Class StandardSession
- java.lang.Object
- 
- org.apache.catalina.session.StandardSession
 
- 
- All Implemented Interfaces:
- java.io.Serializable,- HttpSession,- Session
 - Direct Known Subclasses:
- DeltaSession
 
 public class StandardSession extends java.lang.Object implements HttpSession, Session, java.io.Serializable Standard implementation of the Session interface. This object is serializable, so that it can be stored in persistent storage or transferred to a different JVM for distributable session support.IMPLEMENTATION NOTE: An instance of this class represents both the internal (Session) and application level (HttpSession) view of the session. However, because the class itself is not declared public, Java logic outside of the org.apache.catalina.sessionpackage cannot cast an HttpSession view of this instance back to a Session view.IMPLEMENTATION NOTE: If you add fields to this class, you must make sure that you carry them over in the read/writeObject methods so that this class is properly serialized. - Author:
- Craig R. McClanahan, Sean Legassick, Jon S. Stevens
- See Also:
- Serialized Form
 
- 
- 
Field SummaryFields Modifier and Type Field Description protected java.util.concurrent.atomic.AtomicIntegeraccessCountThe access count for this session.protected static booleanACTIVITY_CHECKprotected java.util.concurrent.ConcurrentMap<java.lang.String,java.lang.Object>attributesThe collection of user data attributes associated with this Session.protected java.lang.StringauthTypeThe authentication type used to authenticate our cached Principal, if any.protected longcreationTimeThe time this session was created, in milliseconds since midnight, January 1, 1970 GMT.protected static java.lang.String[]EMPTY_ARRAYType array.protected booleanexpiringWe are currently processing a session expiration, so bypass certain IllegalStateException tests.protected StandardSessionFacadefacadeThe facade associated with this session.protected java.lang.StringidThe session identifier of this Session.protected booleanisNewFlag indicating whether this session is new or not.protected booleanisValidFlag indicating whether this session is valid or not.protected static booleanLAST_ACCESS_AT_STARTprotected longlastAccessedTimeThe last accessed time for this Session.protected java.util.ArrayList<SessionListener>listenersThe session event listeners for this Session.protected ManagermanagerThe Manager with which this Session is associated.protected intmaxInactiveIntervalThe maximum time interval, in seconds, between client requests before the servlet container may invalidate this session.protected java.util.Map<java.lang.String,java.lang.Object>notesInternal notes associated with this session by Catalina components and event listeners.protected java.security.PrincipalprincipalThe authenticated Principal associated with this session, if any.protected static HttpSessionContextsessionContextDeprecated.protected static StringManagersmThe string manager for this package.protected static booleanSTRICT_SERVLET_COMPLIANCEprotected java.beans.PropertyChangeSupportsupportThe property change support for this component.protected longthisAccessedTimeThe current accessed time for this session.- 
Fields inherited from interface org.apache.catalina.SessionSESSION_ACTIVATED_EVENT, SESSION_CREATED_EVENT, SESSION_DESTROYED_EVENT, SESSION_PASSIVATED_EVENT
 
- 
 - 
Constructor SummaryConstructors Constructor Description StandardSession(Manager manager)Construct a new Session associated with the specified Manager.
 - 
Method SummaryAll Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description voidaccess()Update the accessed time information for this session.voidactivate()Perform internal processing required to activate this session.voidaddSessionListener(SessionListener listener)Add a session event listener to this component.protected voiddoReadObject(java.io.ObjectInputStream stream)Read a serialized version of this session object from the specified object input stream.protected voiddoWriteObject(java.io.ObjectOutputStream stream)Write a serialized version of this session object to the specified object output stream.voidendAccess()End the access.protected booleanexclude(java.lang.String name, java.lang.Object value)Should the given session attribute be excluded?voidexpire()Perform the internal processing required to invalidate this session, without triggering an exception if the session has already expired.voidexpire(boolean notify)Perform the internal processing required to invalidate this session, without triggering an exception if the session has already expired.voidfireSessionEvent(java.lang.String type, java.lang.Object data)Notify all session event listeners that a particular event has occurred for this Session.java.lang.ObjectgetAttribute(java.lang.String name)Return the object bound with the specified name in this session, ornullif no object is bound with that name.java.util.Enumeration<java.lang.String>getAttributeNames()Return anEnumerationofStringobjects containing the names of the objects bound to this session.java.lang.StringgetAuthType()Return the authentication type used to authenticate our cached Principal, if any.longgetCreationTime()Return the time when this session was created, in milliseconds since midnight, January 1, 1970 GMT.longgetCreationTimeInternal()Return the time when this session was created, in milliseconds since midnight, January 1, 1970 GMT, bypassing the session validation checks.java.lang.StringgetId()Return the session identifier for this session.java.lang.StringgetIdInternal()Return the session identifier for this session.longgetIdleTime()Return the idle time (in milliseconds) from last client access time.longgetIdleTimeInternal()Return the idle time from last client access time without invalidation checklonggetLastAccessedTime()Return the last time the client sent a request associated with this session, as the number of milliseconds since midnight, January 1, 1970 GMT.longgetLastAccessedTimeInternal()Return the last client access time without invalidation checkManagergetManager()Return the Manager within which this Session is valid.intgetMaxInactiveInterval()Return the maximum time interval, in seconds, between client requests before the servlet container will invalidate the session.java.lang.ObjectgetNote(java.lang.String name)Return the object bound with the specified name to the internal notes for this session, ornullif no such binding exists.java.util.Iterator<java.lang.String>getNoteNames()Return an Iterator containing the String names of all notes bindings that exist for this session.java.security.PrincipalgetPrincipal()Return the authenticated Principal that is associated with this Session.ServletContextgetServletContext()Return the ServletContext to which this session belongs.HttpSessiongetSession()Return theHttpSessionfor which this object is the facade.HttpSessionContextgetSessionContext()Deprecated.As of Version 2.1, this method is deprecated and has no replacement.longgetThisAccessedTime()Return the last time the client sent a request associated with this session, as the number of milliseconds since midnight, January 1, 1970 GMT.longgetThisAccessedTimeInternal()Return the last client access time without invalidation checkjava.lang.ObjectgetValue(java.lang.String name)Deprecated.As of Version 2.2, this method is replaced bygetAttribute()java.lang.String[]getValueNames()Deprecated.As of Version 2.2, this method is replaced bygetAttributeNames()voidinvalidate()Invalidates this session and unbinds any objects bound to it.booleanisAttributeDistributable(java.lang.String name, java.lang.Object value)Does the session implementation support the distributing of the given attribute?booleanisNew()Returntrueif the client does not yet know about the session, or if the client chooses not to join the session.booleanisValid()Return theisValidflag for this session.protected booleanisValidInternal()protected java.lang.String[]keys()voidpassivate()Perform the internal processing required to passivate this session.voidputValue(java.lang.String name, java.lang.Object value)Deprecated.As of Version 2.2, this method is replaced bysetAttribute()voidreadObjectData(java.io.ObjectInputStream stream)Read a serialized version of the contents of this session object from the specified object input stream, without requiring that the StandardSession itself have been serialized.voidrecycle()Release all object references, and initialize instance variables, in preparation for reuse of this object.voidremoveAttribute(java.lang.String name)Remove the object bound with the specified name from this session.voidremoveAttribute(java.lang.String name, boolean notify)Remove the object bound with the specified name from this session.protected voidremoveAttributeInternal(java.lang.String name, boolean notify)Remove the object bound with the specified name from this session.voidremoveNote(java.lang.String name)Remove any object bound to the specified name in the internal notes for this session.voidremoveSessionListener(SessionListener listener)Remove a session event listener from this component.voidremoveValue(java.lang.String name)Deprecated.As of Version 2.2, this method is replaced byremoveAttribute()voidsetAttribute(java.lang.String name, java.lang.Object value)Bind an object to this session, using the specified name.voidsetAttribute(java.lang.String name, java.lang.Object value, boolean notify)Bind an object to this session, using the specified name.voidsetAuthType(java.lang.String authType)Set the authentication type used to authenticate our cached Principal, if any.voidsetCreationTime(long time)Set the creation time for this session.voidsetId(java.lang.String id)Set the session identifier for this session.voidsetId(java.lang.String id, boolean notify)Set the session identifier for this session and optionally notifies any associated listeners that a new session has been created.voidsetManager(Manager manager)Set the Manager within which this Session is valid.voidsetMaxInactiveInterval(int interval)Set the maximum time interval, in seconds, between client requests before the servlet container will invalidate the session.voidsetNew(boolean isNew)Set theisNewflag for this session.voidsetNote(java.lang.String name, java.lang.Object value)Bind an object to a specified name in the internal notes associated with this session, replacing any existing binding for this name.voidsetPrincipal(java.security.Principal principal)Set the authenticated Principal that is associated with this Session.voidsetValid(boolean isValid)Set theisValidflag for this session.voidtellChangedSessionId(java.lang.String newId, java.lang.String oldId, boolean notifySessionListeners, boolean notifyContainerListeners)Inform the listeners about the change session ID.voidtellNew()Inform the listeners about the new session.java.lang.StringtoString()Return a string representation of this object.voidwriteObjectData(java.io.ObjectOutputStream stream)Write a serialized version of the contents of this session object to the specified object output stream, without requiring that the StandardSession itself have been serialized.
 
- 
- 
- 
Field Detail- 
STRICT_SERVLET_COMPLIANCEprotected static final boolean STRICT_SERVLET_COMPLIANCE 
 - 
ACTIVITY_CHECKprotected static final boolean ACTIVITY_CHECK 
 - 
LAST_ACCESS_AT_STARTprotected static final boolean LAST_ACCESS_AT_START 
 - 
EMPTY_ARRAYprotected static final java.lang.String[] EMPTY_ARRAY Type array.
 - 
attributesprotected java.util.concurrent.ConcurrentMap<java.lang.String,java.lang.Object> attributes The collection of user data attributes associated with this Session.
 - 
authTypeprotected transient java.lang.String authType The authentication type used to authenticate our cached Principal, if any. NOTE: This value is not included in the serialized version of this object.
 - 
creationTimeprotected long creationTime The time this session was created, in milliseconds since midnight, January 1, 1970 GMT.
 - 
expiringprotected transient volatile boolean expiring We are currently processing a session expiration, so bypass certain IllegalStateException tests. NOTE: This value is not included in the serialized version of this object.
 - 
facadeprotected transient StandardSessionFacade facade The facade associated with this session. NOTE: This value is not included in the serialized version of this object.
 - 
idprotected java.lang.String id The session identifier of this Session.
 - 
lastAccessedTimeprotected volatile long lastAccessedTime The last accessed time for this Session.
 - 
listenersprotected transient java.util.ArrayList<SessionListener> listeners The session event listeners for this Session.
 - 
managerprotected transient Manager manager The Manager with which this Session is associated.
 - 
maxInactiveIntervalprotected volatile int maxInactiveInterval The maximum time interval, in seconds, between client requests before the servlet container may invalidate this session. A negative time indicates that the session should never time out.
 - 
isNewprotected volatile boolean isNew Flag indicating whether this session is new or not.
 - 
isValidprotected volatile boolean isValid Flag indicating whether this session is valid or not.
 - 
notesprotected transient java.util.Map<java.lang.String,java.lang.Object> notes Internal notes associated with this session by Catalina components and event listeners. IMPLEMENTATION NOTE: This object is not saved and restored across session serializations!
 - 
principalprotected transient java.security.Principal principal The authenticated Principal associated with this session, if any. IMPLEMENTATION NOTE: This object is not saved and restored across session serializations!
 - 
smprotected static final StringManager sm The string manager for this package.
 - 
sessionContext@Deprecated protected static volatile HttpSessionContext sessionContext Deprecated.The HTTP session context associated with this session.
 - 
supportprotected final transient java.beans.PropertyChangeSupport support The property change support for this component. NOTE: This value is not included in the serialized version of this object.
 - 
thisAccessedTimeprotected volatile long thisAccessedTime The current accessed time for this session.
 - 
accessCountprotected transient java.util.concurrent.atomic.AtomicInteger accessCount The access count for this session.
 
- 
 - 
Constructor Detail- 
StandardSessionpublic StandardSession(Manager manager) Construct a new Session associated with the specified Manager.- Parameters:
- manager- The manager with which this Session is associated
 
 
- 
 - 
Method Detail- 
getAuthTypepublic java.lang.String getAuthType() Return the authentication type used to authenticate our cached Principal, if any.- Specified by:
- getAuthTypein interface- Session
- Returns:
- the authentication type used to authenticate our cached Principal, if any.
 
 - 
setAuthTypepublic void setAuthType(java.lang.String authType) Set the authentication type used to authenticate our cached Principal, if any.- Specified by:
- setAuthTypein interface- Session
- Parameters:
- authType- The new cached authentication type
 
 - 
setCreationTimepublic void setCreationTime(long time) Set the creation time for this session. This method is called by the Manager when an existing Session instance is reused.- Specified by:
- setCreationTimein interface- Session
- Parameters:
- time- The new creation time
 
 - 
getIdpublic java.lang.String getId() Return the session identifier for this session.- Specified by:
- getIdin interface- HttpSession
- Specified by:
- getIdin interface- Session
- Returns:
- a string specifying the identifier assigned to this session
 
 - 
getIdInternalpublic java.lang.String getIdInternal() Return the session identifier for this session.- Specified by:
- getIdInternalin interface- Session
- Returns:
- the session identifier for this session.
 
 - 
setIdpublic void setId(java.lang.String id) Set the session identifier for this session.
 - 
setIdpublic void setId(java.lang.String id, boolean notify)Description copied from interface:SessionSet the session identifier for this session and optionally notifies any associated listeners that a new session has been created.
 - 
tellNewpublic void tellNew() Inform the listeners about the new session.
 - 
tellChangedSessionIdpublic void tellChangedSessionId(java.lang.String newId, java.lang.String oldId, boolean notifySessionListeners, boolean notifyContainerListeners)Inform the listeners about the change session ID.- Specified by:
- tellChangedSessionIdin interface- Session
- Parameters:
- newId- new session ID
- oldId- old session ID
- notifySessionListeners- Should any associated sessionListeners be notified that session ID has been changed?
- notifyContainerListeners- Should any associated ContainerListeners be notified that session ID has been changed?
 
 - 
getThisAccessedTimepublic long getThisAccessedTime() Return the last time the client sent a request associated with this session, as the number of milliseconds since midnight, January 1, 1970 GMT. Actions that your application takes, such as getting or setting a value associated with the session, do not affect the access time. This one gets updated whenever a request starts.- Specified by:
- getThisAccessedTimein interface- Session
- Returns:
- the last time the client sent a request associated with this session, as the number of milliseconds since midnight, January 1, 1970 GMT. Actions that your application takes, such as getting or setting a value associated with the session, do not affect the access time. This one gets updated whenever a request starts.
 
 - 
getThisAccessedTimeInternalpublic long getThisAccessedTimeInternal() Return the last client access time without invalidation check- Specified by:
- getThisAccessedTimeInternalin interface- Session
- Returns:
- the last client access time without invalidation check
- See Also:
- getThisAccessedTime()
 
 - 
getLastAccessedTimepublic long getLastAccessedTime() Return the last time the client sent a request associated with this session, as the number of milliseconds since midnight, January 1, 1970 GMT. Actions that your application takes, such as getting or setting a value associated with the session, do not affect the access time. This one gets updated whenever a request finishes.- Specified by:
- getLastAccessedTimein interface- HttpSession
- Specified by:
- getLastAccessedTimein interface- Session
- Returns:
- a longrepresenting the last time the client sent a request associated with this session, expressed in milliseconds since 1/1/1970 GMT
 
 - 
getLastAccessedTimeInternalpublic long getLastAccessedTimeInternal() Return the last client access time without invalidation check- Specified by:
- getLastAccessedTimeInternalin interface- Session
- Returns:
- the last client access time without invalidation check
- See Also:
- getLastAccessedTime()
 
 - 
getIdleTimepublic long getIdleTime() Return the idle time (in milliseconds) from last client access time.- Specified by:
- getIdleTimein interface- Session
- Returns:
- the idle time (in milliseconds) from last client access time.
 
 - 
getIdleTimeInternalpublic long getIdleTimeInternal() Return the idle time from last client access time without invalidation check- Specified by:
- getIdleTimeInternalin interface- Session
- Returns:
- the idle time from last client access time without invalidation check
- See Also:
- getIdleTime()
 
 - 
getManagerpublic Manager getManager() Return the Manager within which this Session is valid.- Specified by:
- getManagerin interface- Session
- Returns:
- the Manager within which this Session is valid.
 
 - 
setManagerpublic void setManager(Manager manager) Set the Manager within which this Session is valid.- Specified by:
- setManagerin interface- Session
- Parameters:
- manager- The new Manager
 
 - 
getMaxInactiveIntervalpublic int getMaxInactiveInterval() Return the maximum time interval, in seconds, between client requests before the servlet container will invalidate the session. A negative time indicates that the session should never time out.- Specified by:
- getMaxInactiveIntervalin interface- HttpSession
- Specified by:
- getMaxInactiveIntervalin interface- Session
- Returns:
- an integer specifying the number of seconds this session remains open between client requests
- See Also:
- HttpSession.setMaxInactiveInterval(int)
 
 - 
setMaxInactiveIntervalpublic void setMaxInactiveInterval(int interval) Set the maximum time interval, in seconds, between client requests before the servlet container will invalidate the session. A zero or negative time indicates that the session should never time out.- Specified by:
- setMaxInactiveIntervalin interface- HttpSession
- Specified by:
- setMaxInactiveIntervalin interface- Session
- Parameters:
- interval- The new maximum interval
 
 - 
setNewpublic void setNew(boolean isNew) Set theisNewflag for this session.
 - 
getPrincipalpublic java.security.Principal getPrincipal() Return the authenticated Principal that is associated with this Session. This provides anAuthenticatorwith a means to cache a previously authenticated Principal, and avoid potentially expensiveRealm.authenticate()calls on every request. If there is no current associated Principal, returnnull.- Specified by:
- getPrincipalin interface- Session
- Returns:
- the authenticated Principal that is associated with this Session.
 This provides an Authenticatorwith a means to cache a previously authenticated Principal, and avoid potentially expensiveRealm.authenticate()calls on every request. If there is no current associated Principal, returnnull.
 
 - 
setPrincipalpublic void setPrincipal(java.security.Principal principal) Set the authenticated Principal that is associated with this Session. This provides anAuthenticatorwith a means to cache a previously authenticated Principal, and avoid potentially expensiveRealm.authenticate()calls on every request.- Specified by:
- setPrincipalin interface- Session
- Parameters:
- principal- The new Principal, or- nullif none
 
 - 
getSessionpublic HttpSession getSession() Return theHttpSessionfor which this object is the facade.- Specified by:
- getSessionin interface- Session
- Returns:
- the HttpSessionfor which this object is the facade.
 
 - 
isValidpublic boolean isValid() Return theisValidflag for this session.
 - 
setValidpublic void setValid(boolean isValid) Set theisValidflag for this session.
 - 
accesspublic void access() Update the accessed time information for this session. This method should be called by the context when a request comes in for a particular session, even if the application does not reference it.
 - 
addSessionListenerpublic void addSessionListener(SessionListener listener) Add a session event listener to this component.- Specified by:
- addSessionListenerin interface- Session
- Parameters:
- listener- the SessionListener instance that should be notified for session events
 
 - 
expirepublic void expire() Perform the internal processing required to invalidate this session, without triggering an exception if the session has already expired.
 - 
expirepublic void expire(boolean notify) Perform the internal processing required to invalidate this session, without triggering an exception if the session has already expired.- Parameters:
- notify- Should we notify listeners about the demise of this session?
 
 - 
passivatepublic void passivate() Perform the internal processing required to passivate this session.
 - 
activatepublic void activate() Perform internal processing required to activate this session.
 - 
getNotepublic java.lang.Object getNote(java.lang.String name) Return the object bound with the specified name to the internal notes for this session, ornullif no such binding exists.
 - 
getNoteNamespublic java.util.Iterator<java.lang.String> getNoteNames() Return an Iterator containing the String names of all notes bindings that exist for this session.- Specified by:
- getNoteNamesin interface- Session
- Returns:
- an Iterator containing the String names of all notes bindings that exist for this session.
 
 - 
recyclepublic void recycle() Release all object references, and initialize instance variables, in preparation for reuse of this object.
 - 
removeNotepublic void removeNote(java.lang.String name) Remove any object bound to the specified name in the internal notes for this session.- Specified by:
- removeNotein interface- Session
- Parameters:
- name- Name of the note to be removed
 
 - 
removeSessionListenerpublic void removeSessionListener(SessionListener listener) Remove a session event listener from this component.- Specified by:
- removeSessionListenerin interface- Session
- Parameters:
- listener- remove the session listener, which will no longer be notified
 
 - 
setNotepublic void setNote(java.lang.String name, java.lang.Object value)Bind an object to a specified name in the internal notes associated with this session, replacing any existing binding for this name.
 - 
toStringpublic java.lang.String toString() Return a string representation of this object.- Overrides:
- toStringin class- java.lang.Object
 
 - 
readObjectDatapublic void readObjectData(java.io.ObjectInputStream stream) throws java.lang.ClassNotFoundException, java.io.IOExceptionRead a serialized version of the contents of this session object from the specified object input stream, without requiring that the StandardSession itself have been serialized.- Parameters:
- stream- The object input stream to read from
- Throws:
- java.lang.ClassNotFoundException- if an unknown class is specified
- java.io.IOException- if an input/output error occurs
 
 - 
writeObjectDatapublic void writeObjectData(java.io.ObjectOutputStream stream) throws java.io.IOExceptionWrite a serialized version of the contents of this session object to the specified object output stream, without requiring that the StandardSession itself have been serialized.- Parameters:
- stream- The object output stream to write to
- Throws:
- java.io.IOException- if an input/output error occurs
 
 - 
getCreationTimepublic long getCreationTime() Return the time when this session was created, in milliseconds since midnight, January 1, 1970 GMT.- Specified by:
- getCreationTimein interface- HttpSession
- Specified by:
- getCreationTimein interface- Session
- Returns:
- a longspecifying when this session was created, expressed in milliseconds since 1/1/1970 GMT
- Throws:
- java.lang.IllegalStateException- if this method is called on an invalidated session
 
 - 
getCreationTimeInternalpublic long getCreationTimeInternal() Return the time when this session was created, in milliseconds since midnight, January 1, 1970 GMT, bypassing the session validation checks.- Specified by:
- getCreationTimeInternalin interface- Session
- Returns:
- the creation time for this session, bypassing the session validity checks.
 
 - 
getServletContextpublic ServletContext getServletContext() Return the ServletContext to which this session belongs.- Specified by:
- getServletContextin interface- HttpSession
- Returns:
- The ServletContext object for the web application
 
 - 
getSessionContext@Deprecated public HttpSessionContext getSessionContext() Deprecated.As of Version 2.1, this method is deprecated and has no replacement. It will be removed in a future version of the Java Servlet API.Return the session context with which this session is associated.- Specified by:
- getSessionContextin interface- HttpSession
- Returns:
- A dummy implementation of HttpSessionContext
 
 - 
getAttributepublic java.lang.Object getAttribute(java.lang.String name) Return the object bound with the specified name in this session, ornullif no object is bound with that name.- Specified by:
- getAttributein interface- HttpSession
- Parameters:
- name- Name of the attribute to be returned
- Returns:
- the object with the specified name
- Throws:
- java.lang.IllegalStateException- if this method is called on an invalidated session
 
 - 
getAttributeNamespublic java.util.Enumeration<java.lang.String> getAttributeNames() Return anEnumerationofStringobjects containing the names of the objects bound to this session.- Specified by:
- getAttributeNamesin interface- HttpSession
- Returns:
- an EnumerationofStringobjects specifying the names of all the objects bound to this session
- Throws:
- java.lang.IllegalStateException- if this method is called on an invalidated session
 
 - 
getValue@Deprecated public java.lang.Object getValue(java.lang.String name) Deprecated.As of Version 2.2, this method is replaced bygetAttribute()Return the object bound with the specified name in this session, ornullif no object is bound with that name.- Specified by:
- getValuein interface- HttpSession
- Parameters:
- name- Name of the value to be returned
- Returns:
- the object with the specified name
- Throws:
- java.lang.IllegalStateException- if this method is called on an invalidated session
 
 - 
getValueNames@Deprecated public java.lang.String[] getValueNames() Deprecated.As of Version 2.2, this method is replaced bygetAttributeNames()Return the set of names of objects bound to this session. If there are no such objects, a zero-length array is returned.- Specified by:
- getValueNamesin interface- HttpSession
- Returns:
- an array of Stringobjects specifying the names of all the objects bound to this session
- Throws:
- java.lang.IllegalStateException- if this method is called on an invalidated session
 
 - 
invalidatepublic void invalidate() Invalidates this session and unbinds any objects bound to it.- Specified by:
- invalidatein interface- HttpSession
- Throws:
- java.lang.IllegalStateException- if this method is called on an invalidated session
 
 - 
isNewpublic boolean isNew() Returntrueif the client does not yet know about the session, or if the client chooses not to join the session. For example, if the server used only cookie-based sessions, and the client has disabled the use of cookies, then a session would be new on each request.- Specified by:
- isNewin interface- HttpSession
- Returns:
- trueif the server has created a session, but the client has not yet joined
- Throws:
- java.lang.IllegalStateException- if this method is called on an invalidated session
 
 - 
putValue@Deprecated public void putValue(java.lang.String name, java.lang.Object value)Deprecated.As of Version 2.2, this method is replaced bysetAttribute()Bind an object to this session, using the specified name. If an object of the same name is already bound to this session, the object is replaced.After this method executes, and if the object implements HttpSessionBindingListener, the container callsvalueBound()on the object.- Specified by:
- putValuein interface- HttpSession
- Parameters:
- name- Name to which the object is bound, cannot be null
- value- Object to be bound, cannot be null
- Throws:
- java.lang.IllegalStateException- if this method is called on an invalidated session
 
 - 
removeAttributepublic void removeAttribute(java.lang.String name) Remove the object bound with the specified name from this session. If the session does not have an object bound with this name, this method does nothing.After this method executes, and if the object implements HttpSessionBindingListener, the container callsvalueUnbound()on the object.- Specified by:
- removeAttributein interface- HttpSession
- Parameters:
- name- Name of the object to remove from this session.
- Throws:
- java.lang.IllegalStateException- if this method is called on an invalidated session
 
 - 
removeAttributepublic void removeAttribute(java.lang.String name, boolean notify)Remove the object bound with the specified name from this session. If the session does not have an object bound with this name, this method does nothing.After this method executes, and if the object implements HttpSessionBindingListener, the container callsvalueUnbound()on the object.- Parameters:
- name- Name of the object to remove from this session.
- notify- Should we notify interested listeners that this attribute is being removed?
- Throws:
- java.lang.IllegalStateException- if this method is called on an invalidated session
 
 - 
removeValue@Deprecated public void removeValue(java.lang.String name) Deprecated.As of Version 2.2, this method is replaced byremoveAttribute()Remove the object bound with the specified name from this session. If the session does not have an object bound with this name, this method does nothing.After this method executes, and if the object implements HttpSessionBindingListener, the container callsvalueUnbound()on the object.- Specified by:
- removeValuein interface- HttpSession
- Parameters:
- name- Name of the object to remove from this session.
- Throws:
- java.lang.IllegalStateException- if this method is called on an invalidated session
 
 - 
setAttributepublic void setAttribute(java.lang.String name, java.lang.Object value)Bind an object to this session, using the specified name. If an object of the same name is already bound to this session, the object is replaced.After this method executes, and if the object implements HttpSessionBindingListener, the container callsvalueBound()on the object.- Specified by:
- setAttributein interface- HttpSession
- Parameters:
- name- Name to which the object is bound, cannot be null
- value- Object to be bound, cannot be null
- Throws:
- java.lang.IllegalArgumentException- if an attempt is made to add a non-serializable object in an environment marked distributable.
- java.lang.IllegalStateException- if this method is called on an invalidated session
 
 - 
setAttributepublic void setAttribute(java.lang.String name, java.lang.Object value, boolean notify)Bind an object to this session, using the specified name. If an object of the same name is already bound to this session, the object is replaced.After this method executes, and if the object implements HttpSessionBindingListener, the container callsvalueBound()on the object.- Parameters:
- name- Name to which the object is bound, cannot be null
- value- Object to be bound, cannot be null
- notify- whether to notify session listeners
- Throws:
- java.lang.IllegalArgumentException- if an attempt is made to add a non-serializable object in an environment marked distributable.
- java.lang.IllegalStateException- if this method is called on an invalidated session
 
 - 
isValidInternalprotected boolean isValidInternal() - Returns:
- the isValidflag for this session without any expiration check.
 
 - 
isAttributeDistributablepublic boolean isAttributeDistributable(java.lang.String name, java.lang.Object value)Does the session implementation support the distributing of the given attribute? If the Manager is marked as distributable, then this method must be used to check attributes before adding them to a session and anIllegalArgumentExceptionthrown if the proposed attribute is not distributable.Note that the Managerimplementation may further restrict which attributes are distributed but aManagerlevel restriction should not trigger anIllegalArgumentExceptioninHttpSession.setAttribute(String, Object)This implementation simply checks the value for serializability. Sub-classes might use other distribution technology not based on serialization and can override this check. - Specified by:
- isAttributeDistributablein interface- Session
- Parameters:
- name- The attribute name
- value- The attribute value
- Returns:
- trueif distribution is supported, otherwise- false
 
 - 
doReadObjectprotected void doReadObject(java.io.ObjectInputStream stream) throws java.lang.ClassNotFoundException, java.io.IOExceptionRead a serialized version of this session object from the specified object input stream.IMPLEMENTATION NOTE: The reference to the owning Manager is not restored by this method, and must be set explicitly. - Parameters:
- stream- The input stream to read from
- Throws:
- java.lang.ClassNotFoundException- if an unknown class is specified
- java.io.IOException- if an input/output error occurs
 
 - 
doWriteObjectprotected void doWriteObject(java.io.ObjectOutputStream stream) throws java.io.IOExceptionWrite a serialized version of this session object to the specified object output stream.IMPLEMENTATION NOTE: The owning Manager will not be stored in the serialized representation of this Session. After calling readObject(), you must set the associated Manager explicitly.IMPLEMENTATION NOTE: Any attribute that is not Serializable will be unbound from the session, with appropriate actions if it implements HttpSessionBindingListener. If you do not want any such attributes, be sure the distributableproperty of the associated Manager is set totrue.- Parameters:
- stream- The output stream to write to
- Throws:
- java.io.IOException- if an input/output error occurs
 
 - 
excludeprotected boolean exclude(java.lang.String name, java.lang.Object value)Should the given session attribute be excluded? This implementation checks: Note: This method deliberately does not checkisAttributeDistributable(String, Object)which is kept separate to support the checks required insetAttribute(String, Object, boolean)- Parameters:
- name- The attribute name
- value- The attribute value
- Returns:
- trueif the attribute should be excluded from distribution, otherwise- false
 
 - 
fireSessionEventpublic void fireSessionEvent(java.lang.String type, java.lang.Object data)Notify all session event listeners that a particular event has occurred for this Session. The default implementation performs this notification synchronously using the calling thread.- Parameters:
- type- Event type
- data- Event data
 
 - 
keysprotected java.lang.String[] keys() - Returns:
- the names of all currently defined session attributes as an array of Strings. If there are no defined attributes, a zero-length array is returned.
 
 - 
removeAttributeInternalprotected void removeAttributeInternal(java.lang.String name, boolean notify)Remove the object bound with the specified name from this session. If the session does not have an object bound with this name, this method does nothing.After this method executes, and if the object implements HttpSessionBindingListener, the container callsvalueUnbound()on the object.- Parameters:
- name- Name of the object to remove from this session.
- notify- Should we notify interested listeners that this attribute is being removed?
 
 
- 
 
-