001/* 002 * Licensed to the Apache Software Foundation (ASF) under one or more 003 * contributor license agreements. See the NOTICE file distributed with 004 * this work for additional information regarding copyright ownership. 005 * The ASF licenses this file to You under the Apache License, Version 2.0 006 * (the "License"); you may not use this file except in compliance with 007 * the License. You may obtain a copy of the License at 008 * 009 * http://www.apache.org/licenses/LICENSE-2.0 010 * 011 * Unless required by applicable law or agreed to in writing, software 012 * distributed under the License is distributed on an "AS IS" BASIS, 013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 014 * See the License for the specific language governing permissions and 015 * limitations under the License. 016 */ 017package org.apache.wicket.protocol.http; 018 019import javax.servlet.http.HttpServletRequest; 020 021import org.apache.wicket.RestartResponseAtInterceptPageException; 022import org.apache.wicket.Session; 023import org.apache.wicket.markup.html.WebPage; 024import org.apache.wicket.markup.html.pages.BrowserInfoPage; 025import org.apache.wicket.protocol.http.request.WebClientInfo; 026import org.apache.wicket.protocol.http.servlet.ServletWebRequest; 027import org.apache.wicket.request.Request; 028import org.apache.wicket.request.cycle.RequestCycle; 029 030/** 031 * A session subclass for the HTTP protocol. 032 * 033 * @author Jonathan Locke 034 */ 035public class WebSession extends Session 036{ 037 private static final long serialVersionUID = 1L; 038 039 public static WebSession get() 040 { 041 return (WebSession)Session.get(); 042 } 043 044 /** 045 * Constructor. Note that {@link RequestCycle} is not available until this constructor returns. 046 * 047 * @param request 048 * The current request 049 */ 050 public WebSession(Request request) 051 { 052 super(request); 053 } 054 055 /** 056 * Call signOut() and remove the logon data from whereever they have been persisted (e.g. 057 * Cookies) 058 * 059 * @see org.apache.wicket.Session#invalidate() 060 */ 061 @Override 062 public void invalidate() 063 { 064 if (isSessionInvalidated() == false) 065 { 066 getApplication().getSecuritySettings().getAuthenticationStrategy().remove(); 067 068 super.invalidate(); 069 } 070 } 071 072 /** 073 * {@inheritDoc} 074 * 075 * <p> 076 * To gather the client information this implementation redirects temporarily to a special page 077 * ({@link BrowserInfoPage}). 078 * <p> 079 * Note: Do <strong>not</strong> call this method from your custom {@link Session} constructor 080 * because the temporary page needs a constructed {@link Session} to be able to work. 081 * <p> 082 * If you need to set a default client info property then better use 083 * {@link #setClientInfo(org.apache.wicket.core.request.ClientInfo)} directly. 084 */ 085 @Override 086 public WebClientInfo getClientInfo() 087 { 088 if (clientInfo == null) 089 { 090 RequestCycle requestCycle = RequestCycle.get(); 091 clientInfo = new WebClientInfo(requestCycle); 092 093 if (getApplication().getRequestCycleSettings().getGatherExtendedBrowserInfo()) 094 { 095 WebPage browserInfoPage = newBrowserInfoPage(); 096 throw new RestartResponseAtInterceptPageException(browserInfoPage); 097 } 098 } 099 return (WebClientInfo)clientInfo; 100 } 101 102 /** 103 * Override this method if you want to use a custom page for gathering the client's browser 104 * information.<br/> 105 * The easiest way is just to extend {@link BrowserInfoPage} and provide your own markup file 106 * 107 * @return the {@link WebPage} which should be used while gathering browser info 108 */ 109 protected WebPage newBrowserInfoPage() 110 { 111 return new BrowserInfoPage(); 112 } 113 114 @Override 115 protected String generateNewSessionId() 116 { 117 ServletWebRequest servletRequest = (ServletWebRequest)RequestCycle.get().getRequest(); 118 HttpServletRequest httpRequest = servletRequest.getContainerRequest(); 119 120 return httpRequest.changeSessionId(); 121 } 122}