public class StandardSession extends Object implements HttpSession, Session, Serializable
IMPLEMENTATION NOTE: An instance of this class represents both the
internal (Session) and application level (HttpSession) view of the session.
However, because the class itself is not declared public, Java logic outside
of the org.apache.catalina.session
package cannot cast an
HttpSession view of this instance back to a Session view.
IMPLEMENTATION NOTE: If you add fields to this class, you must make sure that you carry them over in the read/writeObject methods so that this class is properly serialized.
Modifier and Type | Field and Description |
---|---|
protected AtomicInteger |
accessCount
The access count for this session.
|
protected static boolean |
ACTIVITY_CHECK |
protected Map<String,Object> |
attributes
The collection of user data attributes associated with this Session.
|
protected String |
authType
The authentication type used to authenticate our cached Principal,
if any.
|
protected long |
creationTime
The time this session was created, in milliseconds since midnight,
January 1, 1970 GMT.
|
protected static String[] |
EMPTY_ARRAY
Type array.
|
protected static String[] |
excludedAttributes
Set of attribute names which are not allowed to be persisted.
|
protected boolean |
expiring
We are currently processing a session expiration, so bypass
certain IllegalStateException tests.
|
protected StandardSessionFacade |
facade
The facade associated with this session.
|
protected String |
id
The session identifier of this Session.
|
protected boolean |
isNew
Flag indicating whether this session is new or not.
|
protected boolean |
isValid
Flag indicating whether this session is valid or not.
|
protected static boolean |
LAST_ACCESS_AT_START |
protected long |
lastAccessedTime
The last accessed time for this Session.
|
protected ArrayList<SessionListener> |
listeners
The session event listeners for this Session.
|
protected Manager |
manager
The Manager with which this Session is associated.
|
protected int |
maxInactiveInterval
The maximum time interval, in seconds, between client requests before
the servlet container may invalidate this session.
|
protected static String |
NOT_SERIALIZED
The dummy attribute value serialized when a NotSerializableException is
encountered in
writeObject() . |
protected Map<String,Object> |
notes
Internal notes associated with this session by Catalina components
and event listeners.
|
protected Principal |
principal
The authenticated Principal associated with this session, if any.
|
protected static HttpSessionContext |
sessionContext
Deprecated.
|
protected static StringManager |
sm
The string manager for this package.
|
protected static boolean |
STRICT_SERVLET_COMPLIANCE |
protected PropertyChangeSupport |
support
The property change support for this component.
|
protected long |
thisAccessedTime
The current accessed time for this session.
|
SESSION_ACTIVATED_EVENT, SESSION_CREATED_EVENT, SESSION_DESTROYED_EVENT, SESSION_PASSIVATED_EVENT
Constructor and Description |
---|
StandardSession(Manager manager)
Construct a new Session associated with the specified Manager.
|
Modifier and Type | Method and Description |
---|---|
void |
access()
Update the accessed time information for this session.
|
void |
activate()
Perform internal processing required to activate this
session.
|
void |
addSessionListener(SessionListener listener)
Add a session event listener to this component.
|
protected void |
doReadObject(ObjectInputStream stream)
Read a serialized version of this session object from the specified
object input stream.
|
protected void |
doWriteObject(ObjectOutputStream stream)
Write a serialized version of this session object to the specified
object output stream.
|
void |
endAccess()
End the access.
|
protected boolean |
exclude(String name)
Exclude standard attributes that cannot be serialized.
|
void |
expire()
Perform the internal processing required to invalidate this session,
without triggering an exception if the session has already expired.
|
void |
expire(boolean notify)
Perform the internal processing required to invalidate this session,
without triggering an exception if the session has already expired.
|
void |
fireSessionEvent(String type,
Object data)
Notify all session event listeners that a particular event has
occurred for this Session.
|
Object |
getAttribute(String name)
Return the object bound with the specified name in this session, or
null if no object is bound with that name. |
Enumeration<String> |
getAttributeNames()
Return an
Enumeration of String objects
containing the names of the objects bound to this session. |
String |
getAuthType()
Return the authentication type used to authenticate our cached
Principal, if any.
|
long |
getCreationTime()
Return the time when this session was created, in milliseconds since
midnight, January 1, 1970 GMT.
|
long |
getCreationTimeInternal()
Return the time when this session was created, in milliseconds since
midnight, January 1, 1970 GMT, bypassing the session validation checks.
|
String |
getId()
Return the session identifier for this session.
|
String |
getIdInternal()
Return the session identifier for this session.
|
long |
getIdleTime()
Return the idle time (in milliseconds) from last client access time.
|
long |
getIdleTimeInternal()
Return the idle time from last client access time without invalidation check
|
long |
getLastAccessedTime()
Return the last time the client sent a request associated with this
session, as the number of milliseconds since midnight, January 1, 1970
GMT.
|
long |
getLastAccessedTimeInternal()
Return the last client access time without invalidation check
|
Manager |
getManager()
Return the Manager within which this Session is valid.
|
int |
getMaxInactiveInterval()
Return the maximum time interval, in seconds, between client requests
before the servlet container will invalidate the session.
|
Object |
getNote(String name)
Return the object bound with the specified name to the internal notes
for this session, or
null if no such binding exists. |
Iterator<String> |
getNoteNames()
Return an Iterator containing the String names of all notes bindings
that exist for this session.
|
Principal |
getPrincipal()
Return the authenticated Principal that is associated with this Session.
|
ServletContext |
getServletContext()
Return the ServletContext to which this session belongs.
|
HttpSession |
getSession()
Return the
HttpSession for which this object
is the facade. |
HttpSessionContext |
getSessionContext()
Deprecated.
As of Version 2.1, this method is deprecated and has no
replacement. It will be removed in a future version of the
Java Servlet API.
|
long |
getThisAccessedTime()
Return the last time the client sent a request associated with this
session, as the number of milliseconds since midnight, January 1, 1970
GMT.
|
long |
getThisAccessedTimeInternal()
Return the last client access time without invalidation check
|
Object |
getValue(String name)
Deprecated.
As of Version 2.2, this method is replaced by
getAttribute() |
String[] |
getValueNames()
Deprecated.
As of Version 2.2, this method is replaced by
getAttributeNames() |
void |
invalidate()
Invalidates this session and unbinds any objects bound to it.
|
protected boolean |
isAttributeDistributable(String name,
Object value)
Check whether the Object can be distributed.
|
boolean |
isNew()
Return
true if the client does not yet know about the
session, or if the client chooses not to join the session. |
boolean |
isValid()
Return the
isValid flag for this session. |
protected boolean |
isValidInternal()
Return the
isValid flag for this session without any expiration
check. |
protected String[] |
keys()
Return the names of all currently defined session attributes
as an array of Strings.
|
void |
passivate()
Perform the internal processing required to passivate
this session.
|
void |
putValue(String name,
Object value)
Deprecated.
As of Version 2.2, this method is replaced by
setAttribute() |
void |
readObjectData(ObjectInputStream stream)
Read a serialized version of the contents of this session object from
the specified object input stream, without requiring that the
StandardSession itself have been serialized.
|
void |
recycle()
Release all object references, and initialize instance variables, in
preparation for reuse of this object.
|
void |
removeAttribute(String name)
Remove the object bound with the specified name from this session.
|
void |
removeAttribute(String name,
boolean notify)
Remove the object bound with the specified name from this session.
|
protected void |
removeAttributeInternal(String name,
boolean notify)
Remove the object bound with the specified name from this session.
|
void |
removeNote(String name)
Remove any object bound to the specified name in the internal notes
for this session.
|
void |
removeSessionListener(SessionListener listener)
Remove a session event listener from this component.
|
void |
removeValue(String name)
Deprecated.
As of Version 2.2, this method is replaced by
removeAttribute() |
void |
setAttribute(String name,
Object value)
Bind an object to this session, using the specified name.
|
void |
setAttribute(String name,
Object value,
boolean notify)
Bind an object to this session, using the specified name.
|
void |
setAuthType(String authType)
Set the authentication type used to authenticate our cached
Principal, if any.
|
void |
setCreationTime(long time)
Set the creation time for this session.
|
void |
setId(String id)
Set the session identifier for this session.
|
void |
setId(String id,
boolean notify)
Set the session identifier for this session and optionally notifies any
associated listeners that a new session has been created.
|
void |
setManager(Manager manager)
Set the Manager within which this Session is valid.
|
void |
setMaxInactiveInterval(int interval)
Set the maximum time interval, in seconds, between client requests
before the servlet container will invalidate the session.
|
void |
setNew(boolean isNew)
Set the
isNew flag for this session. |
void |
setNote(String name,
Object value)
Bind an object to a specified name in the internal notes associated
with this session, replacing any existing binding for this name.
|
void |
setPrincipal(Principal principal)
Set the authenticated Principal that is associated with this Session.
|
void |
setValid(boolean isValid)
Set the
isValid flag for this session. |
void |
tellChangedSessionId(String newId,
String oldId,
boolean notifySessionListeners,
boolean notifyContainerListeners)
Inform the listeners about the change session ID.
|
void |
tellNew()
Inform the listeners about the new session.
|
String |
toString()
Return a string representation of this object.
|
void |
writeObjectData(ObjectOutputStream stream)
Write a serialized version of the contents of this session object to
the specified object output stream, without requiring that the
StandardSession itself have been serialized.
|
protected static final boolean STRICT_SERVLET_COMPLIANCE
protected static final boolean ACTIVITY_CHECK
protected static final boolean LAST_ACCESS_AT_START
protected static final String[] EMPTY_ARRAY
protected static final String NOT_SERIALIZED
writeObject()
.protected Map<String,Object> attributes
protected transient String authType
protected long creationTime
protected static final String[] excludedAttributes
protected transient volatile boolean expiring
protected transient StandardSessionFacade facade
protected String id
protected volatile long lastAccessedTime
protected transient ArrayList<SessionListener> listeners
protected transient Manager manager
protected int maxInactiveInterval
protected boolean isNew
protected volatile boolean isValid
protected transient Map<String,Object> notes
protected transient Principal principal
protected static final StringManager sm
@Deprecated protected static volatile HttpSessionContext sessionContext
protected final transient PropertyChangeSupport support
protected volatile long thisAccessedTime
protected transient AtomicInteger accessCount
public StandardSession(Manager manager)
manager
- The manager with which this Session is associatedpublic String getAuthType()
getAuthType
in interface Session
public void setAuthType(String authType)
setAuthType
in interface Session
authType
- The new cached authentication typepublic void setCreationTime(long time)
setCreationTime
in interface Session
time
- The new creation timepublic String getId()
getId
in interface HttpSession
getId
in interface Session
public String getIdInternal()
getIdInternal
in interface Session
public void setId(String id)
public void setId(String id, boolean notify)
public void tellNew()
public void tellChangedSessionId(String newId, String oldId, boolean notifySessionListeners, boolean notifyContainerListeners)
tellChangedSessionId
in interface Session
newId
- new session IDoldId
- old session IDnotifySessionListeners
- Should any associated sessionListeners be
notified that session ID has been changed?notifyContainerListeners
- Should any associated ContainerListeners
be notified that session ID has been changed?public long getThisAccessedTime()
getThisAccessedTime
in interface Session
public long getThisAccessedTimeInternal()
getThisAccessedTimeInternal
in interface Session
getThisAccessedTime()
public long getLastAccessedTime()
getLastAccessedTime
in interface HttpSession
getLastAccessedTime
in interface Session
long
representing the last time the client sent a
request associated with this session, expressed in milliseconds
since 1/1/1970 GMTpublic long getLastAccessedTimeInternal()
getLastAccessedTimeInternal
in interface Session
getLastAccessedTime()
public long getIdleTime()
getIdleTime
in interface Session
public long getIdleTimeInternal()
getIdleTimeInternal
in interface Session
getIdleTime()
public Manager getManager()
getManager
in interface Session
public void setManager(Manager manager)
setManager
in interface Session
manager
- The new Managerpublic int getMaxInactiveInterval()
getMaxInactiveInterval
in interface HttpSession
getMaxInactiveInterval
in interface Session
HttpSession.setMaxInactiveInterval(int)
public void setMaxInactiveInterval(int interval)
setMaxInactiveInterval
in interface HttpSession
setMaxInactiveInterval
in interface Session
interval
- The new maximum intervalpublic void setNew(boolean isNew)
isNew
flag for this session.public Principal getPrincipal()
Authenticator
with a means to cache a
previously authenticated Principal, and avoid potentially expensive
Realm.authenticate()
calls on every request. If there
is no current associated Principal, return null
.getPrincipal
in interface Session
public void setPrincipal(Principal principal)
Authenticator
with a means to cache a
previously authenticated Principal, and avoid potentially expensive
Realm.authenticate()
calls on every request.setPrincipal
in interface Session
principal
- The new Principal, or null
if nonepublic HttpSession getSession()
HttpSession
for which this object
is the facade.getSession
in interface Session
public boolean isValid()
isValid
flag for this session.public void setValid(boolean isValid)
isValid
flag for this session.public void access()
public void addSessionListener(SessionListener listener)
addSessionListener
in interface Session
public void expire()
public void expire(boolean notify)
notify
- Should we notify listeners about the demise of
this session?public void passivate()
public void activate()
public Object getNote(String name)
null
if no such binding exists.public Iterator<String> getNoteNames()
getNoteNames
in interface Session
public void recycle()
public void removeNote(String name)
removeNote
in interface Session
name
- Name of the note to be removedpublic void removeSessionListener(SessionListener listener)
removeSessionListener
in interface Session
public void setNote(String name, Object value)
public String toString()
public void readObjectData(ObjectInputStream stream) throws ClassNotFoundException, IOException
stream
- The object input stream to read fromClassNotFoundException
- if an unknown class is specifiedIOException
- if an input/output error occurspublic void writeObjectData(ObjectOutputStream stream) throws IOException
stream
- The object output stream to write toIOException
- if an input/output error occurspublic long getCreationTime()
getCreationTime
in interface HttpSession
getCreationTime
in interface Session
long
specifying when this session was created,
expressed in milliseconds since 1/1/1970 GMTIllegalStateException
- if this method is called on an
invalidated sessionpublic long getCreationTimeInternal()
getCreationTimeInternal
in interface Session
public ServletContext getServletContext()
getServletContext
in interface HttpSession
@Deprecated public HttpSessionContext getSessionContext()
getSessionContext
in interface HttpSession
public Object getAttribute(String name)
null
if no object is bound with that name.getAttribute
in interface HttpSession
name
- Name of the attribute to be returnedIllegalStateException
- if this method is called on an
invalidated sessionpublic Enumeration<String> getAttributeNames()
Enumeration
of String
objects
containing the names of the objects bound to this session.getAttributeNames
in interface HttpSession
Enumeration
of String
objects
specifying the names of all the objects bound to this sessionIllegalStateException
- if this method is called on an
invalidated session@Deprecated public Object getValue(String name)
getAttribute()
null
if no object is bound with that name.getValue
in interface HttpSession
name
- Name of the value to be returnedIllegalStateException
- if this method is called on an
invalidated session@Deprecated public String[] getValueNames()
getAttributeNames()
getValueNames
in interface HttpSession
String
objects specifying the names of
all the objects bound to this sessionIllegalStateException
- if this method is called on an
invalidated sessionpublic void invalidate()
invalidate
in interface HttpSession
IllegalStateException
- if this method is called on
an invalidated sessionpublic boolean isNew()
true
if the client does not yet know about the
session, or if the client chooses not to join the session. For
example, if the server used only cookie-based sessions, and the client
has disabled the use of cookies, then a session would be new on each
request.isNew
in interface HttpSession
true
if the server has created a session, but the
client has not yet joinedIllegalStateException
- if this method is called on an
invalidated session@Deprecated public void putValue(String name, Object value)
setAttribute()
After this method executes, and if the object implements
HttpSessionBindingListener
, the container calls
valueBound()
on the object.
putValue
in interface HttpSession
name
- Name to which the object is bound, cannot be nullvalue
- Object to be bound, cannot be nullIllegalStateException
- if this method is called on an
invalidated sessionpublic void removeAttribute(String name)
After this method executes, and if the object implements
HttpSessionBindingListener
, the container calls
valueUnbound()
on the object.
removeAttribute
in interface HttpSession
name
- Name of the object to remove from this session.IllegalStateException
- if this method is called on an
invalidated sessionpublic void removeAttribute(String name, boolean notify)
After this method executes, and if the object implements
HttpSessionBindingListener
, the container calls
valueUnbound()
on the object.
name
- Name of the object to remove from this session.notify
- Should we notify interested listeners that this
attribute is being removed?IllegalStateException
- if this method is called on an
invalidated session@Deprecated public void removeValue(String name)
removeAttribute()
After this method executes, and if the object implements
HttpSessionBindingListener
, the container calls
valueUnbound()
on the object.
removeValue
in interface HttpSession
name
- Name of the object to remove from this session.IllegalStateException
- if this method is called on an
invalidated sessionpublic void setAttribute(String name, Object value)
After this method executes, and if the object implements
HttpSessionBindingListener
, the container calls
valueBound()
on the object.
setAttribute
in interface HttpSession
name
- Name to which the object is bound, cannot be nullvalue
- Object to be bound, cannot be nullIllegalArgumentException
- if an attempt is made to add a
non-serializable object in an environment marked distributable.IllegalStateException
- if this method is called on an
invalidated sessionpublic void setAttribute(String name, Object value, boolean notify)
After this method executes, and if the object implements
HttpSessionBindingListener
, the container calls
valueBound()
on the object.
name
- Name to which the object is bound, cannot be nullvalue
- Object to be bound, cannot be nullnotify
- whether to notify session listenersIllegalArgumentException
- if an attempt is made to add a
non-serializable object in an environment marked distributable.IllegalStateException
- if this method is called on an
invalidated sessionprotected boolean isValidInternal()
isValid
flag for this session without any expiration
check.protected boolean isAttributeDistributable(String name, Object value)
name
- The name of the attribute to checkvalue
- The value of the attribute to checkprotected void doReadObject(ObjectInputStream stream) throws ClassNotFoundException, IOException
IMPLEMENTATION NOTE: The reference to the owning Manager is not restored by this method, and must be set explicitly.
stream
- The input stream to read fromClassNotFoundException
- if an unknown class is specifiedIOException
- if an input/output error occursprotected void doWriteObject(ObjectOutputStream stream) throws IOException
IMPLEMENTATION NOTE: The owning Manager will not be stored
in the serialized representation of this Session. After calling
readObject()
, you must set the associated Manager
explicitly.
IMPLEMENTATION NOTE: Any attribute that is not Serializable
will be unbound from the session, with appropriate actions if it
implements HttpSessionBindingListener. If you do not want any such
attributes, be sure the distributable
property of the
associated Manager is set to true
.
stream
- The output stream to write toIOException
- if an input/output error occursprotected boolean exclude(String name)
name
- the attribute's namepublic void fireSessionEvent(String type, Object data)
type
- Event typedata
- Event dataprotected String[] keys()
protected void removeAttributeInternal(String name, boolean notify)
After this method executes, and if the object implements
HttpSessionBindingListener
, the container calls
valueUnbound()
on the object.
name
- Name of the object to remove from this session.notify
- Should we notify interested listeners that this
attribute is being removed?Copyright © 2000-2014 Apache Software Foundation. All Rights Reserved.