Package org.eclipse.jetty.server.session
Class SessionHandler
java.lang.Object
org.eclipse.jetty.util.component.AbstractLifeCycle
org.eclipse.jetty.util.component.ContainerLifeCycle
org.eclipse.jetty.server.handler.AbstractHandler
org.eclipse.jetty.server.handler.AbstractHandlerContainer
org.eclipse.jetty.server.handler.HandlerWrapper
org.eclipse.jetty.server.handler.ScopedHandler
org.eclipse.jetty.server.session.SessionHandler
- All Implemented Interfaces:
Handler
,HandlerContainer
,Container
,Destroyable
,Dumpable
,Dumpable.DumpableContainer
,LifeCycle
SessionHandler.
-
Nested Class Summary
Modifier and TypeClassDescriptionfinal class
CookieConfig Implementation of the jakarta.servlet.SessionCookieConfig.static interface
SessionIf Interface that any session wrapper should implement so that SessionManager may access the Jetty session implementation.Nested classes/interfaces inherited from class org.eclipse.jetty.server.handler.AbstractHandler
AbstractHandler.ErrorDispatchHandler
Nested classes/interfaces inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle
AbstractLifeCycle.AbstractLifeCycleListener, AbstractLifeCycle.StopException
Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.Container
Container.InheritedListener, Container.Listener
Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.Dumpable
Dumpable.DumpableContainer
Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.LifeCycle
LifeCycle.Listener
-
Field Summary
Modifier and TypeFieldDescriptionstatic final String
static final String
static final String
static final String
static final String
Session Max Age.static final String
Session cookie name.static final String
Session Domain.static final String
Session id path parameter name.static final String
Session Path.protected boolean
protected ContextHandler.Context
protected int
Setting of max inactive interval for new sessions -1 means no timeoutprotected boolean
protected ClassLoader
protected int
protected boolean
protected int
protected Scheduler
protected boolean
protected boolean
protected final List<jakarta.servlet.http.HttpSessionAttributeListener>
protected SessionCache
protected String
protected SessionContext
protected String
protected String
protected final List<jakarta.servlet.http.HttpSessionIdListener>
protected SessionIdManager
protected String
protected String
protected final List<jakarta.servlet.http.HttpSessionListener>
protected String
protected final CounterStatistic
protected final SampleStatistic
Set<jakarta.servlet.SessionTrackingMode>
protected boolean
protected boolean
static final Set<jakarta.servlet.SessionTrackingMode>
static final EnumSet<jakarta.servlet.SessionTrackingMode>
static final Class<? extends EventListener>[]
Fields inherited from class org.eclipse.jetty.server.handler.ScopedHandler
_nextScope, _outerScope
Fields inherited from class org.eclipse.jetty.server.handler.HandlerWrapper
_handler
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionaccess
(jakarta.servlet.http.HttpSession session, boolean secure) Called by theSessionHandler
when a session is first accessed by a request.boolean
addEventListener
(EventListener listener) Adds an event listener for session-related events.protected void
callSessionCreatedListeners
(Session session) Call the session lifecycle listeners in the order they were added.protected void
callSessionDestroyedListeners
(Session session) Call the session lifecycle listeners in the reverse order they were added.protected void
callSessionIdListeners
(Session session, String oldId) protected void
checkRequestedSessionId
(Request baseRequest, jakarta.servlet.http.HttpServletRequest request) Look for a requested session ID in cookies and URI parametersvoid
commit
(jakarta.servlet.http.HttpSession session) Called when a response is about to be committed.void
complete
(jakarta.servlet.http.HttpSession session) Called when a request is finally leaving a session.void
doHandle
(String target, Request baseRequest, jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) Do the handler work within the scope.void
doScope
(String target, Request baseRequest, jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) Scope the handlervoid
doSessionAttributeListeners
(Session session, String name, Object old, Object value) protected void
doStart()
Starts the managed lifecycle beans in the order they were added.protected void
doStop()
Stops the managed lifecycle beans in the reverse order they were added.Set<jakarta.servlet.SessionTrackingMode>
Set<jakarta.servlet.SessionTrackingMode>
getExtendedId
(jakarta.servlet.http.HttpSession session) boolean
protected jakarta.servlet.http.HttpSession
getHttpSession
(String extendedId) Returns theHttpSession
with the given session idgetId
(jakarta.servlet.http.HttpSession session) int
int
int
boolean
getSession
(String id) Get a known existing sessiongetSessionCookie
(jakarta.servlet.http.HttpSession session, String contextPath, boolean requestIsSecure) A session cookie is marked as secure IFF any of the following conditions are true: SessionCookieConfig.setSecure == true SessionCookieConfig.setSecure == false && _secureRequestOnly==true && request is HTTPS According to SessionCookieConfig javadoc, case 1 can be used when: "...jakarta.servlet.SessionCookieConfig
static String
getSessionCookieName
(jakarta.servlet.SessionCookieConfig config) Gets the cross context session id managerint
long
double
double
long
void
invalidate
(String id) Called by SessionIdManager to remove a session that has been invalidated, either by this context or another context.boolean
boolean
Check if id is in use by this contextboolean
boolean
boolean
boolean
isValid
(jakarta.servlet.http.HttpSession session) jakarta.servlet.http.HttpSession
newHttpSession
(jakarta.servlet.http.HttpServletRequest request) Creates a newHttpSession
.protected void
recordSessionTime
(Session session) Record length of time session has been active.boolean
removeEventListener
(EventListener listener) Remove an event listener.removeSession
(String id, boolean invalidate) Remove session from managervoid
renewSessionId
(String oldId, String oldExtendedId, String newId, String newExtendedId) Change the existing session id.void
scavenge()
Called periodically by the HouseKeeper to handle the list of sessions that have expired since the last call to scavenge.void
sessionInactivityTimerExpired
(Session session, long now) Each session has a timer that is configured to go off when either the session has not been accessed for a configurable amount of time, or the session itself has passed its expiry.void
setCheckingRemoteSessionIdEncoding
(boolean remote) void
setHttpOnly
(boolean httpOnly) Set if Session cookies should use HTTP Onlyvoid
setMaxInactiveInterval
(int seconds) Sets the max period of inactivity, after which the session is invalidated, in seconds.void
setPartitioned
(boolean partitioned) Sets whether session cookies should have thePartitioned
attribute.void
setRefreshCookieAge
(int ageInSeconds) void
setSameSite
(HttpCookie.SameSite sameSite) Set Session cookie sameSite mode.void
setSecureRequestOnly
(boolean secureRequestOnly) HTTPS request.void
setSessionCache
(SessionCache cache) void
setSessionCookie
(String cookieName) void
setSessionIdManager
(SessionIdManager metaManager) void
Sets the session id URL path parameter name.void
setSessionTrackingModes
(Set<jakarta.servlet.SessionTrackingMode> sessionTrackingModes) void
setUsingCookies
(boolean usingCookies) protected void
Prepare sessions for session manager shutdownvoid
Reset statistics valuestoString()
Methods inherited from class org.eclipse.jetty.server.handler.ScopedHandler
handle, nextHandle, nextScope
Methods inherited from class org.eclipse.jetty.server.handler.HandlerWrapper
destroy, expandChildren, getHandler, getHandlers, insertHandler, setHandler
Methods inherited from class org.eclipse.jetty.server.handler.AbstractHandlerContainer
expandHandler, findContainerOf, getChildHandlerByClass, getChildHandlers, getChildHandlersByClass, setServer
Methods inherited from class org.eclipse.jetty.server.handler.AbstractHandler
doError, getServer
Methods inherited from class org.eclipse.jetty.util.component.ContainerLifeCycle
addBean, addBean, addManaged, contains, dump, dump, dump, dumpObjects, dumpStdErr, getBean, getBeans, getBeans, getContainedBeans, getContainedBeans, isAuto, isManaged, isUnmanaged, manage, removeBean, removeBeans, setBeans, start, stop, unmanage, updateBean, updateBean, updateBeans, updateBeans
Methods inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle
getEventListeners, getState, getState, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, setEventListeners, start, stop
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
Methods inherited from interface org.eclipse.jetty.util.component.Container
getCachedBeans, getEventListeners
Methods inherited from interface org.eclipse.jetty.util.component.Dumpable.DumpableContainer
isDumpable
Methods inherited from interface org.eclipse.jetty.util.component.LifeCycle
isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, start, stop
-
Field Details
-
DEFAULT_TRACKING
-
__SessionCookieProperty
Session cookie name. Defaults toJSESSIONID
, but can be set with theorg.eclipse.jetty.servlet.SessionCookie
context init parameter.- See Also:
-
__DefaultSessionCookie
- See Also:
-
__SessionIdPathParameterNameProperty
Session id path parameter name. Defaults tojsessionid
, but can be set with theorg.eclipse.jetty.servlet.SessionIdPathParameterName
context init parameter. If context init param is "none", or setSessionIdPathParameterName is called with null or "none", no URL rewriting will be done.- See Also:
-
__DefaultSessionIdPathParameterName
- See Also:
-
__CheckRemoteSessionEncoding
- See Also:
-
__SessionDomainProperty
Session Domain. If this property is set as a ServletContext InitParam, then it is used as the domain for session cookies. If it is not set, then no domain is specified for the session cookie.- See Also:
-
__DefaultSessionDomain
-
__SessionPathProperty
Session Path. If this property is set as a ServletContext InitParam, then it is used as the path for the session cookie. If it is not set, then the context path is used as the path for the cookie.- See Also:
-
__MaxAgeProperty
Session Max Age. If this property is set as a ServletContext InitParam, then it is used as the max age for the session cookie. If it is not set, then a max age of -1 is used.- See Also:
-
DEFAULT_SESSION_TRACKING_MODES
-
SESSION_LISTENER_TYPES
-
_dftMaxIdleSecs
protected int _dftMaxIdleSecsSetting of max inactive interval for new sessions -1 means no timeout -
_httpOnly
protected boolean _httpOnly -
_sessionIdManager
-
_secureCookies
protected boolean _secureCookies -
_secureRequestOnly
protected boolean _secureRequestOnly -
_sessionAttributeListeners
-
_sessionListeners
-
_sessionIdListeners
-
_loader
-
_context
-
_sessionContext
-
_sessionCookie
-
_sessionIdPathParameterName
-
_sessionIdPathParameterNamePrefix
-
_sessionDomain
-
_sessionPath
-
_maxCookieAge
protected int _maxCookieAge -
_refreshCookieAge
protected int _refreshCookieAge -
_checkingRemoteSessionIdEncoding
protected boolean _checkingRemoteSessionIdEncoding -
_sessionComment
-
_sessionCache
-
_sessionTimeStats
-
_sessionsCreatedStats
-
_sessionTrackingModes
-
_usingURLs
protected boolean _usingURLs -
_usingCookies
protected boolean _usingCookies -
_candidateSessionIdsForExpiry
-
_scheduler
-
_ownScheduler
protected boolean _ownScheduler
-
-
Constructor Details
-
SessionHandler
public SessionHandler()Constructor.
-
-
Method Details
-
getSessionPath
-
getMaxCookieAge
@ManagedAttribute("if greater the zero, the time in seconds a session cookie will last for") public int getMaxCookieAge() -
access
Called by theSessionHandler
when a session is first accessed by a request. Updates the last access time for the session and generates a fresh cookie if necessary.- Parameters:
session
- the session objectsecure
- whether the request is secure or not- Returns:
- the session cookie. If not null, this cookie should be set on the response to either migrate the session or to refresh a session cookie that may expire.
- See Also:
-
addEventListener
Adds an event listener for session-related events.- Specified by:
addEventListener
in interfaceContainer
- Specified by:
addEventListener
in interfaceLifeCycle
- Overrides:
addEventListener
in classContainerLifeCycle
- Parameters:
listener
- the session event listener to add Individual SessionManagers implementations may accept arbitrary listener types, but they are expected to at least handle HttpSessionActivationListener, HttpSessionAttributeListener, HttpSessionBindingListener and HttpSessionListener.- Returns:
- true if the listener was added
- See Also:
-
removeEventListener(EventListener)
HttpSessionAttributeListener
HttpSessionListener
HttpSessionIdListener
-
callSessionDestroyedListeners
Call the session lifecycle listeners in the reverse order they were added.- Parameters:
session
- the session on which to call the lifecycle listeners
-
callSessionCreatedListeners
Call the session lifecycle listeners in the order they were added.- Parameters:
session
- the session on which to call the lifecycle listeners
-
callSessionIdListeners
-
complete
public void complete(jakarta.servlet.http.HttpSession session) Called when a request is finally leaving a session.- Parameters:
session
- the session object
-
commit
public void commit(jakarta.servlet.http.HttpSession session) Called when a response is about to be committed. We might take this opportunity to persist the session so that any subsequent requests to other servers will see the modifications. -
doStart
Description copied from class:ContainerLifeCycle
Starts the managed lifecycle beans in the order they were added.- Overrides:
doStart
in classScopedHandler
- Throws:
AbstractLifeCycle.StopException
- If thrown, the lifecycle will immediately be stopped.Exception
- If there was a problem starting. Will cause a transition to FAILED state
-
doStop
Description copied from class:ContainerLifeCycle
Stops the managed lifecycle beans in the reverse order they were added.- Overrides:
doStop
in classAbstractHandler
- Throws:
Exception
- If there was a problem stopping. Will cause a transition to FAILED state
-
getHttpOnly
- Returns:
- true if session cookies should be HTTP-only (Microsoft extension)
- See Also:
-
getSameSite
- Returns:
- The sameSite setting for session cookies or null for no setting
- See Also:
-
getHttpSession
Returns theHttpSession
with the given session id- Parameters:
extendedId
- the session id- Returns:
- the
HttpSession
with the corresponding id or null if no session with the given id exists
-
getSessionIdManager
Gets the cross context session id manager- Returns:
- the session id manager
-
getMaxInactiveInterval
@ManagedAttribute("default maximum time a session may be idle for (in s)") public int getMaxInactiveInterval()- Returns:
- the max period of inactivity, after which the session is invalidated, in seconds.
- See Also:
-
getRefreshCookieAge
-
getSecureCookies
@ManagedAttribute("if true, secure cookie flag is set on session cookies") public boolean getSecureCookies()- Returns:
- same as SessionCookieConfig.getSecure(). If true, session cookies are ALWAYS marked as secure. If false, a session cookie is ONLY marked as secure if _secureRequestOnly == true and it is an HTTPS request.
-
isSecureRequestOnly
public boolean isSecureRequestOnly()- Returns:
- true if session cookie is to be marked as secure only on HTTPS requests
-
setSecureRequestOnly
public void setSecureRequestOnly(boolean secureRequestOnly) HTTPS request. Can be overridden by setting SessionCookieConfig.setSecure(true), in which case the session cookie will be marked as secure on both HTTPS and HTTP.- Parameters:
secureRequestOnly
- true to set Session Cookie Config as secure
-
getSessionCookie
-
getSessionCookie
public HttpCookie getSessionCookie(jakarta.servlet.http.HttpSession session, String contextPath, boolean requestIsSecure) A session cookie is marked as secure IFF any of the following conditions are true:- SessionCookieConfig.setSecure == true
- SessionCookieConfig.setSecure == false && _secureRequestOnly==true && request is HTTPS
For case 2, you can use _secureRequestOnly to determine if you want the Servlet Spec 3.0 default behavior when SessionCookieConfig.setSecure==false, which is: "they shall be marked as secure only if the request that initiated the corresponding session was also secure"
The default for _secureRequestOnly is true, which gives the above behavior. If you set it to false, then a session cookie is NEVER marked as secure, even if the initiating request was secure.
- Parameters:
session
- the session to which the cookie should refer.contextPath
- the context to which the cookie should be linked. The client will only send the cookie value when requesting resources under this path.requestIsSecure
- whether the client is accessing the server over a secure protocol (i.e. HTTPS).- Returns:
- if this
SessionManager
uses cookies, then this method will return a newcookie object
that should be set on the client in order to link future HTTP requests with thesession
. If cookies are not in use, this method returnsnull
.
-
getSessionDomain
@ManagedAttribute("domain of the session cookie, or null for the default") public String getSessionDomain() -
getSessionsCreated
-
getSessionIdPathParameterName
@ManagedAttribute("name of use for URL session tracking") public String getSessionIdPathParameterName()- Returns:
- the URL path parameter name for session id URL rewriting, by default "jsessionid".
- See Also:
-
getSessionIdPathParameterNamePrefix
- Returns:
- a formatted version of
getSessionIdPathParameterName()
, by default ";" + sessionIdParameterName + "=", for easier lookup in URL strings. - See Also:
-
isUsingCookies
public boolean isUsingCookies()- Returns:
- whether the session management is handled via cookies.
-
isValid
public boolean isValid(jakarta.servlet.http.HttpSession session) - Parameters:
session
- the session to test for validity- Returns:
- whether the given session is valid, that is, it has not been invalidated.
-
getId
- Parameters:
session
- the session object- Returns:
- the unique id of the session within the cluster (without a node id extension)
- See Also:
-
getExtendedId
- Parameters:
session
- the session object- Returns:
- the unique id of the session within the cluster, extended with an optional node id.
- See Also:
-
newHttpSession
public jakarta.servlet.http.HttpSession newHttpSession(jakarta.servlet.http.HttpServletRequest request) Creates a newHttpSession
.- Parameters:
request
- the HttpServletRequest containing the requested session id- Returns:
- the new
HttpSession
-
removeEventListener
Description copied from interface:Container
Remove an event listener.- Specified by:
removeEventListener
in interfaceContainer
- Specified by:
removeEventListener
in interfaceLifeCycle
- Overrides:
removeEventListener
in classContainerLifeCycle
- Parameters:
listener
- the listener to remove- Returns:
- true if the listener was removed
- See Also:
-
statsReset
Reset statistics values -
setHttpOnly
public void setHttpOnly(boolean httpOnly) Set if Session cookies should use HTTP Only- Parameters:
httpOnly
- True if cookies should be HttpOnly.- See Also:
-
setPartitioned
public void setPartitioned(boolean partitioned) Sets whether session cookies should have thePartitioned
attribute.- Parameters:
partitioned
- whether session cookies should have thePartitioned
attribute- See Also:
-
setSameSite
Set Session cookie sameSite mode. Currently this is encoded in the session comment until sameSite is supported bySessionCookieConfig
- Parameters:
sameSite
- The sameSite setting for Session cookies (or null for no sameSite setting)
-
setSessionIdManager
- Parameters:
metaManager
- The metaManager used for cross context session management.
-
setMaxInactiveInterval
public void setMaxInactiveInterval(int seconds) Sets the max period of inactivity, after which the session is invalidated, in seconds.- Parameters:
seconds
- the max inactivity period, in seconds. If less than or equal to zero, then the session is immortal- See Also:
-
setRefreshCookieAge
public void setRefreshCookieAge(int ageInSeconds) -
setSessionCookie
-
setSessionIdPathParameterName
Sets the session id URL path parameter name.- Parameters:
param
- the URL path parameter name for session id URL rewriting (null or "none" for no rewriting).- See Also:
-
setUsingCookies
public void setUsingCookies(boolean usingCookies) - Parameters:
usingCookies
- The usingCookies to set.
-
getSession
Get a known existing session- Parameters:
id
- The session ID stripped of any worker name.- Returns:
- A Session or null if none exists.
-
shutdownSessions
Prepare sessions for session manager shutdown- Throws:
Exception
- if unable to shutdown sesssions
-
getSessionCache
- Returns:
- the session store
-
setSessionCache
- Parameters:
cache
- the session store to use
-
removeSession
Remove session from manager- Parameters:
id
- The session to removeinvalidate
- True ifHttpSessionListener.sessionDestroyed(HttpSessionEvent)
andSessionIdManager.expireAll(String)
should be called.- Returns:
- if the session was removed
-
getSessionTimeMax
@ManagedAttribute("maximum amount of time sessions have remained active (in s)") public long getSessionTimeMax()- Returns:
- maximum amount of time session remained valid
-
getDefaultSessionTrackingModes
-
getEffectiveSessionTrackingModes
-
setSessionTrackingModes
-
isUsingURLs
public boolean isUsingURLs()- Returns:
- whether the session management is handled via URLs.
-
getSessionCookieConfig
public jakarta.servlet.SessionCookieConfig getSessionCookieConfig() -
getSessionTimeTotal
- Returns:
- total amount of time all sessions remained valid
-
getSessionTimeMean
- Returns:
- mean amount of time session remained valid
-
getSessionTimeStdDev
@ManagedAttribute("standard deviation a session remained valid (in s)") public double getSessionTimeStdDev()- Returns:
- standard deviation of amount of time session remained valid
-
isCheckingRemoteSessionIdEncoding
@ManagedAttribute("check remote session id encoding") public boolean isCheckingRemoteSessionIdEncoding()- Returns:
- True if absolute URLs are check for remoteness before being session encoded.
-
setCheckingRemoteSessionIdEncoding
public void setCheckingRemoteSessionIdEncoding(boolean remote) - Parameters:
remote
- True if absolute URLs are check for remoteness before being session encoded.
-
renewSessionId
Change the existing session id.- Parameters:
oldId
- the old session idoldExtendedId
- the session id including worker suffixnewId
- the new session idnewExtendedId
- the new session id including worker suffix
-
recordSessionTime
Record length of time session has been active. Called when the session is about to be invalidated.- Parameters:
session
- the session whose time to record
-
invalidate
Called by SessionIdManager to remove a session that has been invalidated, either by this context or another context. Also called by SessionIdManager when a session has expired in either this context or another context.- Parameters:
id
- the session id to invalidate
-
scavenge
public void scavenge()Called periodically by the HouseKeeper to handle the list of sessions that have expired since the last call to scavenge. -
sessionInactivityTimerExpired
Each session has a timer that is configured to go off when either the session has not been accessed for a configurable amount of time, or the session itself has passed its expiry. If it has passed its expiry, then we will mark it for scavenging by next run of the HouseKeeper; if it has been idle longer than the configured eviction period, we evict from the cache. If none of the above are true, then the System timer is inconsistent and the caller of this method will need to reset the timer.- Parameters:
session
- the sessionnow
- the time at which to check for expiry
-
isIdInUse
Check if id is in use by this context- Parameters:
id
- identity of session to check- Returns:
true
if this manager knows about this id- Throws:
Exception
- if any error occurred
-
getScheduler
-
getSessionCookieName
-
doSessionAttributeListeners
-
doScope
public void doScope(String target, Request baseRequest, jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) throws IOException, jakarta.servlet.ServletException Description copied from class:ScopedHandler
Scope the handlerDerived implementations should call
ScopedHandler.nextScope(String, Request, HttpServletRequest, HttpServletResponse)
- Overrides:
doScope
in classScopedHandler
- Parameters:
target
- The target of the request - either a URI or a name.baseRequest
- The original unwrapped request object.request
- The request either as theRequest
object or a wrapper of that request. The
method can be used access the Request object if required.HttpConnection.getCurrentConnection()
.getHttpChannel()
.getRequest()
response
- The response as theResponse
object or a wrapper of that request. The
method can be used access the Response object if required.HttpConnection.getCurrentConnection()
.getHttpChannel()
.getResponse()
- Throws:
IOException
- if unable to handle the request or response processingjakarta.servlet.ServletException
- if unable to handle the request or response due to underlying servlet issue
-
doHandle
public void doHandle(String target, Request baseRequest, jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) throws IOException, jakarta.servlet.ServletException Description copied from class:ScopedHandler
Do the handler work within the scope.Derived implementations should call
ScopedHandler.nextHandle(String, Request, HttpServletRequest, HttpServletResponse)
- Specified by:
doHandle
in classScopedHandler
- Parameters:
target
- The target of the request - either a URI or a name.baseRequest
- The original unwrapped request object.request
- The request either as theRequest
object or a wrapper of that request. The
method can be used access the Request object if required.HttpConnection.getCurrentConnection()
.getHttpChannel()
.getRequest()
response
- The response as theResponse
object or a wrapper of that request. The
method can be used access the Response object if required.HttpConnection.getCurrentConnection()
.getHttpChannel()
.getResponse()
- Throws:
IOException
- if unable to handle the request or response processingjakarta.servlet.ServletException
- if unable to handle the request or response due to underlying servlet issue
-
checkRequestedSessionId
protected void checkRequestedSessionId(Request baseRequest, jakarta.servlet.http.HttpServletRequest request) Look for a requested session ID in cookies and URI parameters- Parameters:
baseRequest
- the request to checkrequest
- the request to check
-
toString
- Overrides:
toString
in classAbstractLifeCycle
-