in webbeans-web/src/main/java/org/apache/webbeans/web/context/WebContextsService.java [527:585]
protected void destroySessionContext(Object endObject)
{
// Get current session context from ThreadLocal
SessionContext context = sessionContexts.get();
HttpSession session = null;
// whether the session is destroyed because it is expired
boolean sessionIsExpiring = false;
if (endObject instanceof HttpSession)
{
session = (HttpSession) endObject;
if (context == null && session.getAttribute(OWB_SESSION_CONTEXT_ATTRIBUTE_NAME) != null)
{
if (!destroySessionImmediately)
{
sessionIsExpiring = sessionIsExpiring(session);
}
// init in this case only attaches the existing session to the ThreadLocal
initSessionContext(session);
context = sessionContexts.get();
}
}
// Destroy context
if (context != null && context.isActive())
{
// we need to mark the conversation to get destroyed at the end of the request
ServletRequestContext requestContext = getRequestContext(true);
if (destroySessionImmediately
|| requestContext == null || requestContext.getServletRequest() == null
|| requestContext.getServletRequest().getSession(false) == null
|| sessionIsExpiring)
{
webBeansContext.getBeanManagerImpl().fireContextLifecyleEvent(
session != null ? session : new Object(), BeforeDestroyedLiteral.INSTANCE_SESSION_SCOPED);
context.destroy();
webBeansContext.getBeanManagerImpl().fireContextLifecyleEvent(
session != null ? session : new Object(), DestroyedLiteral.INSTANCE_SESSION_SCOPED);
// Clear thread locals
sessionContexts.set(null);
sessionContexts.remove();
}
else
{
requestContext.setPropagatedSessionContext(context);
// this is to be spec compliant but depending the servlet container
// it can be dangerous if sessions are pooled (ie you can fire a session used by another request)
requestContext.setHttpSession(session);
}
}
SessionScopedBeanInterceptorHandler.removeThreadLocals();
}