Kallin/ProxySession.groovy

## ProxySession.groovy
protected HttpSession proxySession(final boolean create, final HttpServletRequest request,
			final HttpServletResponse response) {

		if (log.isDebugEnabled()) {
			log.debug("Proxying request for {}", request.getRequestURL());
		}

		String sessionId = getCookieValue(request);
		if (sessionId == null) {
			if (!create) {
				log.debug("No session cookie but create is false, not creating session");
				// no session cookie but don't create
				return null;
			}

			// no session cookie but do create
			log.debug("No session cookie but create is true, creating session");
			createSession(request, response);
		}

		if (persister.isValid(sessionId)) {
			// session cookie and the session is still active
			log.debug("Session cookie {} found", sessionId);
			return new SessionProxy(getServletContext(), persister, sessionId);
		}

		if (!create) {
			// session cookie but it's been invalidated or is too old, but don't create
			log.debug("Session cookie {} found but invalid or old and create is false; not creating session", sessionId);
			deleteCookie(request, response);
			persister.invalidate(sessionId); // cleanup if it's too old
			return null;
		}

		// session cookie but it's been invalidated or is too old
		log.debug("Session cookie {} found but invalid or old and create is true, creating session", sessionId);
		persister.invalidate(sessionId); // cleanup if it's too old
		sessionId = createSession(request, response);
		return new SessionProxy(getServletContext(), persister, sessionId);
	}
	protected HttpSession proxySession(final boolean create, final HttpServletRequest request,
	final HttpServletResponse response) {

	if (log.isDebugEnabled()) {
	log.debug("Proxying request for {}", request.getRequestURL());
	}

	String sessionId = getCookieValue(request);
	if (sessionId == null) {
	if (!create) {
	log.debug("No session cookie but create is false, not creating session");
	// no session cookie but don't create
	return null;
	}

	// no session cookie but do create
	log.debug("No session cookie but create is true, creating session");
	createSession(request, response);
	}

	if (persister.isValid(sessionId)) {
	// session cookie and the session is still active
	log.debug("Session cookie {} found", sessionId);
	return new SessionProxy(getServletContext(), persister, sessionId);
	}

	if (!create) {
	// session cookie but it's been invalidated or is too old, but don't create
	log.debug("Session cookie {} found but invalid or old and create is false; not creating session", sessionId);
	deleteCookie(request, response);
	persister.invalidate(sessionId); // cleanup if it's too old
	return null;
	}

	// session cookie but it's been invalidated or is too old
	log.debug("Session cookie {} found but invalid or old and create is true, creating session", sessionId);
	persister.invalidate(sessionId); // cleanup if it's too old
	sessionId = createSession(request, response);
	return new SessionProxy(getServletContext(), persister, sessionId);
	}