二、LIFERAY中的实现
LIFERAY在构建ActionRequestImpl和RenderRequestImpl时,会设置PORTLET SESSION,如下代码所示:public RenderRequestImpl(HttpServletRequest req, Portlet portlet, CachePortlet cachePortlet, PortletContext portletCtx, WindowState windowState, PortletMode portletMode, PortletPreferences prefs, String layoutId) { ... _req = dynamicReq; _portlet = portlet; _cachePortlet = cachePortlet; _portalCtx = new PortalContextImpl(); _portletCtx = portletCtx; _windowState = windowState; _portletMode = portletMode; _prefs = prefs; _ses = new PortletSessionImpl( _req.getSession(), _portletName, _portletCtx); ... }从兰色的部分( _ses = new PortletSessionImpl(_req.getSession(),_portletName, _portletCtx); )我们可以看到,这个PORTLET SESSION其实就是PORTAL SYSTEM的 SESSION 对象。所以无论request调用getSession()或者getPortletSession()都将获取Portal 系统的SESSION 对象,而无论该PORTLET 是或者不是属于PORTAL SYSTEM上下文。而且即使不同PORTAL APPLICATION的PORTLET也将使用同一个SESSION 对象(PORTAL 系统)。也就是说,对于某一个PORTLET来说,如果有对其的SESSION进行的操作,并没有真正的在该APPLICATION上下文中的SESSION进行操作,而是在PORTAL系统上下文的SESSION中进行操作。
而且LIFERAY提供getPortletSession来获取PortletSession对象,而不是getSession()方法,所以即使getPortletSession()可以获取正确的Session对象,开发人员由于习惯问题,也因使用getSession()而得不到。
另外如果调用request.getSession(true)还可能会出现错误,因为LIFERAY在包含某一个PORTLET内容是,调用PortletRequestDispatcherImpl.include()方法,该方法将生成PortletServletRequest 和PortletServletResponse,请见如下代码:
PortletServletRequest portletServletReq = new PortletServletRequest( httpReq, reqImpl, pathInfo, queryString, requestURI, servletPath);
PortletServletResponse portletServletRes = new PortletServletResponse( resImpl.getHttpServletResponse(), resImpl);而PortletServletRequest的构造函数是如下定义的:public PortletServletRequest(HttpServletRequest req, RenderRequest renderRequest, String pathInfo, String queryString, String requestURI, String servletPath) {
super(req);
_ses = req.getSession(); _renderRequest = renderRequest; _pathInfo = pathInfo; _queryString = queryString; _requestURI = requestURI; _servletPath = servletPath; }所以其SESSION依然是PORTAL系统上下文的。然后问题就出在这里,PortletServletRequest实现了getSession()方法,但是没有实现getSession(boolen create)方法,如果用户在此阶段调用getSession(true)的话,在某些情况下就会抛出NullPointerException
原因见如下代码(请注意我添加的注释部分)//ApplicationHttpRequest:
public HttpSession getSession(boolean create) {
if (crossContext) { // There cannot be a session if no context has been assigned yet if (context == null) return (null);
// Return the current session if it exists and is valid if (session != null) return (session.getSession()); // 我的注释:这里将获取PORTAL系统的SESSION对象。 HttpSession other = super.getSession(false); if (create && (other == null)) { // First create a session in the first context: the problem is // that the top level request is the only one which can // create the cookie safely other = super.getSession(true); } if (other != null) { Session localSession = null; try { // 我的注释:this context did not have the session with session id. It can just be found in the Portal // context. So here it will return a null value. localSession = context.getManager().findSession(other.getId()); localSession.access(); //我的注释:Here, localSession is null. So it throws a NullPointException. } catch (IOException e) { // Ignore } if (localSession == null) { localSession = context.getManager().createEmptySession(); localSession.setNew(true); localSession.setValid(true); localSession.setCreationTime(System.currentTimeMillis()); localSession.setMaxInactiveInterval (context.getManager().getMaxInactiveInterval()); localSession.setId(other.getId()); } session = localSession; return session.getSession(); } return null;
} else { return super.getSession(create); }
}
