org.apache.tomcat.modules.session
Class SessionId

java.lang.Object
  |
  +--org.apache.tomcat.core.BaseInterceptor
        |
        +--org.apache.tomcat.modules.session.SessionId

public class SessionId
extends BaseInterceptor

Extract the session ID from the request using cookies and session rewriting. Will process the request and determine the session Id, and set it in the Request. It doesn't marks the session as accessed, and it doesn't retrieve or set the HttpSession - the storage and management of sessions is implemented in a separate module. This interceptor doesn't deal with any of the Session internals - it just works with the sessionID. A pluggable session manager ( or user-space manager !) will deal with marking the session as accessed or setting the session implementation and maintaining lifecycles. This implementation only handles Cookies and URL rewriting sessions, please extend or add new interceptors for other methods. You can set this interceptor to not use cookies, but only rewriting.

Author:
costin@eng.sun.com, Shai Fultheim [shai@brm.com]

Fields inherited from class org.apache.tomcat.core.BaseInterceptor
cm, ct, ctx, debug, DECLINED, loghelper, OK
 
Constructor Summary
SessionId()
           
 
Method Summary
 int beforeBody(Request rrequest, Response response)
          Called before the first body write, and before sending the headers.
 int postReadRequest(Request request)
          Extract the session id from the request.
 int requestMap(Request request)
          Extract and set the session id and ServerSession.
 void setCheckSSLSessionId(boolean checkSSLSessionId)
           
 void setCookiesFirst(boolean b)
           
 void setNoCookies(boolean noCookies)
           
 
Methods inherited from class org.apache.tomcat.core.BaseInterceptor
addContainer, addContext, addHandler, addInterceptor, addSecurityConstraint, afterBody, authenticate, authorize, beforeCommit, contextInit, contextMap, contextShutdown, contextState, engineInit, engineShutdown, engineStart, engineState, engineStop, findSession, getContext, getContextManager, getDebug, getInfo, getLog, getNote, getNote, handleError, log, log, log, log, postRequest, postService, postServletDestroy, postServletInit, preService, preServletDestroy, preServletInit, registerHooks, reload, removeContainer, removeContext, removeHandler, removeInterceptor, sessionState, setContext, setContextManager, setDebug, setInfo, setNote, setNote
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

SessionId

public SessionId()
Method Detail

setCookiesFirst

public void setCookiesFirst(boolean b)

setNoCookies

public void setNoCookies(boolean noCookies)

setCheckSSLSessionId

public void setCheckSSLSessionId(boolean checkSSLSessionId)

postReadRequest

public int postReadRequest(Request request)
Extract the session id from the request. SessionInterceptor will have to be called _before_ mapper, to avoid coding session stuff inside the mapper. When we fix the interceptors we'll have to specify something similar with the priority in apache hooks, right now it's just a config issue.
Overrides:
postReadRequest in class BaseInterceptor

requestMap

public int requestMap(Request request)
Extract and set the session id and ServerSession. We know the Context - and all local interceptors can be used ( like session managers that are set per context ). This module knows about URI and cookies. It will validate the session id ( and set it only if valid ), and "touch" the session.
Overrides:
requestMap in class BaseInterceptor

beforeBody

public int beforeBody(Request rrequest,
                      Response response)
Description copied from class: BaseInterceptor
Called before the first body write, and before sending the headers. The interceptor have a chance to change the output headers. Before body allows you do do various actions before the first byte of the response is sent. After all those callbacks are called tomcat may send the status and headers
Overrides:
beforeBody in class BaseInterceptor


Copyright © 2001 Apache Software Foundation. All Rights Reserved.