Coverage Report - org.apache.shiro.web.session.HttpServletSession
 
Classes in this File Line Coverage Branch Coverage Complexity
HttpServletSession
28%
19/67
33%
4/12
2.933
 
 1  
 /*
 2  
  * Licensed to the Apache Software Foundation (ASF) under one
 3  
  * or more contributor license agreements.  See the NOTICE file
 4  
  * distributed with this work for additional information
 5  
  * regarding copyright ownership.  The ASF licenses this file
 6  
  * to you under the Apache License, Version 2.0 (the
 7  
  * "License"); you may not use this file except in compliance
 8  
  * with the License.  You may obtain a copy of the License at
 9  
  *
 10  
  *     http://www.apache.org/licenses/LICENSE-2.0
 11  
  *
 12  
  * Unless required by applicable law or agreed to in writing,
 13  
  * software distributed under the License is distributed on an
 14  
  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 15  
  * KIND, either express or implied.  See the License for the
 16  
  * specific language governing permissions and limitations
 17  
  * under the License.
 18  
  */
 19  
 package org.apache.shiro.web.session;
 20  
 
 21  
 import org.apache.shiro.session.InvalidSessionException;
 22  
 import org.apache.shiro.session.Session;
 23  
 import org.apache.shiro.util.StringUtils;
 24  
 import org.apache.shiro.web.servlet.ShiroHttpSession;
 25  
 
 26  
 import javax.servlet.http.HttpSession;
 27  
 import java.io.Serializable;
 28  
 import java.util.ArrayList;
 29  
 import java.util.Collection;
 30  
 import java.util.Date;
 31  
 import java.util.Enumeration;
 32  
 
 33  
 /**
 34  
  * {@link Session Session} implementation that is backed entirely by a standard servlet container
 35  
  * {@link HttpSession HttpSession} instance.  It does not interact with any of Shiro's session-related components
 36  
  * {@code SessionManager}, {@code SecurityManager}, etc, and instead satisfies all method implementations by interacting
 37  
  * with a servlet container provided {@link HttpSession HttpSession} instance.
 38  
  *
 39  
  * @since 1.0
 40  
  */
 41  
 public class HttpServletSession implements Session {
 42  
 
 43  1
     private static final String HOST_SESSION_KEY = HttpServletSession.class.getName() + ".HOST_SESSION_KEY";
 44  1
     private static final String TOUCH_OBJECT_SESSION_KEY = HttpServletSession.class.getName() + ".TOUCH_OBJECT_SESSION_KEY";
 45  
 
 46  3
     private HttpSession httpSession = null;
 47  
 
 48  3
     public HttpServletSession(HttpSession httpSession, String host) {
 49  3
         if (httpSession == null) {
 50  0
             String msg = "HttpSession constructor argument cannot be null.";
 51  0
             throw new IllegalArgumentException(msg);
 52  
         }
 53  3
         if (httpSession instanceof ShiroHttpSession) {
 54  0
             String msg = "HttpSession constructor argument cannot be an instance of ShiroHttpSession.  This " +
 55  
                     "is enforced to prevent circular dependencies and infinite loops.";
 56  0
             throw new IllegalArgumentException(msg);
 57  
         }
 58  3
         this.httpSession = httpSession;
 59  3
         if (StringUtils.hasText(host)) {
 60  3
             setHost(host);
 61  
         }
 62  3
     }
 63  
 
 64  
     public Serializable getId() {
 65  0
         return httpSession.getId();
 66  
     }
 67  
 
 68  
     public Date getStartTimestamp() {
 69  0
         return new Date(httpSession.getCreationTime());
 70  
     }
 71  
 
 72  
     public Date getLastAccessTime() {
 73  0
         return new Date(httpSession.getLastAccessedTime());
 74  
     }
 75  
 
 76  
     public long getTimeout() throws InvalidSessionException {
 77  
         try {
 78  0
             return httpSession.getMaxInactiveInterval() * 1000;
 79  0
         } catch (Exception e) {
 80  0
             throw new InvalidSessionException(e);
 81  
         }
 82  
     }
 83  
 
 84  
     public void setTimeout(long maxIdleTimeInMillis) throws InvalidSessionException {
 85  
         try {
 86  0
             int timeout = Long.valueOf(maxIdleTimeInMillis / 1000).intValue();
 87  0
             httpSession.setMaxInactiveInterval(timeout);
 88  0
         } catch (Exception e) {
 89  0
             throw new InvalidSessionException(e);
 90  0
         }
 91  0
     }
 92  
 
 93  
     protected void setHost(String host) {
 94  3
         setAttribute(HOST_SESSION_KEY, host);
 95  3
     }
 96  
 
 97  
     public String getHost() {
 98  3
         return (String) getAttribute(HOST_SESSION_KEY);
 99  
     }
 100  
 
 101  
     public void touch() throws InvalidSessionException {
 102  
         //just manipulate the session to update the access time:
 103  
         try {
 104  0
             httpSession.setAttribute(TOUCH_OBJECT_SESSION_KEY, TOUCH_OBJECT_SESSION_KEY);
 105  0
             httpSession.removeAttribute(TOUCH_OBJECT_SESSION_KEY);
 106  0
         } catch (Exception e) {
 107  0
             throw new InvalidSessionException(e);
 108  0
         }
 109  0
     }
 110  
 
 111  
     public void stop() throws InvalidSessionException {
 112  
         try {
 113  0
             httpSession.invalidate();
 114  0
         } catch (Exception e) {
 115  0
             throw new InvalidSessionException(e);
 116  0
         }
 117  0
     }
 118  
 
 119  
     public Collection<Object> getAttributeKeys() throws InvalidSessionException {
 120  
         try {
 121  0
             Enumeration namesEnum = httpSession.getAttributeNames();
 122  0
             Collection<Object> keys = null;
 123  0
             if (namesEnum != null) {
 124  0
                 keys = new ArrayList<Object>();
 125  0
                 while (namesEnum.hasMoreElements()) {
 126  0
                     keys.add(namesEnum.nextElement());
 127  
                 }
 128  
             }
 129  0
             return keys;
 130  0
         } catch (Exception e) {
 131  0
             throw new InvalidSessionException(e);
 132  
         }
 133  
     }
 134  
 
 135  
     private static String assertString(Object key) {
 136  6
         if (!(key instanceof String)) {
 137  0
             String msg = "HttpSession based implementations of the Shiro Session interface requires attribute keys " +
 138  
                     "to be String objects.  The HttpSession class does not support anything other than String keys.";
 139  0
             throw new IllegalArgumentException(msg);
 140  
         }
 141  6
         return (String) key;
 142  
     }
 143  
 
 144  
     public Object getAttribute(Object key) throws InvalidSessionException {
 145  
         try {
 146  3
             return httpSession.getAttribute(assertString(key));
 147  0
         } catch (Exception e) {
 148  0
             throw new InvalidSessionException(e);
 149  
         }
 150  
     }
 151  
 
 152  
     public void setAttribute(Object key, Object value) throws InvalidSessionException {
 153  
         try {
 154  3
             httpSession.setAttribute(assertString(key), value);
 155  0
         } catch (Exception e) {
 156  0
             throw new InvalidSessionException(e);
 157  3
         }
 158  3
     }
 159  
 
 160  
     public Object removeAttribute(Object key) throws InvalidSessionException {
 161  
         try {
 162  0
             String sKey = assertString(key);
 163  0
             Object removed = httpSession.getAttribute(sKey);
 164  0
             httpSession.removeAttribute(sKey);
 165  0
             return removed;
 166  0
         } catch (Exception e) {
 167  0
             throw new InvalidSessionException(e);
 168  
         }
 169  
     }
 170  
 }