Author: struberg
Date: Thu May 7 21:03:03 2015
New Revision: 1678262
URL: http://svn.apache.org/r1678262
Log:
OWB-1069 detect if the session is expired or got manually invalidated()
This is important as there are different rules defined in the CDI spec:
A Session needs to be
* destroyed immediately on a session timeout
* destroyed at the end of the request if a manual Session.invalidate() got
invoked.
Modified:
openwebbeans/trunk/webbeans-web/src/main/java/org/apache/webbeans/web/context/WebContextsService.java
Modified:
openwebbeans/trunk/webbeans-web/src/main/java/org/apache/webbeans/web/context/WebContextsService.java
URL:
http://svn.apache.org/viewvc/openwebbeans/trunk/webbeans-web/src/main/java/org/apache/webbeans/web/context/WebContextsService.java?rev=1678262&r1=1678261&r2=1678262&view=diff
==============================================================================
---
openwebbeans/trunk/webbeans-web/src/main/java/org/apache/webbeans/web/context/WebContextsService.java
(original)
+++
openwebbeans/trunk/webbeans-web/src/main/java/org/apache/webbeans/web/context/WebContextsService.java
Thu May 7 21:03:03 2015
@@ -47,6 +47,7 @@ import javax.servlet.ServletRequestEvent
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import java.lang.annotation.Annotation;
+import java.util.concurrent.TimeUnit;
import java.util.logging.Level;
import java.util.logging.Logger;
@@ -449,11 +450,20 @@ public class WebContextsService extends
// Get current session context from ThreadLocal
SessionContext context = sessionContexts.get();
HttpSession session = null;
+
+ // whether the session is destroyed because it is expired
+ boolean sessionIsExpiring = false;
+
if (endObject != null && endObject instanceof HttpSession)
{
session = (HttpSession) endObject;
if (context == null &&
session.getAttribute(OWB_SESSION_CONTEXT_ATTRIBUTE_NAME) != null)
{
+ if (!destroySessionImmediately)
+ {
+ sessionIsExpiring = sessionIsExpiring(session);
+ }
+
// init in this case only attaches the existing session to the
ThreadLocal
initSessionContext(session);
context = sessionContexts.get();
@@ -466,8 +476,9 @@ public class WebContextsService extends
// we need to mark the conversation to get destroyed at the end of
the request
ServletRequestContext requestContext = getRequestContext(true);
- if (destroySessionImmediately || requestContext == null
- || requestContext.getServletRequest() == null ||
requestContext.getServletRequest().getSession() == null)
+ if (destroySessionImmediately
+ || requestContext == null ||
requestContext.getServletRequest() == null ||
requestContext.getServletRequest().getSession() == null
+ || sessionIsExpiring)
{
context.destroy();
webBeansContext.getBeanManagerImpl().fireEvent(session != null
? session : new Object(), DestroyedLiteral.INSTANCE_SESSION_SCOPED);
@@ -484,6 +495,24 @@ public class WebContextsService extends
}
+
+ /**
+ * @return {@code true} if the sessino is currently expiring or has
already expired
+ */
+ protected boolean sessionIsExpiring(HttpSession session)
+ {
+ int maxInactiveInterval = session.getMaxInactiveInterval();
+ if (maxInactiveInterval > 0)
+ {
+ long inactiveSince =
TimeUnit.MILLISECONDS.toSeconds(System.currentTimeMillis() -
session.getLastAccessedTime());
+ if (inactiveSince >= maxInactiveInterval)
+ {
+ return true;
+ }
+ }
+ return false;
+ }
+
/**
* Creates the application context at the application startup
* @param startupObject servlet context object or other startup
