CB-5587 override default jetty session handler to add ability to use … (

#2880) * CB-5587 override default jetty session handler to add ability to use dynamic setSecure flag * CB-5587 handle null server url --------- Co-authored-by: kseniaguzeeva <[email protected]>
dbeaver · Sep 16, 2024 · 8af3382 · 8af3382
1 parent e998a6c
commit 8af3382
Show file tree

Hide file tree

Showing 3 changed files with 147 additions and 3 deletions.
diff --git a/server/bundles/io.cloudbeaver.server/src/io/cloudbeaver/server/jetty/CBJettyServer.java b/server/bundles/io.cloudbeaver.server/src/io/cloudbeaver/server/jetty/CBJettyServer.java
@@ -29,7 +29,6 @@
 import org.eclipse.jetty.server.session.DefaultSessionCache;
 import org.eclipse.jetty.server.session.DefaultSessionIdManager;
 import org.eclipse.jetty.server.session.NullSessionDataStore;
-import org.eclipse.jetty.server.session.SessionHandler;
 import org.eclipse.jetty.servlet.ErrorPageErrorHandler;
 import org.eclipse.jetty.servlet.ServletContextHandler;
 import org.eclipse.jetty.servlet.ServletHolder;
@@ -184,7 +183,7 @@ private void initSessionManager(
         @NotNull ServletContextHandler servletContextHandler
     ) {
         // Init sessions persistence
-        SessionHandler sessionHandler = new SessionHandler();
+        CBSessionHandler sessionHandler = new CBSessionHandler(application);
         var maxIdleTime = application.getMaxSessionIdleTime();
         int intMaxIdleSeconds;
         if (maxIdleTime > Integer.MAX_VALUE) {

diff --git a/...undles/io.cloudbeaver.server/src/io/cloudbeaver/server/jetty/CBServerContextListener.java b/...undles/io.cloudbeaver.server/src/io/cloudbeaver/server/jetty/CBServerContextListener.java
@@ -39,7 +39,7 @@ public void contextInitialized(ServletContextEvent sce) {
         //scf.setDomain(domain);
         //scf.setMaxAge(CB_SESSION_LIFE_TIME);
         cookieConfig.setPath(CBApplication.getInstance().getRootURI());
-        cookieConfig.setSecure(application.getServerURL().startsWith("https"));
+//        cookieConfig.setSecure(application.getServerURL().startsWith("https"));
         cookieConfig.setHttpOnly(true);
         cookieConfig.setName(CBConstants.CB_SESSION_COOKIE_NAME);
     }

diff --git a/server/bundles/io.cloudbeaver.server/src/io/cloudbeaver/server/jetty/CBSessionHandler.java b/server/bundles/io.cloudbeaver.server/src/io/cloudbeaver/server/jetty/CBSessionHandler.java
@@ -0,0 +1,145 @@
+/*
+ * DBeaver - Universal Database Manager
+ * Copyright (C) 2010-2024 DBeaver Corp and others
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package io.cloudbeaver.server.jetty;
+
+import io.cloudbeaver.server.CBApplication;
+import jakarta.servlet.SessionCookieConfig;
+import org.eclipse.jetty.http.Syntax;
+import org.eclipse.jetty.server.session.SessionHandler;
+
+public class CBSessionHandler extends SessionHandler {
+    private final CBCookieConfig cbCookieConfig;
+    private final CBApplication<?> application;
+
+    public CBSessionHandler(CBApplication<?> application) {
+        this.cbCookieConfig = new CBCookieConfig();
+        this.application = application;
+    }
+
+
+    @Override
+    public SessionCookieConfig getSessionCookieConfig() {
+        return this.cbCookieConfig;
+    }
+
+
+    //mostly copy of org.eclipse.jetty.server.session.CookieConfig but allows to use dynamic setSecure flag
+    public final class CBCookieConfig implements SessionCookieConfig {
+        public CBCookieConfig() {
+        }
+
+        public String getComment() {
+            return CBSessionHandler.this._sessionComment;
+        }
+
+        public String getDomain() {
+            return CBSessionHandler.this._sessionDomain;
+        }
+
+        public int getMaxAge() {
+            return CBSessionHandler.this._maxCookieAge;
+        }
+
+        public String getName() {
+            return CBSessionHandler.this._sessionCookie;
+        }
+
+        public String getPath() {
+            return CBSessionHandler.this._sessionPath;
+        }
+
+        public boolean isHttpOnly() {
+            return CBSessionHandler.this._httpOnly;
+        }
+
+        public boolean isSecure() {
+            var serverUrl = CBSessionHandler.this.application.getServerURL();
+            return serverUrl != null && serverUrl.startsWith("https://");
+        }
+
+        public void setComment(String comment) {
+            if (CBSessionHandler.this._context != null && CBSessionHandler.this._context.getContextHandler()
+                .isAvailable()) {
+                throw new IllegalStateException("CookieConfig cannot be set after ServletContext is started");
+            } else {
+                CBSessionHandler.this._sessionComment = comment;
+            }
+        }
+
+        public void setDomain(String domain) {
+            if (CBSessionHandler.this._context != null && CBSessionHandler.this._context.getContextHandler()
+                .isAvailable()) {
+                throw new IllegalStateException("CookieConfig cannot be set after ServletContext is started");
+            } else {
+                CBSessionHandler.this._sessionDomain = domain;
+            }
+        }
+
+        public void setHttpOnly(boolean httpOnly) {
+            if (CBSessionHandler.this._context != null && CBSessionHandler.this._context.getContextHandler()
+                .isAvailable()) {
+                throw new IllegalStateException("CookieConfig cannot be set after ServletContext is started");
+            } else {
+                CBSessionHandler.this._httpOnly = httpOnly;
+            }
+        }
+
+        public void setMaxAge(int maxAge) {
+            if (CBSessionHandler.this._context != null && CBSessionHandler.this._context.getContextHandler()
+                .isAvailable()) {
+                throw new IllegalStateException("CookieConfig cannot be set after ServletContext is started");
+            } else {
+                CBSessionHandler.this._maxCookieAge = maxAge;
+            }
+        }
+
+        public void setName(String name) {
+            if (CBSessionHandler.this._context != null && CBSessionHandler.this._context.getContextHandler()
+                .isAvailable()) {
+                throw new IllegalStateException("CookieConfig cannot be set after ServletContext is started");
+            } else if ("".equals(name)) {
+                throw new IllegalArgumentException("Blank cookie name");
+            } else {
+                if (name != null) {
+                    Syntax.requireValidRFC2616Token(name, "Bad Session cookie name");
+                }
+
+                CBSessionHandler.this._sessionCookie = name;
+            }
+        }
+
+        public void setPath(String path) {
+            if (CBSessionHandler.this._context != null && CBSessionHandler.this._context.getContextHandler()
+                .isAvailable()) {
+                throw new IllegalStateException("CookieConfig cannot be set after ServletContext is started");
+            } else {
+                CBSessionHandler.this._sessionPath = path;
+            }
+        }
+
+        public void setSecure(boolean secure) {
+            if (CBSessionHandler.this._context != null && CBSessionHandler.this._context.getContextHandler()
+                .isAvailable()) {
+                throw new IllegalStateException("CookieConfig cannot be set after ServletContext is started");
+            } else {
+                CBSessionHandler.this._secureCookies = secure;
+            }
+        }
+    }
+
+
+}