Removing JSession id from url and links
tsweeney56 Dec 7, 2011 10:11 PMI am trying to remove the jsession id from the url and links in much the same fashion as in seam 2, here is the example servlet from seam 2
@Startup @Scope(ScopeType.APPLICATION) @Name("sessionIdFilter") @BypassInterceptors @Filter(around ="org.jboss.seam.web.ajax4jsfFilter") public class SessionIdFilter extends AbstractFilter { public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException { if (!(req instanceof HttpServletRequest)) { chain.doFilter(req, res); return; } HttpServletRequest request = (HttpServletRequest) req; HttpServletResponse response = (HttpServletResponse) res; // Redirect requests with JSESSIONID in URL to clean version (old links // bookmarked/stored by bots). This is ONLY triggered if the request did // not also contain a JSESSIONID cookie! Which should be fine for bots... if (request.isRequestedSessionIdFromURL()) { String url = request.getRequestURL() .append(request.getQueryString() != null ? "?"+request.getQueryString() : "") .toString(); // TODO: The url is clean, at least in Tomcat, which strips out // the JSESSIONID path parameter automatically (Jetty does not?!) response.setHeader("Location", url); response.sendError(HttpServletResponse.SC_MOVED_PERMANENTLY); return; } // Prevent rendering of JSESSIONID in URLs for all outgoing links HttpServletResponseWrapper wrappedResponse = new HttpServletResponseWrapper(response) { @Override public String encodeRedirectUrl(String url) { return url; } @Override public String encodeRedirectURL(String url) { return url; } @Override public String encodeUrl(String url) { return url; } @Override public String encodeURL(String url) { return url; } }; chain.doFilter(req, wrappedResponse); } }
In seam 3 i have converted this filter to observe the HttpServletRequestContext for @PATH("") and @Initialized
The first half of the above servlet is an easy conversion as I can grab the request and redirect if needed. The second and most useful half is where I am stumped. I cant find any way to override the response object to no op the 4 encodeurl methods.
Has anyone found a solution to this yet? any suggestions?