• Home
• org.owasp
• security-logging
• 0.0.1
• source code
• SessionPlugin.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

org.owasp.security.logging.mdc.SessionPlugin Maven / Gradle / Ivy

package org.owasp.security.logging.mdc;

import javax.servlet.FilterConfig;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.owasp.security.logging.Utils;
import org.slf4j.MDC;

/**
 * This plugin adds a hash of the session ID to the MDC. The value can 
 * be accessed in a PatternLayout by using the specifier: %X{session}
 *
 * @author August Detlefsen [[email protected]]
 */
public class SessionPlugin implements IPlugin {

    public void init(FilterConfig config) {
    }
    
    public void execute(HttpServletRequest request) {
        HttpSession session = request.getSession();
        if (session != null) {
            //capture (a hash of) the session ID
            String hashedSession = Utils.toSHA(session.getId());
            MDC.put("session", hashedSession);
        }
    }

}