Package org.eclipse.jetty.server.session
Class Session
java.lang.Object
org.eclipse.jetty.server.session.Session
- All Implemented Interfaces:
javax.servlet.http.HttpSession,SessionHandler.SessionIf
Session
A heavy-weight Session object representing an HttpSession. Session objects
relating to a context are kept in a
SessionCache. The purpose of the
SessionCache is to keep the working set of Session objects in memory so that
they may be accessed quickly, and facilitate the sharing of a Session object
amongst multiple simultaneous requests referring to the same session id.
The SessionHandler coordinates the lifecycle of Session objects with
the help of the SessionCache.- See Also:
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionstatic enumclassSessionInactivityTimer Each Session has a timer associated with it that fires whenever it has been idle (ie not accessed by a request) for a configurable amount of time, or the Session expires.static enumState Validity states of a session -
Field Summary
FieldsModifier and TypeFieldDescriptionprotected Stringprotected final SessionHandlerprotected booleanprotected AutoLockprotected booleanprotected longprotected booleanprotected final SessionDataprotected final Session.SessionInactivityTimerprotected Session.Stateprotected Conditionstatic final String -
Constructor Summary
ConstructorsConstructorDescriptionSession(SessionHandler handler, javax.servlet.http.HttpServletRequest request, SessionData data) Create a new sessionSession(SessionHandler handler, SessionData data) Re-inflate an existing session from some eg persistent store. -
Method Summary
Modifier and TypeMethodDescriptionprotected booleanaccess(long time) protected booleanvoidBind value if value implementsHttpSessionBindingListener(callsHttpSessionBindingListener.valueBound(HttpSessionBindingEvent))longcalculateInactivityTimeout(long now) Calculate what the session timer setting should be based on: the time remaining before the session expires and any idle eviction time configured.protected voidcallSessionAttributeListeners(String name, Object newValue, Object oldValue) Call binding and attribute listeners based on the new and old values of the attribute.protected voidChech that the session data can be read.protected voidCheck that the session can be modified.protected voidcomplete()protected voidvoidCall the activation listeners.protected voidCall HttpSessionAttributeListeners as part of invalidating a Session.getAttribute(String name) intlonglonggetId()longintgetNames()longReturns the current number of requests that are active in the Session.javax.servlet.ServletContextjavax.servlet.http.HttpSessionContextDeprecated.protected SessionDataDeprecated.String[]Deprecated.getVHost()voidCalled by users to invalidate a session, or called by the access method as a request enters the session if the session has expired, or called by manager as a result of scavenger expiring sessionprotected booleanisExpiredAt(long time) Check to see if session has expired as at the time given.booleanprotected booleanisIdleLongerThan(int sec) Check if the Session has been idle longer than a number of seconds.booleanbooleanisNew()booleanbooleanisValid()lock()Grab the lock on the sessionvoidDeprecated.voidremoveAttribute(String name) voidremoveValue(String name) Deprecated.voidrenewId(javax.servlet.http.HttpServletRequest request) Force a change to the id of a session.voidsetAttribute(String name, Object value) voidsetExtendedId(String extendedId) voidsetIdChanged(boolean changed) voidsetMaxInactiveInterval(int secs) voidsetResident(boolean resident) toString()voidunbindValue(String name, Object value) Unbind value if value implementsHttpSessionBindingListener(callsHttpSessionBindingListener.valueUnbound(HttpSessionBindingEvent))protected voiduse()voidCall the passivation listeners.
-
Field Details
-
SESSION_CREATED_SECURE
- See Also:
-
_sessionData
-
_handler
-
_extendedId
-
_requests
protected long _requests -
_idChanged
protected boolean _idChanged -
_newSession
protected boolean _newSession -
_state
-
_lock
-
_stateChangeCompleted
-
_resident
protected boolean _resident -
_sessionInactivityTimer
-
-
Constructor Details
-
Session
public Session(SessionHandler handler, javax.servlet.http.HttpServletRequest request, SessionData data) Create a new session- Parameters:
handler- the SessionHandler that manages this sessionrequest- the request the session should be based ondata- the session data
-
Session
Re-inflate an existing session from some eg persistent store.- Parameters:
handler- the SessionHandler managing the sessiondata- the session data
-
-
Method Details
-
getRequests
public long getRequests()Returns the current number of requests that are active in the Session.- Returns:
- the number of active requests for this session
-
setExtendedId
-
cookieSet
protected void cookieSet() -
use
protected void use() -
access
protected boolean access(long time) -
complete
protected void complete() -
isExpiredAt
protected boolean isExpiredAt(long time) Check to see if session has expired as at the time given.- Parameters:
time- the time since the epoch in ms- Returns:
- true if expired
-
isIdleLongerThan
protected boolean isIdleLongerThan(int sec) Check if the Session has been idle longer than a number of seconds.- Parameters:
sec- the number of seconds- Returns:
- true if the session has been idle longer than the interval
-
callSessionAttributeListeners
Call binding and attribute listeners based on the new and old values of the attribute.- Parameters:
name- name of the attributenewValue- new value of the attributeoldValue- previous value of the attribute- Throws:
IllegalStateException- if no session manager can be find
-
unbindValue
-
bindValue
-
didActivate
public void didActivate()Call the activation listeners. This must be called holding the lock. -
willPassivate
public void willPassivate()Call the passivation listeners. This must be called holding the lock -
isValid
public boolean isValid() -
isInvalid
public boolean isInvalid() -
getCookieSetTime
public long getCookieSetTime() -
getCreationTime
- Specified by:
getCreationTimein interfacejavax.servlet.http.HttpSession- Throws:
IllegalStateException
-
getId
- Specified by:
getIdin interfacejavax.servlet.http.HttpSession
-
getExtendedId
-
getContextPath
-
getVHost
-
getLastAccessedTime
public long getLastAccessedTime()- Specified by:
getLastAccessedTimein interfacejavax.servlet.http.HttpSession
-
getServletContext
public javax.servlet.ServletContext getServletContext()- Specified by:
getServletContextin interfacejavax.servlet.http.HttpSession
-
setMaxInactiveInterval
public void setMaxInactiveInterval(int secs) - Specified by:
setMaxInactiveIntervalin interfacejavax.servlet.http.HttpSession
-
calculateInactivityTimeout
public long calculateInactivityTimeout(long now) Calculate what the session timer setting should be based on: the time remaining before the session expires and any idle eviction time configured. The timer value will be the lesser of the above.- Parameters:
now- the time at which to calculate remaining expiry- Returns:
- the time remaining before expiry or inactivity timeout
-
getMaxInactiveInterval
public int getMaxInactiveInterval()- Specified by:
getMaxInactiveIntervalin interfacejavax.servlet.http.HttpSession
-
getSessionContext
@Deprecated(since="Servlet API 2.1") public javax.servlet.http.HttpSessionContext getSessionContext()Deprecated.- Specified by:
getSessionContextin interfacejavax.servlet.http.HttpSession
-
getSessionHandler
-
checkValidForWrite
Check that the session can be modified.- Throws:
IllegalStateException- if the session is invalid
-
checkValidForRead
Chech that the session data can be read.- Throws:
IllegalStateException- if the session is invalid
-
getAttribute
-
getValue
Deprecated.- Specified by:
getValuein interfacejavax.servlet.http.HttpSession
-
getAttributeNames
- Specified by:
getAttributeNamesin interfacejavax.servlet.http.HttpSession
-
getAttributes
public int getAttributes() -
getNames
-
getValueNames
Deprecated.As of Servlet 2.2, this method is replaced bygetAttributeNames()- Specified by:
getValueNamesin interfacejavax.servlet.http.HttpSession- Throws:
IllegalStateException
-
setAttribute
-
putValue
Deprecated.- Specified by:
putValuein interfacejavax.servlet.http.HttpSession
-
removeAttribute
- Specified by:
removeAttributein interfacejavax.servlet.http.HttpSession
-
removeValue
Deprecated.- Specified by:
removeValuein interfacejavax.servlet.http.HttpSession
-
renewId
public void renewId(javax.servlet.http.HttpServletRequest request) Force a change to the id of a session.- Parameters:
request- the Request associated with the call to change id.
-
invalidate
public void invalidate()Called by users to invalidate a session, or called by the access method as a request enters the session if the session has expired, or called by manager as a result of scavenger expiring session- Specified by:
invalidatein interfacejavax.servlet.http.HttpSession- See Also:
-
lock
-
beginInvalidate
protected boolean beginInvalidate()- Returns:
- true if the session is not already invalid or being invalidated.
-
finishInvalidate
Call HttpSessionAttributeListeners as part of invalidating a Session.- Throws:
IllegalStateException- if no session manager can be find
-
isNew
- Specified by:
isNewin interfacejavax.servlet.http.HttpSession- Throws:
IllegalStateException
-
setIdChanged
public void setIdChanged(boolean changed) -
isIdChanged
public boolean isIdChanged() -
getSession
- Specified by:
getSessionin interfaceSessionHandler.SessionIf
-
getSessionData
-
setResident
public void setResident(boolean resident) -
isResident
public boolean isResident() -
toString
-
getAttributeNames()