001: // ========================================================================
002: // Copyright 1996-2005 Mort Bay Consulting Pty. Ltd.
003: // ------------------------------------------------------------------------
004: // Licensed under the Apache License, Version 2.0 (the "License");
005: // you may not use this file except in compliance with the License.
006: // You may obtain a copy of the License at
007: // http://www.apache.org/licenses/LICENSE-2.0
008: // Unless required by applicable law or agreed to in writing, software
009: // distributed under the License is distributed on an "AS IS" BASIS,
010: // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
011: // See the License for the specific language governing permissions and
012: // limitations under the License.
013: // ========================================================================
014:
015: package org.mortbay.jetty;
016:
017: import java.util.EventListener;
018:
019: import javax.servlet.http.Cookie;
020: import javax.servlet.http.HttpServletRequest;
021: import javax.servlet.http.HttpSession;
022:
023: import org.mortbay.component.LifeCycle;
024: import org.mortbay.jetty.servlet.SessionHandler;
025:
026: /* --------------------------------------------------------------------- */
027: /** Session Manager.
028: * The API required to manage sessions for a servlet context.
029: *
030: * @author Greg Wilkins
031: */
032: public interface SessionManager extends LifeCycle {
033:
034: /* ------------------------------------------------------------ */
035: /** Session cookie name.
036: * Defaults to JSESSIONID, but can be set with the
037: * org.mortbay.jetty.servlet.SessionCookie system property.
038: */
039: public final static String __SessionCookieProperty = "org.mortbay.jetty.servlet.SessionCookie";
040: public final static String __DefaultSessionCookie = "JSESSIONID";
041:
042: /* ------------------------------------------------------------ */
043: /** Session URL parameter name.
044: * Defaults to jsessionid, but can be set with the
045: * org.mortbay.jetty.servlet.SessionURL system property.
046: */
047: public final static String __SessionURLProperty = "org.mortbay.jetty.servlet.SessionURL";
048: public final static String __DefaultSessionURL = "jsessionid";
049:
050: /* ------------------------------------------------------------ */
051: /** Session Domain.
052: * If this property is set as a ServletContext InitParam, then it is
053: * used as the domain for session cookies. If it is not set, then
054: * no domain is specified for the session cookie.
055: */
056: public final static String __SessionDomainProperty = "org.mortbay.jetty.servlet.SessionDomain";
057: public final static String __DefaultSessionDomain = null;
058:
059: /* ------------------------------------------------------------ */
060: /** Session Path.
061: * If this property is set as a ServletContext InitParam, then it is
062: * used as the path for the session cookie. If it is not set, then
063: * the context path is used as the path for the cookie.
064: */
065: public final static String __SessionPathProperty = "org.mortbay.jetty.servlet.SessionPath";
066:
067: /* ------------------------------------------------------------ */
068: /** Session Max Age.
069: * If this property is set as a ServletContext InitParam, then it is
070: * used as the max age for the session cookie. If it is not set, then
071: * a max age of -1 is used.
072: */
073: public final static String __MaxAgeProperty = "org.mortbay.jetty.servlet.MaxAge";
074:
075: /* ------------------------------------------------------------ */
076: public HttpSession getHttpSession(String id);
077:
078: /* ------------------------------------------------------------ */
079: public HttpSession newHttpSession(HttpServletRequest request);
080:
081: /* ------------------------------------------------------------ */
082: /** @return true if session cookies should be secure
083: */
084: public boolean getSecureCookies();
085:
086: /* ------------------------------------------------------------ */
087: /** @return true if session cookies should be httponly (microsoft extension)
088: */
089: public boolean getHttpOnly();
090:
091: /* ------------------------------------------------------------ */
092: public int getMaxInactiveInterval();
093:
094: /* ------------------------------------------------------------ */
095: public void setMaxInactiveInterval(int seconds);
096:
097: /* ------------------------------------------------------------ */
098: public void setSessionHandler(SessionHandler handler);
099:
100: /* ------------------------------------------------------------ */
101: /** Add an event listener.
102: * @param listener An Event Listener. Individual SessionManagers
103: * implemetations may accept arbitrary listener types, but they
104: * are expected to at least handle
105: * HttpSessionActivationListener,
106: * HttpSessionAttributeListener,
107: * HttpSessionBindingListener,
108: * HttpSessionListener
109: */
110: public void addEventListener(EventListener listener);
111:
112: /* ------------------------------------------------------------ */
113: public void removeEventListener(EventListener listener);
114:
115: /* ------------------------------------------------------------ */
116: public void clearEventListeners();
117:
118: /* ------------------------------------------------------------ */
119: /** Get a Cookie for a session.
120: * @param session The session to which the cookie should refer.
121: * @param contextPath The context to which the cookie should be linked. The client will only send the cookie value
122: * when requesting resources under this path.
123: * @param requestIsSecure Whether the client is accessing the server over a secure protocol (i.e. HTTPS).
124: * @return If this <code>SessionManager</code> uses cookies, then this method will return a new
125: * {@link Cookie cookie object} that should be set on the client in order to link future HTTP requests
126: * with the <code>session</code>. If cookies are not in use, this method returns <code>null</code>.
127: */
128: public Cookie getSessionCookie(HttpSession session,
129: String contextPath, boolean requestIsSecure);
130:
131: /* ------------------------------------------------------------ */
132: /**
133: * @return the cross context session meta manager.
134: */
135: public SessionIdManager getMetaManager();
136:
137: /* ------------------------------------------------------------ */
138: /**
139: * @param meta the cross context session meta manager.
140: */
141: public void setIdManager(SessionIdManager meta);
142:
143: /* ------------------------------------------------------------ */
144: public boolean isValid(HttpSession session);
145:
146: /* ------------------------------------------------------------ */
147: /** Called by the {@link SessionHandler} when a session is access by a request
148: * @return Cookie If non null, this cookie should be set on the response to either migrate
149: * the session or to refresh a cookie that may expire.
150: */
151: public Cookie access(HttpSession session, boolean secure);
152:
153: /* ------------------------------------------------------------ */
154: /** Called by the {@link SessionHandler} when a reqeuest is not longer
155: * handling a session. Not this includes new sessions, so there may not
156: * be a matching call to {@link #access(HttpSession)}.
157: *
158: */
159: public void complete(HttpSession session);
160:
161: public void setSessionCookie(String cookieName);
162:
163: public String getSessionCookie();
164:
165: public void setSessionURL(String url);
166:
167: public String getSessionURL();
168:
169: public String getSessionURLPrefix();
170:
171: public void setSessionDomain(String domain);
172:
173: public String getSessionDomain();
174:
175: public void setSessionPath(String path);
176:
177: public String getSessionPath();
178:
179: public void setMaxCookieAge(int maxCookieAgeInSeconds);
180:
181: public int getMaxCookieAge();
182:
183: }
|