Playframework: How can I disable session / cookies on specific action?
For a specific controller action I want to turn off cookies. I've tried to remove开发者_Go百科 the cookie Map, but that doesn't seem to work. I need to completely remove all response headers except my own.
Any ideas?
I found this solution when Googling this problem. It does the same thinng you try, removing cookies map, but it is done in an method which is annotated with @Finally.
I believe cookies map is filled after render() but before any @Finally annotated class.
Credits to Alex Jarvis on Google Groups, code is copied for reference:
/**
* Removes cookies from all responses.
*
* This is because cookies are not required in stateless webservice and
* we don't want to send any unnecessary information to the client.
*
* @author Alex Jarvis
*/
public class NoCookieFilter extends Controller {
/** An empty cookie map to replace any cookies in the response. */
private static final Map<String, Http.Cookie> cookies = new HashMap<String, Http.Cookie>(0);
/**
* When the configuration property 'cookies.enabled' equals false,
* this Finally filter will replace the cookies in the response with an empty Map.
*/
@Finally
protected static void removeCookies() {
boolean cookiesEnabled = Boolean.parseBoolean(Play.configuration.getProperty("cookies.enabled"));
if (!cookiesEnabled) {
response.cookies = cookies;
}
}
}
Usage: For any controller you want to be "cookieless" annotate it with
@With(NoCookieFilter.class)
(Tested in Play 1.2.5)
I managed to wrap the response with a wrapper with response.current.set(new CookieLessResponseWrapper(response.current())). Works ok for me.
Here is the code for the Response wrapper if anyone is interested.
package helpers;
import play.mvc.Http.Response;
public class CookieLessResponseWrapper extends Response {
private Response wrappedResponse;
public CookieLessResponseWrapper(Response response) {
this.wrappedResponse = response;
}
@Override
public void accessControl(String allowOrigin, boolean allowCredentials) {
wrappedResponse.accessControl(allowOrigin, allowCredentials);
}
@Override
public void accessControl(String allowOrigin, String allowMethods,
boolean allowCredentials) {
wrappedResponse.accessControl(allowOrigin, allowMethods, allowCredentials);
}
@Override
public void accessControl(String allowOrigin) {
wrappedResponse.accessControl(allowOrigin);
}
@Override
public void cacheFor(String etag, String duration, long lastModified) {
wrappedResponse.cacheFor(etag, duration, lastModified);
}
@Override
public void cacheFor(String duration) {
wrappedResponse.cacheFor(duration);
}
@Override
public String getHeader(String name) {
return wrappedResponse.getHeader(name);
}
@Override
public void print(Object o) {
wrappedResponse.print(o);
}
@Override
public void removeCookie(String name) {
wrappedResponse.removeCookie(name);
}
@Override
public void reset() {
wrappedResponse.reset();
}
@Override
public void setContentTypeIfNotSet(String contentType) {
wrappedResponse.setContentTypeIfNotSet(contentType);
}
@Override
public void setCookie(String name, String value, String domain,
String path, Integer maxAge, boolean secure, boolean httpOnly) {
}
@Override
public void setCookie(String name, String value, String domain,
String path, Integer maxAge, boolean secure) {
}
@Override
public void setCookie(String name, String value, String duration) {
}
@Override
public void setCookie(String name, String value) {
}
@Override
public void setHeader(String name, String value) {
wrappedResponse.setHeader(name, value);
}
}
You should be able to clear all headers, in your action, with:
Http.Response.current().reset();
Have in mind that the Session is a Cookie. I don't believe that you can remove it.
How about use discarding the whole session for each request as a workaround?
Discarding the whole session
Ok("Bye").withNewSession
https://www.playframework.com/documentation/2.3.x/ScalaSessionFlash#Discarding-the-whole-session
加载中,请稍侯......
精彩评论