org.jsecurity.session.mgt
Class AbstractSessionManager

java.lang.Object
  org.jsecurity.session.mgt.AbstractSessionManager

All Implemented Interfaces:

SessionManager, SessionListenerRegistrar

Direct Known Subclasses:

AbstractValidatingSessionManager, ServletContainerSessionManager

public abstract class AbstractSessionManager
extends Object
implements SessionManager, SessionListenerRegistrar

Since:

0.1

Author:

Les Hazlewood

Field Summary

protected Collection<SessionListener>

listeners

Constructor Summary

AbstractSessionManager()

Method Summary

void	add(SessionListener listener)
protected Session	beforeInvalidNotification(Session session) Returns the session instance to use to pass to registered SessionListeners for notification that the session has been invalidated (stopped or expired).
protected abstract Session	createSession(InetAddress originatingHost)
protected abstract Session	doGetSession(Serializable sessionId)
Object	getAttribute(Serializable sessionId, Object key) Returns the object bound to the specified session identified by the specified key.
Collection<Object>	getAttributeKeys(Serializable sessionId) Returns the keys of all the attributes stored under the session identified by sessionId.
InetAddress	getHostAddress(Serializable sessionId) Returns the IP address of the host where the session was started, if known.
Date	getLastAccessTime(Serializable sessionId) Returns the time the Session identified by the specified sessionId last interacted with the system.
protected Session	getSession(Serializable sessionId)
Date	getStartTimestamp(Serializable sessionId) Returns the time the Session identified by the specified sessionId was started in the system.
long	getTimeout(Serializable sessionId) Returns the time in milliseconds that the specified session may remain idle before expiring.
boolean	isValid(Serializable sessionId) Returns true if the session is valid (it exists and is not stopped nor expired), false otherwise.
protected void	notifyExpiration(Session session)
protected void	notifyStart(Session session)
protected void	notifyStop(Session session)
protected void	onChange(Session s)
protected void	onExpiration(Session session)
protected void	onStop(Session session)
boolean	remove(SessionListener listener)
Object	removeAttribute(Serializable sessionId, Object key) Removes (unbinds) the object bound to this session under the specified key name.
void	setAttribute(Serializable sessionId, Object key, Object value) Binds the specified value to the specified session uniquely identified by the specifed key name.
void	setSessionListeners(Collection<SessionListener> listeners)
void	setTimeout(Serializable sessionId, long maxIdleTimeInMillis) Sets the time in milliseconds that the specified session may remain idle before expiring.
Serializable	start(InetAddress originatingHost) Starts a new session within the system for the host with the specified originating IP address.
void	stop(Serializable sessionId) Explicitly stops the session identified by sessionId, thereby releasing all associated resources.
protected void	stop(Session session)
void	touch(Serializable sessionId) Updates the last accessed time of the session identified by sessionId.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

listeners

protected Collection<SessionListener> listeners

Constructor Detail

AbstractSessionManager

public AbstractSessionManager()

Method Detail

setSessionListeners

public void setSessionListeners(Collection<SessionListener> listeners)

Specified by:

setSessionListeners in interface SessionListenerRegistrar

add

public void add(SessionListener listener)

Specified by:

add in interface SessionListenerRegistrar

remove

public boolean remove(SessionListener listener)

Specified by:

remove in interface SessionListenerRegistrar

start

public Serializable start(InetAddress originatingHost)
                   throws HostUnauthorizedException,
                          IllegalArgumentException

Description copied from interface: SessionManager

Starts a new session within the system for the host with the specified originating IP address.

Note: see the SessionFactory.init(InetAddress) method about the implications of using InetAddresses in access control policies.

Specified by:

start in interface SessionManager

Parameters:

originatingHost - the originating host InetAddress of the external party (user, 3rd party product, etc) that is attempting to interact with the system.

Returns:

the system identifier of the newly created session.

Throws:

HostUnauthorizedException - if the host specified is not allowed to start sessions.

IllegalArgumentException - if the host specified is not valid.

See Also:

SessionFactory.start(InetAddress)

beforeInvalidNotification

protected Session beforeInvalidNotification(Session session)

Returns the session instance to use to pass to registered SessionListeners for notification that the session has been invalidated (stopped or expired).

The default implementation returns an ImmutableProxiedSession instance to ensure that the specified session argument is not modified by any listeners.

Parameters:

session - the Session object being invalidated.

Returns:

the Session instance to use to pass to registered SessionListeners for notification.

notifyStart

protected void notifyStart(Session session)

notifyStop

protected void notifyStop(Session session)

notifyExpiration

protected void notifyExpiration(Session session)

getStartTimestamp

public Date getStartTimestamp(Serializable sessionId)

Description copied from interface: SessionManager

Returns the time the Session identified by the specified sessionId was started in the system.

Specified by:

getStartTimestamp in interface SessionManager

Parameters:

sessionId - the system identifier for the session of interest.

Returns:

the system time the specified session was started (i.e. created).

See Also:

Session.getStartTimestamp()

getLastAccessTime

public Date getLastAccessTime(Serializable sessionId)

Description copied from interface: SessionManager

Returns the time the Session identified by the specified sessionId last interacted with the system.

Specified by:

getLastAccessTime in interface SessionManager

Parameters:

sessionId - the system identifier for the session of interest

Returns:

tye time the session last accessed the system

See Also:

Session.getLastAccessTime(), Session.touch()

getTimeout

public long getTimeout(Serializable sessionId)
                throws InvalidSessionException

Description copied from interface: SessionManager

Returns the time in milliseconds that the specified session may remain idle before expiring.

• A negative return value means the session will never expire.
• A non-negative return value (0 or greater) means the session expiration will occur if idle for that length of time.

Specified by:

getTimeout in interface SessionManager

Parameters:

sessionId - the system identifier of the session of interest.

Returns:

the time in milliseconds that the specified session may remain idle before expiring.

Throws:

InvalidSessionException - if the session has been stopped or expired prior to calling this method.

setTimeout

public void setTimeout(Serializable sessionId,
                       long maxIdleTimeInMillis)
                throws InvalidSessionException

Description copied from interface: SessionManager

Sets the time in milliseconds that the specified session may remain idle before expiring.

• A negative return value means the session will never expire.
• A non-negative return value (0 or greater) means the session expiration will occur if idle for that length of time.

Specified by:

setTimeout in interface SessionManager

Parameters:

sessionId - the system identifier of the session of interest.

maxIdleTimeInMillis - the time in milliseconds that the specified session may remain idle before expiring.

Throws:

InvalidSessionException - if the session has been stopped or expired prior to calling this method.

touch

public void touch(Serializable sessionId)
           throws InvalidSessionException

Description copied from interface: SessionManager

Updates the last accessed time of the session identified by sessionId. This can be used to explicitly ensure that a session does not time out.

Specified by:

touch in interface SessionManager

Parameters:

sessionId - the id of the session to update.

Throws:

InvalidSessionException - if the session has been stopped or expired prior to calling this method.

See Also:

Session.touch()

getHostAddress

public InetAddress getHostAddress(Serializable sessionId)

Description copied from interface: SessionManager

Returns the IP address of the host where the session was started, if known. If no IP was specified when starting the session, this method returns null

Specified by:

getHostAddress in interface SessionManager

Parameters:

sessionId - the id of the session to query.

Returns:

the ip address of the host where the session originated, if known. If unknown, this method returns null.

See Also:

init( InetAddress originatingHost )

stop

public void stop(Serializable sessionId)
          throws InvalidSessionException

Description copied from interface: SessionManager

Explicitly stops the session identified by sessionId, thereby releasing all associated resources.

Specified by:

stop in interface SessionManager

Parameters:

sessionId - the system identfier of the system to destroy.

Throws:

InvalidSessionException - if the session has stopped or expired prior to calling this method.

See Also:

Session.stop()

stop

protected void stop(Session session)

onStop

protected void onStop(Session session)

onExpiration

protected void onExpiration(Session session)

getAttributeKeys

public Collection<Object> getAttributeKeys(Serializable sessionId)

Description copied from interface: SessionManager

Returns the keys of all the attributes stored under the session identified by sessionId. If there are no attributes, this returns an empty collection.

Specified by:

getAttributeKeys in interface SessionManager

Parameters:

sessionId - the system identifier of the system to access.

Returns:

the keys of all attributes stored under the specified session, or an empty collection if there are no session attributes.

See Also:

Session.getAttributeKeys()

getAttribute

public Object getAttribute(Serializable sessionId,
                           Object key)
                    throws InvalidSessionException

Description copied from interface: SessionManager

Returns the object bound to the specified session identified by the specified key. If there is noobject bound under the key for the given session, null is returned.

Specified by:

getAttribute in interface SessionManager

Parameters:

sessionId - the system identifier of the session of interest

key - the unique name of the object bound to the specified session

Returns:

the object bound under the specified key name or null if there is no object bound under that name.

Throws:

InvalidSessionException - if the specified session has stopped or expired prior to calling this method.

See Also:

Session.getAttribute(Object key)

setAttribute

public void setAttribute(Serializable sessionId,
                         Object key,
                         Object value)
                  throws InvalidSessionException

Description copied from interface: SessionManager

Binds the specified value to the specified session uniquely identified by the specifed key name. If there is already an object bound under the key name, that existing object will be replaced by the new value.

If the value parameter is null, it has the same effect as if the SessionManager.removeAttribute(Serializable sessionId, Object key) method was called.

Specified by:

setAttribute in interface SessionManager

Parameters:

sessionId - the system identifier of the session of interest

key - the name under which the value object will be bound in this session

value - the object to bind in this session.

Throws:

InvalidSessionException - if the specified session has stopped or expired prior to calling this method.

See Also:

Session.setAttribute(Object key, Object value)

removeAttribute

public Object removeAttribute(Serializable sessionId,
                              Object key)
                       throws InvalidSessionException

Description copied from interface: SessionManager

Removes (unbinds) the object bound to this session under the specified key name.

Specified by:

removeAttribute in interface SessionManager

Parameters:

sessionId - the system identifier of the session of interest

key - the name uniquely identifying the object to remove

Returns:

the object removed or null if there was no object bound under the specified key name.

Throws:

InvalidSessionException - if the specified session has stopped or expired prior to calling this method.

See Also:

Session.removeAttribute(Object key)

getSession

protected Session getSession(Serializable sessionId)
                      throws InvalidSessionException

Throws:

InvalidSessionException

isValid

public boolean isValid(Serializable sessionId)

Description copied from interface: SessionManager

Returns true if the session is valid (it exists and is not stopped nor expired), false otherwise.

Specified by:

isValid in interface SessionManager

Parameters:

sessionId - the id of the session to check

Returns:

true if the session is valid (exists and is not stopped or expired), false otherwise.

onChange

protected void onChange(Session s)

doGetSession

protected abstract Session doGetSession(Serializable sessionId)
                                 throws InvalidSessionException

Throws:

InvalidSessionException

createSession

protected abstract Session createSession(InetAddress originatingHost)
                                  throws HostUnauthorizedException,
                                         IllegalArgumentException

Throws:

HostUnauthorizedException

IllegalArgumentException