Package org.eclipse.jetty.server.session
Class SessionHandler
- java.lang.Object
-
- org.eclipse.jetty.util.component.AbstractLifeCycle
-
- org.eclipse.jetty.util.component.ContainerLifeCycle
-
- org.eclipse.jetty.server.handler.AbstractHandler
-
- org.eclipse.jetty.server.handler.AbstractHandlerContainer
-
- org.eclipse.jetty.server.handler.HandlerWrapper
-
- org.eclipse.jetty.server.handler.ScopedHandler
-
- org.eclipse.jetty.server.session.SessionHandler
-
- All Implemented Interfaces:
Handler
,HandlerContainer
,Container
,Destroyable
,Dumpable
,Dumpable.DumpableContainer
,LifeCycle
@ManagedObject @Deprecated(since="2021-05-27") public class SessionHandler extends ScopedHandler
Deprecated.The Eclipse Jetty and Apache Felix Http Jetty packages are no longer supported.SessionHandler.
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description class
SessionHandler.CookieConfig
Deprecated.The Eclipse Jetty and Apache Felix Http Jetty packages are no longer supported.static interface
SessionHandler.SessionIf
Deprecated.The Eclipse Jetty and Apache Felix Http Jetty packages are no longer supported.-
Nested classes/interfaces inherited from class org.eclipse.jetty.server.handler.AbstractHandler
AbstractHandler.ErrorDispatchHandler
-
Nested classes/interfaces inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle
AbstractLifeCycle.AbstractLifeCycleListener
-
Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.Container
Container.InheritedListener, Container.Listener
-
Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.Dumpable
Dumpable.DumpableContainer
-
Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.LifeCycle
LifeCycle.Listener
-
-
Field Summary
Fields Modifier and Type Field Description static java.lang.String
__CheckRemoteSessionEncoding
Deprecated.static java.lang.String
__DefaultSessionCookie
Deprecated.static java.lang.String
__DefaultSessionDomain
Deprecated.static java.lang.String
__DefaultSessionIdPathParameterName
Deprecated.static java.lang.String
__MaxAgeProperty
Deprecated.Session Max Age.static java.lang.String
__SessionCookieProperty
Deprecated.Session cookie name.static java.lang.String
__SessionDomainProperty
Deprecated.Session Domain.static java.lang.String
__SessionIdPathParameterNameProperty
Deprecated.Session id path parameter name.static java.lang.String
__SessionPathProperty
Deprecated.Session Path.java.util.Set<SessionTrackingMode>
_sessionTrackingModes
Deprecated.static java.util.Set<SessionTrackingMode>
DEFAULT_SESSION_TRACKING_MODES
Deprecated.static java.util.EnumSet<SessionTrackingMode>
DEFAULT_TRACKING
Deprecated.static java.math.BigDecimal
MAX_INACTIVE_MINUTES
Deprecated.Web.xml session-timeout is set in minutes, but is stored as an int in seconds by HttpSession and the sessionmanager.static java.lang.Class<? extends java.util.EventListener>[]
SESSION_LISTENER_TYPES
Deprecated.
-
Constructor Summary
Constructors Constructor Description SessionHandler()
Deprecated.Constructor.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description HttpCookie
access(HttpSession session, boolean secure)
Deprecated.Called by theSessionHandler
when a session is first accessed by a request.void
addEventListener(java.util.EventListener listener)
Deprecated.Adds an event listener for session-related events.void
clearEventListeners()
Deprecated.Removes all event listeners for session-related events.void
commit(HttpSession session)
Deprecated.Called when a response is about to be committed.void
complete(HttpSession session)
Deprecated.Called when a request is finally leaving a session.void
complete(Session session, Request baseRequest)
Deprecated.void
doHandle(java.lang.String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response)
Deprecated.Do the handler work within the scope.void
doScope(java.lang.String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response)
Deprecated.Scope the handlervoid
doSessionAttributeListeners(Session session, java.lang.String name, java.lang.Object old, java.lang.Object value)
Deprecated.java.util.Set<SessionTrackingMode>
getDefaultSessionTrackingModes()
Deprecated.java.util.Set<SessionTrackingMode>
getEffectiveSessionTrackingModes()
Deprecated.java.lang.String
getExtendedId(HttpSession session)
Deprecated.boolean
getHttpOnly()
Deprecated.java.lang.String
getId(HttpSession session)
Deprecated.int
getMaxCookieAge()
Deprecated.int
getMaxInactiveInterval()
Deprecated.int
getRefreshCookieAge()
Deprecated.HttpCookie.SameSite
getSameSite()
Deprecated.Scheduler
getScheduler()
Deprecated.boolean
getSecureCookies()
Deprecated.Session
getSession(java.lang.String id)
Deprecated.Get a known existing sessionSessionCache
getSessionCache()
Deprecated.java.lang.String
getSessionCookie()
Deprecated.HttpCookie
getSessionCookie(HttpSession session, java.lang.String contextPath, boolean requestIsSecure)
Deprecated.A session cookie is marked as secure IFF any of the following conditions are true: SessionCookieConfig.setSecure == true SessionCookieConfig.setSecure == false && _secureRequestOnly==true && request is HTTPS According to SessionCookieConfig javadoc, case 1 can be used when: "...SessionCookieConfig
getSessionCookieConfig()
Deprecated.static java.lang.String
getSessionCookieName(SessionCookieConfig config)
Deprecated.java.lang.String
getSessionDomain()
Deprecated.SessionIdManager
getSessionIdManager()
Deprecated.Gets the cross context session id managerjava.lang.String
getSessionIdPathParameterName()
Deprecated.java.lang.String
getSessionIdPathParameterNamePrefix()
Deprecated.java.lang.String
getSessionPath()
Deprecated.int
getSessionsCreated()
Deprecated.long
getSessionTimeMax()
Deprecated.double
getSessionTimeMean()
Deprecated.double
getSessionTimeStdDev()
Deprecated.long
getSessionTimeTotal()
Deprecated.void
invalidate(java.lang.String id)
Deprecated.Called by SessionIdManager to remove a session that has been invalidated, either by this context or another context.boolean
isCheckingRemoteSessionIdEncoding()
Deprecated.boolean
isIdInUse(java.lang.String id)
Deprecated.Check if id is in use by this contextboolean
isNodeIdInSessionId()
Deprecated.boolean
isSecureRequestOnly()
Deprecated.boolean
isUsingCookies()
Deprecated.boolean
isUsingURLs()
Deprecated.boolean
isValid(HttpSession session)
Deprecated.HttpSession
newHttpSession(HttpServletRequest request)
Deprecated.Creates a newHttpSession
.void
removeEventListener(java.util.EventListener listener)
Deprecated.Removes an event listener for for session-related events.Session
removeSession(java.lang.String id, boolean invalidate)
Deprecated.Remove session from managervoid
renewSessionId(java.lang.String oldId, java.lang.String oldExtendedId, java.lang.String newId, java.lang.String newExtendedId)
Deprecated.Change the existing session id.void
scavenge()
Deprecated.Called periodically by the HouseKeeper to handle the list of sessions that have expired since the last call to scavenge.void
sessionInactivityTimerExpired(Session session)
Deprecated.void
sessionInactivityTimerExpired(Session session, long now)
Deprecated.Each session has a timer that is configured to go off when either the session has not been accessed for a configurable amount of time, or the session itself has passed its expiry.void
setCheckingRemoteSessionIdEncoding(boolean remote)
Deprecated.void
setHttpOnly(boolean httpOnly)
Deprecated.Set if Session cookies should use HTTP Onlyvoid
setMaxInactiveInterval(int seconds)
Deprecated.Sets the max period of inactivity, after which the session is invalidated, in seconds.void
setNodeIdInSessionId(boolean nodeIdInSessionId)
Deprecated.void
setRefreshCookieAge(int ageInSeconds)
Deprecated.void
setSameSite(HttpCookie.SameSite sameSite)
Deprecated.Set Session cookie sameSite mode.void
setSecureRequestOnly(boolean secureRequestOnly)
Deprecated.HTTPS request.void
setSessionCache(SessionCache cache)
Deprecated.void
setSessionCookie(java.lang.String cookieName)
Deprecated.void
setSessionIdManager(SessionIdManager metaManager)
Deprecated.void
setSessionIdPathParameterName(java.lang.String param)
Deprecated.Sets the session id URL path parameter name.void
setSessionTrackingModes(java.util.Set<SessionTrackingMode> sessionTrackingModes)
Deprecated.void
setUsingCookies(boolean usingCookies)
Deprecated.void
statsReset()
Deprecated.Reset statistics valuesjava.lang.String
toString()
Deprecated.-
Methods inherited from class org.eclipse.jetty.server.handler.ScopedHandler
handle, nextHandle, nextScope
-
Methods inherited from class org.eclipse.jetty.server.handler.HandlerWrapper
destroy, getHandler, getHandlers, insertHandler, setHandler
-
Methods inherited from class org.eclipse.jetty.server.handler.AbstractHandlerContainer
findContainerOf, getChildHandlerByClass, getChildHandlers, getChildHandlersByClass, setServer
-
Methods inherited from class org.eclipse.jetty.server.handler.AbstractHandler
getServer
-
Methods inherited from class org.eclipse.jetty.util.component.ContainerLifeCycle
addBean, addBean, addEventListener, addManaged, contains, dump, dump, dump, dump, dump, dumpObject, dumpStdErr, getBean, getBeans, getBeans, getContainedBeans, isAuto, isManaged, isUnmanaged, manage, removeBean, removeBeans, removeEventListener, setBeans, setStopTimeout, unmanage, updateBean, updateBean, updateBeans
-
Methods inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle
addLifeCycleListener, getState, getState, getStopTimeout, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, removeLifeCycleListener, start, stop
-
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, wait, wait, wait
-
Methods inherited from interface org.eclipse.jetty.util.component.Dumpable.DumpableContainer
isDumpable
-
Methods inherited from interface org.eclipse.jetty.util.component.LifeCycle
addLifeCycleListener, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, removeLifeCycleListener, start, stop
-
-
-
-
Field Detail
-
DEFAULT_TRACKING
public static final java.util.EnumSet<SessionTrackingMode> DEFAULT_TRACKING
Deprecated.
-
__SessionCookieProperty
public static final java.lang.String __SessionCookieProperty
Deprecated.Session cookie name. Defaults toJSESSIONID
, but can be set with theorg.eclipse.jetty.servlet.SessionCookie
context init parameter.- See Also:
- Constant Field Values
-
__DefaultSessionCookie
public static final java.lang.String __DefaultSessionCookie
Deprecated.- See Also:
- Constant Field Values
-
__SessionIdPathParameterNameProperty
public static final java.lang.String __SessionIdPathParameterNameProperty
Deprecated.Session id path parameter name. Defaults tojsessionid
, but can be set with theorg.eclipse.jetty.servlet.SessionIdPathParameterName
context init parameter. If context init param is "none", or setSessionIdPathParameterName is called with null or "none", no URL rewriting will be done.- See Also:
- Constant Field Values
-
__DefaultSessionIdPathParameterName
public static final java.lang.String __DefaultSessionIdPathParameterName
Deprecated.- See Also:
- Constant Field Values
-
__CheckRemoteSessionEncoding
public static final java.lang.String __CheckRemoteSessionEncoding
Deprecated.- See Also:
- Constant Field Values
-
__SessionDomainProperty
public static final java.lang.String __SessionDomainProperty
Deprecated.Session Domain. If this property is set as a ServletContext InitParam, then it is used as the domain for session cookies. If it is not set, then no domain is specified for the session cookie.- See Also:
- Constant Field Values
-
__DefaultSessionDomain
public static final java.lang.String __DefaultSessionDomain
Deprecated.
-
__SessionPathProperty
public static final java.lang.String __SessionPathProperty
Deprecated.Session Path. If this property is set as a ServletContext InitParam, then it is used as the path for the session cookie. If it is not set, then the context path is used as the path for the cookie.- See Also:
- Constant Field Values
-
__MaxAgeProperty
public static final java.lang.String __MaxAgeProperty
Deprecated.Session Max Age. If this property is set as a ServletContext InitParam, then it is used as the max age for the session cookie. If it is not set, then a max age of -1 is used.- See Also:
- Constant Field Values
-
DEFAULT_SESSION_TRACKING_MODES
public static final java.util.Set<SessionTrackingMode> DEFAULT_SESSION_TRACKING_MODES
Deprecated.
-
SESSION_LISTENER_TYPES
public static final java.lang.Class<? extends java.util.EventListener>[] SESSION_LISTENER_TYPES
Deprecated.
-
MAX_INACTIVE_MINUTES
public static final java.math.BigDecimal MAX_INACTIVE_MINUTES
Deprecated.Web.xml session-timeout is set in minutes, but is stored as an int in seconds by HttpSession and the sessionmanager. Thus MAX_INT is the max number of seconds that can be set, and MAX_INT/60 is the max number of minutes that you can set.
-
_sessionTrackingModes
public java.util.Set<SessionTrackingMode> _sessionTrackingModes
Deprecated.
-
-
Method Detail
-
getSessionPath
@ManagedAttribute("path of the session cookie, or null for default") public java.lang.String getSessionPath()
Deprecated.
-
getMaxCookieAge
@ManagedAttribute("if greater the zero, the time in seconds a session cookie will last for") public int getMaxCookieAge()
Deprecated.
-
access
public HttpCookie access(HttpSession session, boolean secure)
Deprecated.Called by theSessionHandler
when a session is first accessed by a request.- Parameters:
session
- the session objectsecure
- whether the request is secure or not- Returns:
- the session cookie. If not null, this cookie should be set on the response to either migrate the session or to refresh a session cookie that may expire.
- See Also:
complete(HttpSession)
-
addEventListener
public void addEventListener(java.util.EventListener listener)
Deprecated.Adds an event listener for session-related events.- Parameters:
listener
- the session event listener to add Individual SessionManagers implementations may accept arbitrary listener types, but they are expected to at least handle HttpSessionActivationListener, HttpSessionAttributeListener, HttpSessionBindingListener and HttpSessionListener.- See Also:
removeEventListener(EventListener)
-
clearEventListeners
public void clearEventListeners()
Deprecated.Removes all event listeners for session-related events.- See Also:
removeEventListener(EventListener)
-
complete
public void complete(HttpSession session)
Deprecated.Called when a request is finally leaving a session.- Parameters:
session
- the session object
-
commit
public void commit(HttpSession session)
Deprecated.Called when a response is about to be committed. We might take this opportunity to persist the session so that any subsequent requests to other servers will see the modifications.
-
getHttpOnly
@ManagedAttribute("true if cookies use the http only flag") public boolean getHttpOnly()
Deprecated.- Returns:
- true if session cookies should be HTTP-only (Microsoft extension)
- See Also:
HttpCookie.isHttpOnly()
-
getSameSite
@ManagedAttribute("SameSite setting for session cookies") public HttpCookie.SameSite getSameSite()
Deprecated.- Returns:
- The sameSite setting for session cookies or null for no setting
- See Also:
HttpCookie.getSameSite()
-
getSessionIdManager
@ManagedAttribute("Session ID Manager") public SessionIdManager getSessionIdManager()
Deprecated.Gets the cross context session id manager- Returns:
- the session id manager
-
getMaxInactiveInterval
@ManagedAttribute("default maximum time a session may be idle for (in s)") public int getMaxInactiveInterval()
Deprecated.- Returns:
- the max period of inactivity, after which the session is invalidated, in seconds.
- See Also:
setMaxInactiveInterval(int)
-
getRefreshCookieAge
@ManagedAttribute("time before a session cookie is re-set (in s)") public int getRefreshCookieAge()
Deprecated.
-
getSecureCookies
@ManagedAttribute("if true, secure cookie flag is set on session cookies") public boolean getSecureCookies()
Deprecated.- Returns:
- same as SessionCookieConfig.getSecure(). If true, session cookies are ALWAYS marked as secure. If false, a session cookie is ONLY marked as secure if _secureRequestOnly == true and it is an HTTPS request.
-
isSecureRequestOnly
public boolean isSecureRequestOnly()
Deprecated.- Returns:
- true if session cookie is to be marked as secure only on HTTPS requests
-
setSecureRequestOnly
public void setSecureRequestOnly(boolean secureRequestOnly)
Deprecated.HTTPS request. Can be overridden by setting SessionCookieConfig.setSecure(true), in which case the session cookie will be marked as secure on both HTTPS and HTTP.- Parameters:
secureRequestOnly
- true to set Session Cookie Config as secure
-
getSessionCookie
@ManagedAttribute("the set session cookie") public java.lang.String getSessionCookie()
Deprecated.
-
getSessionCookie
public HttpCookie getSessionCookie(HttpSession session, java.lang.String contextPath, boolean requestIsSecure)
Deprecated.A session cookie is marked as secure IFF any of the following conditions are true:- SessionCookieConfig.setSecure == true
- SessionCookieConfig.setSecure == false && _secureRequestOnly==true && request is HTTPS
For case 2, you can use _secureRequestOnly to determine if you want the Servlet Spec 3.0 default behavior when SessionCookieConfig.setSecure==false, which is: "they shall be marked as secure only if the request that initiated the corresponding session was also secure"
The default for _secureRequestOnly is true, which gives the above behavior. If you set it to false, then a session cookie is NEVER marked as secure, even if the initiating request was secure.
- Parameters:
session
- the session to which the cookie should refer.contextPath
- the context to which the cookie should be linked. The client will only send the cookie value when requesting resources under this path.requestIsSecure
- whether the client is accessing the server over a secure protocol (i.e. HTTPS).- Returns:
- if this
SessionManager
uses cookies, then this method will return a newcookie object
that should be set on the client in order to link future HTTP requests with thesession
. If cookies are not in use, this method returnsnull
.
-
getSessionDomain
@ManagedAttribute("domain of the session cookie, or null for the default") public java.lang.String getSessionDomain()
Deprecated.
-
getSessionsCreated
@ManagedAttribute("number of sessions created by this node") public int getSessionsCreated()
Deprecated.
-
getSessionIdPathParameterName
@ManagedAttribute("name of use for URL session tracking") public java.lang.String getSessionIdPathParameterName()
Deprecated.- Returns:
- the URL path parameter name for session id URL rewriting, by default "jsessionid".
- See Also:
setSessionIdPathParameterName(String)
-
getSessionIdPathParameterNamePrefix
public java.lang.String getSessionIdPathParameterNamePrefix()
Deprecated.- Returns:
- a formatted version of
getSessionIdPathParameterName()
, by default ";" + sessionIdParameterName + "=", for easier lookup in URL strings. - See Also:
getSessionIdPathParameterName()
-
isUsingCookies
public boolean isUsingCookies()
Deprecated.- Returns:
- whether the session management is handled via cookies.
-
isValid
public boolean isValid(HttpSession session)
Deprecated.- Parameters:
session
- the session to test for validity- Returns:
- whether the given session is valid, that is, it has not been invalidated.
-
getId
public java.lang.String getId(HttpSession session)
Deprecated.- Parameters:
session
- the session object- Returns:
- the unique id of the session within the cluster (without a node id extension)
- See Also:
getExtendedId(HttpSession)
-
getExtendedId
public java.lang.String getExtendedId(HttpSession session)
Deprecated.- Parameters:
session
- the session object- Returns:
- the unique id of the session within the cluster, extended with an optional node id.
- See Also:
getId(HttpSession)
-
newHttpSession
public HttpSession newHttpSession(HttpServletRequest request)
Deprecated.Creates a newHttpSession
.- Parameters:
request
- the HttpServletRequest containing the requested session id- Returns:
- the new
HttpSession
-
removeEventListener
public void removeEventListener(java.util.EventListener listener)
Deprecated.Removes an event listener for for session-related events.- Parameters:
listener
- the session event listener to remove- See Also:
addEventListener(EventListener)
-
statsReset
@ManagedOperation(value="reset statistics", impact="ACTION") public void statsReset()
Deprecated.Reset statistics values
-
setHttpOnly
public void setHttpOnly(boolean httpOnly)
Deprecated.Set if Session cookies should use HTTP Only- Parameters:
httpOnly
- True if cookies should be HttpOnly.- See Also:
HttpCookie
-
setSameSite
public void setSameSite(HttpCookie.SameSite sameSite)
Deprecated.Set Session cookie sameSite mode. Currently this is encoded in the session comment until sameSite is supported bySessionCookieConfig
- Parameters:
sameSite
- The sameSite setting for Session cookies (or null for no sameSite setting)
-
setSessionIdManager
public void setSessionIdManager(SessionIdManager metaManager)
Deprecated.- Parameters:
metaManager
- The metaManager used for cross context session management.
-
setMaxInactiveInterval
public void setMaxInactiveInterval(int seconds)
Deprecated.Sets the max period of inactivity, after which the session is invalidated, in seconds.- Parameters:
seconds
- the max inactivity period, in seconds.- See Also:
getMaxInactiveInterval()
-
setRefreshCookieAge
public void setRefreshCookieAge(int ageInSeconds)
Deprecated.
-
setSessionCookie
public void setSessionCookie(java.lang.String cookieName)
Deprecated.
-
setSessionIdPathParameterName
public void setSessionIdPathParameterName(java.lang.String param)
Deprecated.Sets the session id URL path parameter name.- Parameters:
param
- the URL path parameter name for session id URL rewriting (null or "none" for no rewriting).- See Also:
getSessionIdPathParameterName()
,getSessionIdPathParameterNamePrefix()
-
setUsingCookies
public void setUsingCookies(boolean usingCookies)
Deprecated.- Parameters:
usingCookies
- The usingCookies to set.
-
getSession
public Session getSession(java.lang.String id)
Deprecated.Get a known existing session- Parameters:
id
- The session ID stripped of any worker name.- Returns:
- A Session or null if none exists.
-
getSessionCache
public SessionCache getSessionCache()
Deprecated.- Returns:
- the session store
-
setSessionCache
public void setSessionCache(SessionCache cache)
Deprecated.- Parameters:
cache
- the session store to use
-
isNodeIdInSessionId
public boolean isNodeIdInSessionId()
Deprecated.- Returns:
- true if the cluster node id (worker id) is returned as part of the session id by
HttpSession.getId()
. Default is false.
-
setNodeIdInSessionId
public void setNodeIdInSessionId(boolean nodeIdInSessionId)
Deprecated.- Parameters:
nodeIdInSessionId
- true if the cluster node id (worker id) will be returned as part of the session id byHttpSession.getId()
. Default is false.
-
removeSession
public Session removeSession(java.lang.String id, boolean invalidate)
Deprecated.Remove session from manager- Parameters:
id
- The session to removeinvalidate
- True ifHttpSessionListener.sessionDestroyed(HttpSessionEvent)
andSessionIdManager.expireAll(String)
should be called.- Returns:
- if the session was removed
-
getSessionTimeMax
@ManagedAttribute("maximum amount of time sessions have remained active (in s)") public long getSessionTimeMax()
Deprecated.- Returns:
- maximum amount of time session remained valid
-
getDefaultSessionTrackingModes
public java.util.Set<SessionTrackingMode> getDefaultSessionTrackingModes()
Deprecated.
-
getEffectiveSessionTrackingModes
public java.util.Set<SessionTrackingMode> getEffectiveSessionTrackingModes()
Deprecated.
-
setSessionTrackingModes
public void setSessionTrackingModes(java.util.Set<SessionTrackingMode> sessionTrackingModes)
Deprecated.
-
isUsingURLs
public boolean isUsingURLs()
Deprecated.- Returns:
- whether the session management is handled via URLs.
-
getSessionCookieConfig
public SessionCookieConfig getSessionCookieConfig()
Deprecated.
-
getSessionTimeTotal
@ManagedAttribute("total time sessions have remained valid") public long getSessionTimeTotal()
Deprecated.- Returns:
- total amount of time all sessions remained valid
-
getSessionTimeMean
@ManagedAttribute("mean time sessions remain valid (in s)") public double getSessionTimeMean()
Deprecated.- Returns:
- mean amount of time session remained valid
-
getSessionTimeStdDev
@ManagedAttribute("standard deviation a session remained valid (in s)") public double getSessionTimeStdDev()
Deprecated.- Returns:
- standard deviation of amount of time session remained valid
-
isCheckingRemoteSessionIdEncoding
@ManagedAttribute("check remote session id encoding") public boolean isCheckingRemoteSessionIdEncoding()
Deprecated.- Returns:
- True if absolute URLs are check for remoteness before being session encoded.
-
setCheckingRemoteSessionIdEncoding
public void setCheckingRemoteSessionIdEncoding(boolean remote)
Deprecated.- Parameters:
remote
- True if absolute URLs are check for remoteness before being session encoded.
-
renewSessionId
public void renewSessionId(java.lang.String oldId, java.lang.String oldExtendedId, java.lang.String newId, java.lang.String newExtendedId)
Deprecated.Change the existing session id.- Parameters:
oldId
- the old session idoldExtendedId
- the session id including worker suffixnewId
- the new session idnewExtendedId
- the new session id including worker suffix
-
invalidate
public void invalidate(java.lang.String id)
Deprecated.Called by SessionIdManager to remove a session that has been invalidated, either by this context or another context. Also called by SessionIdManager when a session has expired in either this context or another context.- Parameters:
id
- the session id to invalidate
-
scavenge
public void scavenge()
Deprecated.Called periodically by the HouseKeeper to handle the list of sessions that have expired since the last call to scavenge.
-
sessionInactivityTimerExpired
@Deprecated public void sessionInactivityTimerExpired(Session session)
Deprecated.
-
sessionInactivityTimerExpired
public void sessionInactivityTimerExpired(Session session, long now)
Deprecated.Each session has a timer that is configured to go off when either the session has not been accessed for a configurable amount of time, or the session itself has passed its expiry. If it has passed its expiry, then we will mark it for scavenging by next run of the HouseKeeper; if it has been idle longer than the configured eviction period, we evict from the cache. If none of the above are true, then the System timer is inconsistent and the caller of this method will need to reset the timer.- Parameters:
session
- the sessionnow
- the time at which to check for expiry
-
isIdInUse
public boolean isIdInUse(java.lang.String id) throws java.lang.Exception
Deprecated.Check if id is in use by this context- Parameters:
id
- identity of session to check- Returns:
true
if this manager knows about this id- Throws:
java.lang.Exception
- if any error occurred
-
getScheduler
public Scheduler getScheduler()
Deprecated.
-
getSessionCookieName
public static java.lang.String getSessionCookieName(SessionCookieConfig config)
Deprecated.
-
doSessionAttributeListeners
public void doSessionAttributeListeners(Session session, java.lang.String name, java.lang.Object old, java.lang.Object value)
Deprecated.
-
doScope
public void doScope(java.lang.String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws java.io.IOException, ServletException
Deprecated.Description copied from class:ScopedHandler
Scope the handlerDerived implementations should call
ScopedHandler.nextScope(String, Request, HttpServletRequest, HttpServletResponse)
- Overrides:
doScope
in classScopedHandler
- Parameters:
target
- The target of the request - either a URI or a name.baseRequest
- The original unwrapped request object.request
- The request either as theRequest
object or a wrapper of that request. The
method can be used access the Request object if required.HttpConnection.getCurrentConnection()
.getHttpChannel()
.getRequest()
response
- The response as theResponse
object or a wrapper of that request. The
method can be used access the Response object if required.HttpConnection.getCurrentConnection()
.getHttpChannel()
.getResponse()
- Throws:
java.io.IOException
- if unable to handle the request or response processingServletException
- if unable to handle the request or response due to underlying servlet issue
-
doHandle
public void doHandle(java.lang.String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws java.io.IOException, ServletException
Deprecated.Description copied from class:ScopedHandler
Do the handler work within the scope.Derived implementations should call
ScopedHandler.nextHandle(String, Request, HttpServletRequest, HttpServletResponse)
- Specified by:
doHandle
in classScopedHandler
- Parameters:
target
- The target of the request - either a URI or a name.baseRequest
- The original unwrapped request object.request
- The request either as theRequest
object or a wrapper of that request. The
method can be used access the Request object if required.HttpConnection.getCurrentConnection()
.getHttpChannel()
.getRequest()
response
- The response as theResponse
object or a wrapper of that request. The
method can be used access the Response object if required.HttpConnection.getCurrentConnection()
.getHttpChannel()
.getResponse()
- Throws:
java.io.IOException
- if unable to handle the request or response processingServletException
- if unable to handle the request or response due to underlying servlet issue
-
toString
public java.lang.String toString()
Deprecated.- Overrides:
toString
in classAbstractLifeCycle
- See Also:
Object.toString()
-
-