Details
diff --git a/util/src/main/java/org/killbill/billing/util/security/shiro/dao/JDBCSessionDao.java b/util/src/main/java/org/killbill/billing/util/security/shiro/dao/JDBCSessionDao.java
index ac29706..41a05eb 100644
--- a/util/src/main/java/org/killbill/billing/util/security/shiro/dao/JDBCSessionDao.java
+++ b/util/src/main/java/org/killbill/billing/util/security/shiro/dao/JDBCSessionDao.java
@@ -20,14 +20,14 @@ package org.killbill.billing.util.security.shiro.dao;
import java.io.IOException;
import java.io.Serializable;
+import java.util.UUID;
import javax.inject.Inject;
import org.apache.shiro.session.Session;
import org.apache.shiro.session.mgt.eis.CachingSessionDAO;
+import org.killbill.billing.util.UUIDs;
import org.skife.jdbi.v2.IDBI;
-import org.skife.jdbi.v2.Transaction;
-import org.skife.jdbi.v2.TransactionStatus;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -54,15 +54,10 @@ public class JDBCSessionDao extends CachingSessionDAO {
@Override
protected Serializable doCreate(final Session session) {
- final Serializable sessionId = jdbcSessionSqlDao.inTransaction(new Transaction<Long, JDBCSessionSqlDao>() {
- @Override
- public Long inTransaction(final JDBCSessionSqlDao transactional, final TransactionStatus status) throws Exception {
- transactional.create(new SessionModelDao(session));
- return transactional.getLastInsertId();
- }
- });
+ final UUID sessionId = UUIDs.randomUUID();
// See SessionModelDao#toSimpleSession for why we use toString()
assignSessionId(session, sessionId.toString());
+ jdbcSessionSqlDao.create(new SessionModelDao(session));
return sessionId;
}
@@ -73,15 +68,9 @@ public class JDBCSessionDao extends CachingSessionDAO {
return null;
}
- // Ignore unsupported JSESSIONID cookies
- final Long recordId;
- try {
- recordId = Long.parseLong(sessionId.toString().trim());
- } catch (final NumberFormatException e) {
- return null;
- }
+ final String sessionIdString = sessionId.toString();
+ final SessionModelDao sessionModelDao = jdbcSessionSqlDao.read(sessionIdString);
- final SessionModelDao sessionModelDao = jdbcSessionSqlDao.read(recordId);
if (sessionModelDao == null) {
return null;
}
diff --git a/util/src/main/java/org/killbill/billing/util/security/shiro/dao/JDBCSessionSqlDao.java b/util/src/main/java/org/killbill/billing/util/security/shiro/dao/JDBCSessionSqlDao.java
index f8d9322..f277430 100644
--- a/util/src/main/java/org/killbill/billing/util/security/shiro/dao/JDBCSessionSqlDao.java
+++ b/util/src/main/java/org/killbill/billing/util/security/shiro/dao/JDBCSessionSqlDao.java
@@ -29,7 +29,7 @@ import org.skife.jdbi.v2.sqlobject.mixins.Transactional;
public interface JDBCSessionSqlDao extends Transactional<JDBCSessionSqlDao> {
@SqlQuery
- public SessionModelDao read(@Bind("recordId") final Long sessionId);
+ public SessionModelDao read(@Bind("id") final String sessionId);
@SqlUpdate
public void create(@SmartBindBean final SessionModelDao sessionModelDao);
@@ -40,6 +40,4 @@ public interface JDBCSessionSqlDao extends Transactional<JDBCSessionSqlDao> {
@SqlUpdate
public void delete(@SmartBindBean final SessionModelDao sessionModelDao);
- @SqlQuery
- public Long getLastInsertId();
}
diff --git a/util/src/main/java/org/killbill/billing/util/security/shiro/dao/SessionModelDao.java b/util/src/main/java/org/killbill/billing/util/security/shiro/dao/SessionModelDao.java
index acfd28a..46341cb 100644
--- a/util/src/main/java/org/killbill/billing/util/security/shiro/dao/SessionModelDao.java
+++ b/util/src/main/java/org/killbill/billing/util/security/shiro/dao/SessionModelDao.java
@@ -33,6 +33,7 @@ public class SessionModelDao {
private final Serializer<Map> serializer = new DefaultSerializer<Map>();
private Long recordId;
+ private String id;
private DateTime startTimestamp;
private DateTime lastAccessTime;
private long timeout;
@@ -42,7 +43,7 @@ public class SessionModelDao {
public SessionModelDao() { /* For the DAO mapper */ }
public SessionModelDao(final Session session) {
- this.recordId = session.getId() == null ? null : Long.valueOf(session.getId().toString());
+ this.id = session.getId() == null ? null : session.getId().toString();
this.startTimestamp = new DateTime(session.getStartTimestamp(), DateTimeZone.UTC);
this.lastAccessTime = new DateTime(session.getLastAccessTime(), DateTimeZone.UTC);
this.timeout = session.getTimeout();
@@ -56,11 +57,11 @@ public class SessionModelDao {
public Session toSimpleSession() throws IOException {
final SimpleSession simpleSession = new SimpleSession();
- if (recordId != null) {
+ if (id != null) {
// Make sure to use a String here! It will be used as-is as the key in Ehcache.
- // When retrieving the session, the sessionId will be a String: if a Long is used,
- // the lookup will trigger a miss. See https://github.com/killbill/killbill/issues/299
- simpleSession.setId(recordId.toString());
+ // When retrieving the session, the sessionId will be a String
+ // See https://github.com/killbill/killbill/issues/299
+ simpleSession.setId(id);
}
simpleSession.setStartTimestamp(startTimestamp.toDate());
simpleSession.setLastAccessTime(lastAccessTime.toDate());
@@ -78,6 +79,10 @@ public class SessionModelDao {
return recordId;
}
+ public String getId() {
+ return id;
+ }
+
public DateTime getStartTimestamp() {
return startTimestamp;
}
@@ -102,6 +107,7 @@ public class SessionModelDao {
public String toString() {
final StringBuilder sb = new StringBuilder("SessionModelDao{");
sb.append("recordId=").append(recordId);
+ sb.append(", id='").append(id).append('\'');
sb.append(", startTimestamp=").append(startTimestamp);
sb.append(", lastAccessTime=").append(lastAccessTime);
sb.append(", timeout=").append(timeout);
@@ -125,33 +131,34 @@ public class SessionModelDao {
if (timeout != that.timeout) {
return false;
}
- if (host != null ? !host.equals(that.host) : that.host != null) {
+ if (recordId != null ? !recordId.equals(that.recordId) : that.recordId != null) {
return false;
}
- if (lastAccessTime != null ? !lastAccessTime.equals(that.lastAccessTime) : that.lastAccessTime != null) {
+ if (id != null ? !id.equals(that.id) : that.id != null) {
return false;
}
- if (recordId != null ? !recordId.equals(that.recordId) : that.recordId != null) {
+ if (startTimestamp != null ? !startTimestamp.equals(that.startTimestamp) : that.startTimestamp != null) {
return false;
}
- if (!Arrays.equals(sessionData, that.sessionData)) {
+ if (lastAccessTime != null ? !lastAccessTime.equals(that.lastAccessTime) : that.lastAccessTime != null) {
return false;
}
- if (startTimestamp != null ? !startTimestamp.equals(that.startTimestamp) : that.startTimestamp != null) {
+ if (host != null ? !host.equals(that.host) : that.host != null) {
return false;
}
+ return Arrays.equals(sessionData, that.sessionData);
- return true;
}
@Override
public int hashCode() {
int result = recordId != null ? recordId.hashCode() : 0;
+ result = 31 * result + (id != null ? id.hashCode() : 0);
result = 31 * result + (startTimestamp != null ? startTimestamp.hashCode() : 0);
result = 31 * result + (lastAccessTime != null ? lastAccessTime.hashCode() : 0);
result = 31 * result + (int) (timeout ^ (timeout >>> 32));
result = 31 * result + (host != null ? host.hashCode() : 0);
- result = 31 * result + (sessionData != null ? Arrays.hashCode(sessionData) : 0);
+ result = 31 * result + Arrays.hashCode(sessionData);
return result;
}
diff --git a/util/src/main/resources/org/killbill/billing/util/ddl.sql b/util/src/main/resources/org/killbill/billing/util/ddl.sql
index 7cd9a43..e451dd4 100644
--- a/util/src/main/resources/org/killbill/billing/util/ddl.sql
+++ b/util/src/main/resources/org/killbill/billing/util/ddl.sql
@@ -235,6 +235,7 @@ CREATE TABLE bus_events_history (
drop table if exists sessions;
create table sessions (
record_id serial unique
+, id varchar(36) NOT NULL
, start_timestamp datetime not null
, last_access_time datetime default null
, timeout int
@@ -242,6 +243,7 @@ create table sessions (
, session_data mediumblob default null
, primary key(record_id)
) /*! CHARACTER SET utf8 COLLATE utf8_bin */;
+CREATE UNIQUE INDEX sessions_id ON sessions(id);
DROP TABLE IF EXISTS users;
diff --git a/util/src/main/resources/org/killbill/billing/util/migration/V20161105000000__session_id.sql b/util/src/main/resources/org/killbill/billing/util/migration/V20161105000000__session_id.sql
new file mode 100644
index 0000000..cce5c63
--- /dev/null
+++ b/util/src/main/resources/org/killbill/billing/util/migration/V20161105000000__session_id.sql
@@ -0,0 +1,3 @@
+alter table sessions add column id varchar(36) not null after record_id;
+update sessions set id = record_id;
+create unique index sessions_id on sessions(id);
\ No newline at end of file
diff --git a/util/src/main/resources/org/killbill/billing/util/security/shiro/dao/JDBCSessionSqlDao.sql.stg b/util/src/main/resources/org/killbill/billing/util/security/shiro/dao/JDBCSessionSqlDao.sql.stg
index fe228d2..b002312 100644
--- a/util/src/main/resources/org/killbill/billing/util/security/shiro/dao/JDBCSessionSqlDao.sql.stg
+++ b/util/src/main/resources/org/killbill/billing/util/security/shiro/dao/JDBCSessionSqlDao.sql.stg
@@ -3,25 +3,28 @@ group JDBCSessionSqlDao;
read() ::= <<
select
record_id
+, id
, start_timestamp
, last_access_time
, timeout
, host
, session_data
from sessions
-where record_id = :recordId
+where id = :id
;
>>
create() ::= <<
insert into sessions (
- start_timestamp
+ id
+, start_timestamp
, last_access_time
, timeout
, host
, session_data
) values (
- :startTimestamp
+ :id
+, :startTimestamp
, :lastAccessTime
, :timeout
, :host
@@ -36,16 +39,12 @@ update sessions set
, timeout = :timeout
, host = :host
, session_data = :sessionData
-where record_id = :recordId
+where id = :id
;
>>
delete() ::= <<
delete from sessions
-where record_id = :recordId
+where id = :id
;
->>
-
-getLastInsertId() ::= <<
-select LAST_INSERT_ID();
->>
+>>
\ No newline at end of file
