org.eclipse.jetty.server.session
类 AbstractSessionManager

java.lang.Object
  org.eclipse.jetty.util.component.AbstractLifeCycle
      org.eclipse.jetty.server.session.AbstractSessionManager

所有已实现的接口：

SessionManager, LifeCycle

直接已知子类：

HashSessionManager, JDBCSessionManager

public abstract class AbstractSessionManager
extends AbstractLifeCycle
implements SessionManager

An Abstract implementation of SessionManager. The partial implementation of SessionManager interface provides the majority of the handling required to implement a SessionManager. Concrete implementations of SessionManager based on AbstractSessionManager need only implement the newSession method to return a specialised version of the Session inner class that provides an attribute Map.

嵌套类摘要

static interface

AbstractSessionManager.SessionIf Interface that any session wrapper should implement so that SessionManager may access the Jetty session implementation.

从类 org.eclipse.jetty.util.component.AbstractLifeCycle 继承的嵌套类/接口

AbstractLifeCycle.AbstractLifeCycleListener

从接口 org.eclipse.jetty.util.component.LifeCycle 继承的嵌套类/接口

LifeCycle.Listener

字段摘要

Set<SessionTrackingMode>	__defaultSessionTrackingModes
static int	__distantFuture
protected boolean	_checkingRemoteSessionIdEncoding
protected ContextHandler.Context	_context
protected int	_dftMaxIdleSecs
protected boolean	_httpOnly
protected ClassLoader	_loader
protected int	_maxCookieAge
protected boolean	_nodeIdInSessionId
protected int	_refreshCookieAge
protected boolean	_secureCookies
protected boolean	_secureRequestOnly
protected List<HttpSessionAttributeListener>	_sessionAttributeListeners
protected String	_sessionComment
protected String	_sessionCookie
protected String	_sessionDomain
protected SessionHandler	_sessionHandler
protected SessionIdManager	_sessionIdManager
protected String	_sessionIdPathParameterName
protected String	_sessionIdPathParameterNamePrefix
protected List<HttpSessionListener>	_sessionListeners
protected String	_sessionPath
protected CounterStatistic	_sessionsStats
protected SampleStatistic	_sessionTimeStats
Set<SessionTrackingMode>	_sessionTrackingModes
static String	SESSION_KNOWN_ONLY_TO_AUTHENTICATED

从类 org.eclipse.jetty.util.component.AbstractLifeCycle 继承的字段

_listeners, FAILED, RUNNING, STARTED, STARTING, STOPPED, STOPPING

从接口 org.eclipse.jetty.server.SessionManager 继承的字段

__CheckRemoteSessionEncoding, __DefaultSessionCookie, __DefaultSessionDomain, __DefaultSessionIdPathParameterName, __MaxAgeProperty, __SessionCookieProperty, __SessionDomainProperty, __SessionIdPathParameterNameProperty, __SessionPathProperty

构造方法摘要

AbstractSessionManager()

方法摘要

HttpCookie	access(HttpSession session, boolean secure) Called by the SessionHandler when a session is first accessed by a request.
void	addEventListener(EventListener listener) Adds an event listener for session-related events.
protected abstract void	addSession(AbstractSession session)
protected void	addSession(AbstractSession session, boolean created) Add the session Registers the session with this manager and registers the session ID with the sessionIDManager;
void	clearEventListeners() Removes all event listeners for session-related events.
void	complete(HttpSession session) Called by the SessionHandler when a session is last accessed by a request.
void	doSessionAttributeListeners(AbstractSession session, String name, Object old, Object value)
void	doStart()
void	doStop()
String	getClusterId(HttpSession session)
ContextHandler.Context	getContext()
ContextHandler	getContextHandler()
Set<SessionTrackingMode>	getDefaultSessionTrackingModes()
Set<SessionTrackingMode>	getEffectiveSessionTrackingModes()
boolean	getHttpOnly()
HttpSession	getHttpSession(String nodeId) Returns the HttpSession with the given session id
SessionIdManager	getIdManager() 已过时。 Use getSessionIdManager()
int	getMaxCookieAge()
int	getMaxInactiveInterval()
int	getMaxSessions() 已过时。
SessionIdManager	getMetaManager() 已过时。 use getSessionIdManager()
int	getMinSessions() 已过时。 always returns 0. no replacement available.
String	getNodeId(HttpSession session)
int	getRefreshCookieAge()
boolean	getSecureCookies()
abstract AbstractSession	getSession(String idInCluster) Get a known existing session
String	getSessionCookie()
HttpCookie	getSessionCookie(HttpSession session, String contextPath, boolean requestIsSecure) A sessioncookie is marked as secure IFF any of the following conditions are true: SessionCookieConfig.setSecure == true SessionCookieConfig.setSecure == false && _secureRequestOnly==true && request is HTTPS According to SessionCookieConfig javadoc, case 1 can be used when: "... even though the request that initiated the session came over HTTP, is to support a topology where the web container is front-ended by an SSL offloading load balancer.
SessionCookieConfig	getSessionCookieConfig()
String	getSessionDomain()
SessionHandler	getSessionHandler()
SessionIdManager	getSessionIdManager()
String	getSessionIdPathParameterName()
String	getSessionIdPathParameterNamePrefix()
Map	getSessionMap() 已过时。 Need to review if it is needed.
String	getSessionPath()
int	getSessions()
int	getSessionsMax()
int	getSessionsTotal()
long	getSessionTimeMax()
double	getSessionTimeMean()
double	getSessionTimeStdDev()
long	getSessionTimeTotal()
protected abstract void	invalidateSessions()
boolean	isCheckingRemoteSessionIdEncoding()
boolean	isNodeIdInSessionId()
boolean	isSecureRequestOnly()
boolean	isUsingCookies()
boolean	isUsingURLs()
boolean	isValid(HttpSession session)
HttpSession	newHttpSession(HttpServletRequest request) Create a new HttpSession for a request
protected abstract AbstractSession	newSession(HttpServletRequest request) Create a new session instance
void	removeEventListener(EventListener listener) Removes an event listener for for session-related events.
void	removeSession(AbstractSession session, boolean invalidate) Remove session from manager
void	removeSession(HttpSession session, boolean invalidate) Remove session from manager
protected abstract boolean	removeSession(String idInCluster)
static HttpSession	renewSession(HttpServletRequest request, HttpSession httpSession, boolean authenticated)
void	resetStats() 已过时。
void	setCheckingRemoteSessionIdEncoding(boolean remote)
void	setHttpOnly(boolean httpOnly)
void	setIdManager(SessionIdManager metaManager) 已过时。 use setSessionIdManager(SessionIdManager)
void	setMaxInactiveInterval(int seconds) Sets the max period of inactivity, after which the session is invalidated, in seconds.
void	setNodeIdInSessionId(boolean nodeIdInSessionId)
void	setRefreshCookieAge(int ageInSeconds)
void	setSecureRequestOnly(boolean secureRequestOnly)
void	setSessionCookie(String cookieName)
void	setSessionHandler(SessionHandler sessionHandler) Sets the SessionHandler.
void	setSessionIdManager(SessionIdManager metaManager) Sets the cross context session id manager
void	setSessionIdPathParameterName(String param) Sets the session id URL path parameter name.
void	setSessionTrackingModes(Set<SessionTrackingMode> sessionTrackingModes)
void	setUsingCookies(boolean usingCookies)
void	statsReset() Reset statistics values

从类 org.eclipse.jetty.util.component.AbstractLifeCycle 继承的方法

addLifeCycleListener, getState, getState, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, removeLifeCycleListener, start, stop

从类 java.lang.Object 继承的方法

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

从接口 org.eclipse.jetty.util.component.LifeCycle 继承的方法

addLifeCycleListener, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, removeLifeCycleListener, start, stop

字段详细信息

__defaultSessionTrackingModes

public Set<SessionTrackingMode> __defaultSessionTrackingModes

SESSION_KNOWN_ONLY_TO_AUTHENTICATED

public static final String SESSION_KNOWN_ONLY_TO_AUTHENTICATED

另请参见：

常量字段值

__distantFuture

public static final int __distantFuture

另请参见：

常量字段值

_dftMaxIdleSecs

protected int _dftMaxIdleSecs

_sessionHandler

protected SessionHandler _sessionHandler

_httpOnly

protected boolean _httpOnly

_sessionIdManager

protected SessionIdManager _sessionIdManager

_secureCookies

protected boolean _secureCookies

_secureRequestOnly

protected boolean _secureRequestOnly

_sessionAttributeListeners

protected final List<HttpSessionAttributeListener> _sessionAttributeListeners

_sessionListeners

protected final List<HttpSessionListener> _sessionListeners

_loader

protected ClassLoader _loader

_context

protected ContextHandler.Context _context

_sessionCookie

protected String _sessionCookie

_sessionIdPathParameterName

protected String _sessionIdPathParameterName

_sessionIdPathParameterNamePrefix

protected String _sessionIdPathParameterNamePrefix

_sessionDomain

protected String _sessionDomain

_sessionPath

protected String _sessionPath

_maxCookieAge

protected int _maxCookieAge

_refreshCookieAge

protected int _refreshCookieAge

_nodeIdInSessionId

protected boolean _nodeIdInSessionId

_checkingRemoteSessionIdEncoding

protected boolean _checkingRemoteSessionIdEncoding

_sessionComment

protected String _sessionComment

_sessionTrackingModes

public Set<SessionTrackingMode> _sessionTrackingModes

_sessionsStats

protected final CounterStatistic _sessionsStats

_sessionTimeStats

protected final SampleStatistic _sessionTimeStats

构造方法详细信息

AbstractSessionManager

public AbstractSessionManager()

方法详细信息

renewSession

public static HttpSession renewSession(HttpServletRequest request,
                                       HttpSession httpSession,
                                       boolean authenticated)

getContext

public ContextHandler.Context getContext()

getContextHandler

public ContextHandler getContextHandler()

getSessionPath

public String getSessionPath()

getMaxCookieAge

public int getMaxCookieAge()

access

public HttpCookie access(HttpSession session,
                         boolean secure)

从接口 SessionManager 复制的描述

Called by the SessionHandler when a session is first accessed by a request.

指定者：

接口 SessionManager 中的 access

参数：

session - the session object

secure - whether the request is secure or not

返回：

the session cookie. If not null, this cookie should be set on the response to either migrate the session or to refresh a session cookie that may expire.

另请参见：

SessionManager.complete(HttpSession)

addEventListener

public void addEventListener(EventListener listener)

从接口 SessionManager 复制的描述

Adds an event listener for session-related events.

指定者：

接口 SessionManager 中的 addEventListener

参数：

listener - the session event listener to add Individual SessionManagers implementations may accept arbitrary listener types, but they are expected to at least handle HttpSessionActivationListener, HttpSessionAttributeListener, HttpSessionBindingListener and HttpSessionListener.

另请参见：

SessionManager.removeEventListener(EventListener)

clearEventListeners

public void clearEventListeners()

从接口 SessionManager 复制的描述

Removes all event listeners for session-related events.

指定者：

接口 SessionManager 中的 clearEventListeners

另请参见：

SessionManager.removeEventListener(EventListener)

complete

public void complete(HttpSession session)

从接口 SessionManager 复制的描述

Called by the SessionHandler when a session is last accessed by a request.

指定者：

接口 SessionManager 中的 complete

参数：

session - the session object

另请参见：

SessionManager.access(HttpSession, boolean)

doStart

public void doStart()
             throws Exception

覆盖：

类 AbstractLifeCycle 中的 doStart

抛出：

Exception

doStop

public void doStop()
            throws Exception

覆盖：

类 AbstractLifeCycle 中的 doStop

抛出：

Exception

getHttpOnly

public boolean getHttpOnly()

指定者：

接口 SessionManager 中的 getHttpOnly

返回：

Returns the httpOnly.

另请参见：

HttpCookie.isHttpOnly()

getHttpSession

public HttpSession getHttpSession(String nodeId)

从接口 SessionManager 复制的描述

Returns the HttpSession with the given session id

指定者：

接口 SessionManager 中的 getHttpSession

参数：

nodeId - the session id

返回：

the HttpSession with the corresponding id or null if no session with the given id exists

getIdManager

public SessionIdManager getIdManager()

已过时。 Use getSessionIdManager()

返回：

Returns the metaManager used for cross context session management

getSessionIdManager

public SessionIdManager getSessionIdManager()

指定者：

接口 SessionManager 中的 getSessionIdManager

返回：

Returns the SessionIdManager used for cross context session management

另请参见：

SessionManager.setSessionIdManager(SessionIdManager)

getMaxInactiveInterval

public int getMaxInactiveInterval()

指定者：

接口 SessionManager 中的 getMaxInactiveInterval

返回：

seconds

另请参见：

SessionManager.setMaxInactiveInterval(int)

getMaxSessions

@Deprecated
public int getMaxSessions()

已过时。

另请参见：

getSessionsMax()

getSessionsMax

public int getSessionsMax()

返回：

maximum number of sessions

getSessionsTotal

public int getSessionsTotal()

返回：

total number of sessions

getMetaManager

@Deprecated
public SessionIdManager getMetaManager()

已过时。 use getSessionIdManager()

指定者：

接口 SessionManager 中的 getMetaManager

返回：

the cross context session id manager.

getMinSessions

@Deprecated
public int getMinSessions()

已过时。 always returns 0. no replacement available.

getRefreshCookieAge

public int getRefreshCookieAge()

getSecureCookies

public boolean getSecureCookies()

返回：

same as SessionCookieConfig.getSecure(). If true, session cookies are ALWAYS marked as secure. If false, a session cookie is ONLY marked as secure if _secureRequestOnly == true and it is a HTTPS request.

isSecureRequestOnly

public boolean isSecureRequestOnly()

返回：

true if session cookie is to be marked as secure only on HTTPS requests

setSecureRequestOnly

public void setSecureRequestOnly(boolean secureRequestOnly)

getSessionCookie

public String getSessionCookie()

getSessionCookie

public HttpCookie getSessionCookie(HttpSession session,
                                   String contextPath,
                                   boolean requestIsSecure)

A sessioncookie is marked as secure IFF any of the following conditions are true:

1. SessionCookieConfig.setSecure == true
2. SessionCookieConfig.setSecure == false && _secureRequestOnly==true && request is HTTPS

According to SessionCookieConfig javadoc, case 1 can be used when: "... even though the request that initiated the session came over HTTP, is to support a topology where the web container is front-ended by an SSL offloading load balancer. In this case, the traffic between the client and the load balancer will be over HTTPS, whereas the traffic between the load balancer and the web container will be over HTTP." For case 2, you can use _secureRequestOnly to determine if you want the Servlet Spec 3.0 default behaviour when SessionCookieConfig.setSecure==false, which is: "they shall be marked as secure only if the request that initiated the corresponding session was also secure" The default for _secureRequestOnly is true, which gives the above behaviour. If you set it to false, then a session cookie is NEVER marked as secure, even if the initiating request was secure.

指定者：

接口 SessionManager 中的 getSessionCookie

参数：

session - the session to which the cookie should refer.

contextPath - the context to which the cookie should be linked. The client will only send the cookie value when requesting resources under this path.

requestIsSecure - whether the client is accessing the server over a secure protocol (i.e. HTTPS).

返回：

if this SessionManager uses cookies, then this method will return a new cookie object that should be set on the client in order to link future HTTP requests with the session. If cookies are not in use, this method returns null.

另请参见：

SessionManager.getSessionCookie(javax.servlet.http.HttpSession, java.lang.String, boolean)

getSessionDomain

public String getSessionDomain()

getSessionHandler

public SessionHandler getSessionHandler()

返回：

Returns the sessionHandler.

getSessionMap

public Map getSessionMap()

已过时。 Need to review if it is needed.

getSessions

public int getSessions()

getSessionIdPathParameterName

public String getSessionIdPathParameterName()

指定者：

接口 SessionManager 中的 getSessionIdPathParameterName

返回：

the URL path parameter name for session id URL rewriting, by default "jsessionid".

另请参见：

SessionManager.setSessionIdPathParameterName(String)

getSessionIdPathParameterNamePrefix

public String getSessionIdPathParameterNamePrefix()

指定者：

接口 SessionManager 中的 getSessionIdPathParameterNamePrefix

返回：

a formatted version of SessionManager.getSessionIdPathParameterName(), by default ";" + sessionIdParameterName + "=", for easier lookup in URL strings.

另请参见：

SessionManager.getSessionIdPathParameterName()

isUsingCookies

public boolean isUsingCookies()

指定者：

接口 SessionManager 中的 isUsingCookies

返回：

Returns the usingCookies.

isValid

public boolean isValid(HttpSession session)

指定者：

接口 SessionManager 中的 isValid

参数：

session - the session to test for validity

返回：

whether the given session is valid, that is, it has not been invalidated.

getClusterId

public String getClusterId(HttpSession session)

指定者：

接口 SessionManager 中的 getClusterId

参数：

session - the session object

返回：

the unique id of the session within the cluster (without a node id extension)

另请参见：

SessionManager.getNodeId(HttpSession)

getNodeId

public String getNodeId(HttpSession session)

指定者：

接口 SessionManager 中的 getNodeId

参数：

session - the session object

返回：

the unique id of the session within the cluster, extended with an optional node id.

另请参见：

SessionManager.getClusterId(HttpSession)

newHttpSession

public HttpSession newHttpSession(HttpServletRequest request)

Create a new HttpSession for a request

指定者：

接口 SessionManager 中的 newHttpSession

参数：

request - the HttpServletRequest containing the requested session id

返回：

the new HttpSession

removeEventListener

public void removeEventListener(EventListener listener)

从接口 SessionManager 复制的描述

Removes an event listener for for session-related events.

指定者：

接口 SessionManager 中的 removeEventListener

参数：

listener - the session event listener to remove

另请参见：

SessionManager.addEventListener(EventListener)

resetStats

@Deprecated
public void resetStats()

已过时。

另请参见：

statsReset()

statsReset

public void statsReset()

Reset statistics values

setHttpOnly

public void setHttpOnly(boolean httpOnly)

参数：

httpOnly - The httpOnly to set.

setIdManager

public void setIdManager(SessionIdManager metaManager)

已过时。 use setSessionIdManager(SessionIdManager)

参数：

metaManager - The metaManager used for cross context session management.

setSessionIdManager

public void setSessionIdManager(SessionIdManager metaManager)

从接口 SessionManager 复制的描述

Sets the cross context session id manager

指定者：

接口 SessionManager 中的 setSessionIdManager

参数：

metaManager - The metaManager used for cross context session management.

另请参见：

SessionManager.getSessionIdManager()

setMaxInactiveInterval

public void setMaxInactiveInterval(int seconds)

从接口 SessionManager 复制的描述

Sets the max period of inactivity, after which the session is invalidated, in seconds.

指定者：

接口 SessionManager 中的 setMaxInactiveInterval

参数：

seconds -

另请参见：

SessionManager.getMaxInactiveInterval()

setRefreshCookieAge

public void setRefreshCookieAge(int ageInSeconds)

setSessionCookie

public void setSessionCookie(String cookieName)

setSessionHandler

public void setSessionHandler(SessionHandler sessionHandler)

从接口 SessionManager 复制的描述

Sets the SessionHandler.

指定者：

接口 SessionManager 中的 setSessionHandler

参数：

sessionHandler - The sessionHandler to set.

setSessionIdPathParameterName

public void setSessionIdPathParameterName(String param)

从接口 SessionManager 复制的描述

Sets the session id URL path parameter name.

指定者：

接口 SessionManager 中的 setSessionIdPathParameterName

参数：

param - the URL path parameter name for session id URL rewriting (null or "none" for no rewriting).

另请参见：

SessionManager.getSessionIdPathParameterName(), SessionManager.getSessionIdPathParameterNamePrefix()

setUsingCookies

public void setUsingCookies(boolean usingCookies)

参数：

usingCookies - The usingCookies to set.

addSession

protected abstract void addSession(AbstractSession session)

addSession

protected void addSession(AbstractSession session,
                          boolean created)

Add the session Registers the session with this manager and registers the session ID with the sessionIDManager;

getSession

public abstract AbstractSession getSession(String idInCluster)

Get a known existing session

参数：

idInCluster - The session ID in the cluster, stripped of any worker name.

返回：

A Session or null if none exists.

invalidateSessions

protected abstract void invalidateSessions()
                                    throws Exception

抛出：

Exception

newSession

protected abstract AbstractSession newSession(HttpServletRequest request)

Create a new session instance

参数：

request -

返回：

the new session

isNodeIdInSessionId

public boolean isNodeIdInSessionId()

返回：

true if the cluster node id (worker id) is returned as part of the session id by HttpSession.getId(). Default is false.

setNodeIdInSessionId

public void setNodeIdInSessionId(boolean nodeIdInSessionId)

参数：

nodeIdInSessionId - true if the cluster node id (worker id) will be returned as part of the session id by HttpSession.getId(). Default is false.

removeSession

public void removeSession(HttpSession session,
                          boolean invalidate)

Remove session from manager

参数：

session - The session to remove

invalidate - True if HttpSessionListener.sessionDestroyed(HttpSessionEvent) and SessionIdManager.invalidateAll(String) should be called.

removeSession

public void removeSession(AbstractSession session,
                          boolean invalidate)

Remove session from manager

参数：

session - The session to remove

invalidate - True if HttpSessionListener.sessionDestroyed(HttpSessionEvent) and SessionIdManager.invalidateAll(String) should be called.

removeSession

protected abstract boolean removeSession(String idInCluster)

getSessionTimeMax

public long getSessionTimeMax()

返回：

maximum amount of time session remained valid

getDefaultSessionTrackingModes

public Set<SessionTrackingMode> getDefaultSessionTrackingModes()

指定者：

接口 SessionManager 中的 getDefaultSessionTrackingModes

getEffectiveSessionTrackingModes

public Set<SessionTrackingMode> getEffectiveSessionTrackingModes()

指定者：

接口 SessionManager 中的 getEffectiveSessionTrackingModes

setSessionTrackingModes

public void setSessionTrackingModes(Set<SessionTrackingMode> sessionTrackingModes)

指定者：

接口 SessionManager 中的 setSessionTrackingModes

isUsingURLs

public boolean isUsingURLs()

指定者：

接口 SessionManager 中的 isUsingURLs

返回：

whether the session management is handled via URLs.

getSessionCookieConfig

public SessionCookieConfig getSessionCookieConfig()

指定者：

接口 SessionManager 中的 getSessionCookieConfig

getSessionTimeTotal

public long getSessionTimeTotal()

返回：

total amount of time all sessions remained valid

getSessionTimeMean

public double getSessionTimeMean()

返回：

mean amount of time session remained valid

getSessionTimeStdDev

public double getSessionTimeStdDev()

返回：

standard deviation of amount of time session remained valid

isCheckingRemoteSessionIdEncoding

public boolean isCheckingRemoteSessionIdEncoding()

指定者：

接口 SessionManager 中的 isCheckingRemoteSessionIdEncoding

返回：

True if absolute URLs are check for remoteness before being session encoded.

另请参见：

SessionManager.isCheckingRemoteSessionIdEncoding()

setCheckingRemoteSessionIdEncoding

public void setCheckingRemoteSessionIdEncoding(boolean remote)

指定者：

接口 SessionManager 中的 setCheckingRemoteSessionIdEncoding

参数：

remote - True if absolute URLs are check for remoteness before being session encoded.

另请参见：

SessionManager.setCheckingRemoteSessionIdEncoding(boolean)

doSessionAttributeListeners

public void doSessionAttributeListeners(AbstractSession session,
                                        String name,
                                        Object old,
                                        Object value)