Package org.eclipse.jetty.session

Class ManagedSession

java.lang.Object
org.eclipse.jetty.session.ManagedSession
All Implemented Interfaces:
Session, Attributes
public class ManagedSession extends Object implements Session
Session A heavy-weight Session object representing an HttpSession. Session objects relating to a context are kept in a SessionCache. The purpose of the SessionCache is to keep the working set of Session objects in memory so that they may be accessed quickly, and facilitate the sharing of a Session object amongst multiple simultaneous requests referring to the same session id. The SessionManager coordinates the lifecycle of Session objects with the help of the SessionCache/SessionDataStore.
See Also:

  • Field Details

    • SESSION_CREATED_SECURE

      @Deprecated public static final String SESSION_CREATED_SECURE
      Deprecated.
      Attribute set if the session is secure
      See Also:

    • _sessionData

      protected final SessionData _sessionData

    • _manager

      protected final SessionManager _manager

    • _extendedId

      protected String _extendedId

    • _requests

      protected long _requests

    • _needSetCookie

      protected boolean _needSetCookie

    • _newSession

      protected boolean _newSession

    • _state

      protected ManagedSession.State _state

    • _lock

      protected AutoLock _lock

    • _stateChangeCompleted

      protected Condition _stateChangeCompleted

    • _resident

      protected boolean _resident

    • _sessionInactivityTimer

      protected final SessionInactivityTimer _sessionInactivityTimer

  • Constructor Details

    • ManagedSession

      public ManagedSession(SessionManager manager, SessionData data)
      Create a new session object. The session could be an entirely new session, or could be being re-inflated from persistent store.
      Parameters:
      manager - the SessionHandler that manages this session
      data - the session data

  • Method Details

    • getApi

      public <T extends Session.API> T getApi()

      A ManagedSession may have an API wrapper (e.g. Servlet API), that is created by the SessionManager.newSessionAPIWrapper(ManagedSession) method during construction of a ManagedSession instance.

      Specified by:
      getApi in interface Session
      Type Parameters:
      T - The type of the Session.API
      Returns:
      The Session.API wrapper of this core ManagedSession.

    • getRequests

      public long getRequests()
      Returns the current number of requests that are active in the Session.
      Returns:
      the number of active requests for this session

    • setExtendedId

      public void setExtendedId(String extendedId)

    • generateSetCookie

      public HttpCookie generateSetCookie(String name, Map<String,String> attributes)

    • use

      protected void use()

    • access

      public boolean access(long time)

    • isExpiredAt

      public boolean isExpiredAt(long time)
      Check to see if session has expired as at the time given.
      Parameters:
      time - the time since the epoch in ms
      Returns:
      true if expired

    • isIdleLongerThan

      protected boolean isIdleLongerThan(int sec)
      Check if the Session has been idle longer than a number of seconds.
      Parameters:
      sec - the number of seconds
      Returns:
      true if the session has been idle longer than the interval

    • onSessionAttributeUpdate

      protected void onSessionAttributeUpdate(String name, Object newValue, Object oldValue)
      Call binding and attribute listeners based on the new and old values of the attribute.
      Parameters:
      name - name of the attribute
      newValue - new value of the attribute
      oldValue - previous value of the attribute
      Throws:
      IllegalStateException - if no session manager can be find

    • onSessionActivation

      public void onSessionActivation()
      Call the activation listeners. This must be called holding the lock.

    • onSessionPassivation

      public void onSessionPassivation()
      Call the passivation listeners. This must be called holding the lock

    • isValid

      public boolean isValid()
      Specified by:
      isValid in interface Session
      Returns:
      true if the session is has not been invalidated nor expired due to inactivity.

    • isInvalidOrInvalidating

      public boolean isInvalidOrInvalidating()

    • getCookieSetTime

      public long getCookieSetTime()

    • getCreationTime

      public long getCreationTime() throws IllegalStateException
      Throws:
      IllegalStateException

    • getId

      public String getId()
      Specified by:
      getId in interface Session
      Returns:
      A identifier for the session. Depending on the implementation may be unique within the context, the server, the JVM or a cluster.
      See Also:

    • encodeURI

      public String encodeURI(Request request, String uri, boolean cookiesInUse)
      Specified by:
      encodeURI in interface Session

    • getExtendedId

      public String getExtendedId()
      Specified by:
      getExtendedId in interface Session
      Returns:
      The session identifier as returned by Session.getId() extended with additional routing information. The additional information does not form part of the identity, but may be used by implementations and associated infrastructure to help route request for the same session to the same server.

    • getVHost

      public String getVHost()

    • getLastAccessedTime

      public long getLastAccessedTime()
      Specified by:
      getLastAccessedTime in interface Session
      Returns:
      the time, as represented by System.currentTimeMillis(), that the session was last accessed by a request.

    • setMaxInactiveInterval

      public void setMaxInactiveInterval(int secs)
      Specified by:
      setMaxInactiveInterval in interface Session
      Parameters:
      secs - The period in secs in which the session will remain valid (unless explicitly invalidated) when not accessed by any requests.

    • calculateInactivityTimeout

      public long calculateInactivityTimeout(long now)
      Calculate what the session timer setting should be based on: the time remaining before the session expires and any idle eviction time configured. The timer value will be the lesser of the above.
      Parameters:
      now - the time at which to calculate remaining expiry
      Returns:
      the time remaining before expiry or inactivity timeout

    • getMaxInactiveInterval

      public int getMaxInactiveInterval()
      Specified by:
      getMaxInactiveInterval in interface Session
      Returns:
      The period in secs in which the session will remain valid (unless explicitly invalidated) when not accessed by any requests.

    • getSessionManager

      public SessionManager getSessionManager()

    • checkValidForWrite

      protected void checkValidForWrite() throws IllegalStateException
      Check that the session can be modified.
      Throws:
      IllegalStateException - if the session is invalid

    • checkValidForRead

      protected void checkValidForRead() throws IllegalStateException
      Chech that the session data can be read.
      Throws:
      IllegalStateException - if the session is invalid

    • getAttribute

      public Object getAttribute(String name)
      Description copied from interface: Attributes
      Get an attribute
      Specified by:
      getAttribute in interface Attributes
      Parameters:
      name - the attribute to get
      Returns:
      the value of the attribute, or null if no such attribute exists

    • getAttributeNameSet

      public Set<String> getAttributeNameSet()
      Description copied from interface: Attributes
      Get the immutable set of attribute names.
      Specified by:
      getAttributeNameSet in interface Attributes
      Returns:
      Set of attribute names, or an empty set if there are no attributes.

    • setAttribute

      public Object setAttribute(String name, Object value)
      Description copied from interface: Attributes
      Set an attribute
      Specified by:
      setAttribute in interface Attributes
      Parameters:
      name - the attribute to set
      value - the value to set. A null value is equivalent to removing the attribute.
      Returns:
      the previous value of the attribute if set, else null

    • removeAttribute

      public Object removeAttribute(String name)
      Description copied from interface: Attributes
      Remove an attribute
      Specified by:
      removeAttribute in interface Attributes
      Parameters:
      name - the attribute to remove
      Returns:
      the value of the attribute if removed, else null

    • renewId

      public void renewId(Request request, Response response)
      Force a change to the id of a session.
      Specified by:
      renewId in interface Session
      Parameters:
      request - the Request associated with the call to change id.
      response - The response which may be updated with the new session identity.

    • invalidate

      public void invalidate()
      Called by users to invalidate a session, or called by the access method as a request enters the session if the session has expired, or called by manager as a result of scavenger expiring session
      Specified by:
      invalidate in interface Session

    • lock

      public AutoLock lock()
      Grab the lock on the session
      Returns:
      the lock

    • beginInvalidate

      public boolean beginInvalidate()
      Returns:
      true if the session is not already invalid or being invalidated.

    • finishInvalidate

      public void finishInvalidate() throws IllegalStateException
      Call HttpSessionAttributeListeners as part of invalidating a Session.
      Throws:
      IllegalStateException - if no session manager can be find

    • isNew

      public boolean isNew() throws IllegalStateException
      Specified by:
      isNew in interface Session
      Returns:
      true if the session has been newly created within the scope of the current request.
      Throws:
      IllegalStateException

    • onIdChanged

      public void onIdChanged()

    • isSetCookieNeeded

      public boolean isSetCookieNeeded()

    • getSessionData

      public SessionData getSessionData()

    • setResident

      public void setResident(boolean resident)

    • isResident

      public boolean isResident()

    • toString

      public String toString()
      Overrides:
      toString in class Object