Details
diff --git a/util/src/main/java/org/killbill/billing/util/security/shiro/dao/JDBCSessionDao.java b/util/src/main/java/org/killbill/billing/util/security/shiro/dao/JDBCSessionDao.java
index 8bd91cc..6e455b8 100644
--- a/util/src/main/java/org/killbill/billing/util/security/shiro/dao/JDBCSessionDao.java
+++ b/util/src/main/java/org/killbill/billing/util/security/shiro/dao/JDBCSessionDao.java
@@ -20,6 +20,9 @@ package org.killbill.billing.util.security.shiro.dao;
import java.io.IOException;
import java.io.Serializable;
+import java.util.Collection;
+import java.util.LinkedList;
+import java.util.List;
import java.util.UUID;
import java.util.concurrent.TimeUnit;
@@ -90,12 +93,20 @@ public class JDBCSessionDao extends CachingSessionDAO {
return null;
}
- try {
- return sessionModelDao.toSimpleSession();
- } catch (final IOException e) {
- log.warn("Corrupted cookie", e);
- return null;
+ return toSession(sessionModelDao);
+ }
+
+ @Override
+ public Collection<Session> getActiveSessions() {
+ final Collection<Session> cachedActiveSessions = super.getActiveSessions();
+ // To make sure the ValidatingSessionManager purges old sessions on disk
+ final List<SessionModelDao> oldActiveSessionsOnDisk = dbRouter.onDemand(true).findOldActiveSessions();
+
+ final Collection<Session> activeSessions = new LinkedList<Session>(cachedActiveSessions);
+ for (final SessionModelDao sessionModelDao : oldActiveSessionsOnDisk) {
+ activeSessions.add(toSession(sessionModelDao));
}
+ return activeSessions;
}
public void disableUpdatesForSession(final Session session) {
@@ -110,4 +121,13 @@ public class JDBCSessionDao extends CachingSessionDAO {
private boolean shouldUpdateSession(final Session session) {
return noUpdateSessionsCache.getIfPresent(session.getId()) == Boolean.TRUE ? Boolean.FALSE : Boolean.TRUE;
}
+
+ private Session toSession(final SessionModelDao sessionModelDao) {
+ try {
+ return sessionModelDao.toSimpleSession();
+ } catch (final IOException e) {
+ log.warn("Corrupted cookie", e);
+ return null;
+ }
+ }
}
diff --git a/util/src/main/java/org/killbill/billing/util/security/shiro/dao/JDBCSessionSqlDao.java b/util/src/main/java/org/killbill/billing/util/security/shiro/dao/JDBCSessionSqlDao.java
index 409f2a3..d78e6c1 100644
--- a/util/src/main/java/org/killbill/billing/util/security/shiro/dao/JDBCSessionSqlDao.java
+++ b/util/src/main/java/org/killbill/billing/util/security/shiro/dao/JDBCSessionSqlDao.java
@@ -18,8 +18,10 @@
package org.killbill.billing.util.security.shiro.dao;
-import org.killbill.commons.jdbi.template.KillBillSqlDaoStringTemplate;
+import java.util.List;
+
import org.killbill.commons.jdbi.binder.SmartBindBean;
+import org.killbill.commons.jdbi.template.KillBillSqlDaoStringTemplate;
import org.skife.jdbi.v2.sqlobject.Bind;
import org.skife.jdbi.v2.sqlobject.SqlQuery;
import org.skife.jdbi.v2.sqlobject.SqlUpdate;
@@ -40,4 +42,6 @@ public interface JDBCSessionSqlDao extends Transactional<JDBCSessionSqlDao> {
@SqlUpdate
public void delete(@SmartBindBean final SessionModelDao sessionModelDao);
+ @SqlQuery
+ public List<SessionModelDao> findOldActiveSessions();
}
diff --git a/util/src/main/resources/org/killbill/billing/util/security/shiro/dao/JDBCSessionSqlDao.sql.stg b/util/src/main/resources/org/killbill/billing/util/security/shiro/dao/JDBCSessionSqlDao.sql.stg
index e6091e5..c479317 100644
--- a/util/src/main/resources/org/killbill/billing/util/security/shiro/dao/JDBCSessionSqlDao.sql.stg
+++ b/util/src/main/resources/org/killbill/billing/util/security/shiro/dao/JDBCSessionSqlDao.sql.stg
@@ -45,4 +45,19 @@ delete() ::= <<
delete from sessions
where id = :id
;
->>
\ No newline at end of file
+>>
+
+findOldActiveSessions() ::= <<
+select
+ record_id
+, id
+, start_timestamp
+, last_access_time
+, timeout
+, host
+, session_data
+from sessions
+order by record_id asc
+limit 100
+;
+>>
