Package org.eclipse.jetty.server.session

Class Session

java.lang.Object
org.eclipse.jetty.server.session.Session
All Implemented Interfaces:
javax.servlet.http.HttpSession, SessionHandler.SessionIf
public class Session extends Object implements SessionHandler.SessionIf
Session A heavy-weight Session object representing an HttpSession. Session objects relating to a context are kept in a SessionCache. The purpose of the SessionCache is to keep the working set of Session objects in memory so that they may be accessed quickly, and facilitate the sharing of a Session object amongst multiple simultaneous requests referring to the same session id. The SessionHandler coordinates the lifecycle of Session objects with the help of the SessionCache.
See Also:

  • Field Details

    • SESSION_CREATED_SECURE

      public static final String SESSION_CREATED_SECURE
      See Also:

    • _sessionData

      protected final SessionData _sessionData

    • _handler

      protected final SessionHandler _handler

    • _extendedId

      protected String _extendedId

    • _requests

      protected long _requests

    • _idChanged

      protected boolean _idChanged

    • _newSession

      protected boolean _newSession

    • _state

      protected Session.State _state

    • _lock

      protected AutoLock _lock

    • _stateChangeCompleted

      protected Condition _stateChangeCompleted

    • _resident

      protected boolean _resident

    • _sessionInactivityTimer

      protected final Session.SessionInactivityTimer _sessionInactivityTimer

  • Constructor Details

    • Session

      public Session(SessionHandler handler, javax.servlet.http.HttpServletRequest request, SessionData data)
      Create a new session
      Parameters:
      handler - the SessionHandler that manages this session
      request - the request the session should be based on
      data - the session data

    • Session

      public Session(SessionHandler handler, SessionData data)
      Re-inflate an existing session from some eg persistent store.
      Parameters:
      handler - the SessionHandler managing the session
      data - the session data

  • Method Details

    • getRequests

      public long getRequests()
      Returns the current number of requests that are active in the Session.
      Returns:
      the number of active requests for this session

    • setExtendedId

      public void setExtendedId(String extendedId)

    • cookieSet

      protected void cookieSet()

    • use

      protected void use()

    • access

      protected boolean access(long time)

    • complete

      protected void complete()

    • isExpiredAt

      protected boolean isExpiredAt(long time)
      Check to see if session has expired as at the time given.
      Parameters:
      time - the time since the epoch in ms
      Returns:
      true if expired

    • isIdleLongerThan

      protected boolean isIdleLongerThan(int sec)
      Check if the Session has been idle longer than a number of seconds.
      Parameters:
      sec - the number of seconds
      Returns:
      true if the session has been idle longer than the interval

    • callSessionAttributeListeners

      protected void callSessionAttributeListeners(String name, Object newValue, Object oldValue)
      Call binding and attribute listeners based on the new and old values of the attribute.
      Parameters:
      name - name of the attribute
      newValue - new value of the attribute
      oldValue - previous value of the attribute
      Throws:
      IllegalStateException - if no session manager can be find

    • unbindValue

      public void unbindValue(String name, Object value)
      Unbind value if value implements HttpSessionBindingListener (calls HttpSessionBindingListener.valueUnbound(HttpSessionBindingEvent))
      Parameters:
      name - the name with which the object is bound or unbound
      value - the bound value

    • bindValue

      public void bindValue(String name, Object value)
      Bind value if value implements HttpSessionBindingListener (calls HttpSessionBindingListener.valueBound(HttpSessionBindingEvent))
      Parameters:
      name - the name with which the object is bound or unbound
      value - the bound value

    • didActivate

      public void didActivate()
      Call the activation listeners. This must be called holding the lock.

    • willPassivate

      public void willPassivate()
      Call the passivation listeners. This must be called holding the lock

    • isValid

      public boolean isValid()

    • isInvalid

      public boolean isInvalid()

    • getCookieSetTime

      public long getCookieSetTime()

    • getCreationTime

      public long getCreationTime() throws IllegalStateException
      Specified by:
      getCreationTime in interface javax.servlet.http.HttpSession
      Throws:
      IllegalStateException

    • getId

      public String getId()
      Specified by:
      getId in interface javax.servlet.http.HttpSession

    • getExtendedId

      public String getExtendedId()

    • getContextPath

      public String getContextPath()

    • getVHost

      public String getVHost()

    • getLastAccessedTime

      public long getLastAccessedTime()
      Specified by:
      getLastAccessedTime in interface javax.servlet.http.HttpSession

    • getServletContext

      public javax.servlet.ServletContext getServletContext()
      Specified by:
      getServletContext in interface javax.servlet.http.HttpSession

    • setMaxInactiveInterval

      public void setMaxInactiveInterval(int secs)
      Specified by:
      setMaxInactiveInterval in interface javax.servlet.http.HttpSession

    • calculateInactivityTimeout

      public long calculateInactivityTimeout(long now)
      Calculate what the session timer setting should be based on: the time remaining before the session expires and any idle eviction time configured. The timer value will be the lesser of the above.
      Parameters:
      now - the time at which to calculate remaining expiry
      Returns:
      the time remaining before expiry or inactivity timeout

    • getMaxInactiveInterval

      public int getMaxInactiveInterval()
      Specified by:
      getMaxInactiveInterval in interface javax.servlet.http.HttpSession

    • getSessionContext

      @Deprecated(since="Servlet API 2.1") public javax.servlet.http.HttpSessionContext getSessionContext()
      Deprecated.
      Specified by:
      getSessionContext in interface javax.servlet.http.HttpSession

    • getSessionHandler

      public SessionHandler getSessionHandler()

    • checkValidForWrite

      protected void checkValidForWrite() throws IllegalStateException
      Check that the session can be modified.
      Throws:
      IllegalStateException - if the session is invalid

    • checkValidForRead

      protected void checkValidForRead() throws IllegalStateException
      Chech that the session data can be read.
      Throws:
      IllegalStateException - if the session is invalid

    • getAttribute

      public Object getAttribute(String name)
      Specified by:
      getAttribute in interface javax.servlet.http.HttpSession

    • getValue

      @Deprecated(since="Servlet API 2.2") public Object getValue(String name)
      Deprecated.
      Specified by:
      getValue in interface javax.servlet.http.HttpSession

    • getAttributeNames

      public Enumeration<String> getAttributeNames()
      Specified by:
      getAttributeNames in interface javax.servlet.http.HttpSession

    • getAttributes

      public int getAttributes()

    • getNames

      public Set<String> getNames()

    • getValueNames

      @Deprecated(since="Servlet API 2.2") public String[] getValueNames() throws IllegalStateException
      Deprecated.
      As of Servlet 2.2, this method is replaced by getAttributeNames()
      Specified by:
      getValueNames in interface javax.servlet.http.HttpSession
      Throws:
      IllegalStateException

    • setAttribute

      public void setAttribute(String name, Object value)
      Specified by:
      setAttribute in interface javax.servlet.http.HttpSession

    • putValue

      @Deprecated(since="Servlet API 2.2") public void putValue(String name, Object value)
      Deprecated.
      Specified by:
      putValue in interface javax.servlet.http.HttpSession

    • removeAttribute

      public void removeAttribute(String name)
      Specified by:
      removeAttribute in interface javax.servlet.http.HttpSession

    • removeValue

      @Deprecated(since="Servlet API 2.1") public void removeValue(String name)
      Deprecated.
      Specified by:
      removeValue in interface javax.servlet.http.HttpSession

    • renewId

      public void renewId(javax.servlet.http.HttpServletRequest request)
      Force a change to the id of a session.
      Parameters:
      request - the Request associated with the call to change id.

    • invalidate

      public void invalidate()
      Called by users to invalidate a session, or called by the access method as a request enters the session if the session has expired, or called by manager as a result of scavenger expiring session
      Specified by:
      invalidate in interface javax.servlet.http.HttpSession
      See Also:
      • HttpSession.invalidate()

    • lock

      public AutoLock lock()
      Grab the lock on the session
      Returns:
      the lock

    • beginInvalidate

      protected boolean beginInvalidate()
      Returns:
      true if the session is not already invalid or being invalidated.

    • finishInvalidate

      protected void finishInvalidate() throws IllegalStateException
      Call HttpSessionAttributeListeners as part of invalidating a Session.
      Throws:
      IllegalStateException - if no session manager can be find

    • isNew

      public boolean isNew() throws IllegalStateException
      Specified by:
      isNew in interface javax.servlet.http.HttpSession
      Throws:
      IllegalStateException

    • setIdChanged

      public void setIdChanged(boolean changed)

    • isIdChanged

      public boolean isIdChanged()

    • getSession

      public Session getSession()
      Specified by:
      getSession in interface SessionHandler.SessionIf

    • getSessionData

      protected SessionData getSessionData()

    • setResident

      public void setResident(boolean resident)

    • isResident

      public boolean isResident()

    • toString

      public String toString()
      Overrides:
      toString in class Object