com.atlassian.jira.web.filters.accesslog
Class AtlassianSessionIdUtil
java.lang.Object
com.atlassian.jira.web.filters.accesslog.AtlassianSessionIdUtil
public class AtlassianSessionIdUtil
- extends Object
You can use this to generate a hash of the JSESSIONID so we can get session specific information into logs without
giving away the keys to the house!
- Since:
- v3.13.2
Method Summary |
static String |
generateASESSIONID(String sessionId)
This will generate a hashed version of the passed in HttpSession sessionId
It will be returned in the form digestEncodedValue-hexEncodedValue |
static String |
generateAtlassianSessionHash(javax.servlet.http.HttpServletRequest httpServletRequest,
javax.servlet.http.HttpServletResponse httpServletResponse)
This will look for an existing HTTP session and if its present, it will generate a ASESSIONID base on a hash of
the session's id. |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
ASESSIONID_NAME
public static final String ASESSIONID_NAME
- See Also:
- Constant Field Values
JSESSIONID_NAME
public static final String JSESSIONID_NAME
- See Also:
- Constant Field Values
AtlassianSessionIdUtil
public AtlassianSessionIdUtil()
generateAtlassianSessionHash
public static String generateAtlassianSessionHash(javax.servlet.http.HttpServletRequest httpServletRequest,
javax.servlet.http.HttpServletResponse httpServletResponse)
- This will look for an existing HTTP session and if its present, it will generate a ASESSIONID base on a hash of
the session's id.
It will check in the session for such a beast, and hence only calculate it once and its lifecycle is therefore
properly tied to the session itself.
We can then safely put this ASESSIONID in the logs and let someone upstream, say in a proxy, examine it.
CALLING NOTES - This method MUST be invoked before any content output is sent to the client. It sets cookies
etc. and hence it needs the response to be be in a suitable state. It is expected that this method will be
called early on in say a filter.
- Parameters:
httpServletRequest
- the HTTP requesthttpServletResponse
- the HTTP response
- Returns:
- the atlassian session id hash or null if there is no session (it does not exist) or if the hash of the
session id cannot be generated (e.g. if the sessions id is null, which should not happen)
generateASESSIONID
public static String generateASESSIONID(String sessionId)
- This will generate a hashed version of the passed in HttpSession sessionId
It will be returned in the form digestEncodedValue-hexEncodedValue
- Parameters:
sessionId
- the session id string
- Returns:
- a hashed version of that session string or null if the input is null
Copyright © 2002-2012 Atlassian. All Rights Reserved.