org.springframework.web.servlet.mvc.AbstractController Maven / Gradle / Ivy
/*
* Copyright 2002-2018 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* https://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.web.servlet.mvc;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.springframework.http.HttpMethod;
import org.springframework.lang.Nullable;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.support.WebContentGenerator;
import org.springframework.web.util.WebUtils;
/**
* Convenient superclass for controller implementations, using the Template Method
* design pattern.
*
* Workflow
* (and that defined by interface):
*
* - {@link #handleRequest(HttpServletRequest, HttpServletResponse) handleRequest()}
* will be called by the DispatcherServlet
* - Inspection of supported methods (ServletException if request method
* is not support)
* - If session is required, try to get it (ServletException if not found)
* - Set caching headers if needed according to the cacheSeconds property
* - Call abstract method
* {@link #handleRequestInternal(HttpServletRequest, HttpServletResponse) handleRequestInternal()}
* (optionally synchronizing around the call on the HttpSession),
* which should be implemented by extending classes to provide actual
* functionality to return {@link org.springframework.web.servlet.ModelAndView ModelAndView} objects.
*
*
* Exposed configuration properties
* (and those defined by interface):
*
*
* name
* default
* description
*
*
* supportedMethods
* GET,POST
* comma-separated (CSV) list of methods supported by this controller,
* such as GET, POST and PUT
*
*
* requireSession
* false
* whether a session should be required for requests to be able to
* be handled by this controller. This ensures that derived controller
* can - without fear of null pointers - call request.getSession() to
* retrieve a session. If no session can be found while processing
* the request, a ServletException will be thrown
*
*
* cacheSeconds
* -1
* indicates the amount of seconds to include in the cache header
* for the response following on this request. 0 (zero) will include
* headers for no caching at all, -1 (the default) will not generate
* any headers and any positive number will generate headers
* that state the amount indicated as seconds to cache the content
*
*
* synchronizeOnSession
* false
* whether the call to {@code handleRequestInternal} should be
* synchronized around the HttpSession, to serialize invocations
* from the same client. No effect if there is no HttpSession.
*
*
*
*
* @author Rod Johnson
* @author Juergen Hoeller
* @author Rossen Stoyanchev
* @see WebContentInterceptor
*/
public abstract class AbstractController extends WebContentGenerator implements Controller {
private boolean synchronizeOnSession = false;
/**
* Create a new AbstractController which supports
* HTTP methods GET, HEAD and POST by default.
*/
public AbstractController() {
this(true);
}
/**
* Create a new AbstractController.
* @param restrictDefaultSupportedMethods {@code true} if this
* controller should support HTTP methods GET, HEAD and POST by default,
* or {@code false} if it should be unrestricted
* @since 4.3
*/
public AbstractController(boolean restrictDefaultSupportedMethods) {
super(restrictDefaultSupportedMethods);
}
/**
* Set if controller execution should be synchronized on the session,
* to serialize parallel invocations from the same client.
* More specifically, the execution of the {@code handleRequestInternal}
* method will get synchronized if this flag is "true". The best available
* session mutex will be used for the synchronization; ideally, this will
* be a mutex exposed by HttpSessionMutexListener.
*
The session mutex is guaranteed to be the same object during
* the entire lifetime of the session, available under the key defined
* by the {@code SESSION_MUTEX_ATTRIBUTE} constant. It serves as a
* safe reference to synchronize on for locking on the current session.
*
In many cases, the HttpSession reference itself is a safe mutex
* as well, since it will always be the same object reference for the
* same active logical session. However, this is not guaranteed across
* different servlet containers; the only 100% safe way is a session mutex.
* @see AbstractController#handleRequestInternal
* @see org.springframework.web.util.HttpSessionMutexListener
* @see org.springframework.web.util.WebUtils#getSessionMutex(javax.servlet.http.HttpSession)
*/
public final void setSynchronizeOnSession(boolean synchronizeOnSession) {
this.synchronizeOnSession = synchronizeOnSession;
}
/**
* Return whether controller execution should be synchronized on the session.
*/
public final boolean isSynchronizeOnSession() {
return this.synchronizeOnSession;
}
@Override
@Nullable
public ModelAndView handleRequest(HttpServletRequest request, HttpServletResponse response)
throws Exception {
if (HttpMethod.OPTIONS.matches(request.getMethod())) {
response.setHeader("Allow", getAllowHeader());
return null;
}
// Delegate to WebContentGenerator for checking and preparing.
checkRequest(request);
prepareResponse(response);
// Execute handleRequestInternal in synchronized block if required.
if (this.synchronizeOnSession) {
HttpSession session = request.getSession(false);
if (session != null) {
Object mutex = WebUtils.getSessionMutex(session);
synchronized (mutex) {
return handleRequestInternal(request, response);
}
}
}
return handleRequestInternal(request, response);
}
/**
* Template method. Subclasses must implement this.
* The contract is the same as for {@code handleRequest}.
* @see #handleRequest
*/
@Nullable
protected abstract ModelAndView handleRequestInternal(HttpServletRequest request, HttpServletResponse response)
throws Exception;
}