Package org.eclipse.jetty.server.session

Class AbstractSessionManager

java.lang.Object

org.eclipse.jetty.util.component.AbstractLifeCycle

org.eclipse.jetty.util.component.ContainerLifeCycle

org.eclipse.jetty.server.session.AbstractSessionManager

All Implemented Interfaces:

SessionManager, org.eclipse.jetty.util.component.LifeCycle

Direct Known Subclasses:

HashSessionManager, JDBCSessionManager

@ManagedObject("Abstract Session Manager")
public abstract class AbstractSessionManager
extends org.eclipse.jetty.util.component.ContainerLifeCycle
implements SessionManager

An Abstract implementation of SessionManager.

The partial implementation of SessionManager interface provides the majority of the handling required to implement a SessionManager. Concrete implementations of SessionManager based on AbstractSessionManager need only implement the newSession method to return a specialized version of the Session inner class that provides an attribute Map.

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
class	AbstractSessionManager.CookieConfig	CookieConfig Implementation of the javax.servlet.SessionCookieConfig.
static interface	AbstractSessionManager.SessionIf	Interface that any session wrapper should implement so that SessionManager may access the Jetty session implementation.

Nested classes/interfaces inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle

org.eclipse.jetty.util.component.AbstractLifeCycle.AbstractLifeCycleListener

Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.Container

org.eclipse.jetty.util.component.Container.InheritedListener, org.eclipse.jetty.util.component.Container.Listener

Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.LifeCycle

org.eclipse.jetty.util.component.LifeCycle.Listener

Field Summary

Fields

Modifier and Type	Field	Description
java.util.Set<javax.servlet.SessionTrackingMode>	__defaultSessionTrackingModes
static int	__distantFuture
protected boolean	_checkingRemoteSessionIdEncoding
protected ContextHandler.Context	_context
protected int	_dftMaxIdleSecs
protected boolean	_httpOnly
protected java.lang.ClassLoader	_loader
protected int	_maxCookieAge
protected boolean	_nodeIdInSessionId
protected int	_refreshCookieAge
protected boolean	_secureCookies
protected boolean	_secureRequestOnly
protected java.util.List<javax.servlet.http.HttpSessionAttributeListener>	_sessionAttributeListeners
protected java.lang.String	_sessionComment
protected java.lang.String	_sessionCookie
protected java.lang.String	_sessionDomain
protected SessionHandler	_sessionHandler
protected java.util.List<javax.servlet.http.HttpSessionIdListener>	_sessionIdListeners
protected SessionIdManager	_sessionIdManager
protected java.lang.String	_sessionIdPathParameterName
protected java.lang.String	_sessionIdPathParameterNamePrefix
protected java.util.List<javax.servlet.http.HttpSessionListener>	_sessionListeners
protected java.lang.String	_sessionPath
protected org.eclipse.jetty.util.statistic.CounterStatistic	_sessionsStats
protected org.eclipse.jetty.util.statistic.SampleStatistic	_sessionTimeStats
java.util.Set<javax.servlet.SessionTrackingMode>	_sessionTrackingModes
static java.math.BigDecimal	MAX_INACTIVE_MINUTES	Web.xml session-timeout is set in minutes, but is stored as an int in seconds by HttpSession and the sessionmanager.

Fields inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle

FAILED, RUNNING, STARTED, STARTING, STOP_ON_FAILURE, STOPPED, STOPPING

Fields inherited from interface org.eclipse.jetty.server.SessionManager

__CheckRemoteSessionEncoding, __DefaultSessionCookie, __DefaultSessionDomain, __DefaultSessionIdPathParameterName, __MaxAgeProperty, __SessionCookieProperty, __SessionDomainProperty, __SessionIdPathParameterNameProperty, __SessionPathProperty

Constructor Summary

Constructors

Constructor	Description
AbstractSessionManager()

Method Summary

Modifier and Type	Method	Description
org.eclipse.jetty.http.HttpCookie	access(javax.servlet.http.HttpSession session, boolean secure)	Called by the SessionHandler when a session is first accessed by a request.
void	addEventListener(java.util.EventListener listener)	Adds an event listener for session-related events.
protected abstract void	addSession(AbstractSession session)
protected void	addSession(AbstractSession session, boolean created)	Add the session Registers the session with this manager and registers the session ID with the sessionIDManager;
void	clearEventListeners()	Removes all event listeners for session-related events.
void	complete(javax.servlet.http.HttpSession session)	Called by the SessionHandler when a session is last accessed by a request.
void	doSessionAttributeListeners(AbstractSession session, java.lang.String name, java.lang.Object old, java.lang.Object value)
void	doStart()
void	doStop()
java.lang.String	getClusterId(javax.servlet.http.HttpSession session)
ContextHandler.Context	getContext()
ContextHandler	getContextHandler()
java.util.Set<javax.servlet.SessionTrackingMode>	getDefaultSessionTrackingModes()
java.util.Set<javax.servlet.SessionTrackingMode>	getEffectiveSessionTrackingModes()
boolean	getHttpOnly()
javax.servlet.http.HttpSession	getHttpSession(java.lang.String nodeId)	Returns the HttpSession with the given session id
int	getMaxCookieAge()
int	getMaxInactiveInterval()
SessionIdManager	getMetaManager()	Deprecated.
java.lang.String	getNodeId(javax.servlet.http.HttpSession session)
int	getRefreshCookieAge()
boolean	getSecureCookies()
abstract AbstractSession	getSession(java.lang.String idInCluster)	Get a known existing session
java.lang.String	getSessionCookie()
org.eclipse.jetty.http.HttpCookie	getSessionCookie(javax.servlet.http.HttpSession session, java.lang.String contextPath, boolean requestIsSecure)	A sessioncookie is marked as secure IFF any of the following conditions are true: SessionCookieConfig.setSecure == true SessionCookieConfig.setSecure == false && _secureRequestOnly==true && request is HTTPS According to SessionCookieConfig javadoc, case 1 can be used when: "...
javax.servlet.SessionCookieConfig	getSessionCookieConfig()
java.lang.String	getSessionDomain()
SessionHandler	getSessionHandler()
SessionIdManager	getSessionIdManager()
java.lang.String	getSessionIdPathParameterName()
java.lang.String	getSessionIdPathParameterNamePrefix()
java.lang.String	getSessionPath()
int	getSessions()
int	getSessionsMax()
int	getSessionsTotal()
long	getSessionTimeMax()
double	getSessionTimeMean()
double	getSessionTimeStdDev()
long	getSessionTimeTotal()
boolean	isCheckingRemoteSessionIdEncoding()
boolean	isNodeIdInSessionId()
boolean	isSecureRequestOnly()
boolean	isUsingCookies()
boolean	isUsingURLs()
boolean	isValid(javax.servlet.http.HttpSession session)
javax.servlet.http.HttpSession	newHttpSession(javax.servlet.http.HttpServletRequest request)	Create a new HttpSession for a request
protected abstract AbstractSession	newSession(javax.servlet.http.HttpServletRequest request)	Create a new session instance
void	removeEventListener(java.util.EventListener listener)	Removes an event listener for for session-related events.
protected abstract boolean	removeSession(java.lang.String idInCluster)
void	removeSession(javax.servlet.http.HttpSession session, boolean invalidate)	Remove session from manager
boolean	removeSession(AbstractSession session, boolean invalidate)	Remove session from manager
void	renewSessionId(java.lang.String oldClusterId, java.lang.String oldNodeId, java.lang.String newClusterId, java.lang.String newNodeId)	Tell the HttpSessionIdListeners the id changed.
void	setCheckingRemoteSessionIdEncoding(boolean remote)
void	setHttpOnly(boolean httpOnly)
void	setMaxInactiveInterval(int seconds)	Sets the max period of inactivity, after which the session is invalidated, in seconds.
void	setNodeIdInSessionId(boolean nodeIdInSessionId)
void	setRefreshCookieAge(int ageInSeconds)
void	setSecureRequestOnly(boolean secureRequestOnly)	HTTPS request.
void	setSessionCookie(java.lang.String cookieName)
void	setSessionHandler(SessionHandler sessionHandler)	Sets the SessionHandler.
void	setSessionIdManager(SessionIdManager metaManager)	Sets the cross context session id manager
void	setSessionIdPathParameterName(java.lang.String param)	Sets the session id URL path parameter name.
void	setSessionTrackingModes(java.util.Set<javax.servlet.SessionTrackingMode> sessionTrackingModes)
void	setUsingCookies(boolean usingCookies)
protected abstract void	shutdownSessions()	Prepare sessions for session manager shutdown
void	statsReset()	Reset statistics values

Methods inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle

addLifeCycleListener, getState, getState, getStopTimeout, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, removeLifeCycleListener, start, stop

Methods inherited from class org.eclipse.jetty.util.component.ContainerLifeCycle

addBean, addBean, addBean, addEventListener, addManaged, contains, destroy, dump, dump, dump, dump, dump, dumpBeans, dumpObject, dumpStdErr, dumpThis, getBean, getBeans, getBeans, isManaged, manage, removeBean, removeBeans, removeEventListener, setBeans, setStopTimeout, start, stop, unmanage, updateBean, updateBean, updateBeans

Methods inherited from interface org.eclipse.jetty.util.component.LifeCycle

addLifeCycleListener, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, removeLifeCycleListener, start, stop

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

__defaultSessionTrackingModes

public java.util.Set<javax.servlet.SessionTrackingMode> __defaultSessionTrackingModes

__distantFuture

public static final int __distantFuture

See Also:

Constant Field Values

MAX_INACTIVE_MINUTES

public static final java.math.BigDecimal MAX_INACTIVE_MINUTES

Web.xml session-timeout is set in minutes, but is stored as an int in seconds by HttpSession and the sessionmanager. Thus MAX_INT is the max number of seconds that can be set, and MAX_INT/60 is the max number of minutes that you can set.

_dftMaxIdleSecs

protected int _dftMaxIdleSecs

_sessionHandler

protected SessionHandler _sessionHandler

_httpOnly

protected boolean _httpOnly

_sessionIdManager

protected SessionIdManager _sessionIdManager

_secureCookies

protected boolean _secureCookies

_secureRequestOnly

protected boolean _secureRequestOnly

_sessionAttributeListeners

protected final java.util.List<javax.servlet.http.HttpSessionAttributeListener> _sessionAttributeListeners

_sessionListeners

protected final java.util.List<javax.servlet.http.HttpSessionListener> _sessionListeners

_sessionIdListeners

protected final java.util.List<javax.servlet.http.HttpSessionIdListener> _sessionIdListeners

_loader

protected java.lang.ClassLoader _loader

_context

protected ContextHandler.Context _context

_sessionCookie

protected java.lang.String _sessionCookie

_sessionIdPathParameterName

protected java.lang.String _sessionIdPathParameterName

_sessionIdPathParameterNamePrefix

protected java.lang.String _sessionIdPathParameterNamePrefix

_sessionDomain

protected java.lang.String _sessionDomain

_sessionPath

protected java.lang.String _sessionPath

_maxCookieAge

protected int _maxCookieAge

_refreshCookieAge

protected int _refreshCookieAge

_nodeIdInSessionId

protected boolean _nodeIdInSessionId

_checkingRemoteSessionIdEncoding

protected boolean _checkingRemoteSessionIdEncoding

_sessionComment

protected java.lang.String _sessionComment

_sessionTrackingModes

public java.util.Set<javax.servlet.SessionTrackingMode> _sessionTrackingModes

_sessionsStats

protected final org.eclipse.jetty.util.statistic.CounterStatistic _sessionsStats

_sessionTimeStats

protected final org.eclipse.jetty.util.statistic.SampleStatistic _sessionTimeStats

Constructor Detail

AbstractSessionManager

public AbstractSessionManager()

Method Detail

getContext

public ContextHandler.Context getContext()

getContextHandler

public ContextHandler getContextHandler()

getSessionPath

@ManagedAttribute("path of the session cookie, or null for default")
public java.lang.String getSessionPath()

getMaxCookieAge

@ManagedAttribute("if greater the zero, the time in seconds a session cookie will last for")
public int getMaxCookieAge()

access

public org.eclipse.jetty.http.HttpCookie access(javax.servlet.http.HttpSession session,
                                                boolean secure)

Description copied from interface: SessionManager

Called by the SessionHandler when a session is first accessed by a request.

Specified by:

access in interface SessionManager

Parameters:

session - the session object

secure - whether the request is secure or not

Returns:

the session cookie. If not null, this cookie should be set on the response to either migrate the session or to refresh a session cookie that may expire.

See Also:

SessionManager.complete(HttpSession)

addEventListener

public void addEventListener(java.util.EventListener listener)

Description copied from interface: SessionManager

Adds an event listener for session-related events.

Specified by:

addEventListener in interface SessionManager

Parameters:

listener - the session event listener to add Individual SessionManagers implementations may accept arbitrary listener types, but they are expected to at least handle HttpSessionActivationListener, HttpSessionAttributeListener, HttpSessionBindingListener and HttpSessionListener.

See Also:

SessionManager.removeEventListener(EventListener)

clearEventListeners

public void clearEventListeners()

Description copied from interface: SessionManager

Removes all event listeners for session-related events.

Specified by:

clearEventListeners in interface SessionManager

See Also:

SessionManager.removeEventListener(EventListener)

complete

public void complete(javax.servlet.http.HttpSession session)

Description copied from interface: SessionManager

Called by the SessionHandler when a session is last accessed by a request.

Specified by:

complete in interface SessionManager

Parameters:

session - the session object

See Also:

SessionManager.access(HttpSession, boolean)

doStart

public void doStart()
             throws java.lang.Exception

Overrides:

doStart in class org.eclipse.jetty.util.component.ContainerLifeCycle

Throws:

java.lang.Exception

doStop

public void doStop()
            throws java.lang.Exception

Overrides:

doStop in class org.eclipse.jetty.util.component.ContainerLifeCycle

Throws:

java.lang.Exception

getHttpOnly

@ManagedAttribute("true if cookies use the http only flag")
public boolean getHttpOnly()

Specified by:

getHttpOnly in interface SessionManager

Returns:

Returns the httpOnly.

See Also:

HttpCookie.isHttpOnly()

getHttpSession

public javax.servlet.http.HttpSession getHttpSession(java.lang.String nodeId)

Description copied from interface: SessionManager

Returns the HttpSession with the given session id

Specified by:

getHttpSession in interface SessionManager

Parameters:

nodeId - the session id

Returns:

the HttpSession with the corresponding id or null if no session with the given id exists

getSessionIdManager

@ManagedAttribute("Session ID Manager")
public SessionIdManager getSessionIdManager()

Specified by:

getSessionIdManager in interface SessionManager

Returns:

Returns the SessionIdManager used for cross context session management

See Also:

SessionManager.setSessionIdManager(SessionIdManager)

getMaxInactiveInterval

@ManagedAttribute("defailt maximum time a session may be idle for (in s)")
public int getMaxInactiveInterval()

Specified by:

getMaxInactiveInterval in interface SessionManager

Returns:

seconds

See Also:

SessionManager.setMaxInactiveInterval(int)

getSessionsMax

@ManagedAttribute("maximum number of simultaneous sessions")
public int getSessionsMax()

Returns:

maximum number of sessions

getSessionsTotal

@ManagedAttribute("total number of sessions")
public int getSessionsTotal()

Returns:

total number of sessions

getRefreshCookieAge

@ManagedAttribute("time before a session cookie is re-set (in s)")
public int getRefreshCookieAge()

getSecureCookies

@ManagedAttribute("if true, secure cookie flag is set on session cookies")
public boolean getSecureCookies()

Returns:

same as SessionCookieConfig.getSecure(). If true, session cookies are ALWAYS marked as secure. If false, a session cookie is ONLY marked as secure if _secureRequestOnly == true and it is a HTTPS request.

isSecureRequestOnly

public boolean isSecureRequestOnly()

Returns:

true if session cookie is to be marked as secure only on HTTPS requests

setSecureRequestOnly

public void setSecureRequestOnly(boolean secureRequestOnly)

HTTPS request. Can be overridden by setting SessionCookieConfig.setSecure(true), in which case the session cookie will be marked as secure on both HTTPS and HTTP.

Parameters:

secureRequestOnly - true to set Session Cookie Config as secure

getSessionCookie

@ManagedAttribute("the set session cookie")
public java.lang.String getSessionCookie()

getSessionCookie

public org.eclipse.jetty.http.HttpCookie getSessionCookie(javax.servlet.http.HttpSession session,
                                                          java.lang.String contextPath,
                                                          boolean requestIsSecure)

A sessioncookie is marked as secure IFF any of the following conditions are true:

1. SessionCookieConfig.setSecure == true
2. SessionCookieConfig.setSecure == false && _secureRequestOnly==true && request is HTTPS

According to SessionCookieConfig javadoc, case 1 can be used when: "... even though the request that initiated the session came over HTTP, is to support a topology where the web container is front-ended by an SSL offloading load balancer. In this case, the traffic between the client and the load balancer will be over HTTPS, whereas the traffic between the load balancer and the web container will be over HTTP."

For case 2, you can use _secureRequestOnly to determine if you want the Servlet Spec 3.0 default behavior when SessionCookieConfig.setSecure==false, which is: "they shall be marked as secure only if the request that initiated the corresponding session was also secure"

The default for _secureRequestOnly is true, which gives the above behavior. If you set it to false, then a session cookie is NEVER marked as secure, even if the initiating request was secure.

Specified by:

getSessionCookie in interface SessionManager

Parameters:

session - the session to which the cookie should refer.

contextPath - the context to which the cookie should be linked. The client will only send the cookie value when requesting resources under this path.

requestIsSecure - whether the client is accessing the server over a secure protocol (i.e. HTTPS).

Returns:

if this SessionManager uses cookies, then this method will return a new cookie object that should be set on the client in order to link future HTTP requests with the session. If cookies are not in use, this method returns null.

See Also:

SessionManager.getSessionCookie(javax.servlet.http.HttpSession, java.lang.String, boolean)

getSessionDomain

@ManagedAttribute("domain of the session cookie, or null for the default")
public java.lang.String getSessionDomain()

getSessionHandler

public SessionHandler getSessionHandler()

Returns:

Returns the sessionHandler.

getSessions

@ManagedAttribute("number of currently active sessions")
public int getSessions()

getSessionIdPathParameterName

@ManagedAttribute("name of use for URL session tracking")
public java.lang.String getSessionIdPathParameterName()

Specified by:

getSessionIdPathParameterName in interface SessionManager

Returns:

the URL path parameter name for session id URL rewriting, by default "jsessionid".

See Also:

SessionManager.setSessionIdPathParameterName(String)

getSessionIdPathParameterNamePrefix

public java.lang.String getSessionIdPathParameterNamePrefix()

Specified by:

getSessionIdPathParameterNamePrefix in interface SessionManager

Returns:

a formatted version of SessionManager.getSessionIdPathParameterName(), by default ";" + sessionIdParameterName + "=", for easier lookup in URL strings.

See Also:

SessionManager.getSessionIdPathParameterName()

isUsingCookies

public boolean isUsingCookies()

Specified by:

isUsingCookies in interface SessionManager

Returns:

Returns the usingCookies.

isValid

public boolean isValid(javax.servlet.http.HttpSession session)

Specified by:

isValid in interface SessionManager

Parameters:

session - the session to test for validity

Returns:

whether the given session is valid, that is, it has not been invalidated.

getClusterId

public java.lang.String getClusterId(javax.servlet.http.HttpSession session)

Specified by:

getClusterId in interface SessionManager

Parameters:

session - the session object

Returns:

the unique id of the session within the cluster (without a node id extension)

See Also:

SessionManager.getNodeId(HttpSession)

getNodeId

public java.lang.String getNodeId(javax.servlet.http.HttpSession session)

Specified by:

getNodeId in interface SessionManager

Parameters:

session - the session object

Returns:

the unique id of the session within the cluster, extended with an optional node id.

See Also:

SessionManager.getClusterId(HttpSession)

newHttpSession

public javax.servlet.http.HttpSession newHttpSession(javax.servlet.http.HttpServletRequest request)

Create a new HttpSession for a request

Specified by:

newHttpSession in interface SessionManager

Parameters:

request - the HttpServletRequest containing the requested session id

Returns:

the new HttpSession

removeEventListener

public void removeEventListener(java.util.EventListener listener)

Description copied from interface: SessionManager

Removes an event listener for for session-related events.

Specified by:

removeEventListener in interface SessionManager

Parameters:

listener - the session event listener to remove

See Also:

SessionManager.addEventListener(EventListener)

statsReset

@ManagedOperation(value="reset statistics",
                  impact="ACTION")
public void statsReset()

Reset statistics values

setHttpOnly

public void setHttpOnly(boolean httpOnly)

Parameters:

httpOnly - The httpOnly to set.

setSessionIdManager

public void setSessionIdManager(SessionIdManager metaManager)

Description copied from interface: SessionManager

Sets the cross context session id manager

Specified by:

setSessionIdManager in interface SessionManager

Parameters:

metaManager - The metaManager used for cross context session management.

See Also:

SessionManager.getSessionIdManager()

setMaxInactiveInterval

public void setMaxInactiveInterval(int seconds)

Description copied from interface: SessionManager

Sets the max period of inactivity, after which the session is invalidated, in seconds.

Specified by:

setMaxInactiveInterval in interface SessionManager

Parameters:

seconds - the max inactivity period, in seconds.

See Also:

SessionManager.getMaxInactiveInterval()

setRefreshCookieAge

public void setRefreshCookieAge(int ageInSeconds)

setSessionCookie

public void setSessionCookie(java.lang.String cookieName)

setSessionHandler

public void setSessionHandler(SessionHandler sessionHandler)

Description copied from interface: SessionManager

Sets the SessionHandler.

Specified by:

setSessionHandler in interface SessionManager

Parameters:

sessionHandler - The sessionHandler to set.

setSessionIdPathParameterName

public void setSessionIdPathParameterName(java.lang.String param)

Description copied from interface: SessionManager

Sets the session id URL path parameter name.

Specified by:

setSessionIdPathParameterName in interface SessionManager

Parameters:

param - the URL path parameter name for session id URL rewriting (null or "none" for no rewriting).

See Also:

SessionManager.getSessionIdPathParameterName(), SessionManager.getSessionIdPathParameterNamePrefix()

setUsingCookies

public void setUsingCookies(boolean usingCookies)

Parameters:

usingCookies - The usingCookies to set.

addSession

protected abstract void addSession(AbstractSession session)

addSession

protected void addSession(AbstractSession session,
                          boolean created)

Add the session Registers the session with this manager and registers the session ID with the sessionIDManager;

Parameters:

session - the session

created - true if session was created

getSession

public abstract AbstractSession getSession(java.lang.String idInCluster)

Get a known existing session

Parameters:

idInCluster - The session ID in the cluster, stripped of any worker name.

Returns:

A Session or null if none exists.

shutdownSessions

protected abstract void shutdownSessions()
                                  throws java.lang.Exception

Prepare sessions for session manager shutdown

Throws:

java.lang.Exception - if unable to shutdown sesssions

newSession

protected abstract AbstractSession newSession(javax.servlet.http.HttpServletRequest request)

Create a new session instance

Parameters:

request - the request to build the session from

Returns:

the new session

isNodeIdInSessionId

public boolean isNodeIdInSessionId()

Returns:

true if the cluster node id (worker id) is returned as part of the session id by HttpSession.getId(). Default is false.

setNodeIdInSessionId

public void setNodeIdInSessionId(boolean nodeIdInSessionId)

Parameters:

nodeIdInSessionId - true if the cluster node id (worker id) will be returned as part of the session id by HttpSession.getId(). Default is false.

removeSession

public void removeSession(javax.servlet.http.HttpSession session,
                          boolean invalidate)

Remove session from manager

Parameters:

session - The session to remove

invalidate - True if HttpSessionListener.sessionDestroyed(HttpSessionEvent) and SessionIdManager.invalidateAll(String) should be called.

removeSession

public boolean removeSession(AbstractSession session,
                             boolean invalidate)

Remove session from manager

Parameters:

session - The session to remove

invalidate - True if HttpSessionListener.sessionDestroyed(HttpSessionEvent) and SessionIdManager.invalidateAll(String) should be called.

Returns:

if the session was removed

removeSession

protected abstract boolean removeSession(java.lang.String idInCluster)

getSessionTimeMax

@ManagedAttribute("maximum amount of time sessions have remained active (in s)")
public long getSessionTimeMax()

Returns:

maximum amount of time session remained valid

getDefaultSessionTrackingModes

public java.util.Set<javax.servlet.SessionTrackingMode> getDefaultSessionTrackingModes()

Specified by:

getDefaultSessionTrackingModes in interface SessionManager

getEffectiveSessionTrackingModes

public java.util.Set<javax.servlet.SessionTrackingMode> getEffectiveSessionTrackingModes()

Specified by:

getEffectiveSessionTrackingModes in interface SessionManager

setSessionTrackingModes

public void setSessionTrackingModes(java.util.Set<javax.servlet.SessionTrackingMode> sessionTrackingModes)

Specified by:

setSessionTrackingModes in interface SessionManager

isUsingURLs

public boolean isUsingURLs()

Specified by:

isUsingURLs in interface SessionManager

Returns:

whether the session management is handled via URLs.

getSessionCookieConfig

public javax.servlet.SessionCookieConfig getSessionCookieConfig()

Specified by:

getSessionCookieConfig in interface SessionManager

getSessionTimeTotal

@ManagedAttribute("total time sessions have remained valid")
public long getSessionTimeTotal()

Returns:

total amount of time all sessions remained valid

getSessionTimeMean

@ManagedAttribute("mean time sessions remain valid (in s)")
public double getSessionTimeMean()

Returns:

mean amount of time session remained valid

getSessionTimeStdDev

@ManagedAttribute("standard deviation a session remained valid (in s)")
public double getSessionTimeStdDev()

Returns:

standard deviation of amount of time session remained valid

isCheckingRemoteSessionIdEncoding

@ManagedAttribute("check remote session id encoding")
public boolean isCheckingRemoteSessionIdEncoding()

Specified by:

isCheckingRemoteSessionIdEncoding in interface SessionManager

Returns:

True if absolute URLs are check for remoteness before being session encoded.

See Also:

SessionManager.isCheckingRemoteSessionIdEncoding()

setCheckingRemoteSessionIdEncoding

public void setCheckingRemoteSessionIdEncoding(boolean remote)

Specified by:

setCheckingRemoteSessionIdEncoding in interface SessionManager

Parameters:

remote - True if absolute URLs are check for remoteness before being session encoded.

See Also:

SessionManager.setCheckingRemoteSessionIdEncoding(boolean)

renewSessionId

public void renewSessionId(java.lang.String oldClusterId,
                           java.lang.String oldNodeId,
                           java.lang.String newClusterId,
                           java.lang.String newNodeId)

Tell the HttpSessionIdListeners the id changed. NOTE: this method must be called LAST in subclass overrides, after the session has been updated with the new id.

Specified by:

renewSessionId in interface SessionManager

Parameters:

oldClusterId - the old cluster id

oldNodeId - the old node id

newClusterId - the new cluster id

newNodeId - the new node id

See Also:

SessionManager.renewSessionId(java.lang.String, java.lang.String, java.lang.String, java.lang.String)

doSessionAttributeListeners

public void doSessionAttributeListeners(AbstractSession session,
                                        java.lang.String name,
                                        java.lang.Object old,
                                        java.lang.Object value)

getMetaManager

@Deprecated
public SessionIdManager getMetaManager()

Deprecated.

Specified by:

getMetaManager in interface SessionManager

Returns:

the cross context session id manager.