public HttpSession getSession()

in web/src/main/java/org/apache/shiro/web/servlet/ShiroHttpServletRequest.java [144:176]

• 28 lines of code
• 11 McCabe index (conditional complexity)

    public HttpSession getSession(boolean create) {

        HttpSession httpSession;

        if (isHttpSessions()) {
            httpSession = super.getSession(false);
            if (httpSession == null && create) {
                //Shiro 1.2: assert that creation is enabled (SHIRO-266):
                if (WebUtils.isSessionCreationEnabled(this)) {
                    httpSession = super.getSession(create);
                } else {
                    throw newNoSessionCreationException();
                }
            }
        } else {
            boolean existing = getSubject().getSession(false) != null;

            if (this.session == null || !existing) {
                Session shiroSession = getSubject().getSession(create);
                if (shiroSession != null) {
                    this.session = new ShiroHttpSession(shiroSession, this, this.servletContext);
                } else if (this.session != null) {
                    this.session = null;
                }
                if (shiroSession != null && !existing) {
                    setAttribute(REFERENCED_SESSION_IS_NEW, Boolean.TRUE);
                }
            }
            httpSession = this.session;
        }

        return httpSession;
    }