You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2017/11/11 20:54:58 UTC

svn commit: r1814973 - in /tomcat/trunk: java/org/apache/catalina/filters/SessionInitializerFilter.java webapps/docs/changelog.xml webapps/docs/config/filter.xml

Author: markt
Date: Sat Nov 11 20:54:58 2017
New Revision: 1814973

URL: http://svn.apache.org/viewvc?rev=1814973&view=rev
Log:
Provide the SessionInitializerFilter that can be used to ensure that an HTTP session exists when initiating a WebSocket connection.
Patch provided by isapir.
This closes #76

Added:
    tomcat/trunk/java/org/apache/catalina/filters/SessionInitializerFilter.java   (with props)
Modified:
    tomcat/trunk/webapps/docs/changelog.xml
    tomcat/trunk/webapps/docs/config/filter.xml

Added: tomcat/trunk/java/org/apache/catalina/filters/SessionInitializerFilter.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/filters/SessionInitializerFilter.java?rev=1814973&view=auto
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/filters/SessionInitializerFilter.java (added)
+++ tomcat/trunk/java/org/apache/catalina/filters/SessionInitializerFilter.java Sat Nov 11 20:54:58 2017
@@ -0,0 +1,61 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.catalina.filters;
+
+import java.io.IOException;
+
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpSession;
+
+/**
+ * A {@link javax.servlet.Filter} that initializes the {@link HttpSession} for
+ * the {@link HttpServletRequest} by calling its getSession() method.
+ * <p>
+ * This is required for some operations with WebSocket requests, where it is
+ * too late to initialize the HttpSession object, and the current Java WebSocket
+ * specification does not provide a way to do so.
+ */
+public class SessionInitializerFilter implements Filter {
+
+    /**
+     * Calls {@link HttpServletRequest}'s getSession() to initialize the
+     * HttpSession and continues processing the chain.
+     *
+     * @param request  The request to process
+     * @param response The response associated with the request
+     * @param chain    Provides access to the next filter in the chain for this
+     *                 filter to pass the request and response to for further
+     *                 processing
+     * @throws IOException      if an I/O error occurs during this filter's
+     *                          processing of the request
+     * @throws ServletException if the processing fails for any other reason
+     */
+    @Override
+    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
+            throws IOException, ServletException {
+
+        ((HttpServletRequest)request).getSession();
+
+        chain.doFilter(request, response);
+    }
+
+}

Propchange: tomcat/trunk/java/org/apache/catalina/filters/SessionInitializerFilter.java
------------------------------------------------------------------------------
    svn:eol-style = native

Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1814973&r1=1814972&r2=1814973&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Sat Nov 11 20:54:58 2017
@@ -63,6 +63,11 @@
       <fix>
         <bug>61681</bug>: Allow HTTP/2 push when using request wrapping. (remm)
       </fix>
+      <add>
+        Provide the <code>SessionInitializerFilter</code> that can be used to
+        ensure that an HTTP session exists when initiating a WebSocket
+        connection. Patch provided by isapir. (markt)
+      </add>
     </changelog>
   </subsection>
   <subsection name="Coyote">

Modified: tomcat/trunk/webapps/docs/config/filter.xml
URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/filter.xml?rev=1814973&r1=1814972&r2=1814973&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/config/filter.xml (original)
+++ tomcat/trunk/webapps/docs/config/filter.xml Sat Nov 11 20:54:58 2017
@@ -1592,6 +1592,46 @@ org.apache.catalina.filters.RequestDumpe
   </subsection>
 </section>
 
+<section name="Session Initializer Filter">
+
+  <subsection name="Introduction">
+    <p>The Session Initializer Filter initializes the <code>javax.servlet.http.HttpSession</code>
+    before the Request is processed.  This is required for JSR-356 compliant WebSocket implementations,
+    if the <code>HttpSession</code> is needed during the HandShake phase.</p>
+
+    <p>The Java API for WebSocket does not mandate that an <code>HttpSession</code> would
+    be initialized upon request, and thus <code>javax.servlet.http.HttpServletRequest</code>'s
+    <code>getSession()</code> returns <code>null</code> if the <code>HttpSession</code> was not
+    initialized in advance.</p>
+
+    <p>This filter solves that problem by initializing the HttpSession for any <code>HttpServletRequest</code>
+    that matches its <code>url-pattern</code>.</p>
+  </subsection>
+
+  <subsection name="Filter Class Name">
+    <p>The filter class name for the Session Initializer Filter is
+    <strong><code>org.apache.catalina.filters.SessionInitializerFilter</code></strong>.</p>
+  </subsection>
+
+  <subsection name="Initialisation parameters">
+    <p>The Session Initializer Filter does not support any initialization parameters.</p>
+  </subsection>
+
+  <subsection name="Sample Configuration">
+    <p>The following entries in the Web Application Deployment Descriptor, <strong>web.xml</strong>,
+    would enable the Session Initializer Filter for requests that match the given URL pattern
+    (in this example, "/ws/*").</p>
+
+    <source><![CDATA[<filter>
+    <filter-name>SessionInitializer</filter-name>
+    <filter-class>org.apache.catalina.filters.SessionInitializerFilter</filter-class>
+</filter>
+<filter-mapping>
+    <filter-name>SessionInitializer</filter-name>
+    <url-pattern>/ws/*</url-pattern>
+</filter-mapping>]]></source>
+    </subsection>
+</section>
 
 <section name="Set Character Encoding Filter">
 



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org