sunlabs.brazil.filter
Class SessionFilter

java.lang.Object
  sunlabs.brazil.filter.SessionFilter (view source)

All Implemented Interfaces:

Filter, Handler

public class SessionFilter
extends Object
implements Filter

Filter to manage browser sessions using browser cookies or URL rewriting as needed. This should be used as the last filter in the filter chain. It attempts to use browser cookies. If they don't work, it rewrites the URL's instead, tacking the session info onto the end of the URL.

This Filter works by first examining the request as a handler. If the request contains an ID, either in the "browser cookie" or written into the URL, the session ID is extracted. In the id-in-the-url case, the ID is removed from the URL. When called later as a filter, the SessionFilter rewrites all relevent URL's in the page to incorporate the ID.

If an ID can't be found either in the cookie or URL, a couple the session creation sequence starts. First, the browser is send a "set-cookie" request along with a redirect that contains the cookie value encoded into the redirected URL. When the browser follows the redirect, the request is examined to se if the cookie value was sent. If so, the browser is redirected back to the original URL, and normal "cookie" processing takes place. If no cookie is found, the browser is redirected back to the original URL, modified to embed the ID into it, and normal URL session rewriting takes place.

The following server properties are used:

cookie

The name of the cookie to use (defaults to "cookie"). If the name is "none", then no cookies are used. Instead, session rewriting will occur for every session.

session

The name of the request property that the Session ID will be stored in, to be passed to downstream handler. The default value is "SessionID". If the session property is set, and not empty, then no processing is done.

persist

If set, cookies persist across browser sessions. If cookies are disabled, no persistence is available.

cookiePrefix

The URL prefix for which the cookie applies. Defaults to "/".

suffix

A regular expression that matches url suffix we process. Defaults to html|xml|txt, or to the directory default (e.g. a URL that ends in "/"). Note, this overrides the suffix handling done by MatchString() in the FilterHandler.

The Following request properties are set:

gotCookie

An id was retrieved out of a cookie header

UrlID

Set to the string tacked onto the end of each URL, if session ID's are managed by URL rewriting. If cookies are used, this is set to the empty string.

Field Summary

String	cookieName
String	encoding
boolean	persist
String	redirectToken
String	session
String	urlSep

Constructor Summary

SessionFilter()

Method Summary

byte[]	filter(Request request, MimeHeaders headers, byte[] content) Rewrite all the url's, adding the session id to the end
boolean	init(Server server, String propsPrefix) Initializes the handler.
boolean	respond(Request request) This is called by the filterHandler before the content generation step.
boolean	shouldFilter(Request request, MimeHeaders headers) We have the results, only filter if html and we're rewriting

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

session

public String session

cookieName

public String cookieName

urlSep

public String urlSep

redirectToken

public String redirectToken

encoding

public String encoding

persist

public boolean persist

Constructor Detail

SessionFilter

public SessionFilter()

Method Detail

init

public boolean init(Server server,
                    String propsPrefix)

Description copied from interface: Handler

Initializes the handler.

Specified by:

init in interface Handler

Parameters:

server - The HTTP server that created this Handler. Typical Handlers will use Server.props to obtain run-time configuration information.

propsPrefix - The handlers name. The string this Handler may prepend to all of the keys that it uses to extract configuration information from Server.props. This is set (by the Server and ChainHandler) to help avoid configuration parameter namespace collisions.

Returns:

true if this Handler initialized successfully, false otherwise. If false is returned, this Handler should not be used.

respond

public boolean respond(Request request)
                throws IOException

This is called by the filterHandler before the content generation step. It is responsible for extracting the session information, then (if required) restoring the URL's to their original form. It tries relatively hard to use cookies if they are available through a series or redirects.

Specified by:

respond in interface Handler

Parameters:

request - The Request object that represents the HTTP request.

Returns:

true if the request was handled. A request was handled if a response was supplied to the client, typically by calling Request.sendResponse() or Request.sendError.

Throws:

IOException - if there was an I/O error while sending the response to the client. Typically, in that case, the Server will (try to) send an error message to the client and then close the client's connection.

The IOException should not be used to silently ignore problems such as being unable to access some server-side resource (for example getting a FileNotFoundException due to not being able to open a file). In that case, the Handler's duty is to turn that IOException into a HTTP response indicating, in this case, that a file could not be found.

shouldFilter

public boolean shouldFilter(Request request,
                            MimeHeaders headers)

We have the results, only filter if html and we're rewriting

Specified by:

shouldFilter in interface Filter

Parameters:

request - The in-progress HTTP request.

headers - The MIME headers generated by the wrapped Handler.

Returns:

true if this filter would like to examine and possibly rewrite the content, false otherwise.

filter

public byte[] filter(Request request,
                     MimeHeaders headers,
                     byte[] content)

Rewrite all the url's, adding the session id to the end

Specified by:

filter in interface Filter

Parameters:

request - The finished HTTP request.

headers - The MIME headers generated by the Handler.

content - The output from the Handler that this Filter may rewrite.

Returns:

The rewritten content. The Filter may return the original content unchanged. The Filter may return null to indicate that the FilterHandler should stop processing the request and should not return any content to the client.