Source code

001/*
002 * (C) Copyright 2006-2009 Nuxeo SAS (http://nuxeo.com/) and contributors.
003 *
004 * All rights reserved. This program and the accompanying materials
005 * are made available under the terms of the GNU Lesser General Public License
006 * (LGPL) version 2.1 which accompanies this distribution, and is available at
007 * http://www.gnu.org/licenses/lgpl.html
008 *
009 * This library is distributed in the hope that it will be useful,
010 * but WITHOUT ANY WARRANTY; without even the implied warranty of
011 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
012 * Lesser General Public License for more details.
013 *
014 * Contributors:
015 *     Nuxeo - initial API and implementation
016 *
017 * $Id$
018 */
019
020package org.nuxeo.ecm.platform.ui.web.auth.plugins;
021
022import javax.faces.context.ExternalContext;
023import javax.faces.context.FacesContext;
024import javax.servlet.ServletRequest;
025import javax.servlet.http.HttpServletRequest;
026import javax.servlet.http.HttpSession;
027
028import org.jboss.seam.Seam;
029import org.jboss.seam.contexts.ServletLifecycle;
030import org.jboss.seam.core.Manager;
031import org.nuxeo.common.utils.ExceptionUtils;
032import org.nuxeo.ecm.platform.ui.web.rest.FancyURLRequestWrapper;
033
034public class SeamJsfSessionManager extends DefaultSessionManager {
035
036    @Override
037    public boolean canBypassRequest(ServletRequest request) {
038        return request instanceof FancyURLRequestWrapper;
039    }
040
041    @Override
042    public void onBeforeSessionInvalidate(ServletRequest request) {
043        try {
044            Seam.invalidateSession();
045        } catch (RuntimeException e) {
046            // TODO what is caught here?
047            super.onBeforeSessionInvalidate(request);
048        }
049    }
050
051    @Override
052    public void onBeforeSessionReinit(ServletRequest request) {
053        // destroy session
054        // because of Seam Phase Listener we can't use Seam.invalidateSession()
055        // because the session would be invalidated at the end of the request !
056        HttpServletRequest httpRequest = (HttpServletRequest) request;
057        HttpSession session = httpRequest.getSession(false);
058        if (session != null) {
059            FacesContext facesContext = FacesContext.getCurrentInstance();
060            if (facesContext != null) {
061                ExternalContext externalContext = facesContext.getExternalContext();
062                // Make long-running conversation temporary
063                Manager.instance().endConversation(true);
064                Manager.instance().endRequest(externalContext.getSessionMap());
065                ServletLifecycle.endRequest(httpRequest);
066            }
067        }
068    }
069
070    @Override
071    public void onAfterSessionReinit(ServletRequest request) {
072        HttpServletRequest httpRequest = (HttpServletRequest) request;
073        // reinit Seam so the afterResponseComplete does not crash
074        ServletLifecycle.beginRequest(httpRequest);
075    }
076
077}