com.iplanet.dpro.session

Class Session

java.lang.Object

com.iplanet.dpro.session.Session

All Implemented Interfaces:

Blacklistable, AMSession

Direct Known Subclasses:

StatelessSession

public class Session
extends Object
implements Blacklistable, AMSession

The Session class represents a session. It contains session related information such as session ID, session type (user/application), client ID (user ID or application ID), session idle time, time left on the session, and session state. It also allows applications to add listener for session events.

See Also:

SessionID, SessionListener

Field Summary

Fields

Modifier and Type	Field and Description
static String	CACHED_BASE_POLLING_PROPERTY
protected Hashtable<String,String>	sessionProperties All session related properties are stored as key-value pair in this table.
protected SessionState	sessionState Four possible values for the state of the session: Invalid Valid Inactive Destroyed

Constructor Summary

Constructors

Constructor and Description
Session(SessionID sid) Constructor used by this package only.

Method Summary

Modifier and Type	Method and Description
void	addInternalSessionListener() Add listener to Internal Session.
void	addSessionListener(SessionListener listener) Adds a session listener for session change events.
void	addSessionListener(SessionListener listener, boolean force) Adds a session listener for session change events.
String	dereferenceRestrictedTokenID(Session session, String restrictedId) Given a restricted token, returns the SSOTokenID of the master token can only be used if the requester is an app token This functionality is only available in server mode.
void	destroySession(Session session) Destroys a session.
long	getBlacklistExpiryTime() The time (in milliseconds from the UTC epoch) until this session can be removed from a session blacklist.
String	getClientDomain() Returns the client domain in the session.
String	getClientID() Returns the client ID in the session.
String	getCookieStr()
boolean	getCookieSupport() Returns true if cookies are supported else false.
SessionID	getID() Returns the session ID.
long	getIdleTime() Returns the session idle time in seconds.
long	getLatestRefreshTime() Gets the time at which the Session was last refreshed from the master copy (in seconds).
long	getMaxCachingTime() Returns the maximum session caching time in minutes.
long	getMaxIdleTime() Returns the maximum session idle time in minutes.
long	getMaxSessionTime() Returns the maximum session time in minutes.
String	getProperty(String name) Gets the property stored in this session.
String	getPropertyWithoutValidation(String name) Gets the property stored in this session.
AtomicBoolean	getRemoved()
TokenRestriction	getRestriction()
static Session	getSession(SessionID sid)
SessionID	getSessionID()
URL	getSessionServiceURL() Gets the Session Service URL for this session object.
String	getStableStorageID() Returns a stable ID that can be used as a unique identifier when storing this session.
SessionState	getState(boolean reset) Returns the state of the session.
long	getTimeLeft() Returns the time left for this session in seconds.
SessionType	getType() Returns the session type.
SearchResults<Session>	getValidSessions(String server, String pattern) Gets all valid sessions from the specified session server.
static void	invokeListeners(SessionEvent sessionEvent) Invokes all listeners on the Session associated with the event.
boolean	isRestricted() Returns true if the SSOTokenID associated with this SSOToken is a restricted token, false otherwise.
boolean	isTimedOut() Returns true if the session has timed out.
void	logout() Logs out a session.
boolean	maxCachingTimeReached() Used to find out if the maximum caching time has reached or not.
void	refresh(boolean reset) Gets the latest session from session server and updates the local cache of this session.
void	setContext(Object context)
void	setCookieMode(Boolean cookieMode) Set the cookie Mode based on whether the request has cookies or not.
void	setCookieStr(String str)
protected void	setID(SessionID sessionID) Updates the ID of the session.
void	setProperty(String name, String value) Sets a property for this session.
protected void	setRestriction(TokenRestriction restriction) Sets a token restriction on this session.
void	setState(SessionState state)
void	timeout() Set the timeout time for this Session if it wasn't already set.
String	toString()
void	update(SessionInfo info) Updates the session from the session information server.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

CACHED_BASE_POLLING_PROPERTY

public static final String CACHED_BASE_POLLING_PROPERTY

See Also:

Constant Field Values

sessionState

protected SessionState sessionState

Four possible values for the state of the session:

• Invalid
• Valid
• Inactive
• Destroyed

sessionProperties

protected Hashtable<String,String> sessionProperties

All session related properties are stored as key-value pair in this table.

Constructor Detail

Session

public Session(SessionID sid)

Constructor used by this package only. ClientSDK: This code has to operate both on the serer and the client. It needs to be able to resolve dependencies in an appropriate way in both conditions.

Method Detail

getRemoved

public AtomicBoolean getRemoved()

getSessionID

public SessionID getSessionID()

getCookieStr

public String getCookieStr()

setCookieStr

public void setCookieStr(String str)

setContext

public void setContext(Object context)

getID

public SessionID getID()

Returns the session ID.

Specified by:

getID in interface AMSession

Returns:

The session ID.

setID

protected void setID(SessionID sessionID)

Updates the ID of the session. Used when updating a stateless session.

Parameters:

sessionID - the new session ID for the session.

getType

public SessionType getType()

Returns the session type.

Returns:

The session type.

getClientID

public String getClientID()

Returns the client ID in the session.

Returns:

The client ID in the session.

getClientDomain

public String getClientDomain()

Returns the client domain in the session.

Returns:

The client domain in the session.

getMaxSessionTime

public long getMaxSessionTime()

Returns the maximum session time in minutes.

Returns:

The maximum session time.

getMaxIdleTime

public long getMaxIdleTime()

Returns the maximum session idle time in minutes.

Returns:

The maximum session idle time.

isTimedOut

public boolean isTimedOut()
                   throws SessionException

Returns true if the session has timed out.

Returns:

true if session timed out, falseotherwise

Throws:

SessionException

getMaxCachingTime

public long getMaxCachingTime()

Returns the maximum session caching time in minutes.

Returns:

The maximum session caching time.

getIdleTime

public long getIdleTime()
                 throws SessionException

Returns the session idle time in seconds.

Returns:

The session idle time.

Throws:

SessionException - if the session reached its maximum session time, or the session was destroyed, or there was an error during communication with session service.

getTimeLeft

public long getTimeLeft()
                 throws SessionException

Returns the time left for this session in seconds.

Returns:

The time left for this session.

Throws:

SessionException - is thrown if the session reached its maximum session time, or the session was destroyed, or there was an error during communication with session service.

getBlacklistExpiryTime

public long getBlacklistExpiryTime()
                            throws BlacklistException

The time (in milliseconds from the UTC epoch) until this session can be removed from a session blacklist. This is guaranteed to be some time after the session has expired.

Specified by:

getBlacklistExpiryTime in interface Blacklistable

Returns:

the at which the session expires (if it has not already) plus a purge delay.

Throws:

BlacklistException - if the session has already expired or an error occurs.

getLatestRefreshTime

public long getLatestRefreshTime()

Gets the time at which the Session was last refreshed from the master copy (in seconds).

Returns:

The latest time at which the session was refreshed.

getState

public SessionState getState(boolean reset)
                      throws SessionException

Returns the state of the session.

Parameters:

reset - This parameter indicates that whether the Session Service needs to reset the latest access time on this session.

Returns:

The state of the session. The session state is one of the following: INVALID, VALID, INACTIVE, and DESTROYED.

Throws:

SessionException - is thrown if the session reached its maximum session time, or the session was destroyed, or there was an error during communication with session service.

setState

public void setState(SessionState state)

getProperty

public String getProperty(String name)
                   throws SessionException

Gets the property stored in this session.

Parameters:

name - The property name.

Returns:

The property value in String format.

Throws:

SessionException - is thrown if the session reached its maximum session time, or the session was destroyed, or there was an error during communication with session service.

dereferenceRestrictedTokenID

public String dereferenceRestrictedTokenID(Session session,
                                           String restrictedId)
                                    throws SessionException

Given a restricted token, returns the SSOTokenID of the master token can only be used if the requester is an app token This functionality is only available in server mode.

Parameters:

session - Must be an app token

restrictedId - The SSOTokenID of the restricted token

Returns:

The SSOTokenID string of the master token

Throws:

SSOException - If the master token cannot be dereferenced

SessionException

isRestricted

public boolean isRestricted()
                     throws SessionException

Returns true if the SSOTokenID associated with this SSOToken is a restricted token, false otherwise.

Returns:

true if the token is restricted

Throws:

SSOException - If we are unable to determine if the session is restricted

SessionException

getPropertyWithoutValidation

public String getPropertyWithoutValidation(String name)

Gets the property stored in this session.

Parameters:

name - The property name.

Returns:

The property value in String format only when run in the server mode else return null

setProperty

public void setProperty(String name,
                        String value)
                 throws SessionException

Sets a property for this session.

Parameters:

name - The property name.

value - The property value.

Throws:

SessionException - if the session reached its maximum session time, or the session was destroyed, or there was an error during communication with session service, or if the property name or value was null.

maxCachingTimeReached

public boolean maxCachingTimeReached()

Used to find out if the maximum caching time has reached or not.

getSessionServiceURL

public URL getSessionServiceURL()
                         throws SessionException

Gets the Session Service URL for this session object.

Returns:

The Session Service URL for this session.

Throws:

SessionException - when cannot get Session URL.

destroySession

public void destroySession(Session session)
                    throws SessionException

Destroys a session.

Parameters:

session - The session to be destroyed.

Throws:

SessionException - if there was an error during communication with session service, or the corresponding session reached its maximum session/idle time, or the session was destroyed.

logout

public void logout()
            throws SessionException

Logs out a session.

Throws:

SessionException - if there was an error during communication with session service. If the session logged out already, no exception will be thrown.

addSessionListener

public void addSessionListener(SessionListener listener)
                        throws SessionException

Adds a session listener for session change events.

Parameters:

listener - Session Listener object.

Throws:

SessionException - if the session state is not valid.

addSessionListener

public void addSessionListener(SessionListener listener,
                               boolean force)
                        throws SessionException

Adds a session listener for session change events.

Parameters:

listener - Session Listener object.

force - whether to ignore whether a Session is in the Invalid state. If false will throw an exception if the Session is Invalid.

Throws:

SessionException - if the session state is not valid.

getValidSessions

public SearchResults<Session> getValidSessions(String server,
                                               String pattern)
                                        throws SessionException

Gets all valid sessions from the specified session server. This session is subject to access control in order to get all sessions.

Parameters:

server - The session server name. If the server name contains protocol and port, the protocol and port will be used. Otherwise, the server protocol and port is default to the same protocol and port of the calling session.

Returns:

A Vector of Session objects.

Throws:

SessionException - if there was an error during communication with session service.

invokeListeners

public static void invokeListeners(SessionEvent sessionEvent)

Invokes all listeners on the Session associated with the event.

Parameters:

sessionEvent - Non null Session Event.

refresh

public void refresh(boolean reset)
             throws SessionException

Gets the latest session from session server and updates the local cache of this session.

Parameters:

reset - The flag to indicate whether to reset the latest session access time in the session server.

Throws:

SessionException - if the session reached its maximum session time, or the session was destroyed, or there was an error during communication with session service.

update

public void update(SessionInfo info)
            throws SessionException

Updates the session from the session information server.

Parameters:

info - Session Information.

Throws:

SessionException

setRestriction

protected void setRestriction(TokenRestriction restriction)

Sets a token restriction on this session. Optional operation - specific sub-classes can throw an exception if not supported.

Parameters:

restriction - the restriction to apply to this session.

Throws:

UnsupportedOperationException - if this session type does not support token restrictions.

timeout

public void timeout()

Set the timeout time for this Session if it wasn't already set.

addInternalSessionListener

public void addInternalSessionListener()

Add listener to Internal Session.

getCookieSupport

public boolean getCookieSupport()

Returns true if cookies are supported else false. The cookieSupport value is first determined from the Session ID object , if that is null then it is determined based on the cookie mode value set in the Session object else cookieSupport value is retrieved from the session property cookieSupport. If cookie Support value is not determined then the the default "false" is assumed.

setCookieMode

public void setCookieMode(Boolean cookieMode)

Set the cookie Mode based on whether the request has cookies or not. This method is called from createSSOToken(request) method in SSOTokenManager.

Parameters:

cookieMode - whether request has cookies or not.

getRestriction

public TokenRestriction getRestriction()
                                throws SessionException

Throws:

SessionException

getStableStorageID

public String getStableStorageID()

Returns a stable ID that can be used as a unique identifier when storing this session.

Specified by:

getStableStorageID in interface Blacklistable

Returns:

a unique stable storage id.

getSession

public static Session getSession(SessionID sid)
                          throws SessionException

Throws:

SessionException

toString

public String toString()

Overrides:

toString in class Object