2 // ========================================================================
3 // Copyright (c) 1995-2016 Mort Bay Consulting Pty. Ltd.
4 // ------------------------------------------------------------------------
5 // All rights reserved. This program and the accompanying materials
6 // are made available under the terms of the Eclipse Public License v1.0
7 // and Apache License v2.0 which accompanies this distribution.
9 // The Eclipse Public License is available at
10 // http://www.eclipse.org/legal/epl-v10.html
12 // The Apache License v2.0 is available at
13 // http://www.opensource.org/licenses/apache2.0.php
15 // You may elect to redistribute this code under either of these licenses.
16 // ========================================================================
19 package org.eclipse.jetty.server.session;
21 import java.util.ArrayList;
22 import java.util.Enumeration;
23 import java.util.Iterator;
26 import javax.servlet.ServletContext;
27 import javax.servlet.http.HttpServletRequest;
28 import javax.servlet.http.HttpSessionActivationListener;
29 import javax.servlet.http.HttpSessionBindingEvent;
30 import javax.servlet.http.HttpSessionBindingListener;
31 import javax.servlet.http.HttpSessionContext;
32 import javax.servlet.http.HttpSessionEvent;
34 import org.eclipse.jetty.server.SessionManager;
35 import org.eclipse.jetty.util.log.Logger;
40 * Implements {@link javax.servlet.http.HttpSession} from the <code>javax.servlet</code> package.
44 @SuppressWarnings("deprecation")
45 public abstract class AbstractSession implements AbstractSessionManager.SessionIf
47 final static Logger LOG = SessionHandler.LOG;
48 public final static String SESSION_KNOWN_ONLY_TO_AUTHENTICATED="org.eclipse.jetty.security.sessionKnownOnlytoAuthenticated";
49 private String _clusterId; // ID without any node (ie "worker") id appended
50 private String _nodeId; // ID of session with node(ie "worker") id appended
51 private final AbstractSessionManager _manager;
52 private boolean _idChanged;
53 private final long _created;
54 private long _cookieSet;
55 private long _accessed; // the time of the last access
56 private long _lastAccessed; // the time of the last access excluding this one
57 private boolean _invalid;
58 private boolean _doInvalidate;
59 private long _maxIdleMs;
60 private boolean _newSession;
61 private int _requests;
65 /* ------------------------------------------------------------- */
66 protected AbstractSession(AbstractSessionManager abstractSessionManager, HttpServletRequest request)
68 _manager = abstractSessionManager;
71 _created=System.currentTimeMillis();
72 _clusterId=_manager._sessionIdManager.newSessionId(request,_created);
73 _nodeId=_manager._sessionIdManager.getNodeId(_clusterId,request);
75 _lastAccessed=_created;
77 _maxIdleMs=_manager._dftMaxIdleSecs>0?_manager._dftMaxIdleSecs*1000L:-1;
78 if (LOG.isDebugEnabled())
79 LOG.debug("new session & id "+_nodeId+" "+_clusterId);
82 /* ------------------------------------------------------------- */
83 protected AbstractSession(AbstractSessionManager abstractSessionManager, long created, long accessed, String clusterId)
85 _manager = abstractSessionManager;
88 _nodeId=_manager._sessionIdManager.getNodeId(_clusterId,null);
90 _lastAccessed=accessed;
92 _maxIdleMs=_manager._dftMaxIdleSecs>0?_manager._dftMaxIdleSecs*1000L:-1;
93 if (LOG.isDebugEnabled())
94 LOG.debug("new session "+_nodeId+" "+_clusterId);
97 /* ------------------------------------------------------------- */
99 * asserts that the session is valid
101 protected void checkValid() throws IllegalStateException
104 throw new IllegalStateException();
107 /* ------------------------------------------------------------- */
108 /** Check to see if session has expired as at the time given.
112 protected boolean checkExpiry(long time)
114 if (_maxIdleMs>0 && _lastAccessed>0 && _lastAccessed + _maxIdleMs < time)
119 /* ------------------------------------------------------------- */
121 public AbstractSession getSession()
126 /* ------------------------------------------------------------- */
127 public long getAccessed()
135 /* ------------------------------------------------------------- */
136 public abstract Map<String,Object> getAttributeMap();
142 /* ------------------------------------------------------------ */
143 public abstract int getAttributes();
148 /* ------------------------------------------------------------ */
149 public abstract Set<String> getNames();
152 /* ------------------------------------------------------------- */
153 public long getCookieSetTime()
158 /* ------------------------------------------------------------- */
160 public long getCreationTime() throws IllegalStateException
166 /* ------------------------------------------------------------ */
168 public String getId() throws IllegalStateException
170 return _manager._nodeIdInSessionId?_nodeId:_clusterId;
173 /* ------------------------------------------------------------- */
174 public String getNodeId()
179 /* ------------------------------------------------------------- */
180 public String getClusterId()
185 /* ------------------------------------------------------------- */
187 public long getLastAccessedTime() throws IllegalStateException
190 return _lastAccessed;
193 /* ------------------------------------------------------------- */
194 public void setLastAccessedTime(long time)
196 _lastAccessed = time;
199 /* ------------------------------------------------------------- */
201 public int getMaxInactiveInterval()
203 return (int)(_maxIdleMs/1000);
206 /* ------------------------------------------------------------ */
208 * @see javax.servlet.http.HttpSession#getServletContext()
211 public ServletContext getServletContext()
213 return _manager._context;
216 /* ------------------------------------------------------------- */
219 public HttpSessionContext getSessionContext() throws IllegalStateException
222 return AbstractSessionManager.__nullSessionContext;
225 /* ------------------------------------------------------------- */
227 * @deprecated As of Version 2.2, this method is replaced by
228 * {@link #getAttribute}
232 public Object getValue(String name) throws IllegalStateException
234 return getAttribute(name);
239 /* ------------------------------------------------------------ */
240 public void renewId(HttpServletRequest request)
242 _manager._sessionIdManager.renewSessionId(getClusterId(), getNodeId(), request);
246 /* ------------------------------------------------------------- */
247 public SessionManager getSessionManager()
252 /* ------------------------------------------------------------ */
253 protected void setClusterId (String clusterId)
255 _clusterId = clusterId;
258 /* ------------------------------------------------------------ */
259 protected void setNodeId (String nodeId)
265 /* ------------------------------------------------------------ */
266 protected boolean access(long time)
273 _lastAccessed=_accessed;
276 if (checkExpiry(time))
286 /* ------------------------------------------------------------ */
287 protected void complete()
292 if (_doInvalidate && _requests<=0 )
298 /* ------------------------------------------------------------- */
299 protected void timeout() throws IllegalStateException
301 // remove session from context and invalidate other sessions with same ID.
302 _manager.removeSession(this,true);
304 // Notify listeners and unbind values
305 boolean do_invalidate=false;
320 /* ------------------------------------------------------------- */
322 public void invalidate() throws IllegalStateException
325 // remove session from context and invalidate other sessions with same ID.
326 _manager.removeSession(this,true);
330 /* ------------------------------------------------------------- */
331 protected void doInvalidate() throws IllegalStateException
335 if (LOG.isDebugEnabled())
336 LOG.debug("invalidate {}",_clusterId);
350 /* ------------------------------------------------------------- */
351 public abstract void clearAttributes();
354 /* ------------------------------------------------------------- */
355 public boolean isIdChanged()
360 /* ------------------------------------------------------------- */
362 public boolean isNew() throws IllegalStateException
368 /* ------------------------------------------------------------- */
370 * @deprecated As of Version 2.2, this method is replaced by
371 * {@link #setAttribute}
375 public void putValue(java.lang.String name, java.lang.Object value) throws IllegalStateException
377 changeAttribute(name,value);
380 /* ------------------------------------------------------------ */
382 public void removeAttribute(String name)
384 setAttribute(name,null);
387 /* ------------------------------------------------------------- */
389 * @deprecated As of Version 2.2, this method is replaced by
390 * {@link #removeAttribute}
394 public void removeValue(java.lang.String name) throws IllegalStateException
396 removeAttribute(name);
399 /* ------------------------------------------------------------ */
401 public Enumeration<String> getAttributeNames()
406 return doGetAttributeNames();
410 /* ------------------------------------------------------------- */
412 * @deprecated As of Version 2.2, this method is replaced by
413 * {@link #getAttributeNames}
417 public String[] getValueNames() throws IllegalStateException
422 Enumeration<String> anames = doGetAttributeNames();
424 return new String[0];
425 ArrayList<String> names = new ArrayList<String>();
426 while (anames.hasMoreElements())
427 names.add(anames.nextElement());
428 return names.toArray(new String[names.size()]);
433 /* ------------------------------------------------------------ */
434 public abstract Object doPutOrRemove(String name, Object value);
437 /* ------------------------------------------------------------ */
438 public abstract Object doGet(String name);
441 /* ------------------------------------------------------------ */
442 public abstract Enumeration<String> doGetAttributeNames();
445 /* ------------------------------------------------------------ */
447 public Object getAttribute(String name)
457 /* ------------------------------------------------------------ */
459 public void setAttribute(String name, Object value)
461 changeAttribute(name,value);
464 /* ------------------------------------------------------------ */
468 * @deprecated use changeAttribute(String,Object) instead
471 protected boolean updateAttribute (String name, Object value)
477 old=doPutOrRemove(name,value);
480 if (value==null || !value.equals(old))
483 unbindValue(name,old);
485 bindValue(name,value);
487 _manager.doSessionAttributeListeners(this,name,old,value);
494 /* ------------------------------------------------------------ */
496 * Either set (perhaps replace) or remove the value of the attribute
497 * in the session. The appropriate session attribute listeners are
504 protected Object changeAttribute (String name, Object value)
510 old=doPutOrRemove(name,value);
513 callSessionAttributeListeners(name, value, old);
518 /* ------------------------------------------------------------ */
520 * Call binding and attribute listeners based on the new and old
521 * values of the attribute.
523 * @param name name of the attribute
524 * @param newValue new value of the attribute
525 * @param oldValue previous value of the attribute
527 protected void callSessionAttributeListeners (String name, Object newValue, Object oldValue)
529 if (newValue==null || !newValue.equals(oldValue))
532 unbindValue(name,oldValue);
534 bindValue(name,newValue);
536 _manager.doSessionAttributeListeners(this,name,oldValue,newValue);
541 /* ------------------------------------------------------------- */
542 public void setIdChanged(boolean changed)
547 /* ------------------------------------------------------------- */
549 public void setMaxInactiveInterval(int secs)
551 _maxIdleMs=(long)secs*1000L;
554 /* ------------------------------------------------------------- */
556 public String toString()
558 return this.getClass().getName()+":"+getId()+"@"+hashCode();
561 /* ------------------------------------------------------------- */
562 /** If value implements HttpSessionBindingListener, call valueBound() */
563 public void bindValue(java.lang.String name, Object value)
565 if (value!=null&&value instanceof HttpSessionBindingListener)
566 ((HttpSessionBindingListener)value).valueBound(new HttpSessionBindingEvent(this,name));
569 /* ------------------------------------------------------------ */
570 public boolean isValid()
575 /* ------------------------------------------------------------- */
576 protected void cookieSet()
580 _cookieSet=_accessed;
584 /* ------------------------------------------------------------ */
585 public int getRequests()
593 /* ------------------------------------------------------------ */
594 public void setRequests(int requests)
602 /* ------------------------------------------------------------- */
603 /** If value implements HttpSessionBindingListener, call valueUnbound() */
604 public void unbindValue(java.lang.String name, Object value)
606 if (value!=null&&value instanceof HttpSessionBindingListener)
607 ((HttpSessionBindingListener)value).valueUnbound(new HttpSessionBindingEvent(this,name));
610 /* ------------------------------------------------------------- */
611 public void willPassivate()
615 HttpSessionEvent event = new HttpSessionEvent(this);
616 for (Iterator<Object> iter = getAttributeMap().values().iterator(); iter.hasNext();)
618 Object value = iter.next();
619 if (value instanceof HttpSessionActivationListener)
621 HttpSessionActivationListener listener = (HttpSessionActivationListener) value;
622 listener.sessionWillPassivate(event);
628 /* ------------------------------------------------------------- */
629 public void didActivate()
633 HttpSessionEvent event = new HttpSessionEvent(this);
634 for (Iterator<Object> iter = getAttributeMap().values().iterator(); iter.hasNext();)
636 Object value = iter.next();
637 if (value instanceof HttpSessionActivationListener)
639 HttpSessionActivationListener listener = (HttpSessionActivationListener) value;
640 listener.sessionDidActivate(event);