public class MultiSessionAttributeAdapter
extends java.lang.Object
Any processing that wants to getAttribute(String), setAttribute(String, Object) or removeAttribute(String)
in a way that all Brooklyn bundles will see (e.g. authentication, etc) should use the methods in this class,
as opposed to calling HttpServletRequest.getSession() then HttpSession.getAttribute(String).
This class will follow heuristics to find a preferred shared session. The heuristics are as follows:
Server for a KEY_PREFERRED_SESSION_HANDLER_INSTANCE, and
if it has a session with KEY_IS_PREFERRED, we use it
KEY_IS_PREFERRED
KEY_PREFERRED_SESSION_HANDLER_INSTANCE at the server,
we create a session there (if needed, and if we can, ie we have the request)
and mark it (or one already existing there) as KEY_IS_PREFERRED
KEY_PREFERRED_SESSION_HANDLER_INSTANCE at the server,
we go through all bundles looking for the CXF one and we store that against the Server
(this should only happen once, will log warnings if not found)
KEY_IS_PREFERRED so that it
is used in preference to others, including ones at the KEY_PREFERRED_SESSION_HANDLER_INSTANCE,
if we were invoked in a way where we couldn't find such a handler (ie no such bundle) and we couldn't create one there
In future we may wish to make this more configurable, so bundles can specify a priority or a configuration property could specify the preferred bundles and/or context paths. But for now hard-coding CXF is fine.
Obviously code that bypasses this and uses the HttpServletRequest.getSession()
will only read/write things in their session, and it won't be visible to requests from other bundles.
Previously we tried sharing sessions across bundles; you'll see in git history the code for that; however it was messy, and ended up being dodgy when we invalidate, and likely very dodgy if the system auto-invalidates (e.g. time- or memory-based expiry), as code there is quite fragile assuming sessions are one-to-one tied to their handlers.
| Modifier and Type | Field and Description |
|---|---|
static ConfigKey<java.lang.Integer> |
MAX_INACTIVE_INTERVAL |
static ConfigKey<java.lang.Long> |
MAX_SESSION_AGE |
| Constructor and Description |
|---|
MultiSessionAttributeAdapter(javax.servlet.http.HttpSession preferredSession,
javax.servlet.http.HttpSession session) |
| Modifier and Type | Method and Description |
|---|---|
MultiSessionAttributeAdapter |
configureWhetherToSetInAll(boolean setAllKnownSessions) |
MultiSessionAttributeAdapter |
configureWhetherToSetLocalValuesAlso(boolean setLocalValuesAlso) |
MultiSessionAttributeAdapter |
configureWhetherToSilentlyAcceptLocalOnlyValues(boolean silentlyAcceptLocalOnlyValues) |
java.lang.Object |
getAttribute(java.lang.String name) |
java.lang.String |
getId() |
javax.servlet.http.HttpSession |
getOriginalSession() |
javax.servlet.http.HttpSession |
getPreferredSession() |
static java.lang.String |
info(javax.servlet.http.HttpServletRequest r) |
static java.lang.String |
info(javax.servlet.http.HttpSession s) |
static java.lang.String |
info(org.eclipse.jetty.server.session.SessionHandler h) |
static MultiSessionAttributeAdapter |
of(javax.servlet.http.HttpServletRequest r) |
static MultiSessionAttributeAdapter |
of(javax.servlet.http.HttpServletRequest r,
boolean create)
May return null iff create is false
|
static MultiSessionAttributeAdapter |
of(javax.servlet.http.HttpSession session)
Where the request isn't available, and the preferred session is expected to exist.
|
void |
removeAttribute(java.lang.String name) |
MultiSessionAttributeAdapter |
resetExpiration() |
void |
setAttribute(java.lang.String name,
java.lang.Object value) |
public static final ConfigKey<java.lang.Long> MAX_SESSION_AGE
public static final ConfigKey<java.lang.Integer> MAX_INACTIVE_INTERVAL
public MultiSessionAttributeAdapter(javax.servlet.http.HttpSession preferredSession,
javax.servlet.http.HttpSession session)
public static MultiSessionAttributeAdapter of(javax.servlet.http.HttpServletRequest r)
public static MultiSessionAttributeAdapter of(javax.servlet.http.HttpServletRequest r, boolean create)
public static MultiSessionAttributeAdapter of(javax.servlet.http.HttpSession session)
public static java.lang.String info(javax.servlet.http.HttpServletRequest r)
public static java.lang.String info(org.eclipse.jetty.server.session.SessionHandler h)
public static java.lang.String info(javax.servlet.http.HttpSession s)
public MultiSessionAttributeAdapter configureWhetherToSilentlyAcceptLocalOnlyValues(boolean silentlyAcceptLocalOnlyValues)
public MultiSessionAttributeAdapter configureWhetherToSetLocalValuesAlso(boolean setLocalValuesAlso)
public MultiSessionAttributeAdapter configureWhetherToSetInAll(boolean setAllKnownSessions)
public java.lang.Object getAttribute(java.lang.String name)
public void setAttribute(java.lang.String name,
java.lang.Object value)
public void removeAttribute(java.lang.String name)
public javax.servlet.http.HttpSession getPreferredSession()
public javax.servlet.http.HttpSession getOriginalSession()
public java.lang.String getId()
public MultiSessionAttributeAdapter resetExpiration()