Skip to content

Commit

Permalink
fix ISE in ServletSessionStore
Browse files Browse the repository at this point in the history
  • Loading branch information
leleuj committed Aug 11, 2023
1 parent 2056628 commit c0b55af
Show file tree
Hide file tree
Showing 2 changed files with 45 additions and 23 deletions.
4 changes: 2 additions & 2 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -7,10 +7,10 @@ env:
on:
push:
branches:
- master
- 5.0.x
pull_request:
branches:
- master
- 5.0.x

permissions:
contents: read
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -22,39 +22,56 @@ public class ServletSessionStore implements SessionStore {

protected HttpSession httpSession;

protected ServletSessionStore() {
}
protected ServletSessionStore() {}

protected ServletSessionStore(final HttpSession httpSession) {
this.httpSession = httpSession;
}

public HttpSession getHttpSession(WebContext context) {
public HttpSession getHttpSession(final WebContext context) {
assert context instanceof ServletJaxRsContext;
return ((ServletJaxRsContext) context).getRequest().getSession();
try {
return ((ServletJaxRsContext) context).getRequest().getSession();
} catch (final IllegalStateException e) {
return null;
}
}

@Override
public Optional<Object> get(WebContext context, String key) {
return Optional.ofNullable(getHttpSession(context).getAttribute(key));
public Optional<Object> get(final WebContext context, final String key) {
final HttpSession session = getHttpSession(context);

if (session == null) {
return Optional.empty();
}

return Optional.ofNullable(session.getAttribute(key));
}

@Override
public void set(WebContext context, String key, Object value) {
if (value == null) {
getHttpSession(context).removeAttribute(key);
} else {
getHttpSession(context).setAttribute(key, value);
public void set(final WebContext context, final String key, final Object value) {
final HttpSession session = getHttpSession(context);

if (session != null) {
if (value == null) {
session.removeAttribute(key);
} else {
session.setAttribute(key, value);
}
}
}

@Override
public boolean destroySession(WebContext context) {
final HttpSession session = getHttpSession(context);

session.invalidate();
if (session != null) {
session.invalidate();

return true;
}

return true;
return false;
}

@Override
Expand All @@ -65,17 +82,22 @@ public Optional<Object> getTrackableSession(WebContext context) {
@Override
public boolean renewSession(WebContext context) {
final HttpSession session = getHttpSession(context);
final Map<String, Object> attributes = new HashMap<>();
Collections.list(session.getAttributeNames()).forEach(k -> attributes.put(k, session.getAttribute(k)));

session.invalidate();
if (session != null) {
final Map<String, Object> attributes = new HashMap<>();
Collections.list(session.getAttributeNames()).forEach(k -> attributes.put(k, session.getAttribute(k)));

// let's recreate the session from zero, the previous becomes
// generally unusable depending on the servlet implementation
final HttpSession newSession = getHttpSession(context);
attributes.forEach(newSession::setAttribute);
session.invalidate();

// let's recreate the session from zero, the previous becomes
// generally unusable depending on the servlet implementation
final HttpSession newSession = getHttpSession(context);
attributes.forEach(newSession::setAttribute);

return true;
}

return true;
return false;
}

@Override
Expand Down

0 comments on commit c0b55af

Please sign in to comment.