...
When an editor is working in the Workspace, the sessions are created automatically by the XperienCentral framework. For each request, XperienCentral identifies the user according to the cookie sent, together with the request, and creates a new XperienCentral session. This XperienCentral session is put on the top of the “session stack”. When the response is sent back to the client, this session is removed from the stacstack, therefore this session exists during the complete lifetime of the request.
...
Active sessions will usually be available in element, panel and media item components since the controllers of these components are triggered by an editor who is logged in to XperienCentral. In other use cases, like testbundles or scheduled jobs, no active session will be available. Creating a session is not as straightforward as it may seem, because that requires login credentials.
To create a session with login credentials, the best way is to define the login credentials in configuration entries managed by the Configuration Management service. To create the session, those login credentials are used. The administrator can tune the authorization that is actually needed by that particular user.
To create the session, the SessionManager.createSession(HttpServletRequeststring, HttpServletResponsestring) method can be used. After logging in you should still invoke AuthorizationService.login(username, password, request) in order to be granted the proper authorization. The code example below shows an example of creating a session for user USERNAMEKEY on webinitiative with ID WEBSITEKEY and password PASSWORDKEY:
| Code Block | ||
|---|---|---|
| ||
private Session login() {
String website = myConfigService.getParameter(WEBSITEKEY);
Session session = mySessionManager.createSession(website, "username");
return session;
}
|
Since R36 an alternative option is available. In R35 and earlier a common code structure used to ensure the presence of a Session was somewhere along the lines of:
| Code Block | ||||
|---|---|---|---|---|
| ||||
boolean sessionCreated = false; Session session = mySessionManager.getActiveSession(); if (session == null) { session = mySessionManager.createSession(); sessionCreated = true; } try { // your logic here ... } catch (Exception e) { // Handle the exception } finally { if (sessionCreated) { session.close(); } } |
The example above leads to a of duplicate code, both in XperienCentral and custom plugins. In R36 the SessionWrapper was introduced, which takes care of the Session creation for you. The example above can be changed to this:
| Code Block | ||||
|---|---|---|---|---|
| ||||
try (SessionWrapper sessionWrapper = new SessionWrapper(mySessionManager)) { Session session = sessionWrapper.getSession(); // your logic here } catch (IOException e) { // Handle the exception } |
Please note that the getSession() should be called outside of the try-with-resources statement. This is because the SessionWrapper should be in control of closing the session. If you place the sessionWrapper.getSession() within the try-with-resources the session might be auto-closed, leading to errors.