diff --git a/lib/SimpleSAML/Session.php b/lib/SimpleSAML/Session.php
index 5c52cbd9c5fd08838565f0097ccc96590b65cd57..ce285a2f4321dd84970dcfbe5aeef00a26d3fd0e 100644
--- a/lib/SimpleSAML/Session.php
+++ b/lib/SimpleSAML/Session.php
@@ -21,6 +21,16 @@ class SimpleSAML_Session {
const DATA_TIMEOUT_LOGOUT = 'logoutTimeout';
+ /**
+ * The list of loaded session objects.
+ *
+ * This is an associative array indexed with the session id.
+ *
+ * @var array
+ */
+ private static $sessions = array();
+
+
/**
* This variable holds the instance of the session - Singleton approach.
*/
@@ -171,7 +181,7 @@ class SimpleSAML_Session {
* handler.
*/
try {
- self::$instance = self::loadSession();
+ self::$instance = self::getSession();
} catch (Exception $e) {
if ($e instanceof SimpleSAML_Error_Exception) {
SimpleSAML_Logger::error('Error loading session:');
@@ -764,13 +774,27 @@ class SimpleSAML_Session {
/**
* Load a session from the session handler.
*
+ * @param string|NULL $sessionId The session we should load, or NULL to load the current session.
* @return The session which is stored in the session handler, or NULL if the session wasn't found.
*/
- private static function loadSession() {
+ public static function getSession($sessionId = NULL) {
+ assert('is_string($sessionId) || is_null($sessionId)');
$sh = SimpleSAML_SessionHandler::getSessionHandler();
- $session = $sh->loadSession();
+ if ($sessionId === NULL) {
+ $checkToken = TRUE;
+ $sessionId = $sh->getCookieSessionId();
+ } else {
+ $checkToken = FALSE;
+ }
+
+ if (isset(self::$sessions[$sessionId])) {
+ return self::$sessions[$sessionId];
+ }
+
+
+ $session = $sh->loadSession($sessionId);
if($session === NULL) {
return NULL;
}
@@ -782,7 +806,7 @@ class SimpleSAML_Session {
$session->sessionId = $sh->getCookieSessionId();
}
- if ($session->authToken !== NULL) {
+ if ($checkToken && $session->authToken !== NULL) {
if (!isset($_COOKIE['SimpleSAMLAuthToken'])) {
SimpleSAML_Logger::warning('Missing AuthToken cookie.');
return NULL;
@@ -793,6 +817,8 @@ class SimpleSAML_Session {
}
}
+ self::$sessions[$sessionId] = $session;
+
return $session;
}