Session.java

package org.jboss.seam.web;

import org.jboss.seam.Component;
import org.jboss.seam.ScopeType;
import org.jboss.seam.annotations.Name;
import org.jboss.seam.annotations.Scope;
import org.jboss.seam.annotations.Startup;
import org.jboss.seam.annotations.intercept.BypassInterceptors;
import org.jboss.seam.contexts.Contexts;
import org.jboss.seam.core.AbstractMutable;

/**
 * Controls HttpSession invalidation in any
 * servlet or JSF environment. Since Seam
 * keeps internal state in the HttpSession,
 * it is illegal to call HttpSession.invalidate()
 * while Seam contexts are active.
 * 
 * Applications using Seam security should call
 * Identity.logout() instead of calling this
 * component directly.
 * 
 * @author Gavin King
 *
 */
@Scope(ScopeType.SESSION)
@Name("org.jboss.seam.web.session")
@BypassInterceptors
@Startup
public class Session extends AbstractMutable
{
   private boolean isInvalid;
   private boolean invalidateOnSchemeChange;
   private String currentScheme;

   /**
    * Is HttpSession invalidation scheduled
    * for the end of this request?
    */
   public boolean isInvalid()
   {
      return isInvalid;
   }

   /**
    * Schedule HttpSession invalidation at the
    * end of the request.
    *
    */
   public void invalidate()
   {
      this.isInvalid = true;
      setDirty();
   }
   
   /**
    * Should we invalidate the session due to a change in
    * the request scheme?
    * 
    * @param requestScheme the scheme of the current request
    * @return true if we should invalidate the session
    */
   public boolean isInvalidDueToNewScheme(String requestScheme)
   {
      if (invalidateOnSchemeChange)
      {
         if ( currentScheme==null )
         {
            currentScheme = requestScheme;
            setDirty();
            return false;
         }
         else if ( !currentScheme.equals(requestScheme) )
         {
            currentScheme = requestScheme;
            setDirty();
            return true;
         }
         else
         {
            return false;
         }
      }
      else
      {
         return false;
      }
   }

   /**
    * Is session invalidation on scheme change enabled?
    */
   public boolean isInvalidateOnSchemeChange()
   {
      return invalidateOnSchemeChange;
   }

   /**
    * Enable or disable session invalidation on scheme change?
    */
   public void setInvalidateOnSchemeChange(boolean invalidateOnSchemeChange)
   {
      setDirty();
      this.invalidateOnSchemeChange = invalidateOnSchemeChange;
   }
   
   public static Session instance()
   {
      if ( !Contexts.isSessionContextActive() )
      {
         throw new IllegalStateException("No active session context");
      }
      return (Session) Component.getInstance(Session.class, ScopeType.SESSION);
   }

   public static Session getInstance()
   {
      if ( !Contexts.isSessionContextActive() )
      {
         throw new IllegalStateException("No active session context");
      }
      return (Session) Component.getInstance(Session.class, ScopeType.SESSION, false);
   }

}