Package org.apache.catalina.session

Class StandardSession

  • All Implemented Interfaces:
    jakarta.servlet.http.HttpSession, Serializable, Session
    Direct Known Subclasses:
    BaseHASession
    public class StandardSession
extends Object
implements jakarta.servlet.http.HttpSession, Session, Serializable
    Standard implementation of the Session interface. This object is serializable, so that it can be stored in persistent storage or transferred to a different JVM for distributable session support.

    IMPLEMENTATION NOTE: An instance of this class represents both the internal (Session) and application level (HttpSession) view of the session. However, because the class itself is not declared public, Java logic outside of the org.apache.catalina.session package cannot cast an HttpSession view of this instance back to a Session view.

    IMPLEMENTATION NOTE: If you add fields to this class, you must make sure that you carry them over in the read/writeObject methods so that this class is properly serialized.

    Version:
    $Revision: 1.33 $ $Date: 2007/03/12 21:41:52 $
    Author:
    Craig R. McClanahan, Sean Legassick, Jon S. Stevens
    See Also:
    Serialized Form

    • Constructor Summary

      Constructors 
      Constructor Description
      StandardSession​(Manager manager)
      Construct a new Session associated with the specified Manager.

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      void access()
      Update the accessed time information for this session.
      void activate()
      Perform internal processing required to activate this session.
      void addSessionListener​(SessionListener listener)
      Add a session event listener to this component.
      void endAccess()
      End the access.
      protected void evaluateIfValid()  
      protected boolean exclude​(String name)
      Exclude attribute that cannot be serialized.
      void expire()
      Perform the internal processing required to invalidate this session, without triggering an exception if the session has already expired.
      void expire​(boolean notify)
      Perform the internal processing required to invalidate this session, without triggering an exception if the session has already expired.
      void expire​(boolean notify, boolean persistentRemove)
      Perform the internal processing required to invalidate this session, without triggering an exception if the session has already expired.
      protected void fireContainerEvent​(Context context, String type, Object data)
      Fire container events if the Context implementation is the org.apache.catalina.core.StandardContext.
      void fireSessionEvent​(String type, Object data)
      Notify all session event listeners that a particular event has occurred for this Session.
      Object getAttribute​(String name)
      Return the object bound with the specified name in this session, or null if no object is bound with that name.
      protected Object getAttributeInternal​(String name)
      Return the value of an attribute without a check for validity.
      Enumeration<String> getAttributeNames()
      Return an Enumeration of String objects containing the names of the objects bound to this session.
      protected Enumerator<String> getAttributeNamesInternal()
      Returns names of attributes even for expired session.
      Map<String,​Object> getAttributes()
      Gets the attributes of this session.
      String getAuthType()
      Return the authentication type used to authenticate our cached Principal, if any.
      String getBeKey()
      Gets the BEKEY of this session
      long getCreationTime()
      Return the time when this session was created, in milliseconds since midnight, January 1, 1970 GMT.
      String getId()
      Return the session identifier for this session.
      String getIdInternal()
      Return the session identifier for this session.
      String getInfo()
      Return descriptive information about this Session implementation and the corresponding version number, in the format <description>/<version>.
      boolean getIsValid()
      Return the isValid flag for this session.
      long getLastAccessedTime()
      Return the last time the client sent a request associated with this session, as the number of milliseconds since midnight, January 1, 1970 GMT.
      long getLastAccessedTimeInternal()
      Same as getLastAccessedTime(), except that there is no call to isValid(), which may expire the session and cause any subsequent session access to throw an IllegalStateException.
      Manager getManager()
      Return the Manager within which this Session is valid.
      int getMaxInactiveInterval()
      Return the maximum time interval, in seconds, between client requests before the servlet container will invalidate the session.
      Object getNote​(String name)
      Return the object bound with the specified name to the internal notes for this session, or null if no such binding exists.
      Iterator<String> getNoteNames()
      Return an Iterator containing the String names of all notes bindings that exist for this session.
      Principal getPrincipal()
      Return the authenticated Principal that is associated with this Session.
      jakarta.servlet.ServletContext getServletContext()
      Return the ServletContext to which this session belongs.
      jakarta.servlet.http.HttpSession getSession()
      Return the HttpSession for which this object is the facade.
      SessionLock getSessionLock()
      return the Session lock
      protected boolean getSessionLockForForeground()
      get this session locked for foreground if the session is found to be presently background locked; retry logic in a time-decay polling loop waits for background lock to clear after 6 attempts (12.6 seconds) it unlocks the session and acquires the foreground lock
      String getSipApplicationSessionId()
      Gets the id of the SipApplicationSession that is the parent of this StandardSession.
      String getSsoId()
      Return the single sign on id.
      long getSsoVersion()
      Return the single sign on version.
      long getVersion()
      Gets the version number
      boolean hasExpired()
      Checks whether this Session has expired.
      boolean hasNonHttpLockOccurred()  
      long incrementVersion()
      Increments the version number
      void invalidate()
      Invalidates this session and unbinds any objects bound to it.
      boolean isForegroundLocked()
      return whether this session is currently foreground locked
      boolean isNew()
      Return true if the client does not yet know about the session, or if the client chooses not to join the session.
      boolean isValid()
      Expire the expired session if necessary and return the isValid flag for this session.
      protected String[] keys()
      Return the names of all currently defined session attributes as an array of Strings.
      boolean lockBackground()
      lock the session for foreground returns true if successful; false if unsuccessful
      boolean lockForeground()
      lock the session for background returns true if successful; false if unsuccessful
      protected void log​(String message)
      Log a message on the Logger associated with our Manager (if any).
      protected void log​(String message, Throwable t)
      Log a message on the Logger associated with our Manager (if any).
      protected void log​(String message, Level level)
      Log a message on the Logger associated with our Manager (if any).
      void passivate()
      Perform the internal processing required to passivate this session.
      void recycle()
      Release all object references, and initialize instance variables, in preparation for reuse of this object.
      void removeAttribute​(String name)
      Remove the object bound with the specified name from this session.
      void removeAttribute​(String name, boolean notify, boolean checkValid)
      Remove the object bound with the specified name from this session.
      void removeNote​(String name)
      Remove any object bound to the specified name in the internal notes for this session.
      void removeSessionListener​(SessionListener listener)
      Remove a session event listener from this component.
      void setAttribute​(String name, Object value)
      Bind an object to this session, using the specified name.
      void setAuthType​(String authType)
      Set the authentication type used to authenticate our cached Principal, if any.
      void setBeKey​(String beKey)
      Sets the BEKEY for this session
      void setCreationTime​(long time)
      Set the creation time for this session.
      void setId​(String id)
      Set the session identifier for this session.
      void setLastAccessedTime​(long lastAcessedTime)
      Set the last time the client sent a request associated with this session, as the number of milliseconds since midnight, January 1, 1970 GMT.
      void setManager​(Manager manager)
      Set the Manager within which this Session is valid.
      void setMaxInactiveInterval​(int interval)
      Set the maximum time interval, in seconds, between client requests before the servlet container will invalidate the session.
      void setNew​(boolean isNew)
      Set the isNew flag for this session.
      void setNote​(String name, Object value)
      Bind an object to a specified name in the internal notes associated with this session, replacing any existing binding for this name.
      void setPrincipal​(Principal principal)
      Set the authenticated Principal that is associated with this Session.
      void setSessionLock​(SessionLock sessionLock)
      set the Session lock
      void setSipApplicationSessionId​(String id)
      Sets the id of the SipApplicationSession that is the parent of this StandardSession.
      void setSsoId​(String ssoId)
      Set the single sign on id.
      void setSsoVersion​(long value)
      Set the single sign on version.
      void setValid​(boolean isValid)
      Set the isValid flag for this session.
      void setVersion​(long value)
      Sets the version number
      void tellNew()
      Inform the listeners about the new session.
      String toString()
      Return a string representation of this object.
      void unlockBackground()
      unlock the session from background
      void unlockForeground()
      unlock the session from foreground
      void unlockForegroundCompletely()
      unlock the session completely irregardless of whether it was foreground or background locked

    • Field Detail

      • EMPTY_ARRAY

        protected static final String[] EMPTY_ARRAY
        Type array.

      • NOT_SERIALIZED

        protected static final String NOT_SERIALIZED
        The dummy attribute value serialized when a NotSerializableException is encountered in writeObject().
        See Also:
        Constant Field Values

      • SYNC_STRING

        protected static final String SYNC_STRING
        The string used in the name for setAttribute and removeAttribute to signify on-demand sync
        See Also:
        Constant Field Values

      • info

        protected static final String info
        Descriptive information describing this Session implementation.
        See Also:
        Constant Field Values

      • attributes

        protected Map<String,​Object> attributes
        The collection of user data attributes associated with this Session.

      • authType

        protected transient String authType
        The authentication type used to authenticate our cached Principal, if any. NOTE: This value is not included in the serialized version of this object.

      • containerEventMethod

        protected transient Method containerEventMethod
        The java.lang.Method for the fireContainerEvent() method of the org.apache.catalina.core.StandardContext method, if our Context implementation is of this class. This value is computed dynamically the first time it is needed, or after a session reload (since it is declared transient).

      • creationTime

        protected long creationTime
        The time this session was created, in milliseconds since midnight, January 1, 1970 GMT.

      • debug

        protected transient int debug
        The debugging detail level for this component. NOTE: This value is not included in the serialized version of this object.

      • expiring

        protected transient boolean expiring
        We are currently processing a session expiration, so bypass certain IllegalStateException tests. NOTE: This value is not included in the serialized version of this object.

      • facade

        protected transient StandardSessionFacade facade
        The facade associated with this session. NOTE: This value is not included in the serialized version of this object.

      • id

        protected String id
        The session identifier of this Session.

      • lastAccessedTime

        protected long lastAccessedTime
        The last accessed time for this Session.

      • manager

        protected transient Manager manager
        The Manager with which this Session is associated.

      • threadContextManager

        protected static final transient ThreadLocal<Manager> threadContextManager

      • context

        protected transient StandardContext context
        The context with which this Session is associated.

      • maxInactiveInterval

        protected int maxInactiveInterval
        The maximum time interval, in seconds, between client requests before the servlet container may invalidate this session. A negative time indicates that the session should never time out.

      • isNew

        protected boolean isNew
        Flag indicating whether this session is new or not.

      • isValid

        protected boolean isValid
        Flag indicating whether this session is valid or not.

      • notes

        protected transient Map<String,​Object> notes
        Internal notes associated with this session by Catalina components and event listeners. IMPLEMENTATION NOTE: This object is not saved and restored across session serializations!

      • principal

        protected transient Principal principal
        The authenticated Principal associated with this session, if any. // START SJSWS 6371339 // * IMPLEMENTATION NOTE: This object is not saved and // * restored across session serializations! // END SJSWS 6371339

      • thisAccessedTime

        protected long thisAccessedTime
        The current accessed time for this session.

      • version

        protected AtomicLong version
        The session version, incremented and used by in-memory-replicating session managers

      • ssoId

        protected String ssoId
        single sign on id. It is null if there is no SSO.

      • ssoVersion

        protected volatile long ssoVersion
        single sign on version.

      • _sessionLock

        protected transient SessionLock _sessionLock

      • sessionLockMonitor

        protected final Object sessionLockMonitor

    • Constructor Detail

      • StandardSession

        public StandardSession​(Manager manager)
        Construct a new Session associated with the specified Manager.
        Parameters:
        manager - The manager with which this Session is associated

    • Method Detail

      • getAuthType

        public String getAuthType()
        Return the authentication type used to authenticate our cached Principal, if any.
        Specified by:
        getAuthType in interface Session

      • setAuthType

        public void setAuthType​(String authType)
        Set the authentication type used to authenticate our cached Principal, if any.
        Specified by:
        setAuthType in interface Session
        Parameters:
        authType - The new cached authentication type

      • setCreationTime

        public void setCreationTime​(long time)
        Set the creation time for this session. This method is called by the Manager when an existing Session instance is reused.
        Specified by:
        setCreationTime in interface Session
        Parameters:
        time - The new creation time

      • getId

        public String getId()
        Return the session identifier for this session.
        Specified by:
        getId in interface jakarta.servlet.http.HttpSession
        Specified by:
        getId in interface Session

      • getIdInternal

        public String getIdInternal()
        Return the session identifier for this session.
        Specified by:
        getIdInternal in interface Session

      • setId

        public void setId​(String id)
        Set the session identifier for this session.
        Specified by:
        setId in interface Session
        Parameters:
        id - The new session identifier

      • setBeKey

        public void setBeKey​(String beKey)
        Sets the BEKEY for this session

        The BEKEY is used by the Converged Loadbalancer (CLB) in DCR mode for loadbalancing purposes, and supplied to the web container in the form of a request header.

        Parameters:
        beKey - the BEKEY for this session, or null if not present

      • getBeKey

        public String getBeKey()
        Gets the BEKEY of this session
        Returns:
        the BEKEY of this session, or null if not present

      • setSipApplicationSessionId

        public void setSipApplicationSessionId​(String id)
        Sets the id of the SipApplicationSession that is the parent of this StandardSession.
        Parameters:
        id - SipApplicationSession id

      • getSipApplicationSessionId

        public String getSipApplicationSessionId()
        Gets the id of the SipApplicationSession that is the parent of this StandardSession.
        Returns:
        The SipApplicationSession id, or null if this StandardSession does not have any SipApplicationSession parent

      • tellNew

        public void tellNew()
        Inform the listeners about the new session.

      • getInfo

        public String getInfo()
        Return descriptive information about this Session implementation and the corresponding version number, in the format <description>/<version>.
        Specified by:
        getInfo in interface Session

      • getLastAccessedTime

        public long getLastAccessedTime()
        Return the last time the client sent a request associated with this session, as the number of milliseconds since midnight, January 1, 1970 GMT. Actions that your application takes, such as getting or setting a value associated with the session, do not affect the access time.
        Specified by:
        getLastAccessedTime in interface jakarta.servlet.http.HttpSession
        Specified by:
        getLastAccessedTime in interface Session

      • getLastAccessedTimeInternal

        public long getLastAccessedTimeInternal()
        Same as getLastAccessedTime(), except that there is no call to isValid(), which may expire the session and cause any subsequent session access to throw an IllegalStateException.

      • setLastAccessedTime

        public void setLastAccessedTime​(long lastAcessedTime)
        Set the last time the client sent a request associated with this session, as the number of milliseconds since midnight, January 1, 1970 GMT. Actions that your application takes, such as getting or setting a value associated with the session, do not affect the access time. HERCULES: added method

      • getManager

        public Manager getManager()
        Return the Manager within which this Session is valid.
        Specified by:
        getManager in interface Session

      • setManager

        public void setManager​(Manager manager)
        Set the Manager within which this Session is valid.
        Specified by:
        setManager in interface Session
        Parameters:
        manager - The new Manager

      • getMaxInactiveInterval

        public int getMaxInactiveInterval()
        Return the maximum time interval, in seconds, between client requests before the servlet container will invalidate the session. A negative time indicates that the session should never time out.
        Specified by:
        getMaxInactiveInterval in interface jakarta.servlet.http.HttpSession
        Specified by:
        getMaxInactiveInterval in interface Session

      • setMaxInactiveInterval

        public void setMaxInactiveInterval​(int interval)
        Set the maximum time interval, in seconds, between client requests before the servlet container will invalidate the session. A negative time indicates that the session should never time out.
        Specified by:
        setMaxInactiveInterval in interface jakarta.servlet.http.HttpSession
        Specified by:
        setMaxInactiveInterval in interface Session
        Parameters:
        interval - The new maximum interval

      • setNew

        public void setNew​(boolean isNew)
        Set the isNew flag for this session.
        Specified by:
        setNew in interface Session
        Parameters:
        isNew - The new value for the isNew flag

      • getPrincipal

        public Principal getPrincipal()
        Return the authenticated Principal that is associated with this Session. This provides an Authenticator with a means to cache a previously authenticated Principal, and avoid potentially expensive Realm.authenticate() calls on every request. If there is no current associated Principal, return null.
        Specified by:
        getPrincipal in interface Session
        Returns:

      • setPrincipal

        public void setPrincipal​(Principal principal)
        Set the authenticated Principal that is associated with this Session. This provides an Authenticator with a means to cache a previously authenticated Principal, and avoid potentially expensive Realm.authenticate() calls on every request.
        Specified by:
        setPrincipal in interface Session
        Parameters:
        principal - The new Principal, or null if none

      • getSession

        public jakarta.servlet.http.HttpSession getSession()
        Return the HttpSession for which this object is the facade.
        Specified by:
        getSession in interface Session

      • isValid

        public boolean isValid()
        Description copied from interface: Session
        Expire the expired session if necessary and return the isValid flag for this session.
        Specified by:
        isValid in interface Session

      • getIsValid

        public boolean getIsValid()
        Description copied from interface: Session
        Return the isValid flag for this session.
        Specified by:
        getIsValid in interface Session

      • setValid

        public void setValid​(boolean isValid)
        Set the isValid flag for this session.
        Specified by:
        setValid in interface Session
        Parameters:
        isValid - The new value for the isValid flag

      • access

        public void access()
        Update the accessed time information for this session. This method should be called by the context when a request comes in for a particular session, even if the application does not reference it.
        Specified by:
        access in interface Session

      • endAccess

        public void endAccess()
        End the access.
        Specified by:
        endAccess in interface Session

      • expire

        public void expire()
        Perform the internal processing required to invalidate this session, without triggering an exception if the session has already expired.
        Specified by:
        expire in interface Session

      • expire

        public void expire​(boolean notify)
        Perform the internal processing required to invalidate this session, without triggering an exception if the session has already expired.
        Parameters:
        notify - Should we notify listeners about the demise of this session?

      • expire

        public void expire​(boolean notify,
                   boolean persistentRemove)
        Perform the internal processing required to invalidate this session, without triggering an exception if the session has already expired.
        Parameters:
        notify - Should we notify listeners about the demise of this session?
        persistentRemove - should we call store to remove the session if available

      • passivate

        public void passivate()
        Perform the internal processing required to passivate this session.

      • activate

        public void activate()
        Perform internal processing required to activate this session.

      • getNote

        public Object getNote​(String name)
        Return the object bound with the specified name to the internal notes for this session, or null if no such binding exists.
        Specified by:
        getNote in interface Session
        Parameters:
        name - Name of the note to be returned

      • getNoteNames

        public Iterator<String> getNoteNames()
        Return an Iterator containing the String names of all notes bindings that exist for this session.
        Specified by:
        getNoteNames in interface Session

      • recycle

        public void recycle()
        Release all object references, and initialize instance variables, in preparation for reuse of this object.
        Specified by:
        recycle in interface Session

      • removeNote

        public void removeNote​(String name)
        Remove any object bound to the specified name in the internal notes for this session.
        Specified by:
        removeNote in interface Session
        Parameters:
        name - Name of the note to be removed

      • setNote

        public void setNote​(String name,
                    Object value)
        Bind an object to a specified name in the internal notes associated with this session, replacing any existing binding for this name.
        Specified by:
        setNote in interface Session
        Parameters:
        name - Name to which the object should be bound
        value - Object to be bound to the specified name

      • hasExpired

        public boolean hasExpired()
        Checks whether this Session has expired.
        Specified by:
        hasExpired in interface Session
        Returns:
        true if this Session has expired, false otherwise

      • incrementVersion

        public long incrementVersion()
        Increments the version number

      • getVersion

        public long getVersion()
        Gets the version number
        Specified by:
        getVersion in interface Session

      • setVersion

        public void setVersion​(long value)
        Sets the version number

      • getSsoId

        public String getSsoId()
        Return the single sign on id. It is null if there is no SSO.
        Specified by:
        getSsoId in interface Session

      • setSsoId

        public void setSsoId​(String ssoId)
        Set the single sign on id.
        Specified by:
        setSsoId in interface Session

      • getSsoVersion

        public long getSsoVersion()
        Return the single sign on version.
        Specified by:
        getSsoVersion in interface Session

      • setSsoVersion

        public void setSsoVersion​(long value)
        Set the single sign on version.
        Specified by:
        setSsoVersion in interface Session

      • toString

        public String toString()
        Return a string representation of this object.
        Overrides:
        toString in class Object

      • getCreationTime

        public long getCreationTime()
        Return the time when this session was created, in milliseconds since midnight, January 1, 1970 GMT.
        Specified by:
        getCreationTime in interface jakarta.servlet.http.HttpSession
        Specified by:
        getCreationTime in interface Session
        Throws:
        IllegalStateException - if this method is called on an invalidated session

      • getServletContext

        public jakarta.servlet.ServletContext getServletContext()
        Return the ServletContext to which this session belongs.
        Specified by:
        getServletContext in interface jakarta.servlet.http.HttpSession

      • getAttribute

        public Object getAttribute​(String name)
        Return the object bound with the specified name in this session, or null if no object is bound with that name.
        Specified by:
        getAttribute in interface jakarta.servlet.http.HttpSession
        Parameters:
        name - Name of the attribute to be returned
        Throws:
        IllegalStateException - if this method is called on an invalidated session

      • getAttributes

        public Map<String,​Object> getAttributes()
        Description copied from interface: Session
        Gets the attributes of this session.
        Specified by:
        getAttributes in interface Session
        Returns:
        the attributes of this session

      • getAttributeNames

        public Enumeration<String> getAttributeNames()
        Return an Enumeration of String objects containing the names of the objects bound to this session.
        Specified by:
        getAttributeNames in interface jakarta.servlet.http.HttpSession
        Throws:
        IllegalStateException - if this method is called on an invalidated session

      • getAttributeNamesInternal

        protected Enumerator<String> getAttributeNamesInternal()
        Returns names of attributes even for expired session.
        Returns:
        names of attributes ignoring state of session

      • getSessionLockForForeground

        protected boolean getSessionLockForForeground()
        get this session locked for foreground if the session is found to be presently background locked; retry logic in a time-decay polling loop waits for background lock to clear after 6 attempts (12.6 seconds) it unlocks the session and acquires the foreground lock

      • isForegroundLocked

        public boolean isForegroundLocked()
        return whether this session is currently foreground locked

      • lockBackground

        public boolean lockBackground()
        lock the session for foreground returns true if successful; false if unsuccessful

      • lockForeground

        public boolean lockForeground()
        lock the session for background returns true if successful; false if unsuccessful
        Specified by:
        lockForeground in interface Session

      • unlockForegroundCompletely

        public void unlockForegroundCompletely()
        unlock the session completely irregardless of whether it was foreground or background locked

      • unlockForeground

        public void unlockForeground()
        unlock the session from foreground
        Specified by:
        unlockForeground in interface Session

      • unlockBackground

        public void unlockBackground()
        unlock the session from background

      • getSessionLock

        public SessionLock getSessionLock()
        return the Session lock

      • setSessionLock

        public void setSessionLock​(SessionLock sessionLock)
        set the Session lock
        Parameters:
        sessionLock -

      • hasNonHttpLockOccurred

        public boolean hasNonHttpLockOccurred()
        Returns:
        true if this session has been locked by any out-of-band (i.e., non-http) request, false otherwise

      • invalidate

        public void invalidate()
        Invalidates this session and unbinds any objects bound to it.
        Specified by:
        invalidate in interface jakarta.servlet.http.HttpSession
        Throws:
        IllegalStateException - if this method is called on an invalidated session HERCULES:modified method

      • isNew

        public boolean isNew()
        Return true if the client does not yet know about the session, or if the client chooses not to join the session. For example, if the server used only cookie-based sessions, and the client has disabled the use of cookies, then a session would be new on each request.
        Specified by:
        isNew in interface jakarta.servlet.http.HttpSession
        Throws:
        IllegalStateException - if this method is called on an invalidated session

      • removeAttribute

        public void removeAttribute​(String name)
        Remove the object bound with the specified name from this session. If the session does not have an object bound with this name, this method does nothing.

        After this method executes, and if the object implements HttpSessionBindingListener, the container calls valueUnbound() on the object.

        Specified by:
        removeAttribute in interface jakarta.servlet.http.HttpSession
        Parameters:
        name - Name of the object to remove from this session.
        Throws:
        IllegalStateException - if this method is called on an invalidated session

      • removeAttribute

        public void removeAttribute​(String name,
                            boolean notify,
                            boolean checkValid)
        Remove the object bound with the specified name from this session. If the session does not have an object bound with this name, this method does nothing.

        After this method executes, and if the object implements HttpSessionBindingListener, the container calls valueUnbound() on the object.

        Parameters:
        name - Name of the object to remove from this session.
        notify - Should we notify interested listeners that this attribute is being removed?
        checkValid - Indicates whether IllegalStateException must be thrown if session has already been invalidated
        Throws:
        IllegalStateException - if this method is called on an invalidated session

      • setAttribute

        public void setAttribute​(String name,
                         Object value)
        Bind an object to this session, using the specified name. If an object of the same name is already bound to this session, the object is replaced.

        After this method executes, and if the object implements HttpSessionBindingListener, the container calls valueBound() on the object.

        Specified by:
        setAttribute in interface jakarta.servlet.http.HttpSession
        Parameters:
        name - Name to which the object is bound, cannot be null
        value - Object to be bound, cannot be null
        Throws:
        IllegalArgumentException - if an attempt is made to add a non-serializable object in an environment marked distributable.
        IllegalStateException - if this method is called on an invalidated session

      • exclude

        protected boolean exclude​(String name)
        Exclude attribute that cannot be serialized.
        Parameters:
        name - the attribute's name

      • evaluateIfValid

        protected void evaluateIfValid()

      • fireContainerEvent

        protected void fireContainerEvent​(Context context,
                                  String type,
                                  Object data)
                           throws Exception
        Fire container events if the Context implementation is the org.apache.catalina.core.StandardContext.
        Parameters:
        context - Context for which to fire events
        type - Event type
        data - Event data
        Throws:
        Exception - occurred during event firing

      • fireSessionEvent

        public void fireSessionEvent​(String type,
                             Object data)
        Notify all session event listeners that a particular event has occurred for this Session. The default implementation performs this notification synchronously using the calling thread.
        Parameters:
        type - Event type
        data - Event data

      • keys

        protected String[] keys()
        Return the names of all currently defined session attributes as an array of Strings. If there are no defined attributes, a zero-length array is returned.

      • getAttributeInternal

        protected Object getAttributeInternal​(String name)
        Return the value of an attribute without a check for validity.

      • log

        protected void log​(String message)
        Log a message on the Logger associated with our Manager (if any).
        Parameters:
        message - Message to be logged

      • log

        protected void log​(String message,
                   Throwable t)
        Log a message on the Logger associated with our Manager (if any).
        Parameters:
        message - Message to be logged
        t - Associated exception

      • log

        protected void log​(String message,
                   Level level)
        Log a message on the Logger associated with our Manager (if any).
        Parameters:
        message - Message to be logged
        level -