SessionManager (fred API)

java.lang.Object
- freenet.clients.http.SessionManager

```
public final class SessionManager
extends java.lang.Object
```
A basic session manager for cookie-based HTTP session. It allows its parent web interface to associate a "UserID" (a string) with a session ID. Formal definition of a SessionManager: A 1:1 mapping of SessionID to UserID. Queries by SessionID and UserID run in O(1). The Session ID primary key consists of: Cookie path + Cookie name + random "actual" session ID The user ID is received from the client application. Therefore, when multiple client applications want to store sessions, each one is supposed to create its own SessionManager because user IDs might overlap. The sessions of each application then get their SessionManager.Session by using a different cookie path OR a different cookie namespace, depending on which constructor you use. Paths are used when client applications do NOT share the same path on the server. For example "/Chat" would cause the browser to only send back the cookie if the user is browsing "/Chat/", not for "/". BUT usually we want the menu contents of client applications to be in the logged-in state even if the user is NOT browsing the client application web interface right now, therefore the "/" path must be used in most cases. If client application cookies shall be received from all paths on the server, the client application should use the constructor which requires a cookie namespace. The usage of a namespace gurantees that Sessions of different client applications do not overlap.

Nested Class Summary

Nested Classes
Modifier and Type Class and Description

static class SessionManager.Session

Nested Classes
Modifier and Type	Class and Description
`static class`	`SessionManager.Session`

Field Summary

Fields
Modifier and Type	Field and Description
`static long`	`MAX_SESSION_IDLE_TIME` The amount of milliseconds after which a session is deleted due to expiration.
`static java.lang.String`	`SESSION_COOKIE_NAME`

Constructor Summary

Constructors
Constructor and Description
`SessionManager(java.lang.String myCookieNamespace)` Constructs a new session manager for use with the "/" cookie path
`SessionManager(java.net.URI myCookiePath)` Constructs a new session manager for use with the given cookie path.

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`SessionManager.Session`	`createSession(java.lang.String userID, ToadletContext context)` Creates a new session for the given user ID.
`boolean`	`deleteSession(ToadletContext context)` Retrieves the session ID from the session cookie in the given `ToadletContext`, checks if it contains a valid (existing and not expired) session and if yes, deletes the session.
`java.lang.String`	`getCookieNamespace()` Returns the namespace as specified in the constructor.
`java.net.URI`	`getCookiePath()` Returns the cookie path as specified in the constructor.
`boolean`	`sessionExists(ToadletContext context)` Returns true if the given `ToadletContext` contains a session cookie for a valid (existing and not expired) session.
`SessionManager.Session`	`useSession(ToadletContext context)` Retrieves the session ID from the session cookie in the given `ToadletContext`, checks if it contains a valid (existing and not expired) session and if yes, returns the `SessionManager.Session`.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - MAX_SESSION_IDLE_TIME
```
public static final long MAX_SESSION_IDLE_TIME
```
    The amount of milliseconds after which a session is deleted due to expiration.
  - SESSION_COOKIE_NAME
```
public static final java.lang.String SESSION_COOKIE_NAME
```
    See Also:
    
    Constant Field Values
- Constructor Detail
  - SessionManager
```
public SessionManager(java.net.URI myCookiePath)
```
    Constructs a new session manager for use with the given cookie path. Cookies are only sent back if the user is browsing the domain within that path.
    
    Parameters:
    
    myCookiePath - The path in which the cookies should be valid.
  - SessionManager
```
public SessionManager(java.lang.String myCookieNamespace)
```
    Constructs a new session manager for use with the "/" cookie path
    
    Parameters:
    
    myCookieNamespace - The name of the client application which uses this cookie. Must not be empty. Must be latin letters and numbers only.
- Method Detail
  - getCookiePath
```
public java.net.URI getCookiePath()
```
    Returns the cookie path as specified in the constructor. Returns "/" if the constructor which only requires a namespace was used.
  - getCookieNamespace
```
public java.lang.String getCookieNamespace()
```
    Returns the namespace as specified in the constructor. Returns an empty string if the constructor which requires a cookie path only was used.
  - createSession
```
public SessionManager.Session createSession(java.lang.String userID,
                                            ToadletContext context)
```
    Creates a new session for the given user ID. If a session for the given user ID already exists, it is deleted. It is not re-used to ensure that parallel logins with the same user account from different computers do not work.
    
    Parameters:
    
    context - The ToadletContext in which the session cookie shall be stored.
  - sessionExists
```
public boolean sessionExists(ToadletContext context)
```
    Returns true if the given ToadletContext contains a session cookie for a valid (existing and not expired) session. In opposite to getSessionUserID, this function does NOT extend the validity of the session. Therefore, this function can be considered as a way of peeking for a session, to decide which Toadlet links should be visible.
  - useSession
```
public SessionManager.Session useSession(ToadletContext context)
```
    Retrieves the session ID from the session cookie in the given ToadletContext, checks if it contains a valid (existing and not expired) session and if yes, returns the SessionManager.Session. If the session was valid, then its validity is extended by MAX_SESSION_IDLE_TIME. If the session did not exist or is not valid anymore, null is returned.
  - deleteSession
```
public boolean deleteSession(ToadletContext context)
```
    Retrieves the session ID from the session cookie in the given ToadletContext, checks if it contains a valid (existing and not expired) session and if yes, deletes the session.
    
    Returns:
    
    True if the session was deleted, false if there was no session cookie or no session.

Class SessionManager

Nested Class Summary

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

MAX_SESSION_IDLE_TIME

SESSION_COOKIE_NAME

Constructor Detail

SessionManager

SessionManager

Method Detail

getCookiePath

getCookieNamespace

createSession

sessionExists

useSession

deleteSession