diff --git a/Dockerfile b/Dockerfile index 1cd47e1c..c5ceb562 100644 --- a/Dockerfile +++ b/Dockerfile @@ -4,7 +4,6 @@ EXPOSE 8082 RUN mkdir -p /commafeed/data VOLUME /commafeed/data -ENV CF_SESSION_PATH=/commafeed/data/sessions ENV CF_DATABASE_URL=jdbc:h2:/commafeed/data/db COPY commafeed-server/config.yml.example config.yml diff --git a/commafeed-server/src/main/java/com/commafeed/CommaFeedApplication.java b/commafeed-server/src/main/java/com/commafeed/CommaFeedApplication.java index 3fdbd2cd..a37b215e 100644 --- a/commafeed-server/src/main/java/com/commafeed/CommaFeedApplication.java +++ b/commafeed-server/src/main/java/com/commafeed/CommaFeedApplication.java @@ -147,7 +147,7 @@ public class CommaFeedApplication extends Application { Injector injector = Guice.createInjector(new CommaFeedModule(hibernateBundle.getSessionFactory(), config, environment.metrics())); // session management - environment.servlets().setSessionHandler(config.getSessionHandlerFactory().build()); + environment.servlets().setSessionHandler(config.getSessionHandlerFactory().build(config.getDataSourceFactory())); // support for "@SecurityCheck User user" injection environment.jersey().register(new SecurityCheckFactoryProvider.Binder(injector.getInstance(UserService.class))); diff --git a/commafeed-server/src/main/java/com/commafeed/frontend/session/SessionHandlerFactory.java b/commafeed-server/src/main/java/com/commafeed/frontend/session/SessionHandlerFactory.java index fcb671b3..cc970c5e 100644 --- a/commafeed-server/src/main/java/com/commafeed/frontend/session/SessionHandlerFactory.java +++ b/commafeed-server/src/main/java/com/commafeed/frontend/session/SessionHandlerFactory.java @@ -1,24 +1,22 @@ package com.commafeed.frontend.session; -import java.io.File; - import javax.servlet.SessionTrackingMode; +import org.eclipse.jetty.server.session.DatabaseAdaptor; import org.eclipse.jetty.server.session.DefaultSessionCache; -import org.eclipse.jetty.server.session.FileSessionDataStore; +import org.eclipse.jetty.server.session.JDBCSessionDataStore; import org.eclipse.jetty.server.session.SessionCache; import org.eclipse.jetty.server.session.SessionHandler; +import com.codahale.metrics.MetricRegistry; import com.fasterxml.jackson.annotation.JsonProperty; import com.google.common.collect.ImmutableSet; +import io.dropwizard.db.DataSourceFactory; import io.dropwizard.util.Duration; public class SessionHandlerFactory { - @JsonProperty - private String path = "sessions"; - @JsonProperty private Duration cookieMaxAge = Duration.days(30); @@ -31,26 +29,24 @@ public class SessionHandlerFactory { @JsonProperty private Duration savePeriod = Duration.minutes(5); - public SessionHandler build() { - SessionHandler sessionHandler = new SessionHandler() { - { - // no setter available for maxCookieAge - _maxCookieAge = (int) cookieMaxAge.toSeconds(); - } - }; - SessionCache sessionCache = new DefaultSessionCache(sessionHandler); - sessionHandler.setSessionCache(sessionCache); - FileSessionDataStore dataStore = new FileSessionDataStore(); - sessionCache.setSessionDataStore(dataStore); - + public SessionHandler build(DataSourceFactory dataSourceFactory) { + SessionHandler sessionHandler = new SessionHandler(); sessionHandler.setHttpOnly(true); sessionHandler.setSessionTrackingModes(ImmutableSet.of(SessionTrackingMode.COOKIE)); sessionHandler.setMaxInactiveInterval((int) maxInactiveInterval.toSeconds()); sessionHandler.setRefreshCookieAge((int) cookieRefreshAge.toSeconds()); + sessionHandler.getSessionCookieConfig().setMaxAge((int) cookieMaxAge.toSeconds()); - dataStore.setDeleteUnrestorableFiles(true); - dataStore.setStoreDir(new File(path)); + SessionCache sessionCache = new DefaultSessionCache(sessionHandler); + sessionHandler.setSessionCache(sessionCache); + + JDBCSessionDataStore dataStore = new JDBCSessionDataStore(); dataStore.setSavePeriodSec((int) savePeriod.toSeconds()); + sessionCache.setSessionDataStore(dataStore); + + DatabaseAdaptor adaptor = new DatabaseAdaptor(); + adaptor.setDatasource(dataSourceFactory.build(new MetricRegistry(), "sessions")); + dataStore.setDatabaseAdaptor(adaptor); return sessionHandler; }