1 // Copyright 2012 Google Inc. All Rights Reserved.
2 package com
.google
.appengine
.tools
.development
;
4 import org
.mortbay
.jetty
.servlet
.AbstractSessionManager
;
5 import org
.mortbay
.jetty
.servlet
.HashSessionManager
;
7 import java
.io
.ByteArrayOutputStream
;
8 import java
.io
.IOException
;
9 import java
.io
.ObjectOutputStream
;
10 import java
.io
.Serializable
;
12 import javax
.servlet
.http
.HttpServletRequest
;
13 import javax
.servlet
.http
.HttpSession
;
16 * A specialization of {@link HashSessionManager} that creates {@link HttpSession} objects that only
17 * allow the insertion of {@link Serializable} objects.
20 class SerializableObjectsOnlyHashSessionManager
extends HashSessionManager
{
23 protected AbstractSessionManager
.Session
newSession(HttpServletRequest request
) {
24 return new SerializableObjectsOnlyHttpSession(request
);
28 * An {@link HttpSession} implementation for the dev appserver that only allows the insertion of
29 * {@link Serializable} objects. The behavior here differs slightly from production in that
30 * this implementation fails immediately, while prod fails at the end of the request. The
31 * important thing, though, is that both implementations fail on non-serializable objects.
33 class SerializableObjectsOnlyHttpSession
extends HashSessionManager
.Session
{
35 public SerializableObjectsOnlyHttpSession(HttpServletRequest request
) {
40 public void setAttribute(String s
, Object o
) {
41 super.setAttribute(s
, checkCanSerialize(o
));
45 public void putValue(String s
, Object o
) {
46 super.putValue(s
, checkCanSerialize(o
));
50 * Verifies the given object can be serialized. This may introduce performance overhead, but
51 * it's comparable to what users will see in prod since we serialize their session data there as
54 * @param value The object to serialize.
55 * @return The value that was passed in.
57 Object
checkCanSerialize(Object value
) {
58 ByteArrayOutputStream baos
= new ByteArrayOutputStream();
60 ObjectOutputStream oos
= new ObjectOutputStream(baos
);
61 oos
.writeObject(value
);
62 } catch (IOException ex
) {
63 throw new RuntimeException(ex
);