From a10d0336c5d5f04b6679d3cabd625d523b3a9067 Mon Sep 17 00:00:00 2001 From: Athou Date: Tue, 12 Aug 2014 11:24:11 +0200 Subject: [PATCH] persistent sessions across app restarts and across browser restarts --- .gitignore | 3 +++ .../com/commafeed/CommaFeedApplication.java | 18 +++++++++++++++++- 2 files changed, 20 insertions(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index 708d6ed7..00238f85 100644 --- a/.gitignore +++ b/.gitignore @@ -7,6 +7,9 @@ target # log files log +# jetty sessions +sessions + # node node node_modules diff --git a/src/main/java/com/commafeed/CommaFeedApplication.java b/src/main/java/com/commafeed/CommaFeedApplication.java index fbbd4f20..2871ab1d 100644 --- a/src/main/java/com/commafeed/CommaFeedApplication.java +++ b/src/main/java/com/commafeed/CommaFeedApplication.java @@ -9,10 +9,13 @@ import io.dropwizard.migrations.MigrationsBundle; import io.dropwizard.setup.Bootstrap; import io.dropwizard.setup.Environment; +import java.io.File; import java.util.Date; +import java.util.concurrent.TimeUnit; import lombok.extern.slf4j.Slf4j; +import org.eclipse.jetty.server.session.HashSessionManager; import org.eclipse.jetty.server.session.SessionHandler; import org.hibernate.SessionFactory; @@ -182,8 +185,21 @@ public class CommaFeedApplication extends Application { FeedRefreshTaskGiver taskGiver = new FeedRefreshTaskGiver(sessionFactory, queues, feedDAO, feedWorker, config, metrics); // Auth/session management + HashSessionManager sessionManager = new HashSessionManager(); + sessionManager.setHttpOnly(true); + sessionManager.getSessionCookieConfig().setHttpOnly(true); - environment.servlets().setSessionHandler(new SessionHandler()); + sessionManager.setStoreDirectory(new File("sessions")); + sessionManager.getSessionCookieConfig().setMaxAge((int) TimeUnit.DAYS.toSeconds(30)); + sessionManager.setMaxInactiveInterval((int) TimeUnit.DAYS.toSeconds(30)); + + sessionManager.setDeleteUnrestorableSessions(true); + sessionManager.setIdleSavePeriod((int) TimeUnit.HOURS.toSeconds(2)); + sessionManager.setRefreshCookieAge((int) TimeUnit.DAYS.toSeconds(1)); + sessionManager.setSavePeriod((int) TimeUnit.MINUTES.toSeconds(5)); + sessionManager.setScavengePeriod((int) TimeUnit.MINUTES.toSeconds(5)); + + environment.servlets().setSessionHandler(new SessionHandler(sessionManager)); environment.jersey().register(new SecurityCheckUserServiceProvider(userService)); environment.jersey().register(SecurityCheckProvider.class); environment.jersey().register(HttpSessionProvider.class);