package org.jboss.seam.security.session;import javax.enterprise.event.Observ

1. package org.jboss.seam.security.session;
2.  
3. import javax.enterprise.event.Observes;
4. import javax.inject.Inject;
5. import javax.servlet.http.HttpServletRequest;
6. import javax.servlet.http.HttpSession;
7.  
8. import org.jboss.seam.servlet.event.Destroyed;
9. import org.jboss.seam.servlet.event.Initialized;
10.  
11. public class SessionManagerImpl implements SessionManager
12. {
13.  
14. @Inject
15. private SessionStore sessionStore;
16.  
17. @Override
18. public void register(Session session)
19. {
20. sessionStore.persist(session);
21. }
22.  
23. @Override
24. public Session unregister(String id)
25. {
26. Session session = sessionStore.findById(id);
27. if (session != null)
28. {
29. sessionStore.remove(session);
30. }
31. return session;
32. }
33.  
34. @Override
35. public boolean isSessionRegistered(String id)
36. {
37. return sessionStore.sessionExists(id);
38. }
39.  
40. @Override
41. public void invalidateSession(String sessionId)
42. {
43. Session session = sessionStore.findById(sessionId);
44. if (session != null)
45. {
46. session.invalidate();
47. sessionStore.persist(session);
48. }
49. }
50.  
51. @Override
52. public boolean isSessionValid(String sessionId)
53. {
54. Session session = sessionStore.findById(sessionId);
55. if (session != null)
56. {
57. return session.isValid();
58. }
59. return false;
60. }
61.  
62. void sessionInit(@Observes @Initialized HttpSession session)
63. {
64. // TODO
65. }
66.  
67. void sessionDestroyed(@Observes @Destroyed HttpSession session)
68. {
69. unregister(session.getId());
70. }
71.  
72. void requestInit(@Observes @Initialized HttpServletRequest request)
73. {
74. HttpSession session = request.getSession(false);
75. if (session != null)
76. {
77. if (!isSessionValid(session.getId()))
78. {
79. // session is marked as invalid. invalidate this session now.
80. session.invalidate();
81. }
82. }
83. }
84. }