/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.catalina.session;
import java.beans.PropertyChangeEvent;
import java.beans.PropertyChangeListener;
import java.io.BufferedInputStream;
import java.io.BufferedOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.security.AccessController;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.ArrayList;
import java.util.Iterator;
import javax.servlet.ServletContext;
import org.apache.catalina.Container;
import org.apache.catalina.Context;
import org.apache.catalina.Globals;
import org.apache.catalina.Lifecycle;
import org.apache.catalina.LifecycleException;
import org.apache.catalina.LifecycleListener;
import org.apache.catalina.Loader;
import org.apache.catalina.Session;
import org.apache.catalina.util.CustomObjectInputStream;
import org.apache.catalina.util.LifecycleSupport;
import org.apache.juli.logging.Log;
import org.apache.catalina.security.SecurityUtil;
/**
* Standard implementation of the <b>Manager</b> interface that provides
* simple session persistence across restarts of this component (such as
* when the entire server is shut down and restarted, or when a particular
* web application is reloaded.
* <p>
* <b>IMPLEMENTATION NOTE</b>: Correct behavior of session storing and
* reloading depends upon external calls to the <code>start()</code> and
* <code>stop()</code> methods of this class at the correct times.
*
* @author Craig R. McClanahan
* @author Jean-Francois Arcand
*
*/
public class StandardManager
extends ManagerBase
implements Lifecycle, PropertyChangeListener {
// ---------------------------------------------------- Security Classes
private class PrivilegedDoLoad
implements PrivilegedExceptionAction<Void> {
PrivilegedDoLoad() {
}
public Void run() throws Exception{
doLoad();
return null;
}
}
private class PrivilegedDoUnload
implements PrivilegedExceptionAction<Void> {
PrivilegedDoUnload() {
}
public Void run() throws Exception{
doUnload();
return null;
}
}
// ----------------------------------------------------- Instance Variables
/**
* The descriptive information about this implementation.
*/
protected static final String info = "StandardManager/1.0";
/**
* The lifecycle event support for this component.
*/
protected LifecycleSupport lifecycle = new LifecycleSupport(this);
/**
* The maximum number of active Sessions allowed, or -1 for no limit.
*/
protected int maxActiveSessions = -1;
/**
* The descriptive name of this Manager implementation (for logging).
*/
protected static String name = "StandardManager";
/**
* Path name of the disk file in which active sessions are saved
* when we stop, and from which these sessions are loaded when we start.
* A <code>null</code> value indicates that no persistence is desired.
* If this pathname is relative, it will be resolved against the
* temporary working directory provided by our context, available via
* the <code>javax.servlet.context.tempdir</code> context attribute.
*/
protected String pathname = "SESSIONS.ser";
/**
* Has this component been started yet?
*/
protected boolean started = false;
/**
* Number of session creations that failed due to maxActiveSessions.
*/
protected int rejectedSessions = 0;
/**
* Processing time during session expiration.
*/
protected long processingTime = 0;
// ------------------------------------------------------------- Properties
/**
* Set the Container with which this Manager has been associated. If
* it is a Context (the usual case), listen for changes to the session
* timeout property.
*
* @param container The associated Container
*/
@Override
public void setContainer(Container container) {
// De-register from the old Container (if any)
if ((this.container != null) && (this.container instanceof Context))
((Context) this.container).removePropertyChangeListener(this);
// Default processing provided by our superclass
super.setContainer(container);
// Register with the new Container (if any)
if ((this.container != null) && (this.container instanceof Context)) {
((Context) this.container).addPropertyChangeListener(this);
}
}
/**
* Return descriptive information about this Manager implementation and
* the corresponding version number, in the format
* <code><description>/<version></code>.
*/
@Override
public String getInfo() {
return info;
}
/**
* Return the maximum number of active Sessions allowed, or -1 for
* no limit.
*/
public int getMaxActiveSessions() {
return (this.maxActiveSessions);
}
/** Number of session creations that failed due to maxActiveSessions
*
* @return The count
*/
public int getRejectedSessions() {
return rejectedSessions;
}
public void setRejectedSessions(int rejectedSessions) {
this.rejectedSessions = rejectedSessions;
}
/**
* Set the maximum number of actives Sessions allowed, or -1 for
* no limit.
*
* @param max The new maximum number of sessions
*/
public void setMaxActiveSessions(int max) {
int oldMaxActiveSessions = this.maxActiveSessions;
this.maxActiveSessions = max;
support.firePropertyChange("maxActiveSessions",
new Integer(oldMaxActiveSessions),
new Integer(this.maxActiveSessions));
}
/**
* Return the descriptive short name of this Manager implementation.
*/
@Override
public String getName() {
return name;
}
/**
* @return The session persistence pathname, if any.
*/
public String getPathname() {
return pathname;
}
/**
* Set the session persistence pathname to the specified value. If no
* persistence support is desired, set the pathname to <code>null</code>.
*
* @param pathname New session persistence pathname
*/
public void setPathname(String pathname) {
String oldPathname = this.pathname;
this.pathname = pathname;
support.firePropertyChange("pathname", oldPathname, this.pathname);
}
// --------------------------------------------------------- Public Methods
/**
* Construct and return a new session object, based on the default
* settings specified by this Manager's properties. The session
* id will be assigned by this method, and available via the getId()
* method of the returned session. If a new session cannot be created
* for any reason, return <code>null</code>.
*
* @exception IllegalStateException if a new session cannot be
* instantiated for any reason
*/
@Override
public Session createSession(String sessionId) {
if ((maxActiveSessions >= 0) &&
(sessions.size() >= maxActiveSessions)) {
rejectedSessions++;
throw new TooManyActiveSessionsException(
sm.getString("standardManager.createSession.ise"),
maxActiveSessions);
}
return (super.createSession(sessionId));
}
/**
* Load any currently active sessions that were previously unloaded
* to the appropriate persistence mechanism, if any. If persistence is not
* supported, this method returns without doing anything.
*
* @exception ClassNotFoundException if a serialized class cannot be
* found during the reload
* @exception IOException if an input/output error occurs
*/
public void load() throws ClassNotFoundException, IOException {
if (SecurityUtil.isPackageProtectionEnabled()){
try{
AccessController.doPrivileged( new PrivilegedDoLoad() );
} catch (PrivilegedActionException ex){
Exception exception = ex.getException();
if (exception instanceof ClassNotFoundException) {
throw (ClassNotFoundException)exception;
} else if (exception instanceof IOException) {
throw (IOException)exception;
}
if (log.isDebugEnabled()) {
log.debug("Unreported exception in load() ", exception);
}
}
} else {
doLoad();
}
}
/**
* Load any currently active sessions that were previously unloaded
* to the appropriate persistence mechanism, if any. If persistence is not
* supported, this method returns without doing anything.
*
* @exception ClassNotFoundException if a serialized class cannot be
* found during the reload
* @exception IOException if an input/output error occurs
*/
protected void doLoad() throws ClassNotFoundException, IOException {
if (log.isDebugEnabled()) {
log.debug("Start: Loading persisted sessions");
}
// Initialize our internal data structures
sessions.clear();
// Open an input stream to the specified pathname, if any
File file = file();
if (file == null) {
return;
}
if (log.isDebugEnabled()) {
log.debug(sm.getString("standardManager.loading", pathname));
}
FileInputStream fis = null;
BufferedInputStream bis = null;
ObjectInputStream ois = null;
Loader loader = null;
ClassLoader classLoader = null;
Log logger = null;
try {
fis = new FileInputStream(file.getAbsolutePath());
bis = new BufferedInputStream(fis);
loader = container.getLoader();
logger = container.getLogger();
if (loader != null) {
classLoader = loader.getClassLoader();
}
if (classLoader == null) {
classLoader = getClass().getClassLoader();
}
ois = new CustomObjectInputStream(bis, classLoader, logger,
getSessionAttributeValueClassNamePattern(),
getWarnOnSessionAttributeFilterFailure());
} catch (FileNotFoundException e) {
if (log.isDebugEnabled()) {
log.debug("No persisted data file found");
}
return;
} catch (IOException e) {
log.error(sm.getString("standardManager.loading.ioe", e), e);
if (bis != null) {
try {
bis.close();
} catch (IOException f) {
// Ignore
}
} else if (fis != null) {
try {
fis.close();
} catch (IOException f) {
// Ignore
}
}
throw e;
}
// Load the previously unloaded active sessions
synchronized (sessions) {
try {
Integer count = (Integer) ois.readObject();
int n = count.intValue();
if (log.isDebugEnabled())
log.debug("Loading " + n + " persisted sessions");
for (int i = 0; i < n; i++) {
StandardSession session = getNewSession();
session.readObjectData(ois);
session.setManager(this);
sessions.put(session.getIdInternal(), session);
session.activate();
if (!session.isValidInternal()) {
// If session is already invalid,
// expire session to prevent memory leak.
session.setValid(true);
session.expire();
}
sessionCounter++;
}
} catch (ClassNotFoundException e) {
log.error(sm.getString("standardManager.loading.cnfe", e), e);
try {
ois.close();
} catch (IOException f) {
// Ignore
}
throw e;
} catch (IOException e) {
log.error(sm.getString("standardManager.loading.ioe", e), e);
try {
ois.close();
} catch (IOException f) {
// Ignore
}
throw e;
} finally {
// Close the input stream
try {
ois.close();
} catch (IOException e) {
// ignored
}
// Delete the persistent storage file
if (file.exists()) {
file.delete();
}
}
}
if (log.isDebugEnabled()) {
log.debug("Finish: Loading persisted sessions");
}
}
/**
* Save any currently active sessions in the appropriate persistence
* mechanism, if any. If persistence is not supported, this method
* returns without doing anything.
*
* @exception IOException if an input/output error occurs
*/
public void unload() throws IOException {
if (SecurityUtil.isPackageProtectionEnabled()) {
try {
AccessController.doPrivileged(new PrivilegedDoUnload());
} catch (PrivilegedActionException ex){
Exception exception = ex.getException();
if (exception instanceof IOException) {
throw (IOException)exception;
}
if (log.isDebugEnabled()) {
log.debug("Unreported exception in unLoad()", exception);
}
}
} else {
doUnload();
}
}
/**
* Save any currently active sessions in the appropriate persistence
* mechanism, if any. If persistence is not supported, this method
* returns without doing anything.
*
* @exception IOException if an input/output error occurs
*/
protected void doUnload() throws IOException {
if (log.isDebugEnabled())
log.debug(sm.getString("standardManager.unloading.debug"));
if (sessions.isEmpty()) {
log.debug(sm.getString("standardManager.unloading.nosessions"));
return; // nothing to do
}
// Open an output stream to the specified pathname, if any
File file = file();
if (file == null) {
return;
}
if (log.isDebugEnabled()) {
log.debug(sm.getString("standardManager.unloading", pathname));
}
FileOutputStream fos = null;
ObjectOutputStream oos = null;
try {
fos = new FileOutputStream(file.getAbsolutePath());
oos = new ObjectOutputStream(new BufferedOutputStream(fos));
} catch (IOException e) {
log.error(sm.getString("standardManager.unloading.ioe", e), e);
if (fos != null) {
try {
fos.close();
} catch (IOException f) {
// Ignore
}
}
throw e;
}
// Write the number of active sessions, followed by the details
ArrayList<Session> list = new ArrayList<Session>();
synchronized (sessions) {
if (log.isDebugEnabled()) {
log.debug("Unloading " + sessions.size() + " sessions");
}
try {
oos.writeObject(new Integer(sessions.size()));
Iterator<Session> elements = sessions.values().iterator();
while (elements.hasNext()) {
StandardSession session = (StandardSession) elements.next();
list.add(session);
session.passivate();
session.writeObjectData(oos);
}
} catch (IOException e) {
log.error(sm.getString("standardManager.unloading.ioe", e), e);
try {
oos.close();
} catch (IOException f) {
// Ignore
}
throw e;
}
}
// Flush and close the output stream
try {
oos.close();
} catch (IOException e) {
try {
oos.close();
} catch (IOException f) {
// Ignore
}
throw e;
}
// Expire all the sessions we just wrote
if (log.isDebugEnabled()) {
log.debug("Expiring " + list.size() + " persisted sessions");
}
Iterator<Session> expires = list.iterator();
while (expires.hasNext()) {
StandardSession session = (StandardSession) expires.next();
try {
session.expire(false);
} catch (Throwable t) {
// Ignore
} finally {
session.recycle();
}
}
if (log.isDebugEnabled()) {
log.debug("Unloading complete");
}
}
// ------------------------------------------------------ Lifecycle Methods
/**
* Add a lifecycle event listener to this component.
*
* @param listener The listener to add
*/
public void addLifecycleListener(LifecycleListener listener) {
lifecycle.addLifecycleListener(listener);
}
/**
* Get the lifecycle listeners associated with this lifecycle. If this
* Lifecycle has no listeners registered, a zero-length array is returned.
*/
public LifecycleListener[] findLifecycleListeners() {
return lifecycle.findLifecycleListeners();
}
/**
* Remove a lifecycle event listener from this component.
*
* @param listener The listener to remove
*/
public void removeLifecycleListener(LifecycleListener listener) {
lifecycle.removeLifecycleListener(listener);
}
/**
* Prepare for the beginning of active use of the public methods of this
* component. This method should be called after <code>configure()</code>,
* and before any of the public methods of the component are utilized.
*
* @exception LifecycleException if this component detects a fatal error
* that prevents this component from being used
*/
public void start() throws LifecycleException {
if( ! initialized )
init();
// Validate and update our current component state
if (started) {
return;
}
lifecycle.fireLifecycleEvent(START_EVENT, null);
started = true;
// Force initialization of the random number generator
if (log.isDebugEnabled())
log.debug("Force random number initialization starting");
generateSessionId();
if (log.isDebugEnabled())
log.debug("Force random number initialization completed");
// Load unloaded sessions, if any
try {
load();
} catch (Throwable t) {
log.error(sm.getString("standardManager.managerLoad"), t);
}
}
/**
* Gracefully terminate the active use of the public methods of this
* component. This method should be the last one called on a given
* instance of this component.
*
* @exception LifecycleException if this component detects a fatal error
* that needs to be reported
*/
public void stop() throws LifecycleException {
if (log.isDebugEnabled()) {
log.debug("Stopping");
}
// Validate and update our current component state
if (!started)
throw new LifecycleException
(sm.getString("standardManager.notStarted"));
lifecycle.fireLifecycleEvent(STOP_EVENT, null);
started = false;
// Write out sessions
try {
unload();
} catch (Throwable t) {
log.error(sm.getString("standardManager.managerUnload"), t);
}
// Expire all active sessions
Session sessions[] = findSessions();
for (int i = 0; i < sessions.length; i++) {
Session session = sessions[i];
try {
if (session.isValid()) {
session.expire();
}
} catch (Throwable t) {
// Ignore
} finally {
// Measure against memory leaking if references to the session
// object are kept in a shared field somewhere
session.recycle();
}
}
// Require a new random number generator if we are restarted
this.random = null;
if( initialized ) {
destroy();
}
}
// ----------------------------------------- PropertyChangeListener Methods
/**
* Process property change events from our associated Context.
*
* @param event The property change event that has occurred
*/
public void propertyChange(PropertyChangeEvent event) {
// no-op
}
// ------------------------------------------------------ Protected Methods
/**
* Return a File object representing the pathname to our
* persistence file, if any.
*/
protected File file() {
if (pathname == null || pathname.length() == 0) {
return null;
}
File file = new File(pathname);
if (!file.isAbsolute()) {
ServletContext servletContext = ((Context) container).getServletContext();
File tempdir = (File) servletContext.getAttribute(Globals.WORK_DIR_ATTR);
if (tempdir != null) {
file = new File(tempdir, pathname);
}
}
return file;
}
}