();
ManagedSession s = org.eclipse.jetty.ee9.nested.Request.getBaseRequest(request).getCoreRequest().getManagedSession();
try (AutoLock lock = s.lock())
{
assertTrue(s.isResident());

4
jetty-ee9/jetty-ee9-tests/jetty-ee9-test-sessions/jetty-ee9-test-sessions-common/src/test/java/org/eclipse/jetty/ee9/session/ModifyMaxInactiveIntervalTest.java
View File

@ -25,9 +25,9 @@ import org.eclipse.jetty.client.ContentResponse;
import org.eclipse.jetty.client.HttpClient;
import org.eclipse.jetty.client.Request;
import org.eclipse.jetty.ee9.servlet.ServletContextHandler;
import org.eclipse.jetty.server.Session;
import org.eclipse.jetty.session.AbstractSessionDataStoreFactory;
import org.eclipse.jetty.session.DefaultSessionCacheFactory;
import org.eclipse.jetty.session.Session;
import org.eclipse.jetty.session.SessionCache;
import org.eclipse.jetty.session.SessionDataStoreFactory;
import org.junit.jupiter.api.Test;
@ -77,7 +77,7 @@ public class ModifyMaxInactiveIntervalTest extends AbstractSessionTestBase
String id = SessionTestSupport.extractSessionId(sessionCookie);
//check that the maxInactive is -1
Session s = ctxA.getSessionHandler().getSessionManager().getSession(id);
Session s = ctxA.getSessionHandler().getSessionManager().getManagedSession(id);
assertEquals(-1, s.getMaxInactiveInterval());
}
finally

12
jetty-ee9/jetty-ee9-tests/jetty-ee9-test-sessions/jetty-ee9-test-sessions-common/src/test/java/org/eclipse/jetty/ee9/session/SessionRenewTest.java
View File

@ -27,13 +27,13 @@ import jakarta.servlet.http.HttpSessionIdListener;
import org.eclipse.jetty.client.ContentResponse;
import org.eclipse.jetty.client.HttpClient;
import org.eclipse.jetty.client.Request;
import org.eclipse.jetty.ee9.nested.SessionHandler.ServletAPISession;
import org.eclipse.jetty.ee9.nested.SessionHandler.ServletSessionApi;
import org.eclipse.jetty.ee9.servlet.ServletContextHandler;
import org.eclipse.jetty.session.DefaultSessionCache;
import org.eclipse.jetty.session.DefaultSessionCacheFactory;
import org.eclipse.jetty.session.DefaultSessionIdManager;
import org.eclipse.jetty.session.ManagedSession;
import org.eclipse.jetty.session.NullSessionCacheFactory;
import org.eclipse.jetty.session.Session;
import org.eclipse.jetty.session.SessionCache;
import org.eclipse.jetty.session.SessionCacheFactory;
import org.eclipse.jetty.session.SessionData;
@ -68,7 +68,7 @@ public class SessionRenewTest
* @return previous existing session
* @throws Exception
*/
public Session getWithoutReferenceCount(String sessionId) throws Exception
public ManagedSession getWithoutReferenceCount(String sessionId) throws Exception
{
return getAndEnter(sessionId, false);
}
@ -183,8 +183,8 @@ public class SessionRenewTest
contextA.getSessionHandler().getSessionManager().getSessionCache().contains(updatedId);
contextB.getSessionHandler().getSessionManager().getSessionCache().contains(updatedId);
Session sessiona = ((TestSessionCache)contextA.getSessionHandler().getSessionManager().getSessionCache()).getWithoutReferenceCount(updatedId);
Session sessionb = ((TestSessionCache)contextB.getSessionHandler().getSessionManager().getSessionCache()).getWithoutReferenceCount(updatedId);
ManagedSession sessiona = ((TestSessionCache)contextA.getSessionHandler().getSessionManager().getSessionCache()).getWithoutReferenceCount(updatedId);
ManagedSession sessionb = ((TestSessionCache)contextB.getSessionHandler().getSessionManager().getSessionCache()).getWithoutReferenceCount(updatedId);
//sessions should nor have any usecounts
assertEquals(0, sessiona.getRequests());
@ -322,7 +322,7 @@ public class SessionRenewTest
assertTrue(beforeSession == afterSession); //same object
assertFalse(beforeSessionId.equals(afterSessionId)); //different id
Session coreAfterSession = ((ServletAPISession)afterSession).getCoreSession();
ManagedSession coreAfterSession = ((ServletSessionApi)afterSession).getSession();
SessionManager sessionManager = coreAfterSession.getSessionManager();
DefaultSessionIdManager sessionIdManager = (DefaultSessionIdManager)sessionManager.getSessionIdManager();