Class SessionFilter
java.lang.Object
org.springframework.web.filter.GenericFilterBean
de.hybris.platform.servicelayer.web.SessionFilter
- All Implemented Interfaces:
javax.servlet.Filter,org.springframework.beans.factory.Aware,org.springframework.beans.factory.BeanNameAware,org.springframework.beans.factory.DisposableBean,org.springframework.beans.factory.InitializingBean,org.springframework.context.EnvironmentAware,org.springframework.core.env.EnvironmentCapable,org.springframework.web.context.ServletContextAware
public class SessionFilter
extends org.springframework.web.filter.GenericFilterBean
This filters takes care of the session handling. Right now it still uses some Jalo classes in order to achieve this
goal but in the future the complete session handling will be done "inside" the ServiceLayer.
-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final Stringstatic final Stringstatic final Stringstatic final StringFields inherited from class org.springframework.web.filter.GenericFilterBean
logger -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprotected voidactivateSession(javax.servlet.http.HttpSession httpSession, javax.servlet.http.HttpServletRequest request) This methods first checks, if there is already a Session (JaloSessionright now) attached to the httpSession.voidprotected voidassureAllSessionAttributesAreSerializable(javax.servlet.http.HttpServletResponse response, javax.servlet.http.HttpSession httpSession) protected voiddeactivateSession(javax.servlet.http.HttpSession httpSession) Deactivates the current JaloSession by callingJaloSession.deactivate().voiddoFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain filterChain) Before the filterChain gets processed the methodactivateSession(HttpSession, HttpServletRequest)gets called.protected booleanisExtensionEnabledForSessionChecking(javax.servlet.http.HttpServletRequest request) protected booleanisSessionSerializationCheckEnabled(javax.servlet.http.HttpServletRequest httpRequest) protected BooleanisSessionSerializationEnabled(javax.servlet.http.HttpServletRequest request) voidsetSessionService(SessionService sessionService) voidsetStaleSessionSupport(StaleSessionSupport staleSessionSupport) Methods inherited from class org.springframework.web.filter.GenericFilterBean
addRequiredProperty, createEnvironment, destroy, getEnvironment, getFilterConfig, getFilterName, getServletContext, init, initBeanWrapper, initFilterBean, setBeanName, setEnvironment, setServletContext
-
Field Details
-
TOMCAT_REPLICATION_SUPPORT
- See Also:
-
SESSION_SERIALIZATION_CHECK_PROPERTY
- See Also:
-
SESSION_SERIALIZATION_EXTENSIONS_PROPERTY
- See Also:
-
SERIALIZATION_CHECK_RESPONSE_ERROR
- See Also:
-
-
Constructor Details
-
SessionFilter
public SessionFilter()
-
-
Method Details
-
doFilter
public void doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain filterChain) throws IOException, javax.servlet.ServletException Before the filterChain gets processed the methodactivateSession(HttpSession, HttpServletRequest)gets called. After the processing of the filterChain the methoddeactivateSession(HttpSession)gets called.- Parameters:
request- the requestresponse- the responsefilterChain- the filterChain- Throws:
IOExceptionjavax.servlet.ServletException
-
isSessionSerializationCheckEnabled
protected boolean isSessionSerializationCheckEnabled(javax.servlet.http.HttpServletRequest httpRequest) -
isSessionSerializationEnabled
-
isExtensionEnabledForSessionChecking
protected boolean isExtensionEnabledForSessionChecking(javax.servlet.http.HttpServletRequest request) -
assureAllSessionAttributesAreSerializable
protected void assureAllSessionAttributesAreSerializable(javax.servlet.http.HttpServletResponse response, javax.servlet.http.HttpSession httpSession) -
activateSession
protected void activateSession(javax.servlet.http.HttpSession httpSession, javax.servlet.http.HttpServletRequest request) This methods first checks, if there is already a Session (JaloSessionright now) attached to the httpSession. If there is a attached session, this session will be activated, if there is no attached session, a new session will be created by callingSessionService.createNewSession()and the new session get assigned to the httpSession and the httpSessionId get set on the JaloSession.- Parameters:
httpSession- the session which is used
-
deactivateSession
protected void deactivateSession(javax.servlet.http.HttpSession httpSession) Deactivates the current JaloSession by callingJaloSession.deactivate().- Parameters:
httpSession- only used for logging purpose right now
-
setSessionService
-
setStaleSessionSupport
-
getStaleSessionSupport
-
afterPropertiesSet
public void afterPropertiesSet() throws javax.servlet.ServletException- Specified by:
afterPropertiesSetin interfaceorg.springframework.beans.factory.InitializingBean- Overrides:
afterPropertiesSetin classorg.springframework.web.filter.GenericFilterBean- Throws:
javax.servlet.ServletException
-