001/* 002 * (C) Copyright 2006-2009 Nuxeo SA (http://nuxeo.com/) and others. 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 * 016 * Contributors: 017 * Nuxeo - initial API and implementation 018 * 019 * $Id$ 020 */ 021 022package org.nuxeo.ecm.platform.ui.web.auth.plugins; 023 024import javax.faces.context.ExternalContext; 025import javax.faces.context.FacesContext; 026import javax.servlet.ServletRequest; 027import javax.servlet.http.HttpServletRequest; 028import javax.servlet.http.HttpSession; 029 030import org.jboss.seam.Seam; 031import org.jboss.seam.contexts.ServletLifecycle; 032import org.jboss.seam.core.Manager; 033import org.nuxeo.common.utils.ExceptionUtils; 034import org.nuxeo.ecm.platform.ui.web.rest.FancyURLRequestWrapper; 035 036public class SeamJsfSessionManager extends DefaultSessionManager { 037 038 @Override 039 public boolean canBypassRequest(ServletRequest request) { 040 return request instanceof FancyURLRequestWrapper; 041 } 042 043 @Override 044 public boolean invalidateSession(ServletRequest request) { 045 try { 046 Seam.invalidateSession(); 047 return true; 048 } catch (RuntimeException e) { 049 // TODO what is caught here? 050 return super.invalidateSession(request); 051 } 052 } 053 054 @Override 055 public void onBeforeSessionReinit(ServletRequest request) { 056 // destroy session 057 // because of Seam Phase Listener we can't use Seam.invalidateSession() 058 // because the session would be invalidated at the end of the request ! 059 HttpServletRequest httpRequest = (HttpServletRequest) request; 060 HttpSession session = httpRequest.getSession(false); 061 if (session != null) { 062 FacesContext facesContext = FacesContext.getCurrentInstance(); 063 if (facesContext != null) { 064 ExternalContext externalContext = facesContext.getExternalContext(); 065 // Make long-running conversation temporary 066 Manager.instance().endConversation(true); 067 Manager.instance().endRequest(externalContext.getSessionMap()); 068 ServletLifecycle.endRequest(httpRequest); 069 } 070 } 071 } 072 073 @Override 074 public void onAfterSessionReinit(ServletRequest request) { 075 HttpServletRequest httpRequest = (HttpServletRequest) request; 076 // reinit Seam so the afterResponseComplete does not crash 077 ServletLifecycle.beginRequest(httpRequest); 078 } 079 080}