1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
|
//
// ========================================================================
// Copyright (c) 1995-2016 Mort Bay Consulting Pty. Ltd.
// ------------------------------------------------------------------------
// All rights reserved. This program and the accompanying materials
// are made available under the terms of the Eclipse Public License v1.0
// and Apache License v2.0 which accompanies this distribution.
//
// The Eclipse Public License is available at
// http://www.eclipse.org/legal/epl-v10.html
//
// The Apache License v2.0 is available at
// http://www.opensource.org/licenses/apache2.0.php
//
// You may elect to redistribute this code under either of these licenses.
// ========================================================================
//
package org.eclipse.jetty.server;
import java.util.EventListener;
import java.util.Set;
import javax.servlet.SessionCookieConfig;
import javax.servlet.SessionTrackingMode;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.eclipse.jetty.http.HttpCookie;
import org.eclipse.jetty.server.session.SessionHandler;
import org.eclipse.jetty.util.component.LifeCycle;
/* --------------------------------------------------------------------- */
/**
* Session Manager.
* The API required to manage sessions for a servlet context.
*
*/
/* ------------------------------------------------------------ */
/**
*/
public interface SessionManager extends LifeCycle
{
/* ------------------------------------------------------------ */
/**
* Session cookie name.
* Defaults to <code>JSESSIONID</code>, but can be set with the
* <code>org.eclipse.jetty.servlet.SessionCookie</code> context init parameter.
*/
public final static String __SessionCookieProperty = "org.eclipse.jetty.servlet.SessionCookie";
public final static String __DefaultSessionCookie = "JSESSIONID";
/* ------------------------------------------------------------ */
/**
* Session id path parameter name.
* Defaults to <code>jsessionid</code>, but can be set with the
* <code>org.eclipse.jetty.servlet.SessionIdPathParameterName</code> context init parameter.
* If set to null or "none" no URL rewriting will be done.
*/
public final static String __SessionIdPathParameterNameProperty = "org.eclipse.jetty.servlet.SessionIdPathParameterName";
public final static String __DefaultSessionIdPathParameterName = "jsessionid";
public final static String __CheckRemoteSessionEncoding = "org.eclipse.jetty.servlet.CheckingRemoteSessionIdEncoding";
/* ------------------------------------------------------------ */
/**
* Session Domain.
* If this property is set as a ServletContext InitParam, then it is
* used as the domain for session cookies. If it is not set, then
* no domain is specified for the session cookie.
*/
public final static String __SessionDomainProperty = "org.eclipse.jetty.servlet.SessionDomain";
public final static String __DefaultSessionDomain = null;
/* ------------------------------------------------------------ */
/**
* Session Path.
* If this property is set as a ServletContext InitParam, then it is
* used as the path for the session cookie. If it is not set, then
* the context path is used as the path for the cookie.
*/
public final static String __SessionPathProperty = "org.eclipse.jetty.servlet.SessionPath";
/* ------------------------------------------------------------ */
/**
* Session Max Age.
* If this property is set as a ServletContext InitParam, then it is
* used as the max age for the session cookie. If it is not set, then
* a max age of -1 is used.
*/
public final static String __MaxAgeProperty = "org.eclipse.jetty.servlet.MaxAge";
/* ------------------------------------------------------------ */
/**
* Returns the <code>HttpSession</code> with the given session id
*
* @param id the session id
* @return the <code>HttpSession</code> with the corresponding id or null if no session with the given id exists
*/
public HttpSession getHttpSession(String id);
/* ------------------------------------------------------------ */
/**
* Creates a new <code>HttpSession</code>.
*
* @param request the HttpServletRequest containing the requested session id
* @return the new <code>HttpSession</code>
*/
public HttpSession newHttpSession(HttpServletRequest request);
/* ------------------------------------------------------------ */
/**
* @return true if session cookies should be HTTP-only (Microsoft extension)
* @see org.eclipse.jetty.http.HttpCookie#isHttpOnly()
*/
public boolean getHttpOnly();
/* ------------------------------------------------------------ */
/**
* @return the max period of inactivity, after which the session is invalidated, in seconds.
* @see #setMaxInactiveInterval(int)
*/
public int getMaxInactiveInterval();
/* ------------------------------------------------------------ */
/**
* Sets the max period of inactivity, after which the session is invalidated, in seconds.
*
* @param seconds the max inactivity period, in seconds.
* @see #getMaxInactiveInterval()
*/
public void setMaxInactiveInterval(int seconds);
/* ------------------------------------------------------------ */
/**
* Sets the {@link SessionHandler}.
*
* @param handler the <code>SessionHandler</code> object
*/
public void setSessionHandler(SessionHandler handler);
/* ------------------------------------------------------------ */
/**
* Adds an event listener for session-related events.
*
* @param listener the session event listener to add
* Individual SessionManagers implementations may accept arbitrary listener types,
* but they are expected to at least handle HttpSessionActivationListener,
* HttpSessionAttributeListener, HttpSessionBindingListener and HttpSessionListener.
* @see #removeEventListener(EventListener)
*/
public void addEventListener(EventListener listener);
/* ------------------------------------------------------------ */
/**
* Removes an event listener for for session-related events.
*
* @param listener the session event listener to remove
* @see #addEventListener(EventListener)
*/
public void removeEventListener(EventListener listener);
/* ------------------------------------------------------------ */
/**
* Removes all event listeners for session-related events.
*
* @see #removeEventListener(EventListener)
*/
public void clearEventListeners();
/* ------------------------------------------------------------ */
/**
* Gets a Cookie for a session.
*
* @param session the session to which the cookie should refer.
* @param contextPath the context to which the cookie should be linked.
* The client will only send the cookie value when requesting resources under this path.
* @param requestIsSecure whether the client is accessing the server over a secure protocol (i.e. HTTPS).
* @return if this <code>SessionManager</code> uses cookies, then this method will return a new
* {@link Cookie cookie object} that should be set on the client in order to link future HTTP requests
* with the <code>session</code>. If cookies are not in use, this method returns <code>null</code>.
*/
public HttpCookie getSessionCookie(HttpSession session, String contextPath, boolean requestIsSecure);
/* ------------------------------------------------------------ */
/**
* @return the cross context session id manager.
* @see #setSessionIdManager(SessionIdManager)
*/
public SessionIdManager getSessionIdManager();
/* ------------------------------------------------------------ */
/**
* @return the cross context session id manager.
* @deprecated use {@link #getSessionIdManager()}
*/
@Deprecated
public SessionIdManager getMetaManager();
/* ------------------------------------------------------------ */
/**
* Sets the cross context session id manager
*
* @param idManager the cross context session id manager.
* @see #getSessionIdManager()
*/
public void setSessionIdManager(SessionIdManager idManager);
/* ------------------------------------------------------------ */
/**
* @param session the session to test for validity
* @return whether the given session is valid, that is, it has not been invalidated.
*/
public boolean isValid(HttpSession session);
/* ------------------------------------------------------------ */
/**
* @param session the session object
* @return the unique id of the session within the cluster, extended with an optional node id.
* @see #getClusterId(HttpSession)
*/
public String getNodeId(HttpSession session);
/* ------------------------------------------------------------ */
/**
* @param session the session object
* @return the unique id of the session within the cluster (without a node id extension)
* @see #getNodeId(HttpSession)
*/
public String getClusterId(HttpSession session);
/* ------------------------------------------------------------ */
/**
* Called by the {@link SessionHandler} when a session is first accessed by a request.
*
* @param session the session object
* @param secure whether the request is secure or not
* @return the session cookie. If not null, this cookie should be set on the response to either migrate
* the session or to refresh a session cookie that may expire.
* @see #complete(HttpSession)
*/
public HttpCookie access(HttpSession session, boolean secure);
/* ------------------------------------------------------------ */
/**
* Called by the {@link SessionHandler} when a session is last accessed by a request.
*
* @param session the session object
* @see #access(HttpSession, boolean)
*/
public void complete(HttpSession session);
/**
* Sets the session id URL path parameter name.
*
* @param parameterName the URL path parameter name for session id URL rewriting (null or "none" for no rewriting).
* @see #getSessionIdPathParameterName()
* @see #getSessionIdPathParameterNamePrefix()
*/
public void setSessionIdPathParameterName(String parameterName);
/**
* @return the URL path parameter name for session id URL rewriting, by default "jsessionid".
* @see #setSessionIdPathParameterName(String)
*/
public String getSessionIdPathParameterName();
/**
* @return a formatted version of {@link #getSessionIdPathParameterName()}, by default
* ";" + sessionIdParameterName + "=", for easier lookup in URL strings.
* @see #getSessionIdPathParameterName()
*/
public String getSessionIdPathParameterNamePrefix();
/**
* @return whether the session management is handled via cookies.
*/
public boolean isUsingCookies();
/**
* @return whether the session management is handled via URLs.
*/
public boolean isUsingURLs();
public Set<SessionTrackingMode> getDefaultSessionTrackingModes();
public Set<SessionTrackingMode> getEffectiveSessionTrackingModes();
public void setSessionTrackingModes(Set<SessionTrackingMode> sessionTrackingModes);
public SessionCookieConfig getSessionCookieConfig();
/**
* @return True if absolute URLs are check for remoteness before being session encoded.
*/
public boolean isCheckingRemoteSessionIdEncoding();
/**
* @param remote True if absolute URLs are check for remoteness before being session encoded.
*/
public void setCheckingRemoteSessionIdEncoding(boolean remote);
/* ------------------------------------------------------------ */
/** Change the existing session id.
*
* @param oldClusterId the old cluster id
* @param oldNodeId the old node id
* @param newClusterId the new cluster id
* @param newNodeId the new node id
*/
public void renewSessionId(String oldClusterId, String oldNodeId, String newClusterId, String newNodeId);
}
|
