org.mortbay.jetty
Interface SessionManager

All Superinterfaces:

LifeCycle

All Known Implementing Classes:

AbstractSessionManager, HashSessionManager

public interface SessionManager
extends LifeCycle

Session Manager. The API required to manage sessions for a servlet context.

Author:

Greg Wilkins

Field Summary

static String	__DefaultSessionCookie
static String	__DefaultSessionDomain
static String	__DefaultSessionURL
static String	__MaxAgeProperty Session Max Age.
static String	__SessionCookieProperty Session cookie name.
static String	__SessionDomainProperty Session Domain.
static String	__SessionPathProperty Session Path.
static String	__SessionURLProperty Session URL parameter name.

Method Summary

Cookie	access(HttpSession session, boolean secure) Called by the SessionHandler when a session is access by a request
void	addEventListener(EventListener listener) Add an event listener.
void	clearEventListeners()
void	complete(HttpSession session) Called by the SessionHandler when a reqeuest is not longer handling a session.
String	getClusterId(HttpSession session) Get the session cluster id
boolean	getHttpOnly()
HttpSession	getHttpSession(String id)
SessionIdManager	getIdManager()
int	getMaxCookieAge()
int	getMaxInactiveInterval()
SessionIdManager	getMetaManager() Deprecated. use getIdManager()
String	getNodeId(HttpSession session) Get the session node id
boolean	getSecureCookies()
String	getSessionCookie()
Cookie	getSessionCookie(HttpSession session, String contextPath, boolean requestIsSecure) Get a Cookie for a session.
String	getSessionDomain()
String	getSessionPath()
String	getSessionURL()
String	getSessionURLPrefix()
boolean	isUsingCookies()
boolean	isValid(HttpSession session)
HttpSession	newHttpSession(HttpServletRequest request)
void	removeEventListener(EventListener listener)
void	setIdManager(SessionIdManager meta)
void	setMaxCookieAge(int maxCookieAgeInSeconds)
void	setMaxInactiveInterval(int seconds)
void	setSessionCookie(String cookieName)
void	setSessionDomain(String domain)
void	setSessionHandler(SessionHandler handler)
void	setSessionPath(String path)
void	setSessionURL(String url)

Methods inherited from interface org.mortbay.component.LifeCycle

isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, start, stop

Field Detail

__SessionCookieProperty

static final String __SessionCookieProperty

Session cookie name. Defaults to JSESSIONID, but can be set with the org.mortbay.jetty.servlet.SessionCookie system property.

See Also:

Constant Field Values

__DefaultSessionCookie

static final String __DefaultSessionCookie

See Also:

Constant Field Values

__SessionURLProperty

static final String __SessionURLProperty

Session URL parameter name. Defaults to jsessionid, but can be set with the org.mortbay.jetty.servlet.SessionURL system property.

See Also:

Constant Field Values

__DefaultSessionURL

static final String __DefaultSessionURL

See Also:

Constant Field Values

__SessionDomainProperty

static final String __SessionDomainProperty

Session Domain. If this property is set as a ServletContext InitParam, then it is used as the domain for session cookies. If it is not set, then no domain is specified for the session cookie.

See Also:

Constant Field Values

__DefaultSessionDomain

static final String __DefaultSessionDomain

__SessionPathProperty

static final String __SessionPathProperty

Session Path. If this property is set as a ServletContext InitParam, then it is used as the path for the session cookie. If it is not set, then the context path is used as the path for the cookie.

See Also:

Constant Field Values

__MaxAgeProperty

static final String __MaxAgeProperty

Session Max Age. If this property is set as a ServletContext InitParam, then it is used as the max age for the session cookie. If it is not set, then a max age of -1 is used.

See Also:

Constant Field Values

Method Detail

getHttpSession

HttpSession getHttpSession(String id)

newHttpSession

HttpSession newHttpSession(HttpServletRequest request)

getSecureCookies

boolean getSecureCookies()

Returns:

true if session cookies should be secure

getHttpOnly

boolean getHttpOnly()

Returns:

true if session cookies should be httponly (microsoft extension)

getMaxInactiveInterval

int getMaxInactiveInterval()

setMaxInactiveInterval

void setMaxInactiveInterval(int seconds)

setSessionHandler

void setSessionHandler(SessionHandler handler)

addEventListener

void addEventListener(EventListener listener)

Add an event listener.

Parameters:

listener - An Event Listener. Individual SessionManagers implemetations may accept arbitrary listener types, but they are expected to at least handle HttpSessionActivationListener, HttpSessionAttributeListener, HttpSessionBindingListener, HttpSessionListener

removeEventListener

void removeEventListener(EventListener listener)

clearEventListeners

void clearEventListeners()

getSessionCookie

Cookie getSessionCookie(HttpSession session,
                        String contextPath,
                        boolean requestIsSecure)

Get a Cookie for a session.

Parameters:

session - The session to which the cookie should refer.

contextPath - The context to which the cookie should be linked. The client will only send the cookie value when requesting resources under this path.

requestIsSecure - Whether the client is accessing the server over a secure protocol (i.e. HTTPS).

Returns:

If this SessionManager uses cookies, then this method will return a new cookie object that should be set on the client in order to link future HTTP requests with the session. If cookies are not in use, this method returns null.

getIdManager

SessionIdManager getIdManager()

Returns:

the cross context session meta manager.

getMetaManager

SessionIdManager getMetaManager()

Deprecated. use getIdManager()

Returns:

the cross context session id manager.

setIdManager

void setIdManager(SessionIdManager meta)

Parameters:

meta - the cross context session meta manager.

isValid

boolean isValid(HttpSession session)

getNodeId

String getNodeId(HttpSession session)

Get the session node id

Parameters:

session -

Returns:

The unique id of the session within the cluster, extended with an optional node id.

getClusterId

String getClusterId(HttpSession session)

Get the session cluster id

Parameters:

session -

Returns:

The unique id of the session within the cluster (without a node id extension)

access

Cookie access(HttpSession session,
              boolean secure)

Called by the SessionHandler when a session is access by a request

Returns:

Cookie If non null, this cookie should be set on the response to either migrate the session or to refresh a cookie that may expire.

complete

void complete(HttpSession session)

Called by the SessionHandler when a reqeuest is not longer handling a session. Not this includes new sessions, so there may not be a matching call to #access(HttpSession).

setSessionCookie

void setSessionCookie(String cookieName)

getSessionCookie

String getSessionCookie()

setSessionURL

void setSessionURL(String url)

getSessionURL

String getSessionURL()

getSessionURLPrefix

String getSessionURLPrefix()

setSessionDomain

void setSessionDomain(String domain)

getSessionDomain

String getSessionDomain()

setSessionPath

void setSessionPath(String path)

getSessionPath

String getSessionPath()

setMaxCookieAge

void setMaxCookieAge(int maxCookieAgeInSeconds)

getMaxCookieAge

int getMaxCookieAge()

isUsingCookies

boolean isUsingCookies()