Class SessionFilter
- java.lang.Object
-
- org.springframework.web.filter.GenericFilterBean
-
- de.hybris.platform.servicelayer.web.SessionFilter
-
- All Implemented Interfaces:
javax.servlet.Filter,org.springframework.beans.factory.Aware,org.springframework.beans.factory.BeanNameAware,org.springframework.beans.factory.DisposableBean,org.springframework.beans.factory.InitializingBean,org.springframework.context.EnvironmentAware,org.springframework.core.env.EnvironmentCapable,org.springframework.web.context.ServletContextAware
public class SessionFilter extends org.springframework.web.filter.GenericFilterBeanThis filters takes care of the session handling. Right now it still uses some Jalo classes in order to achieve this goal but in the future the complete session handling will be done "inside" the ServiceLayer.
-
-
Field Summary
Fields Modifier and Type Field Description static java.lang.StringSERIALIZATION_CHECK_RESPONSE_ERRORstatic java.lang.StringSESSION_SERIALIZATION_CHECK_PROPERTYstatic java.lang.StringSESSION_SERIALIZATION_EXTENSIONS_PROPERTYstatic java.lang.StringTOMCAT_REPLICATION_SUPPORT
-
Constructor Summary
Constructors Constructor Description SessionFilter()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected voidactivateSession(javax.servlet.http.HttpSession httpSession, javax.servlet.http.HttpServletRequest request)This methods first checks, if there is already a Session (JaloSessionright now) attached to the httpSession.voidafterPropertiesSet()protected voidassureAllSessionAttributesAreSerializable(javax.servlet.http.HttpServletResponse response, javax.servlet.http.HttpSession httpSession)protected voiddeactivateSession(javax.servlet.http.HttpSession httpSession)Deactivates the current JaloSession by callingJaloSession.deactivate().voiddoFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain filterChain)Before the filterChain gets processed the methodactivateSession(HttpSession, HttpServletRequest)gets called.protected booleanisExtensionEnabledForSessionChecking(javax.servlet.http.HttpServletRequest request)protected booleanisSessionSerializationCheckEnabled(javax.servlet.http.HttpServletRequest httpRequest)protected java.lang.BooleanisSessionSerializationEnabled(javax.servlet.http.HttpServletRequest request)voidsetSessionService(SessionService sessionService)
-
-
-
Field Detail
-
TOMCAT_REPLICATION_SUPPORT
public static final java.lang.String TOMCAT_REPLICATION_SUPPORT
- See Also:
- Constant Field Values
-
SESSION_SERIALIZATION_CHECK_PROPERTY
public static final java.lang.String SESSION_SERIALIZATION_CHECK_PROPERTY
- See Also:
- Constant Field Values
-
SESSION_SERIALIZATION_EXTENSIONS_PROPERTY
public static final java.lang.String SESSION_SERIALIZATION_EXTENSIONS_PROPERTY
- See Also:
- Constant Field Values
-
SERIALIZATION_CHECK_RESPONSE_ERROR
public static final java.lang.String SERIALIZATION_CHECK_RESPONSE_ERROR
- See Also:
- Constant Field Values
-
-
Method Detail
-
doFilter
public void doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain filterChain) throws java.io.IOException, javax.servlet.ServletExceptionBefore the filterChain gets processed the methodactivateSession(HttpSession, HttpServletRequest)gets called. After the processing of the filterChain the methoddeactivateSession(HttpSession)gets called.- Parameters:
request- the requestresponse- the responsefilterChain- the filterChain- Throws:
java.io.IOExceptionjavax.servlet.ServletException
-
isSessionSerializationCheckEnabled
protected boolean isSessionSerializationCheckEnabled(javax.servlet.http.HttpServletRequest httpRequest)
-
isSessionSerializationEnabled
protected java.lang.Boolean isSessionSerializationEnabled(javax.servlet.http.HttpServletRequest request)
-
isExtensionEnabledForSessionChecking
protected boolean isExtensionEnabledForSessionChecking(javax.servlet.http.HttpServletRequest request)
-
assureAllSessionAttributesAreSerializable
protected void assureAllSessionAttributesAreSerializable(javax.servlet.http.HttpServletResponse response, javax.servlet.http.HttpSession httpSession)
-
activateSession
protected void activateSession(javax.servlet.http.HttpSession httpSession, javax.servlet.http.HttpServletRequest request)This methods first checks, if there is already a Session (JaloSessionright now) attached to the httpSession. If there is a attached session, this session will be activated, if there is no attached session, a new session will be created by callingSessionService.createNewSession()and the new session get assigned to the httpSession and the httpSessionId get set on the JaloSession.- Parameters:
httpSession- the session which is used
-
deactivateSession
protected void deactivateSession(javax.servlet.http.HttpSession httpSession)
Deactivates the current JaloSession by callingJaloSession.deactivate().- Parameters:
httpSession- only used for logging purpose right now
-
setSessionService
public void setSessionService(SessionService sessionService)
-
afterPropertiesSet
public void afterPropertiesSet() throws javax.servlet.ServletException- Specified by:
afterPropertiesSetin interfaceorg.springframework.beans.factory.InitializingBean- Overrides:
afterPropertiesSetin classorg.springframework.web.filter.GenericFilterBean- Throws:
javax.servlet.ServletException
-
-