public final class SessionManager
extends java.lang.Object
SessionManager.Session
by using a different
cookie path OR a different cookie namespace, depending on which constructor you use.
Paths are used when client applications do NOT share the same path on the server.
For example "/Chat" would cause the browser to only send back the cookie if the user is
browsing "/Chat/", not for "/".
BUT usually we want the menu contents of client applications to be in the logged-in state even if
the user is NOT browsing the client application web interface right now, therefore the "/" path
must be used in most cases.
If client application cookies shall be received from all paths on the server, the client
application should use the constructor which requires a cookie namespace.
The usage of a namespace gurantees that Sessions of different client applications do not overlap.Modifier and Type | Class and Description |
---|---|
static class |
SessionManager.Session |
Modifier and Type | Field and Description |
---|---|
static long |
MAX_SESSION_IDLE_TIME
The amount of milliseconds after which a session is deleted due to expiration.
|
static java.lang.String |
SESSION_COOKIE_NAME |
Constructor and Description |
---|
SessionManager(java.lang.String myCookieNamespace)
Constructs a new session manager for use with the "/" cookie path
|
SessionManager(java.net.URI myCookiePath)
Constructs a new session manager for use with the given cookie path.
|
Modifier and Type | Method and Description |
---|---|
SessionManager.Session |
createSession(java.lang.String userID,
ToadletContext context)
Creates a new session for the given user ID.
|
boolean |
deleteSession(ToadletContext context)
Retrieves the session ID from the session cookie in the given
ToadletContext , checks if it contains a valid (existing and not expired) session
and if yes, deletes the session. |
java.lang.String |
getCookieNamespace()
Returns the namespace as specified in the constructor.
|
java.net.URI |
getCookiePath()
Returns the cookie path as specified in the constructor.
|
boolean |
sessionExists(ToadletContext context)
Returns true if the given
ToadletContext contains a session cookie for a valid (existing and not expired) session. |
SessionManager.Session |
useSession(ToadletContext context)
Retrieves the session ID from the session cookie in the given
ToadletContext , checks if it contains a valid (existing and not expired) session
and if yes, returns the SessionManager.Session . |
public static final long MAX_SESSION_IDLE_TIME
public static final java.lang.String SESSION_COOKIE_NAME
public SessionManager(java.net.URI myCookiePath)
myCookiePath
- The path in which the cookies should be valid.public SessionManager(java.lang.String myCookieNamespace)
myCookieNamespace
- The name of the client application which uses this cookie. Must not be empty. Must be latin letters and numbers only.public java.net.URI getCookiePath()
public java.lang.String getCookieNamespace()
public SessionManager.Session createSession(java.lang.String userID, ToadletContext context)
context
- The ToadletContext in which the session cookie shall be stored.public boolean sessionExists(ToadletContext context)
ToadletContext
contains a session cookie for a valid (existing and not expired) session.
In opposite to getSessionUserID
, this function does NOT extend the validity of the session.
Therefore, this function can be considered as a way of peeking for a session, to decide which Toadlet links should be visible.public SessionManager.Session useSession(ToadletContext context)
ToadletContext
, checks if it contains a valid (existing and not expired) session
and if yes, returns the SessionManager.Session
.
If the session was valid, then its validity is extended by MAX_SESSION_IDLE_TIME
.
If the session did not exist or is not valid anymore, null
is returned.public boolean deleteSession(ToadletContext context)
ToadletContext
, checks if it contains a valid (existing and not expired) session
and if yes, deletes the session.