public class HttpSessionPentahoSessionIntegrationFilter extends Object implements javax.servlet.Filter, org.springframework.beans.factory.InitializingBean
PentahoSessionHolder
with information obtained from the HttpSession
.
Originally this functionality existed in PentahoHttpRequestListener but has been moved here. Javadoc for that class:
In a J2EE environment, sets the Pentaho session statically per request so the session can be retrieved by other consumers within the same request without having it passed to them explicitly. -- aphillips
There are two reasons that this is a Filter
and not a ServletRequestListener
:
This implementation is based on org.springframework.security.context.HttpSessionContextIntegrationFilter
.
The HttpSession
will be queried to retrieve the IPentahoSession
that should be stored
against the PentahoSessiontHolder
for the duration of the web request. At the end of the web request,
any updates made to the PentahoSessionHolder
will be persisted back to the HttpSession
by
this filter.
HttpSession
will be created by this filter if one does not already exist. If at the end of the web
request the HttpSession
does not exist, a HttpSession
will only be created if the
current Pentaho session in PentahoSessionHolder
is not null. This avoids needless
HttpSession
creation, but automates the storage of changes made to the PentahoSessionHolder
. There is one exception to this rule, that is if the forceEagerSessionCreation
property is
true
, in which case sessions will always be created irrespective of normal session-minimization logic
(the default is false
, as this is resource intensive and not recommended).
This filter will only execute once per request, to resolve servlet container (specifically Weblogic)
incompatibilities.
If for whatever reason no HttpSession
should ever be created (eg this filter is only being used
with Basic authentication or similar clients that will never present the same jsessionid
etc), the
setAllowSessionCreation(boolean)
should be set to false
. Only do this if you really need to
conserve server memory and ensure all classes using the PentahoSessionHolder
are designed to have no
persistence of the Pentaho session between web requests. Please note that if forceEagerSessionCreation
is
true
, the allowSessionCreation
must also be true
(setting it to
false
will cause a startup time error).
This filter MUST be executed BEFORE any code that expects the PentahoSessionHolder
to contain a valid
IPentahoSession
by the time they execute.
Constructor and Description |
---|
HttpSessionPentahoSessionIntegrationFilter() |
Modifier and Type | Method and Description |
---|---|
void |
afterPropertiesSet() |
void |
destroy()
Does nothing.
|
void |
doFilter(javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response,
javax.servlet.FilterChain chain) |
void |
init(javax.servlet.FilterConfig filterConfig)
Does nothing.
|
boolean |
isAllowSessionCreation() |
boolean |
isForceEagerSessionCreation() |
void |
setAllowSessionCreation(boolean allowSessionCreation) |
void |
setCallSetAuthenticatedForAnonymousUsers(boolean callSetAuthenticatedForAnonymousUsers) |
void |
setForceEagerSessionCreation(boolean forceEagerSessionCreation) |
public HttpSessionPentahoSessionIntegrationFilter()
public void init(javax.servlet.FilterConfig filterConfig) throws javax.servlet.ServletException
init
in interface javax.servlet.Filter
filterConfig
- ignoredjavax.servlet.ServletException
- ignoredpublic void destroy()
destroy
in interface javax.servlet.Filter
public void afterPropertiesSet() throws Exception
afterPropertiesSet
in interface org.springframework.beans.factory.InitializingBean
Exception
public void doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain chain) throws IOException, javax.servlet.ServletException
doFilter
in interface javax.servlet.Filter
IOException
javax.servlet.ServletException
public boolean isAllowSessionCreation()
public void setAllowSessionCreation(boolean allowSessionCreation)
public boolean isForceEagerSessionCreation()
public void setForceEagerSessionCreation(boolean forceEagerSessionCreation)
public void setCallSetAuthenticatedForAnonymousUsers(boolean callSetAuthenticatedForAnonymousUsers)