Class Session

All Implemented Interfaces:
javax.servlet.http.HttpSession, SessionHandler.SessionIf

public class Session extends Object implements SessionHandler.SessionIf
Session A heavy-weight Session object representing an HttpSession. Session objects relating to a context are kept in a SessionCache. The purpose of the SessionCache is to keep the working set of Session objects in memory so that they may be accessed quickly, and facilitate the sharing of a Session object amongst multiple simultaneous requests referring to the same session id. The SessionHandler coordinates the lifecycle of Session objects with the help of the SessionCache.
See Also:
  • Field Details


      public static final String SESSION_CREATED_SECURE
      See Also:
    • _sessionData

      protected final SessionData _sessionData
    • _handler

      protected final SessionHandler _handler
    • _extendedId

      protected String _extendedId
    • _requests

      protected long _requests
    • _idChanged

      protected boolean _idChanged
    • _newSession

      protected boolean _newSession
    • _state

      protected Session.State _state
    • _lock

      protected AutoLock _lock
    • _stateChangeCompleted

      protected Condition _stateChangeCompleted
    • _resident

      protected boolean _resident
    • _sessionInactivityTimer

      protected final Session.SessionInactivityTimer _sessionInactivityTimer
  • Constructor Details

    • Session

      public Session(SessionHandler handler, javax.servlet.http.HttpServletRequest request, SessionData data)
      Create a new session
      handler - the SessionHandler that manages this session
      request - the request the session should be based on
      data - the session data
    • Session

      public Session(SessionHandler handler, SessionData data)
      Re-inflate an existing session from some eg persistent store.
      handler - the SessionHandler managing the session
      data - the session data
  • Method Details

    • getRequests

      public long getRequests()
      Returns the current number of requests that are active in the Session.
      the number of active requests for this session
    • setExtendedId

      public void setExtendedId(String extendedId)
    • cookieSet

      protected void cookieSet()
    • use

      protected void use()
    • access

      protected boolean access(long time)
    • complete

      protected void complete()
    • isExpiredAt

      protected boolean isExpiredAt(long time)
      Check to see if session has expired as at the time given.
      time - the time since the epoch in ms
      true if expired
    • isIdleLongerThan

      protected boolean isIdleLongerThan(int sec)
      Check if the Session has been idle longer than a number of seconds.
      sec - the number of seconds
      true if the session has been idle longer than the interval
    • callSessionAttributeListeners

      protected void callSessionAttributeListeners(String name, Object newValue, Object oldValue)
      Call binding and attribute listeners based on the new and old values of the attribute.
      name - name of the attribute
      newValue - new value of the attribute
      oldValue - previous value of the attribute
      IllegalStateException - if no session manager can be find
    • unbindValue

      public void unbindValue(String name, Object value)
      Unbind value if value implements HttpSessionBindingListener (calls HttpSessionBindingListener.valueUnbound(HttpSessionBindingEvent))
      name - the name with which the object is bound or unbound
      value - the bound value
    • bindValue

      public void bindValue(String name, Object value)
      Bind value if value implements HttpSessionBindingListener (calls HttpSessionBindingListener.valueBound(HttpSessionBindingEvent))
      name - the name with which the object is bound or unbound
      value - the bound value
    • didActivate

      public void didActivate()
      Call the activation listeners. This must be called holding the lock.
    • willPassivate

      public void willPassivate()
      Call the passivation listeners. This must be called holding the lock
    • isValid

      public boolean isValid()
    • isInvalid

      public boolean isInvalid()
    • getCookieSetTime

      public long getCookieSetTime()
    • getCreationTime

      public long getCreationTime() throws IllegalStateException
      Specified by:
      getCreationTime in interface javax.servlet.http.HttpSession
    • getId

      public String getId()
      Specified by:
      getId in interface javax.servlet.http.HttpSession
    • getExtendedId

      public String getExtendedId()
    • getContextPath

      public String getContextPath()
    • getVHost

      public String getVHost()
    • getLastAccessedTime

      public long getLastAccessedTime()
      Specified by:
      getLastAccessedTime in interface javax.servlet.http.HttpSession
    • getServletContext

      public javax.servlet.ServletContext getServletContext()
      Specified by:
      getServletContext in interface javax.servlet.http.HttpSession
    • setMaxInactiveInterval

      public void setMaxInactiveInterval(int secs)
      Specified by:
      setMaxInactiveInterval in interface javax.servlet.http.HttpSession
    • calculateInactivityTimeout

      public long calculateInactivityTimeout(long now)
      Calculate what the session timer setting should be based on: the time remaining before the session expires and any idle eviction time configured. The timer value will be the lesser of the above.
      now - the time at which to calculate remaining expiry
      the time remaining before expiry or inactivity timeout
    • getMaxInactiveInterval

      public int getMaxInactiveInterval()
      Specified by:
      getMaxInactiveInterval in interface javax.servlet.http.HttpSession
    • getSessionContext

      @Deprecated(since="Servlet API 2.1") public javax.servlet.http.HttpSessionContext getSessionContext()
      Specified by:
      getSessionContext in interface javax.servlet.http.HttpSession
    • getSessionHandler

      public SessionHandler getSessionHandler()
    • checkValidForWrite

      protected void checkValidForWrite() throws IllegalStateException
      Check that the session can be modified.
      IllegalStateException - if the session is invalid
    • checkValidForRead

      protected void checkValidForRead() throws IllegalStateException
      Chech that the session data can be read.
      IllegalStateException - if the session is invalid
    • getAttribute

      public Object getAttribute(String name)
      Specified by:
      getAttribute in interface javax.servlet.http.HttpSession
    • getValue

      @Deprecated(since="Servlet API 2.2") public Object getValue(String name)
      Specified by:
      getValue in interface javax.servlet.http.HttpSession
    • getAttributeNames

      public Enumeration<String> getAttributeNames()
      Specified by:
      getAttributeNames in interface javax.servlet.http.HttpSession
    • getAttributes

      public int getAttributes()
    • getNames

      public Set<String> getNames()
    • getValueNames

      @Deprecated(since="Servlet API 2.2") public String[] getValueNames() throws IllegalStateException
      As of Servlet 2.2, this method is replaced by getAttributeNames()
      Specified by:
      getValueNames in interface javax.servlet.http.HttpSession
    • setAttribute

      public void setAttribute(String name, Object value)
      Specified by:
      setAttribute in interface javax.servlet.http.HttpSession
    • putValue

      @Deprecated(since="Servlet API 2.2") public void putValue(String name, Object value)
      Specified by:
      putValue in interface javax.servlet.http.HttpSession
    • removeAttribute

      public void removeAttribute(String name)
      Specified by:
      removeAttribute in interface javax.servlet.http.HttpSession
    • removeValue

      @Deprecated(since="Servlet API 2.1") public void removeValue(String name)
      Specified by:
      removeValue in interface javax.servlet.http.HttpSession
    • renewId

      public void renewId(javax.servlet.http.HttpServletRequest request)
      Force a change to the id of a session.
      request - the Request associated with the call to change id.
    • invalidate

      public void invalidate()
      Called by users to invalidate a session, or called by the access method as a request enters the session if the session has expired, or called by manager as a result of scavenger expiring session
      Specified by:
      invalidate in interface javax.servlet.http.HttpSession
      See Also:
      • HttpSession.invalidate()
    • lock

      public AutoLock lock()
      Grab the lock on the session
      the lock
    • beginInvalidate

      protected boolean beginInvalidate()
      true if the session is not already invalid or being invalidated.
    • finishInvalidate

      protected void finishInvalidate() throws IllegalStateException
      Call HttpSessionAttributeListeners as part of invalidating a Session.
      IllegalStateException - if no session manager can be find
    • isNew

      public boolean isNew() throws IllegalStateException
      Specified by:
      isNew in interface javax.servlet.http.HttpSession
    • setIdChanged

      public void setIdChanged(boolean changed)
    • isIdChanged

      public boolean isIdChanged()
    • getSession

      public Session getSession()
      Specified by:
      getSession in interface SessionHandler.SessionIf
    • getSessionData

      protected SessionData getSessionData()
    • setResident

      public void setResident(boolean resident)
    • isResident

      public boolean isResident()
    • toString

      public String toString()
      toString in class Object