• Home
• com.github.skarpushin
• summerb
• 2.5.11
• source code
• RestInvalidSessionStrategy.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

org.summerb.approaches.springmvc.security.implsrest.RestInvalidSessionStrategy Maven / Gradle / Ivy

package org.summerb.approaches.springmvc.security.implsrest;

import java.io.IOException;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.security.web.session.InvalidSessionStrategy;
import org.summerb.approaches.security.api.dto.NotAuthorizedResult;
import org.summerb.approaches.springmvc.security.SecurityMessageCodes;
import org.summerb.approaches.springmvc.security.apis.JsonResponseWriter;

public class RestInvalidSessionStrategy implements InvalidSessionStrategy {
	private JsonResponseWriter jsonResponseHelper;

	public RestInvalidSessionStrategy() {
		jsonResponseHelper = new JsonResponseWriterGsonImpl();
	}

	public RestInvalidSessionStrategy(JsonResponseWriter jsonResponseHelper) {
		this.jsonResponseHelper = jsonResponseHelper;
	}

	@Override
	public void onInvalidSessionDetected(HttpServletRequest request, HttpServletResponse response)
			throws IOException, ServletException {
		// create new session, which will result in JSESSIONID coockie reset
		request.getSession();

		// Report that session changed and need to reestablish request
		response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
		jsonResponseHelper.writeResponseBody(new NotAuthorizedResult("anonymous", SecurityMessageCodes.INVALID_SESSION),
				response);
	}

}