Source code

001/*
002 * (C) Copyright 2006-2009 Nuxeo SA (http://nuxeo.com/) and others.
003 *
004 * Licensed under the Apache License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 *     http://www.apache.org/licenses/LICENSE-2.0
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 *
016 * Contributors:
017 *     Nuxeo - initial API and implementation
018 *
019 * $Id$
020 */
021
022package org.nuxeo.ecm.platform.ui.web.auth.plugins;
023
024import javax.faces.context.ExternalContext;
025import javax.faces.context.FacesContext;
026import javax.servlet.ServletRequest;
027import javax.servlet.http.HttpServletRequest;
028import javax.servlet.http.HttpSession;
029
030import org.jboss.seam.Seam;
031import org.jboss.seam.contexts.ServletLifecycle;
032import org.jboss.seam.core.Manager;
033import org.nuxeo.common.utils.ExceptionUtils;
034import org.nuxeo.ecm.platform.ui.web.rest.FancyURLRequestWrapper;
035
036public class SeamJsfSessionManager extends DefaultSessionManager {
037
038    @Override
039    public boolean canBypassRequest(ServletRequest request) {
040        return request instanceof FancyURLRequestWrapper;
041    }
042
043    @Override
044    public boolean invalidateSession(ServletRequest request) {
045        try {
046            Seam.invalidateSession();
047            return true;
048        } catch (RuntimeException e) {
049            // TODO what is caught here?
050            return super.invalidateSession(request);
051        }
052    }
053
054    @Override
055    public void onBeforeSessionReinit(ServletRequest request) {
056        // destroy session
057        // because of Seam Phase Listener we can't use Seam.invalidateSession()
058        // because the session would be invalidated at the end of the request !
059        HttpServletRequest httpRequest = (HttpServletRequest) request;
060        HttpSession session = httpRequest.getSession(false);
061        if (session != null) {
062            FacesContext facesContext = FacesContext.getCurrentInstance();
063            if (facesContext != null) {
064                ExternalContext externalContext = facesContext.getExternalContext();
065                // Make long-running conversation temporary
066                Manager.instance().endConversation(true);
067                Manager.instance().endRequest(externalContext.getSessionMap());
068                ServletLifecycle.endRequest(httpRequest);
069            }
070        }
071    }
072
073    @Override
074    public void onAfterSessionReinit(ServletRequest request) {
075        HttpServletRequest httpRequest = (HttpServletRequest) request;
076        // reinit Seam so the afterResponseComplete does not crash
077        ServletLifecycle.beginRequest(httpRequest);
078    }
079
080}