Class StandardSession
- java.lang.Object
-
- org.apache.catalina.session.StandardSession
-
- All Implemented Interfaces:
HttpSession
,java.io.Serializable
,Session
- Direct Known Subclasses:
DeltaSession
public class StandardSession extends java.lang.Object implements HttpSession, Session, java.io.Serializable
Standard implementation of the Session interface. This object is serializable, so that it can be stored in persistent storage or transferred to a different JVM for distributable session support.IMPLEMENTATION NOTE: An instance of this class represents both the internal (Session) and application level (HttpSession) view of the session. However, because the class itself is not declared public, Java logic outside of the
org.apache.catalina.session
package cannot cast an HttpSession view of this instance back to a Session view.IMPLEMENTATION NOTE: If you add fields to this class, you must make sure that you carry them over in the read/writeObject methods so that this class is properly serialized.
- Author:
- Craig R. McClanahan, Sean Legassick, Jon S. Stevens
- See Also:
- Serialized Form
-
-
Field Summary
Fields Modifier and Type Field Description protected java.util.concurrent.atomic.AtomicInteger
accessCount
The access count for this session.protected boolean
activityCheck
The activity check for this session.protected java.util.concurrent.ConcurrentMap<java.lang.String,java.lang.Object>
attributes
The collection of user data attributes associated with this Session.protected java.lang.String
authType
The authentication type used to authenticate our cached Principal, if any.protected long
creationTime
The time this session was created, in milliseconds since midnight, January 1, 1970 GMT.protected static java.lang.String[]
EMPTY_ARRAY
Type array.protected boolean
expiring
We are currently processing a session expiration, so bypass certain IllegalStateException tests.protected StandardSessionFacade
facade
The facade associated with this session.protected java.lang.String
id
The session identifier of this Session.protected boolean
isNew
Flag indicating whether this session is new or not.protected boolean
isValid
Flag indicating whether this session is valid or not.protected boolean
lastAccessAtStart
The behavior of the last access check.protected long
lastAccessedTime
The last accessed time for this Session.protected java.util.ArrayList<SessionListener>
listeners
The session event listeners for this Session.protected Manager
manager
The Manager with which this Session is associated.protected int
maxInactiveInterval
The maximum time interval, in seconds, between client requests before the servlet container may invalidate this session.protected java.util.Map<java.lang.String,java.lang.Object>
notes
Internal notes associated with this session by Catalina components and event listeners.protected java.security.Principal
principal
The authenticated Principal associated with this session, if any.protected static HttpSessionContext
sessionContext
Deprecated.protected static StringManager
sm
The string manager for this package.protected java.beans.PropertyChangeSupport
support
The property change support for this component.protected long
thisAccessedTime
The current accessed time for this session.-
Fields inherited from interface org.apache.catalina.Session
SESSION_ACTIVATED_EVENT, SESSION_CREATED_EVENT, SESSION_DESTROYED_EVENT, SESSION_PASSIVATED_EVENT
-
-
Constructor Summary
Constructors Constructor Description StandardSession(Manager manager)
Construct a new Session associated with the specified Manager.
-
Method Summary
All Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description void
access()
Update the accessed time information for this session.void
activate()
Perform internal processing required to activate this session.void
addSessionListener(SessionListener listener)
Add a session event listener to this component.protected void
doReadObject(java.io.ObjectInputStream stream)
Read a serialized version of this session object from the specified object input stream.protected void
doWriteObject(java.io.ObjectOutputStream stream)
Write a serialized version of this session object to the specified object output stream.void
endAccess()
End the access.protected boolean
exclude(java.lang.String name, java.lang.Object value)
Should the given session attribute be excluded?void
expire()
Perform the internal processing required to invalidate this session, without triggering an exception if the session has already expired.void
expire(boolean notify)
Perform the internal processing required to invalidate this session, without triggering an exception if the session has already expired.void
fireSessionEvent(java.lang.String type, java.lang.Object data)
Notify all session event listeners that a particular event has occurred for this Session.java.lang.Object
getAttribute(java.lang.String name)
Return the object bound with the specified name in this session, ornull
if no object is bound with that name.java.util.Enumeration<java.lang.String>
getAttributeNames()
Return anEnumeration
ofString
objects containing the names of the objects bound to this session.java.lang.String
getAuthType()
Return the authentication type used to authenticate our cached Principal, if any.long
getCreationTime()
Return the time when this session was created, in milliseconds since midnight, January 1, 1970 GMT.long
getCreationTimeInternal()
Return the time when this session was created, in milliseconds since midnight, January 1, 1970 GMT, bypassing the session validation checks.java.lang.String
getId()
Return the session identifier for this session.java.lang.String
getIdInternal()
Return the session identifier for this session.long
getIdleTime()
Return the idle time (in milliseconds) from last client access time.long
getIdleTimeInternal()
Return the idle time from last client access time without invalidation checklong
getLastAccessedTime()
Return the last time the client sent a request associated with this session, as the number of milliseconds since midnight, January 1, 1970 GMT.long
getLastAccessedTimeInternal()
Return the last client access time without invalidation checkManager
getManager()
Return the Manager within which this Session is valid.int
getMaxInactiveInterval()
Return the maximum time interval, in seconds, between client requests before the servlet container will invalidate the session.java.lang.Object
getNote(java.lang.String name)
Return the object bound with the specified name to the internal notes for this session, ornull
if no such binding exists.java.util.Iterator<java.lang.String>
getNoteNames()
Return an Iterator containing the String names of all notes bindings that exist for this session.java.security.Principal
getPrincipal()
Return the authenticated Principal that is associated with this Session.ServletContext
getServletContext()
Return the ServletContext to which this session belongs.HttpSession
getSession()
Return theHttpSession
for which this object is the facade.HttpSessionContext
getSessionContext()
Deprecated.As of Version 2.1, this method is deprecated and has no replacement.long
getThisAccessedTime()
Return the last time the client sent a request associated with this session, as the number of milliseconds since midnight, January 1, 1970 GMT.long
getThisAccessedTimeInternal()
Return the last client access time without invalidation checkjava.lang.Object
getValue(java.lang.String name)
Deprecated.As of Version 2.2, this method is replaced bygetAttribute()
java.lang.String[]
getValueNames()
Deprecated.As of Version 2.2, this method is replaced bygetAttributeNames()
void
invalidate()
Invalidates this session and unbinds any objects bound to it.boolean
isAttributeDistributable(java.lang.String name, java.lang.Object value)
Does the session implementation support the distributing of the given attribute?boolean
isNew()
Returntrue
if the client does not yet know about the session, or if the client chooses not to join the session.boolean
isValid()
Return theisValid
flag for this session.protected boolean
isValidInternal()
protected java.lang.String[]
keys()
void
passivate()
Perform the internal processing required to passivate this session.void
putValue(java.lang.String name, java.lang.Object value)
Deprecated.As of Version 2.2, this method is replaced bysetAttribute()
void
readObjectData(java.io.ObjectInputStream stream)
Read a serialized version of the contents of this session object from the specified object input stream, without requiring that the StandardSession itself have been serialized.void
recycle()
Release all object references, and initialize instance variables, in preparation for reuse of this object.void
removeAttribute(java.lang.String name)
Remove the object bound with the specified name from this session.void
removeAttribute(java.lang.String name, boolean notify)
Remove the object bound with the specified name from this session.protected void
removeAttributeInternal(java.lang.String name, boolean notify)
Remove the object bound with the specified name from this session.void
removeNote(java.lang.String name)
Remove any object bound to the specified name in the internal notes for this session.void
removeSessionListener(SessionListener listener)
Remove a session event listener from this component.void
removeValue(java.lang.String name)
Deprecated.As of Version 2.2, this method is replaced byremoveAttribute()
void
setAttribute(java.lang.String name, java.lang.Object value)
Bind an object to this session, using the specified name.void
setAttribute(java.lang.String name, java.lang.Object value, boolean notify)
Bind an object to this session, using the specified name.void
setAuthType(java.lang.String authType)
Set the authentication type used to authenticate our cached Principal, if any.void
setCreationTime(long time)
Set the creation time for this session.void
setId(java.lang.String id)
Set the session identifier for this session.void
setId(java.lang.String id, boolean notify)
Set the session identifier for this session and optionally notifies any associated listeners that a new session has been created.void
setManager(Manager manager)
Set the Manager within which this Session is valid.void
setMaxInactiveInterval(int interval)
Set the maximum time interval, in seconds, between client requests before the servlet container will invalidate the session.void
setNew(boolean isNew)
Set theisNew
flag for this session.void
setNote(java.lang.String name, java.lang.Object value)
Bind an object to a specified name in the internal notes associated with this session, replacing any existing binding for this name.void
setPrincipal(java.security.Principal principal)
Set the authenticated Principal that is associated with this Session.void
setValid(boolean isValid)
Set theisValid
flag for this session.void
tellChangedSessionId(java.lang.String newId, java.lang.String oldId, boolean notifySessionListeners, boolean notifyContainerListeners)
Inform the listeners about the change session ID.void
tellNew()
Inform the listeners about the new session.java.lang.String
toString()
Return a string representation of this object.void
writeObjectData(java.io.ObjectOutputStream stream)
Write a serialized version of the contents of this session object to the specified object output stream, without requiring that the StandardSession itself have been serialized.
-
-
-
Field Detail
-
EMPTY_ARRAY
protected static final java.lang.String[] EMPTY_ARRAY
Type array.
-
attributes
protected java.util.concurrent.ConcurrentMap<java.lang.String,java.lang.Object> attributes
The collection of user data attributes associated with this Session.
-
authType
protected transient java.lang.String authType
The authentication type used to authenticate our cached Principal, if any. NOTE: This value is not included in the serialized version of this object.
-
creationTime
protected long creationTime
The time this session was created, in milliseconds since midnight, January 1, 1970 GMT.
-
expiring
protected transient volatile boolean expiring
We are currently processing a session expiration, so bypass certain IllegalStateException tests. NOTE: This value is not included in the serialized version of this object.
-
facade
protected transient StandardSessionFacade facade
The facade associated with this session. NOTE: This value is not included in the serialized version of this object.
-
id
protected java.lang.String id
The session identifier of this Session.
-
lastAccessedTime
protected volatile long lastAccessedTime
The last accessed time for this Session.
-
listeners
protected transient java.util.ArrayList<SessionListener> listeners
The session event listeners for this Session.
-
manager
protected transient Manager manager
The Manager with which this Session is associated.
-
maxInactiveInterval
protected volatile int maxInactiveInterval
The maximum time interval, in seconds, between client requests before the servlet container may invalidate this session. A negative time indicates that the session should never time out.
-
isNew
protected volatile boolean isNew
Flag indicating whether this session is new or not.
-
isValid
protected volatile boolean isValid
Flag indicating whether this session is valid or not.
-
notes
protected transient java.util.Map<java.lang.String,java.lang.Object> notes
Internal notes associated with this session by Catalina components and event listeners. IMPLEMENTATION NOTE: This object is not saved and restored across session serializations!
-
principal
protected transient java.security.Principal principal
The authenticated Principal associated with this session, if any. IMPLEMENTATION NOTE: This object is not saved and restored across session serializations!
-
sm
protected static final StringManager sm
The string manager for this package.
-
sessionContext
@Deprecated protected static volatile HttpSessionContext sessionContext
Deprecated.The HTTP session context associated with this session.
-
support
protected final transient java.beans.PropertyChangeSupport support
The property change support for this component. NOTE: This value is not included in the serialized version of this object.
-
thisAccessedTime
protected volatile long thisAccessedTime
The current accessed time for this session.
-
accessCount
protected transient java.util.concurrent.atomic.AtomicInteger accessCount
The access count for this session.
-
activityCheck
protected transient boolean activityCheck
The activity check for this session.
-
lastAccessAtStart
protected transient boolean lastAccessAtStart
The behavior of the last access check.
-
-
Constructor Detail
-
StandardSession
public StandardSession(Manager manager)
Construct a new Session associated with the specified Manager.- Parameters:
manager
- The manager with which this Session is associated
-
-
Method Detail
-
getAuthType
public java.lang.String getAuthType()
Return the authentication type used to authenticate our cached Principal, if any.- Specified by:
getAuthType
in interfaceSession
- Returns:
- the authentication type used to authenticate our cached Principal, if any.
-
setAuthType
public void setAuthType(java.lang.String authType)
Set the authentication type used to authenticate our cached Principal, if any.- Specified by:
setAuthType
in interfaceSession
- Parameters:
authType
- The new cached authentication type
-
setCreationTime
public void setCreationTime(long time)
Set the creation time for this session. This method is called by the Manager when an existing Session instance is reused.- Specified by:
setCreationTime
in interfaceSession
- Parameters:
time
- The new creation time
-
getId
public java.lang.String getId()
Return the session identifier for this session.- Specified by:
getId
in interfaceHttpSession
- Specified by:
getId
in interfaceSession
- Returns:
- a string specifying the identifier assigned to this session
-
getIdInternal
public java.lang.String getIdInternal()
Return the session identifier for this session.- Specified by:
getIdInternal
in interfaceSession
- Returns:
- the session identifier for this session.
-
setId
public void setId(java.lang.String id)
Set the session identifier for this session.
-
setId
public void setId(java.lang.String id, boolean notify)
Set the session identifier for this session and optionally notifies any associated listeners that a new session has been created.
-
tellNew
public void tellNew()
Inform the listeners about the new session.
-
tellChangedSessionId
public void tellChangedSessionId(java.lang.String newId, java.lang.String oldId, boolean notifySessionListeners, boolean notifyContainerListeners)
Inform the listeners about the change session ID.- Specified by:
tellChangedSessionId
in interfaceSession
- Parameters:
newId
- new session IDoldId
- old session IDnotifySessionListeners
- Should any associated sessionListeners be notified that session ID has been changed?notifyContainerListeners
- Should any associated ContainerListeners be notified that session ID has been changed?
-
getThisAccessedTime
public long getThisAccessedTime()
Return the last time the client sent a request associated with this session, as the number of milliseconds since midnight, January 1, 1970 GMT. Actions that your application takes, such as getting or setting a value associated with the session, do not affect the access time. This one gets updated whenever a request starts.- Specified by:
getThisAccessedTime
in interfaceSession
- Returns:
- the last time the client sent a request associated with this session, as the number of milliseconds since midnight, January 1, 1970 GMT. Actions that your application takes, such as getting or setting a value associated with the session, do not affect the access time. This one gets updated whenever a request starts.
-
getThisAccessedTimeInternal
public long getThisAccessedTimeInternal()
Return the last client access time without invalidation check- Specified by:
getThisAccessedTimeInternal
in interfaceSession
- Returns:
- the last client access time without invalidation check
- See Also:
getThisAccessedTime()
-
getLastAccessedTime
public long getLastAccessedTime()
Return the last time the client sent a request associated with this session, as the number of milliseconds since midnight, January 1, 1970 GMT. Actions that your application takes, such as getting or setting a value associated with the session, do not affect the access time. This one gets updated whenever a request finishes.- Specified by:
getLastAccessedTime
in interfaceHttpSession
- Specified by:
getLastAccessedTime
in interfaceSession
- Returns:
- a
long
representing the last time the client sent a request associated with this session, expressed in milliseconds since 1/1/1970 GMT
-
getLastAccessedTimeInternal
public long getLastAccessedTimeInternal()
Return the last client access time without invalidation check- Specified by:
getLastAccessedTimeInternal
in interfaceSession
- Returns:
- the last client access time without invalidation check
- See Also:
getLastAccessedTime()
-
getIdleTime
public long getIdleTime()
Return the idle time (in milliseconds) from last client access time.- Specified by:
getIdleTime
in interfaceSession
- Returns:
- the idle time (in milliseconds) from last client access time.
-
getIdleTimeInternal
public long getIdleTimeInternal()
Return the idle time from last client access time without invalidation check- Specified by:
getIdleTimeInternal
in interfaceSession
- Returns:
- the idle time from last client access time without invalidation check
- See Also:
getIdleTime()
-
getManager
public Manager getManager()
Return the Manager within which this Session is valid.- Specified by:
getManager
in interfaceSession
- Returns:
- the Manager within which this Session is valid.
-
setManager
public void setManager(Manager manager)
Set the Manager within which this Session is valid.- Specified by:
setManager
in interfaceSession
- Parameters:
manager
- The new Manager
-
getMaxInactiveInterval
public int getMaxInactiveInterval()
Return the maximum time interval, in seconds, between client requests before the servlet container will invalidate the session. A negative time indicates that the session should never time out.- Specified by:
getMaxInactiveInterval
in interfaceHttpSession
- Specified by:
getMaxInactiveInterval
in interfaceSession
- Returns:
- an integer specifying the number of seconds this session remains open between client requests
- See Also:
HttpSession.setMaxInactiveInterval(int)
-
setMaxInactiveInterval
public void setMaxInactiveInterval(int interval)
Set the maximum time interval, in seconds, between client requests before the servlet container will invalidate the session. A zero or negative time indicates that the session should never time out.- Specified by:
setMaxInactiveInterval
in interfaceHttpSession
- Specified by:
setMaxInactiveInterval
in interfaceSession
- Parameters:
interval
- The new maximum interval
-
setNew
public void setNew(boolean isNew)
Set theisNew
flag for this session.
-
getPrincipal
public java.security.Principal getPrincipal()
Return the authenticated Principal that is associated with this Session. This provides anAuthenticator
with a means to cache a previously authenticated Principal, and avoid potentially expensiveRealm.authenticate()
calls on every request. If there is no current associated Principal, returnnull
.- Specified by:
getPrincipal
in interfaceSession
- Returns:
- the authenticated Principal that is associated with this Session.
This provides an
Authenticator
with a means to cache a previously authenticated Principal, and avoid potentially expensiveRealm.authenticate()
calls on every request. If there is no current associated Principal, returnnull
.
-
setPrincipal
public void setPrincipal(java.security.Principal principal)
Set the authenticated Principal that is associated with this Session. This provides anAuthenticator
with a means to cache a previously authenticated Principal, and avoid potentially expensiveRealm.authenticate()
calls on every request.- Specified by:
setPrincipal
in interfaceSession
- Parameters:
principal
- The new Principal, ornull
if none
-
getSession
public HttpSession getSession()
Return theHttpSession
for which this object is the facade.- Specified by:
getSession
in interfaceSession
- Returns:
- the
HttpSession
for which this object is the facade.
-
isValid
public boolean isValid()
Return theisValid
flag for this session.
-
setValid
public void setValid(boolean isValid)
Set theisValid
flag for this session.
-
access
public void access()
Update the accessed time information for this session. This method should be called by the context when a request comes in for a particular session, even if the application does not reference it.
-
addSessionListener
public void addSessionListener(SessionListener listener)
Add a session event listener to this component.- Specified by:
addSessionListener
in interfaceSession
- Parameters:
listener
- the SessionListener instance that should be notified for session events
-
expire
public void expire()
Perform the internal processing required to invalidate this session, without triggering an exception if the session has already expired.
-
expire
public void expire(boolean notify)
Perform the internal processing required to invalidate this session, without triggering an exception if the session has already expired.- Parameters:
notify
- Should we notify listeners about the demise of this session?
-
passivate
public void passivate()
Perform the internal processing required to passivate this session.
-
activate
public void activate()
Perform internal processing required to activate this session.
-
getNote
public java.lang.Object getNote(java.lang.String name)
Return the object bound with the specified name to the internal notes for this session, ornull
if no such binding exists.
-
getNoteNames
public java.util.Iterator<java.lang.String> getNoteNames()
Return an Iterator containing the String names of all notes bindings that exist for this session.- Specified by:
getNoteNames
in interfaceSession
- Returns:
- an Iterator containing the String names of all notes bindings that exist for this session.
-
recycle
public void recycle()
Release all object references, and initialize instance variables, in preparation for reuse of this object.
-
removeNote
public void removeNote(java.lang.String name)
Remove any object bound to the specified name in the internal notes for this session.- Specified by:
removeNote
in interfaceSession
- Parameters:
name
- Name of the note to be removed
-
removeSessionListener
public void removeSessionListener(SessionListener listener)
Remove a session event listener from this component.- Specified by:
removeSessionListener
in interfaceSession
- Parameters:
listener
- remove the session listener, which will no longer be notified
-
setNote
public void setNote(java.lang.String name, java.lang.Object value)
Bind an object to a specified name in the internal notes associated with this session, replacing any existing binding for this name.
-
toString
public java.lang.String toString()
Return a string representation of this object.- Overrides:
toString
in classjava.lang.Object
-
readObjectData
public void readObjectData(java.io.ObjectInputStream stream) throws java.lang.ClassNotFoundException, java.io.IOException
Read a serialized version of the contents of this session object from the specified object input stream, without requiring that the StandardSession itself have been serialized.- Parameters:
stream
- The object input stream to read from- Throws:
java.lang.ClassNotFoundException
- if an unknown class is specifiedjava.io.IOException
- if an input/output error occurs
-
writeObjectData
public void writeObjectData(java.io.ObjectOutputStream stream) throws java.io.IOException
Write a serialized version of the contents of this session object to the specified object output stream, without requiring that the StandardSession itself have been serialized.- Parameters:
stream
- The object output stream to write to- Throws:
java.io.IOException
- if an input/output error occurs
-
getCreationTime
public long getCreationTime()
Return the time when this session was created, in milliseconds since midnight, January 1, 1970 GMT.- Specified by:
getCreationTime
in interfaceHttpSession
- Specified by:
getCreationTime
in interfaceSession
- Returns:
- a
long
specifying when this session was created, expressed in milliseconds since 1/1/1970 GMT - Throws:
java.lang.IllegalStateException
- if this method is called on an invalidated session
-
getCreationTimeInternal
public long getCreationTimeInternal()
Return the time when this session was created, in milliseconds since midnight, January 1, 1970 GMT, bypassing the session validation checks.- Specified by:
getCreationTimeInternal
in interfaceSession
- Returns:
- the creation time for this session, bypassing the session validity checks.
-
getServletContext
public ServletContext getServletContext()
Return the ServletContext to which this session belongs.- Specified by:
getServletContext
in interfaceHttpSession
- Returns:
- The ServletContext object for the web application
-
getSessionContext
@Deprecated public HttpSessionContext getSessionContext()
Deprecated.As of Version 2.1, this method is deprecated and has no replacement. It will be removed in a future version of the Java Servlet API.Return the session context with which this session is associated.- Specified by:
getSessionContext
in interfaceHttpSession
- Returns:
- A dummy implementation of HttpSessionContext
-
getAttribute
public java.lang.Object getAttribute(java.lang.String name)
Return the object bound with the specified name in this session, ornull
if no object is bound with that name.- Specified by:
getAttribute
in interfaceHttpSession
- Parameters:
name
- Name of the attribute to be returned- Returns:
- the object with the specified name
- Throws:
java.lang.IllegalStateException
- if this method is called on an invalidated session
-
getAttributeNames
public java.util.Enumeration<java.lang.String> getAttributeNames()
Return anEnumeration
ofString
objects containing the names of the objects bound to this session.- Specified by:
getAttributeNames
in interfaceHttpSession
- Returns:
- an
Enumeration
ofString
objects specifying the names of all the objects bound to this session - Throws:
java.lang.IllegalStateException
- if this method is called on an invalidated session
-
getValue
@Deprecated public java.lang.Object getValue(java.lang.String name)
Deprecated.As of Version 2.2, this method is replaced bygetAttribute()
Return the object bound with the specified name in this session, ornull
if no object is bound with that name.- Specified by:
getValue
in interfaceHttpSession
- Parameters:
name
- Name of the value to be returned- Returns:
- the object with the specified name
- Throws:
java.lang.IllegalStateException
- if this method is called on an invalidated session
-
getValueNames
@Deprecated public java.lang.String[] getValueNames()
Deprecated.As of Version 2.2, this method is replaced bygetAttributeNames()
Return the set of names of objects bound to this session. If there are no such objects, a zero-length array is returned.- Specified by:
getValueNames
in interfaceHttpSession
- Returns:
- an array of
String
objects specifying the names of all the objects bound to this session - Throws:
java.lang.IllegalStateException
- if this method is called on an invalidated session
-
invalidate
public void invalidate()
Invalidates this session and unbinds any objects bound to it.- Specified by:
invalidate
in interfaceHttpSession
- Throws:
java.lang.IllegalStateException
- if this method is called on an invalidated session
-
isNew
public boolean isNew()
Returntrue
if the client does not yet know about the session, or if the client chooses not to join the session. For example, if the server used only cookie-based sessions, and the client has disabled the use of cookies, then a session would be new on each request.- Specified by:
isNew
in interfaceHttpSession
- Returns:
true
if the server has created a session, but the client has not yet joined- Throws:
java.lang.IllegalStateException
- if this method is called on an invalidated session
-
putValue
@Deprecated public void putValue(java.lang.String name, java.lang.Object value)
Deprecated.As of Version 2.2, this method is replaced bysetAttribute()
Bind an object to this session, using the specified name. If an object of the same name is already bound to this session, the object is replaced.After this method executes, and if the object implements
HttpSessionBindingListener
, the container callsvalueBound()
on the object.- Specified by:
putValue
in interfaceHttpSession
- Parameters:
name
- Name to which the object is bound, cannot be nullvalue
- Object to be bound, cannot be null- Throws:
java.lang.IllegalStateException
- if this method is called on an invalidated session
-
removeAttribute
public void removeAttribute(java.lang.String name)
Remove the object bound with the specified name from this session. If the session does not have an object bound with this name, this method does nothing.After this method executes, and if the object implements
HttpSessionBindingListener
, the container callsvalueUnbound()
on the object.- Specified by:
removeAttribute
in interfaceHttpSession
- Parameters:
name
- Name of the object to remove from this session.- Throws:
java.lang.IllegalStateException
- if this method is called on an invalidated session
-
removeAttribute
public void removeAttribute(java.lang.String name, boolean notify)
Remove the object bound with the specified name from this session. If the session does not have an object bound with this name, this method does nothing.After this method executes, and if the object implements
HttpSessionBindingListener
, the container callsvalueUnbound()
on the object.- Parameters:
name
- Name of the object to remove from this session.notify
- Should we notify interested listeners that this attribute is being removed?- Throws:
java.lang.IllegalStateException
- if this method is called on an invalidated session
-
removeValue
@Deprecated public void removeValue(java.lang.String name)
Deprecated.As of Version 2.2, this method is replaced byremoveAttribute()
Remove the object bound with the specified name from this session. If the session does not have an object bound with this name, this method does nothing.After this method executes, and if the object implements
HttpSessionBindingListener
, the container callsvalueUnbound()
on the object.- Specified by:
removeValue
in interfaceHttpSession
- Parameters:
name
- Name of the object to remove from this session.- Throws:
java.lang.IllegalStateException
- if this method is called on an invalidated session
-
setAttribute
public void setAttribute(java.lang.String name, java.lang.Object value)
Bind an object to this session, using the specified name. If an object of the same name is already bound to this session, the object is replaced.After this method executes, and if the object implements
HttpSessionBindingListener
, the container callsvalueBound()
on the object.- Specified by:
setAttribute
in interfaceHttpSession
- Parameters:
name
- Name to which the object is bound, cannot be nullvalue
- Object to be bound, cannot be null- Throws:
java.lang.IllegalArgumentException
- if an attempt is made to add a non-serializable object in an environment marked distributable.java.lang.IllegalStateException
- if this method is called on an invalidated session
-
setAttribute
public void setAttribute(java.lang.String name, java.lang.Object value, boolean notify)
Bind an object to this session, using the specified name. If an object of the same name is already bound to this session, the object is replaced.After this method executes, and if the object implements
HttpSessionBindingListener
, the container callsvalueBound()
on the object.- Parameters:
name
- Name to which the object is bound, cannot be nullvalue
- Object to be bound, cannot be nullnotify
- whether to notify session listeners- Throws:
java.lang.IllegalArgumentException
- if an attempt is made to add a non-serializable object in an environment marked distributable.java.lang.IllegalStateException
- if this method is called on an invalidated session
-
isValidInternal
protected boolean isValidInternal()
- Returns:
- the
isValid
flag for this session without any expiration check.
-
isAttributeDistributable
public boolean isAttributeDistributable(java.lang.String name, java.lang.Object value)
Does the session implementation support the distributing of the given attribute? If the Manager is marked as distributable, then this method must be used to check attributes before adding them to a session and anIllegalArgumentException
thrown if the proposed attribute is not distributable.Note that the
Manager
implementation may further restrict which attributes are distributed but aManager
level restriction should not trigger anIllegalArgumentException
inHttpSession.setAttribute(String, Object)
This implementation simply checks the value for serializability. Sub-classes might use other distribution technology not based on serialization and can override this check.
- Specified by:
isAttributeDistributable
in interfaceSession
- Parameters:
name
- The attribute namevalue
- The attribute value- Returns:
true
if distribution is supported, otherwisefalse
-
doReadObject
protected void doReadObject(java.io.ObjectInputStream stream) throws java.lang.ClassNotFoundException, java.io.IOException
Read a serialized version of this session object from the specified object input stream.IMPLEMENTATION NOTE: The reference to the owning Manager is not restored by this method, and must be set explicitly.
- Parameters:
stream
- The input stream to read from- Throws:
java.lang.ClassNotFoundException
- if an unknown class is specifiedjava.io.IOException
- if an input/output error occurs
-
doWriteObject
protected void doWriteObject(java.io.ObjectOutputStream stream) throws java.io.IOException
Write a serialized version of this session object to the specified object output stream.IMPLEMENTATION NOTE: The owning Manager will not be stored in the serialized representation of this Session. After calling
readObject()
, you must set the associated Manager explicitly.IMPLEMENTATION NOTE: Any attribute that is not Serializable will be unbound from the session, with appropriate actions if it implements HttpSessionBindingListener. If you do not want any such attributes, be sure the
distributable
property of the associated Manager is set totrue
.- Parameters:
stream
- The output stream to write to- Throws:
java.io.IOException
- if an input/output error occurs
-
exclude
protected boolean exclude(java.lang.String name, java.lang.Object value)
Should the given session attribute be excluded? This implementation checks: Note: This method deliberately does not checkisAttributeDistributable(String, Object)
which is kept separate to support the checks required insetAttribute(String, Object, boolean)
- Parameters:
name
- The attribute namevalue
- The attribute value- Returns:
true
if the attribute should be excluded from distribution, otherwisefalse
-
fireSessionEvent
public void fireSessionEvent(java.lang.String type, java.lang.Object data)
Notify all session event listeners that a particular event has occurred for this Session. The default implementation performs this notification synchronously using the calling thread.- Parameters:
type
- Event typedata
- Event data
-
keys
protected java.lang.String[] keys()
- Returns:
- the names of all currently defined session attributes as an array of Strings. If there are no defined attributes, a zero-length array is returned.
-
removeAttributeInternal
protected void removeAttributeInternal(java.lang.String name, boolean notify)
Remove the object bound with the specified name from this session. If the session does not have an object bound with this name, this method does nothing.After this method executes, and if the object implements
HttpSessionBindingListener
, the container callsvalueUnbound()
on the object.- Parameters:
name
- Name of the object to remove from this session.notify
- Should we notify interested listeners that this attribute is being removed?
-
-