Package org.eclipse.jetty.server.session

Class Session

  • All Implemented Interfaces:
    javax.servlet.http.HttpSession, SessionHandler.SessionIf
    public class Session
extends java.lang.Object
implements SessionHandler.SessionIf
    Session A heavy-weight Session object representing an HttpSession. Session objects relating to a context are kept in a SessionCache. The purpose of the SessionCache is to keep the working set of Session objects in memory so that they may be accessed quickly, and facilitate the sharing of a Session object amongst multiple simultaneous requests referring to the same session id. The SessionHandler coordinates the lifecycle of Session objects with the help of the SessionCache.
    See Also:
    SessionHandler, SessionIdManager

    • Field Detail

      • SESSION_CREATED_SECURE

        public static final java.lang.String SESSION_CREATED_SECURE
        See Also:
        Constant Field Values

      • _sessionData

        protected final SessionData _sessionData

      • _extendedId

        protected java.lang.String _extendedId

      • _requests

        protected long _requests

      • _idChanged

        protected boolean _idChanged

      • _newSession

        protected boolean _newSession

      • _lock

        protected Locker _lock

      • _stateChangeCompleted

        protected java.util.concurrent.locks.Condition _stateChangeCompleted

      • _resident

        protected boolean _resident

    • Constructor Detail

      • Session

        public Session​(SessionHandler handler,
               javax.servlet.http.HttpServletRequest request,
               SessionData data)
        Create a new session
        Parameters:
        handler - the SessionHandler that manages this session
        request - the request the session should be based on
        data - the session data

      • Session

        public Session​(SessionHandler handler,
               SessionData data)
        Re-inflate an existing session from some eg persistent store.
        Parameters:
        handler - the SessionHandler managing the session
        data - the session data

    • Method Detail

      • getRequests

        public long getRequests()
        Returns the current number of requests that are active in the Session.
        Returns:
        the number of active requests for this session

      • setExtendedId

        public void setExtendedId​(java.lang.String extendedId)

      • cookieSet

        protected void cookieSet()

      • use

        protected void use()

      • access

        protected boolean access​(long time)

      • complete

        protected void complete()

      • isExpiredAt

        protected boolean isExpiredAt​(long time)
        Check to see if session has expired as at the time given.
        Parameters:
        time - the time since the epoch in ms
        Returns:
        true if expired

      • isIdleLongerThan

        protected boolean isIdleLongerThan​(int sec)
        Check if the Session has been idle longer than a number of seconds.
        Parameters:
        sec - the number of seconds
        Returns:
        true if the session has been idle longer than the interval

      • callSessionAttributeListeners

        protected void callSessionAttributeListeners​(java.lang.String name,
                                             java.lang.Object newValue,
                                             java.lang.Object oldValue)
        Call binding and attribute listeners based on the new and old values of the attribute.
        Parameters:
        name - name of the attribute
        newValue - new value of the attribute
        oldValue - previous value of the attribute
        Throws:
        java.lang.IllegalStateException - if no session manager can be find

      • unbindValue

        public void unbindValue​(java.lang.String name,
                        java.lang.Object value)
        Unbind value if value implements HttpSessionBindingListener (calls HttpSessionBindingListener.valueUnbound(HttpSessionBindingEvent))
        Parameters:
        name - the name with which the object is bound or unbound
        value - the bound value

      • bindValue

        public void bindValue​(java.lang.String name,
                      java.lang.Object value)
        Bind value if value implements HttpSessionBindingListener (calls HttpSessionBindingListener.valueBound(HttpSessionBindingEvent))
        Parameters:
        name - the name with which the object is bound or unbound
        value - the bound value

      • didActivate

        public void didActivate()
        Call the activation listeners. This must be called holding the lock.

      • willPassivate

        public void willPassivate()
        Call the passivation listeners. This must be called holding the lock

      • isValid

        public boolean isValid()

      • isInvalid

        public boolean isInvalid()

      • isChanging

        public boolean isChanging()

      • getCookieSetTime

        public long getCookieSetTime()

      • getCreationTime

        public long getCreationTime()
                     throws java.lang.IllegalStateException
        Specified by:
        getCreationTime in interface javax.servlet.http.HttpSession
        Throws:
        java.lang.IllegalStateException

      • getId

        public java.lang.String getId()
        Specified by:
        getId in interface javax.servlet.http.HttpSession
        See Also:
        HttpSession.getId()

      • getExtendedId

        public java.lang.String getExtendedId()

      • getContextPath

        public java.lang.String getContextPath()

      • getVHost

        public java.lang.String getVHost()

      • getLastAccessedTime

        public long getLastAccessedTime()
        Specified by:
        getLastAccessedTime in interface javax.servlet.http.HttpSession
        See Also:
        HttpSession.getLastAccessedTime()

      • getServletContext

        public javax.servlet.ServletContext getServletContext()
        Specified by:
        getServletContext in interface javax.servlet.http.HttpSession
        See Also:
        HttpSession.getServletContext()

      • setMaxInactiveInterval

        public void setMaxInactiveInterval​(int secs)
        Specified by:
        setMaxInactiveInterval in interface javax.servlet.http.HttpSession
        See Also:
        HttpSession.setMaxInactiveInterval(int)

      • updateInactivityTimer

        @Deprecated
public void updateInactivityTimer()
        Deprecated.

      • calculateInactivityTimeout

        public long calculateInactivityTimeout​(long now)
        Calculate what the session timer setting should be based on: the time remaining before the session expires and any idle eviction time configured. The timer value will be the lesser of the above.
        Parameters:
        now - the time at which to calculate remaining expiry
        Returns:
        the time remaining before expiry or inactivity timeout

      • getMaxInactiveInterval

        public int getMaxInactiveInterval()
        Specified by:
        getMaxInactiveInterval in interface javax.servlet.http.HttpSession
        See Also:
        HttpSession.getMaxInactiveInterval()

      • getSessionContext

        @Deprecated
public javax.servlet.http.HttpSessionContext getSessionContext()
        Deprecated.
        Specified by:
        getSessionContext in interface javax.servlet.http.HttpSession
        See Also:
        HttpSession.getSessionContext()

      • checkValidForWrite

        protected void checkValidForWrite()
                           throws java.lang.IllegalStateException
        Check that the session can be modified.
        Throws:
        java.lang.IllegalStateException - if the session is invalid

      • checkValidForRead

        protected void checkValidForRead()
                          throws java.lang.IllegalStateException
        Chech that the session data can be read.
        Throws:
        java.lang.IllegalStateException - if the session is invalid

      • checkLocked

        protected void checkLocked()
                    throws java.lang.IllegalStateException
        Throws:
        java.lang.IllegalStateException

      • getAttribute

        public java.lang.Object getAttribute​(java.lang.String name)
        Specified by:
        getAttribute in interface javax.servlet.http.HttpSession
        See Also:
        HttpSession.getAttribute(java.lang.String)

      • getValue

        @Deprecated
public java.lang.Object getValue​(java.lang.String name)
        Deprecated.
        Specified by:
        getValue in interface javax.servlet.http.HttpSession
        See Also:
        HttpSession.getValue(java.lang.String)

      • getAttributeNames

        public java.util.Enumeration<java.lang.String> getAttributeNames()
        Specified by:
        getAttributeNames in interface javax.servlet.http.HttpSession
        See Also:
        HttpSession.getAttributeNames()

      • getAttributes

        public int getAttributes()

      • getNames

        public java.util.Set<java.lang.String> getNames()

      • getValueNames

        @Deprecated
public java.lang.String[] getValueNames()
                                 throws java.lang.IllegalStateException
        Deprecated.
        As of Version 2.2, this method is replaced by getAttributeNames()
        Specified by:
        getValueNames in interface javax.servlet.http.HttpSession
        Throws:
        java.lang.IllegalStateException

      • setAttribute

        public void setAttribute​(java.lang.String name,
                         java.lang.Object value)
        Specified by:
        setAttribute in interface javax.servlet.http.HttpSession
        See Also:
        HttpSession.setAttribute(java.lang.String, java.lang.Object)

      • putValue

        @Deprecated
public void putValue​(java.lang.String name,
                     java.lang.Object value)
        Deprecated.
        Specified by:
        putValue in interface javax.servlet.http.HttpSession
        See Also:
        HttpSession.putValue(java.lang.String, java.lang.Object)

      • removeAttribute

        public void removeAttribute​(java.lang.String name)
        Specified by:
        removeAttribute in interface javax.servlet.http.HttpSession
        See Also:
        HttpSession.removeAttribute(java.lang.String)

      • removeValue

        @Deprecated
public void removeValue​(java.lang.String name)
        Deprecated.
        Specified by:
        removeValue in interface javax.servlet.http.HttpSession
        See Also:
        HttpSession.removeValue(java.lang.String)

      • renewId

        public void renewId​(javax.servlet.http.HttpServletRequest request)
        Force a change to the id of a session.
        Parameters:
        request - the Request associated with the call to change id.

      • invalidate

        public void invalidate()
        Called by users to invalidate a session, or called by the access method as a request enters the session if the session has expired, or called by manager as a result of scavenger expiring session
        Specified by:
        invalidate in interface javax.servlet.http.HttpSession
        See Also:
        HttpSession.invalidate()

      • lock

        public Locker.Lock lock()
        Grab the lock on the session
        Returns:
        the lock

      • beginInvalidate

        protected boolean beginInvalidate()
        Returns:
        true if the session is not already invalid or being invalidated.

      • doInvalidate

        @Deprecated
protected void doInvalidate()
                     throws java.lang.IllegalStateException
        Deprecated.
        Call HttpSessionAttributeListeners as part of invalidating a Session.
        Throws:
        java.lang.IllegalStateException - if no session manager can be find

      • finishInvalidate

        protected void finishInvalidate()
                         throws java.lang.IllegalStateException
        Call HttpSessionAttributeListeners as part of invalidating a Session.
        Throws:
        java.lang.IllegalStateException - if no session manager can be find

      • isNew

        public boolean isNew()
              throws java.lang.IllegalStateException
        Specified by:
        isNew in interface javax.servlet.http.HttpSession
        Throws:
        java.lang.IllegalStateException

      • setIdChanged

        public void setIdChanged​(boolean changed)

      • isIdChanged

        public boolean isIdChanged()

      • getSessionData

        protected SessionData getSessionData()

      • setResident

        public void setResident​(boolean resident)

      • isResident

        public boolean isResident()

      • toString

        public java.lang.String toString()
        Overrides:
        toString in class java.lang.Object