public class AtlassianSessionIdUtil extends Object
Modifier and Type | Field and Description |
---|---|
static String |
ASESSIONID_NAME |
static String |
JSESSIONID_NAME |
Constructor and Description |
---|
AtlassianSessionIdUtil() |
Modifier and Type | Method and Description |
---|---|
static String |
generateASESSIONID(String sessionId)
This will generate a hashed version of the passed in HttpSession sessionId
|
static String |
generateAtlassianSessionHash(javax.servlet.http.HttpServletRequest httpServletRequest,
javax.servlet.http.HttpServletResponse httpServletResponse)
This will look for an existing HTTP session and if its present, it will generate a ASESSIONID base on a hash of
the session's id.
|
public static final String ASESSIONID_NAME
public static final String JSESSIONID_NAME
public static String generateAtlassianSessionHash(javax.servlet.http.HttpServletRequest httpServletRequest, javax.servlet.http.HttpServletResponse httpServletResponse)
It will check in the session for such a beast, and hence only calculate it once and its lifecycle is therefore properly tied to the session itself.
We can then safely put this ASESSIONID in the logs and let someone upstream, say in a proxy, examine it.
CALLING NOTES - This method MUST be invoked before any content output is sent to the client. It sets cookies etc. and hence it needs the response to be be in a suitable state. It is expected that this method will be called early on in say a filter.
httpServletRequest
- the HTTP requesthttpServletResponse
- the HTTP responsepublic static String generateASESSIONID(String sessionId)
It will be returned in the form digestEncodedValue-hexEncodedValue
sessionId
- the session id stringCopyright © 2002-2019 Atlassian. All Rights Reserved.