org.rapidcontext.core.type

Class Session

java.lang.Object

org.rapidcontext.core.storage.StorableObject

org.rapidcontext.core.type.Session

public class Session
extends StorableObject

A logged-in user session. The session allows the user client to avoid re-sending authentication data on each request. The browser instead sends a persistent HTTP cookie, allowing the session to be loaded from disk or other storages.

Version:

1.0

Author:

Per Cederberg

Field Summary

Fields

Modifier and Type	Field and Description
static long	ACTIVE_MILLIS The default active session time (10 minutes).
static java.lang.ThreadLocal	activeSession The currently active session (for the current thread).
static java.lang.String	KEY_ACCESS_TIME The dictionary key for the last access timestamp.
static java.lang.String	KEY_CLIENT The dictionary key for the user agent string of the web browser.
static java.lang.String	KEY_CREATE_TIME The dictionary key for the creation timestamp.
static java.lang.String	KEY_DESTROY_TIME The dictionary key for the destruction timestamp.
static java.lang.String	KEY_FILES The dictionary key for the temporary session files.
static java.lang.String	KEY_IP The dictionary key for the source IP address.
static java.lang.String	KEY_USER The dictionary key for the user id.
static long	MAX_AGE_MILLIS The default maximum session age (30 days).
static Path	PATH The session object storage path.

Fields inherited from class org.rapidcontext.core.storage.StorableObject

dict, KEY_CLASSNAME, KEY_ID, KEY_TYPE

Constructor Summary

Constructors

Constructor and Description
Session(java.lang.String id, java.lang.String type, Dict dict) Creates a new session from a serialized representation.
Session(java.lang.String user, java.lang.String ip, java.lang.String client) Creates a new session for the specified user.

Method Summary

Modifier and Type	Method and Description
java.util.Date	accessTime() Returns the session last access timestamp.
void	addFile(java.lang.String id, java.io.File file) Adds a file to the session.
java.lang.String	client() Returns the session user agent string of the web browser.
java.util.Date	createTime() Returns the session creation timestamp.
protected void	destroy() Destroys this session.
java.util.Date	destroyTime() Returns the scheduled session destruction timestamp.
java.io.File	file(java.lang.String id) Returns a session file with the specified unique id.
Dict	files() Returns a dictionary of all session files.
static Session	find(Storage storage, java.lang.String id) Searches for a specific session in the storage.
void	invalidate() Invalidates this session by marking it as expired.
java.lang.String	ip() Returns the session source IP address.
protected boolean	isActive() Checks if this object is in active use.
protected boolean	isModified() Checks if this object has been modified since initialized from storage.
boolean	isNew() Checks if this session is new (hasn't been stored).
boolean	isValid() Checks if this session is valid (hasn't expired).
protected void	passivate() Discards the modified flag for this object.
static void	remove(Storage storage, java.lang.String id) Removes the specified session id from the provided storage.
void	removeAllFiles() Removes and deletes all session files.
static void	removeExpired(Storage storage) Removes all expired sessions from the provided storage.
void	removeFile(java.lang.String id) Removes and deletes a session file.
Dict	serialize() Returns a serialized representation of this object.
void	setClient(java.lang.String client) Sets the session user agent string of the web browser.
void	setIp(java.lang.String ip) Sets the session source IP address.
void	setUserId(java.lang.String userId) Sets the session user identifier if it was previously blank.
static void	store(Storage storage, Session session) Stores the specified session in the provided storage.
void	updateAccessTime() Updates the session last access timestamp to the current system time.
java.lang.String	userId() Returns the session user identifier.
void	validate() Validates this session.

Methods inherited from class org.rapidcontext.core.storage.StorableObject

activate, id, init, path, toString, type

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

PATH

public static final Path PATH

The session object storage path.

KEY_USER

public static final java.lang.String KEY_USER

The dictionary key for the user id.

See Also:

Constant Field Values

KEY_CREATE_TIME

public static final java.lang.String KEY_CREATE_TIME

The dictionary key for the creation timestamp.

See Also:

Constant Field Values

KEY_DESTROY_TIME

public static final java.lang.String KEY_DESTROY_TIME

The dictionary key for the destruction timestamp.

See Also:

Constant Field Values

KEY_ACCESS_TIME

public static final java.lang.String KEY_ACCESS_TIME

The dictionary key for the last access timestamp.

See Also:

Constant Field Values

KEY_IP

public static final java.lang.String KEY_IP

The dictionary key for the source IP address.

See Also:

Constant Field Values

KEY_CLIENT

public static final java.lang.String KEY_CLIENT

The dictionary key for the user agent string of the web browser.

See Also:

Constant Field Values

KEY_FILES

public static final java.lang.String KEY_FILES

The dictionary key for the temporary session files. All these files will be deleted when the session instance is destroyed (removed from in-memory storage).

See Also:

Constant Field Values

MAX_AGE_MILLIS

public static final long MAX_AGE_MILLIS

The default maximum session age (30 days).

See Also:

Constant Field Values

ACTIVE_MILLIS

public static final long ACTIVE_MILLIS

The default active session time (10 minutes).

See Also:

Constant Field Values

activeSession

public static java.lang.ThreadLocal activeSession

The currently active session (for the current thread).

Constructor Detail

Session

public Session(java.lang.String id,
               java.lang.String type,
               Dict dict)

Creates a new session from a serialized representation.

Parameters:

id - the object identifier

type - the object type name

dict - the serialized representation

Session

public Session(java.lang.String user,
               java.lang.String ip,
               java.lang.String client)

Creates a new session for the specified user.

Parameters:

user - the user id

ip - the source IP address

client - the browser user agent string

Method Detail

find

public static Session find(Storage storage,
                           java.lang.String id)

Searches for a specific session in the storage.

Parameters:

storage - the storage to search in

id - the session identifier

Returns:

the session found, or null if not found

store

public static void store(Storage storage,
                         Session session)
                  throws StorageException

Stores the specified session in the provided storage.

Parameters:

storage - the storage to use

session - the session to store

Throws:

StorageException - if the session couldn't be stored

remove

public static void remove(Storage storage,
                          java.lang.String id)

Removes the specified session id from the provided storage.

Parameters:

storage - the storage to use

id - the session id to remove

removeExpired

public static void removeExpired(Storage storage)

Removes all expired sessions from the provided storage. This method will load and examine sessions that have not been modified in 30 minutes.

Parameters:

storage - the storage to use

isActive

protected boolean isActive()

Checks if this object is in active use. This method returns true during 600 seconds after the last access, thereafter false.

Overrides:

isActive in class StorableObject

Returns:

true if the object is active, or false otherwise

isModified

protected boolean isModified()

Checks if this object has been modified since initialized from storage.

Overrides:

isModified in class StorableObject

Returns:

true if the object has been modified, or false otherwise

destroy

protected void destroy()

Destroys this session. This method is used to free resources used when the session is no longer in active use. It is called when the session instance is removed from in-memory storage (the object cache).

Overrides:

destroy in class StorableObject

passivate

protected void passivate()

Discards the modified flag for this object.

Overrides:

passivate in class StorableObject

serialize

public Dict serialize()

Returns a serialized representation of this object. Used when accessing the object from outside pure Java.

Overrides:

serialize in class StorableObject

Returns:

the serialized representation of this object

isNew

public boolean isNew()

Checks if this session is new (hasn't been stored).

Returns:

true if the session is new, or false otherwise

isValid

public boolean isValid()

Checks if this session is valid (hasn't expired).

Returns:

true if the session is valid, or false otherwise

userId

public java.lang.String userId()

Returns the session user identifier.

Returns:

the session user identifier.

setUserId

public void setUserId(java.lang.String userId)

Sets the session user identifier if it was previously blank. Once a session has been bound to a user, it cannot be bound to another user (or reset to a blank user).

Parameters:

userId - the new session user identifier

Throws:

java.lang.SecurityException - if the session couldn't be bound to the specified user identifier

createTime

public java.util.Date createTime()

Returns the session creation timestamp.

Returns:

the session creation timestamp.

destroyTime

public java.util.Date destroyTime()

Returns the scheduled session destruction timestamp.

Returns:

the session destruction timestamp.

accessTime

public java.util.Date accessTime()

Returns the session last access timestamp.

Returns:

the session last access timestamp.

updateAccessTime

public void updateAccessTime()

Updates the session last access timestamp to the current system time.

ip

public java.lang.String ip()

Returns the session source IP address. May be in either IPv4 or IPv6 format.

Returns:

the session source IP address.

setIp

public void setIp(java.lang.String ip)

Sets the session source IP address. May be in either IPv4 or IPv6 format.

Parameters:

ip - the new session source IP address.

client

public java.lang.String client()

Returns the session user agent string of the web browser.

Returns:

the session user agent string.

setClient

public void setClient(java.lang.String client)

Sets the session user agent string of the web browser.

Parameters:

client - the session user agent string.

files

public Dict files()

Returns a dictionary of all session files. The files are indexed by their unique id.

Returns:

a dictionary of all files

file

public java.io.File file(java.lang.String id)

Returns a session file with the specified unique id.

Parameters:

id - the file id

Returns:

the session file, or null if no such file was found

addFile

public void addFile(java.lang.String id,
                    java.io.File file)

Adds a file to the session. The file will be automatically deleted when the session expires or is moved from memory to persistent storage.

Parameters:

id - the file id

file - the file to add

removeFile

public void removeFile(java.lang.String id)

Removes and deletes a session file. If the file has been moved from its original location, it wont be deleted.

Parameters:

id - the file id

removeAllFiles

public void removeAllFiles()

Removes and deletes all session files. If the files have been moved from their original location, they wont be deleted.

validate

public void validate()
              throws java.lang.SecurityException

Validates this session. If the session isn't valid any more (expired), a security exception is thrown.

Throws:

java.lang.SecurityException - if the session didn't match the the provided values

invalidate

public void invalidate()

Invalidates this session by marking it as expired. This operation is irreversible and will eventually cause the removal of the session in the storage.