org.eclipse.jetty.server
Interface SessionManager

All Superinterfaces:

LifeCycle

All Known Implementing Classes:

AbstractSessionManager, HashSessionManager, JDBCSessionManager

public interface SessionManager
extends LifeCycle

Session Manager. The API required to manage sessions for a servlet context.

Nested Class Summary

Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.LifeCycle

LifeCycle.Listener

Field Summary

static String	__DefaultSessionCookie
static String	__DefaultSessionDomain
static String	__DefaultSessionIdPathParameterName
static String	__MaxAgeProperty Session Max Age.
static String	__SessionCookieProperty Session cookie name.
static String	__SessionDomainProperty Session Domain.
static String	__SessionIdPathParameterNameProperty Session id path parameter name.
static String	__SessionPathProperty Session Path.

Method Summary

HttpCookie	access(HttpSession session, boolean secure) Called by the SessionHandler when a session is first accessed by a request.
void	addEventListener(EventListener listener) Adds an event listener for session-related events.
void	clearEventListeners() Removes all event listeners for session-related events.
void	complete(HttpSession session) Called by the SessionHandler when a session is last accessed by a request.
String	getClusterId(HttpSession session)
boolean	getHttpOnly()
HttpSession	getHttpSession(String id) Returns the HttpSession with the given session id
SessionIdManager	getIdManager()
int	getMaxCookieAge()
int	getMaxInactiveInterval()
SessionIdManager	getMetaManager() Deprecated. use getIdManager()
String	getNodeId(HttpSession session)
boolean	getSecureCookies()
String	getSessionCookie()
HttpCookie	getSessionCookie(HttpSession session, String contextPath, boolean requestIsSecure) Gets a Cookie for a session.
String	getSessionDomain()
String	getSessionIdPathParameterName()
String	getSessionIdPathParameterNamePrefix()
String	getSessionPath()
boolean	isUsingCookies()
boolean	isValid(HttpSession session)
HttpSession	newHttpSession(HttpServletRequest request) Creates a new HttpSession.
void	removeEventListener(EventListener listener) Removes an event listener for for session-related events.
void	setIdManager(SessionIdManager idManager) Sets the cross context session id manager
void	setMaxCookieAge(int maxCookieAge) Sets the max age to set on the session cookie, in seconds
void	setMaxInactiveInterval(int seconds) Sets the max period of inactivity, after which the session is invalidated, in seconds.
void	setSessionCookie(String cookieName) Sets the session cookie name.
void	setSessionDomain(String domain) Sets the domain to set on the session cookie
void	setSessionHandler(SessionHandler handler) Sets the SessionHandler.
void	setSessionIdPathParameterName(String parameterName) Sets the session id URL path parameter name.
void	setSessionPath(String path) Sets the path to set on the session cookie

Methods inherited from interface org.eclipse.jetty.util.component.LifeCycle

addLifeCycleListener, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, removeLifeCycleListener, start, stop

Field Detail

__SessionCookieProperty

static final String __SessionCookieProperty

Session cookie name. Defaults to JSESSIONID, but can be set with the org.eclipse.jetty.servlet.SessionCookie context init parameter.

See Also:

Constant Field Values

__DefaultSessionCookie

static final String __DefaultSessionCookie

See Also:

Constant Field Values

__SessionIdPathParameterNameProperty

static final String __SessionIdPathParameterNameProperty

Session id path parameter name. Defaults to jsessionid, but can be set with the org.eclipse.jetty.servlet.SessionIdPathParameterName context init parameter. If set to null or "none" no URL rewriting will be done.

See Also:

Constant Field Values

__DefaultSessionIdPathParameterName

static final String __DefaultSessionIdPathParameterName

See Also:

Constant Field Values

__SessionDomainProperty

static final String __SessionDomainProperty

Session Domain. If this property is set as a ServletContext InitParam, then it is used as the domain for session cookies. If it is not set, then no domain is specified for the session cookie.

See Also:

Constant Field Values

__DefaultSessionDomain

static final String __DefaultSessionDomain

__SessionPathProperty

static final String __SessionPathProperty

Session Path. If this property is set as a ServletContext InitParam, then it is used as the path for the session cookie. If it is not set, then the context path is used as the path for the cookie.

See Also:

Constant Field Values

__MaxAgeProperty

static final String __MaxAgeProperty

Session Max Age. If this property is set as a ServletContext InitParam, then it is used as the max age for the session cookie. If it is not set, then a max age of -1 is used.

See Also:

Constant Field Values

Method Detail

getHttpSession

HttpSession getHttpSession(String id)

Returns the HttpSession with the given session id

Parameters:

id - the session id

Returns:

the HttpSession with the corresponding id or null if no session with the given id exists

newHttpSession

HttpSession newHttpSession(HttpServletRequest request)

Creates a new HttpSession.

Parameters:

request - the HttpServletRequest containing the requested session id

Returns:

the new HttpSession

getSecureCookies

boolean getSecureCookies()

Returns:

true if session cookies should be secure

getHttpOnly

boolean getHttpOnly()

Returns:

true if session cookies should be HTTP-only (Microsoft extension)

See Also:

Cookie#isHttpOnly()

getMaxInactiveInterval

int getMaxInactiveInterval()

Returns:

the max period of inactivity, after which the session is invalidated, in seconds.

See Also:

setMaxInactiveInterval(int)

setMaxInactiveInterval

void setMaxInactiveInterval(int seconds)

Sets the max period of inactivity, after which the session is invalidated, in seconds.

Parameters:

seconds - the max inactivity period, in seconds.

See Also:

getMaxInactiveInterval()

setSessionHandler

void setSessionHandler(SessionHandler handler)

Sets the SessionHandler.

Parameters:

handler - the SessionHandler object

addEventListener

void addEventListener(EventListener listener)

Adds an event listener for session-related events.

Parameters:

listener - the session event listener to add Individual SessionManagers implementations may accept arbitrary listener types, but they are expected to at least handle HttpSessionActivationListener, HttpSessionAttributeListener, HttpSessionBindingListener and HttpSessionListener.

See Also:

removeEventListener(EventListener)

removeEventListener

void removeEventListener(EventListener listener)

Removes an event listener for for session-related events.

Parameters:

listener - the session event listener to remove

See Also:

addEventListener(EventListener)

clearEventListeners

void clearEventListeners()

Removes all event listeners for session-related events.

See Also:

removeEventListener(EventListener)

getSessionCookie

HttpCookie getSessionCookie(HttpSession session,
                            String contextPath,
                            boolean requestIsSecure)

Gets a Cookie for a session.

Parameters:

session - the session to which the cookie should refer.

contextPath - the context to which the cookie should be linked. The client will only send the cookie value when requesting resources under this path.

requestIsSecure - whether the client is accessing the server over a secure protocol (i.e. HTTPS).

Returns:

if this SessionManager uses cookies, then this method will return a new cookie object that should be set on the client in order to link future HTTP requests with the session. If cookies are not in use, this method returns null.

getIdManager

SessionIdManager getIdManager()

Returns:

the cross context session id manager.

See Also:

setIdManager(SessionIdManager)

getMetaManager

SessionIdManager getMetaManager()

Deprecated. use getIdManager()

Returns:

the cross context session id manager.

setIdManager

void setIdManager(SessionIdManager idManager)

Sets the cross context session id manager

Parameters:

idManager - the cross context session id manager.

See Also:

getIdManager()

isValid

boolean isValid(HttpSession session)

Parameters:

session - the session to test for validity

Returns:

whether the given session is valid, that is, it has not been invalidated.

getNodeId

String getNodeId(HttpSession session)

Parameters:

session - the session object

Returns:

the unique id of the session within the cluster, extended with an optional node id.

See Also:

getClusterId(HttpSession)

getClusterId

String getClusterId(HttpSession session)

Parameters:

session - the session object

Returns:

the unique id of the session within the cluster (without a node id extension)

See Also:

getNodeId(HttpSession)

access

HttpCookie access(HttpSession session,
                  boolean secure)

Called by the SessionHandler when a session is first accessed by a request.

Parameters:

session - the session object

secure - whether the request is secure or not

Returns:

the session cookie. If not null, this cookie should be set on the response to either migrate the session or to refresh a session cookie that may expire.

See Also:

complete(HttpSession)

complete

void complete(HttpSession session)

Called by the SessionHandler when a session is last accessed by a request.

Parameters:

session - the session object

See Also:

access(HttpSession, boolean)

setSessionCookie

void setSessionCookie(String cookieName)

Sets the session cookie name.

Parameters:

cookieName - the session cookie name

See Also:

getSessionCookie()

getSessionCookie

String getSessionCookie()

Returns:

the session cookie name, by default "JSESSIONID".

See Also:

setSessionCookie(String)

setSessionIdPathParameterName

void setSessionIdPathParameterName(String parameterName)

Sets the session id URL path parameter name.

Parameters:

parameterName - the URL path parameter name for session id URL rewriting (null or "none" for no rewriting).

See Also:

getSessionIdPathParameterName(), getSessionIdPathParameterNamePrefix()

getSessionIdPathParameterName

String getSessionIdPathParameterName()

Returns:

the URL path parameter name for session id URL rewriting, by default "jsessionid".

See Also:

setSessionIdPathParameterName(String)

getSessionIdPathParameterNamePrefix

String getSessionIdPathParameterNamePrefix()

Returns:

a formatted version of getSessionIdPathParameterName(), by default ";" + sessionIdParameterName + "=", for easier lookup in URL strings.

See Also:

getSessionIdPathParameterName()

setSessionDomain

void setSessionDomain(String domain)

Sets the domain to set on the session cookie

Parameters:

domain - the domain to set on the session cookie

See Also:

getSessionDomain()

getSessionDomain

String getSessionDomain()

Returns:

the domain to set on the session cookie

See Also:

setSessionDomain(String)

setSessionPath

void setSessionPath(String path)

Sets the path to set on the session cookie

Parameters:

path - the path to set on the session cookie

See Also:

getSessionPath()

getSessionPath

String getSessionPath()

Returns:

the path to set on the session cookie

See Also:

setSessionPath(String)

setMaxCookieAge

void setMaxCookieAge(int maxCookieAge)

Sets the max age to set on the session cookie, in seconds

Parameters:

maxCookieAge - the max age to set on the session cookie, in seconds

See Also:

getMaxCookieAge()

getMaxCookieAge

int getMaxCookieAge()

Returns:

the max age to set on the session cookie, in seconds

See Also:

setMaxCookieAge(int)

isUsingCookies

boolean isUsingCookies()

Returns:

whether the session management is handled via cookies.