Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.apache.catalina.deploy
Class SessionCookie

java.lang.Object
  extended by org.apache.catalina.deploy.SessionCookie
All Implemented Interfaces:
java.io.Serializable, javax.servlet.SessionCookieConfig
public class SessionCookie
extends java.lang.Object
implements javax.servlet.SessionCookieConfig, java.io.Serializable

See Also:
Serialized Form

Field Summary
protected  java.lang.String comment
           
protected  java.lang.String domain
           
protected  boolean httpOnly
           
protected  int maxAge
           
protected  java.lang.String name
           
protected  java.lang.String path
           
protected  boolean secure
           
 
Constructor Summary
SessionCookie()
           
 
Method Summary
 java.lang.String getComment()
          Gets the comment that will be assigned to any session tracking cookies created on behalf of the application represented by the ServletContext from which this SessionCookieConfig was acquired.
 java.lang.String getDomain()
          Gets the domain name that will be assigned to any session tracking cookies created on behalf of the application represented by the ServletContext from which this SessionCookieConfig was acquired.
 int getMaxAge()
          Gets the lifetime (in seconds) of the session tracking cookies created on behalf of the application represented by the ServletContext from which this SessionCookieConfig was acquired.
 java.lang.String getName()
          Gets the name that will be assigned to any session tracking cookies created on behalf of the application represented by the ServletContext from which this SessionCookieConfig was acquired.
 java.lang.String getPath()
          Gets the path that will be assigned to any session tracking cookies created on behalf of the application represented by the ServletContext from which this SessionCookieConfig was acquired.
 boolean isHttpOnly()
          Checks if the session tracking cookies created on behalf of the application represented by the ServletContext from which this SessionCookieConfig was acquired will be marked as HttpOnly.
 boolean isSecure()
          Checks if the session tracking cookies created on behalf of the application represented by the ServletContext from which this SessionCookieConfig was acquired will be marked as secure even if the request that initiated the corresponding session is using plain HTTP instead of HTTPS.
 void setComment(java.lang.String comment)
          Sets the comment that will be assigned to any session tracking cookies created on behalf of the application represented by the ServletContext from which this SessionCookieConfig was acquired.
 void setDomain(java.lang.String domain)
          Sets the domain name that will be assigned to any session tracking cookies created on behalf of the application represented by the ServletContext from which this SessionCookieConfig was acquired.
 void setHttpOnly(boolean httpOnly)
          Marks or unmarks the session tracking cookies created on behalf of the application represented by the ServletContext from which this SessionCookieConfig was acquired as HttpOnly.
 void setMaxAge(int maxAge)
          Sets the lifetime (in seconds) for the session tracking cookies created on behalf of the application represented by the ServletContext from which this SessionCookieConfig was acquired.
 void setName(java.lang.String name)
          Sets the name that will be assigned to any session tracking cookies created on behalf of the application represented by the ServletContext from which this SessionCookieConfig was acquired.
 void setPath(java.lang.String path)
          Sets the path that will be assigned to any session tracking cookies created on behalf of the application represented by the ServletContext from which this SessionCookieConfig was acquired.
 void setSecure(boolean secure)
          Marks or unmarks the session tracking cookies created on behalf of the application represented by the ServletContext from which this SessionCookieConfig was acquired as secure.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

domain

protected java.lang.String domain

path

protected java.lang.String path

comment

protected java.lang.String comment

httpOnly

protected boolean httpOnly

secure

protected boolean secure

maxAge

protected int maxAge

name

protected java.lang.String name
Constructor Detail

SessionCookie

public SessionCookie()
Method Detail

getDomain

public java.lang.String getDomain()
Description copied from interface: javax.servlet.SessionCookieConfig
Gets the domain name that will be assigned to any session tracking cookies created on behalf of the application represented by the ServletContext from which this SessionCookieConfig was acquired.

Specified by:
getDomain in interface javax.servlet.SessionCookieConfig
Returns:
the cookie domain set via SessionCookieConfig.setDomain(java.lang.String), or null if SessionCookieConfig.setDomain(java.lang.String) was never called
See Also:
Cookie.getDomain()

getPath

public java.lang.String getPath()
Description copied from interface: javax.servlet.SessionCookieConfig
Gets the path that will be assigned to any session tracking cookies created on behalf of the application represented by the ServletContext from which this SessionCookieConfig was acquired.

By default, the context path of the ServletContext from which this SessionCookieConfig was acquired will be used.

Specified by:
getPath in interface javax.servlet.SessionCookieConfig
Returns:
the cookie path set via SessionCookieConfig.setPath(java.lang.String), or null if SessionCookieConfig.setPath(java.lang.String) was never called
See Also:
Cookie.getPath()

getComment

public java.lang.String getComment()
Description copied from interface: javax.servlet.SessionCookieConfig
Gets the comment that will be assigned to any session tracking cookies created on behalf of the application represented by the ServletContext from which this SessionCookieConfig was acquired.

Specified by:
getComment in interface javax.servlet.SessionCookieConfig
Returns:
the cookie comment set via SessionCookieConfig.setComment(java.lang.String), or null if SessionCookieConfig.setComment(java.lang.String) was never called
See Also:
Cookie.getComment()

isHttpOnly

public boolean isHttpOnly()
Description copied from interface: javax.servlet.SessionCookieConfig
Checks if the session tracking cookies created on behalf of the application represented by the ServletContext from which this SessionCookieConfig was acquired will be marked as HttpOnly.

Specified by:
isHttpOnly in interface javax.servlet.SessionCookieConfig
Returns:
true if the session tracking cookies created on behalf of the application represented by the ServletContext from which this SessionCookieConfig was acquired will be marked as HttpOnly, false otherwise
See Also:
Cookie.isHttpOnly()

isSecure

public boolean isSecure()
Description copied from interface: javax.servlet.SessionCookieConfig
Checks if the session tracking cookies created on behalf of the application represented by the ServletContext from which this SessionCookieConfig was acquired will be marked as secure even if the request that initiated the corresponding session is using plain HTTP instead of HTTPS.

Specified by:
isSecure in interface javax.servlet.SessionCookieConfig
Returns:
true if the session tracking cookies created on behalf of the application represented by the ServletContext from which this SessionCookieConfig was acquired will be marked as secure even if the request that initiated the corresponding session is using plain HTTP instead of HTTPS, and false if they will be marked as secure only if the request that initiated the corresponding session was also secure
See Also:
Cookie.getSecure(), ServletRequest.isSecure()

setDomain

public void setDomain(java.lang.String domain)
Description copied from interface: javax.servlet.SessionCookieConfig
Sets the domain name that will be assigned to any session tracking cookies created on behalf of the application represented by the ServletContext from which this SessionCookieConfig was acquired.

Specified by:
setDomain in interface javax.servlet.SessionCookieConfig
Parameters:
domain - the cookie domain to use
See Also:
Cookie.setDomain(String)

setPath

public void setPath(java.lang.String path)
Description copied from interface: javax.servlet.SessionCookieConfig
Sets the path that will be assigned to any session tracking cookies created on behalf of the application represented by the ServletContext from which this SessionCookieConfig was acquired.

Specified by:
setPath in interface javax.servlet.SessionCookieConfig
Parameters:
path - the cookie path to use
See Also:
Cookie.setPath(String)

setComment

public void setComment(java.lang.String comment)
Description copied from interface: javax.servlet.SessionCookieConfig
Sets the comment that will be assigned to any session tracking cookies created on behalf of the application represented by the ServletContext from which this SessionCookieConfig was acquired.

As a side effect of this call, the session tracking cookies will be marked with a Version attribute equal to 1.

Specified by:
setComment in interface javax.servlet.SessionCookieConfig
Parameters:
comment - the cookie comment to use
See Also:
Cookie.setComment(String), Cookie.getVersion()

setHttpOnly

public void setHttpOnly(boolean httpOnly)
Description copied from interface: javax.servlet.SessionCookieConfig
Marks or unmarks the session tracking cookies created on behalf of the application represented by the ServletContext from which this SessionCookieConfig was acquired as HttpOnly.

A cookie is marked as HttpOnly by adding the HttpOnly attribute to it. HttpOnly cookies are not supposed to be exposed to client-side scripting code, and may therefore help mitigate certain kinds of cross-site scripting attacks.

Specified by:
setHttpOnly in interface javax.servlet.SessionCookieConfig
Parameters:
httpOnly - true if the session tracking cookies created on behalf of the application represented by the ServletContext from which this SessionCookieConfig was acquired shall be marked as HttpOnly, false otherwise
See Also:
Cookie.setHttpOnly(boolean)

setSecure

public void setSecure(boolean secure)
Description copied from interface: javax.servlet.SessionCookieConfig
Marks or unmarks the session tracking cookies created on behalf of the application represented by the ServletContext from which this SessionCookieConfig was acquired as secure.

One use case for marking a session tracking cookie as secure, even though the request that initiated the session came over HTTP, is to support a topology where the web container is front-ended by an SSL offloading load balancer. In this case, the traffic between the client and the load balancer will be over HTTPS, whereas the traffic between the load balancer and the web container will be over HTTP.

Specified by:
setSecure in interface javax.servlet.SessionCookieConfig
Parameters:
secure - true if the session tracking cookies created on behalf of the application represented by the ServletContext from which this SessionCookieConfig was acquired shall be marked as secure even if the request that initiated the corresponding session is using plain HTTP instead of HTTPS, and false if they shall be marked as secure only if the request that initiated the corresponding session was also secure
See Also:
Cookie.setSecure(boolean), ServletRequest.isSecure()

getMaxAge

public int getMaxAge()
Description copied from interface: javax.servlet.SessionCookieConfig
Gets the lifetime (in seconds) of the session tracking cookies created on behalf of the application represented by the ServletContext from which this SessionCookieConfig was acquired.

By default, -1 is returned.

Specified by:
getMaxAge in interface javax.servlet.SessionCookieConfig
Returns:
the lifetime (in seconds) of the session tracking cookies created on behalf of the application represented by the ServletContext from which this SessionCookieConfig was acquired, or -1 (the default)
See Also:
Cookie.getMaxAge()

setMaxAge

public void setMaxAge(int maxAge)
Description copied from interface: javax.servlet.SessionCookieConfig
Sets the lifetime (in seconds) for the session tracking cookies created on behalf of the application represented by the ServletContext from which this SessionCookieConfig was acquired.

Specified by:
setMaxAge in interface javax.servlet.SessionCookieConfig
Parameters:
maxAge - the lifetime (in seconds) of the session tracking cookies created on behalf of the application represented by the ServletContext from which this SessionCookieConfig was acquired.
See Also:
Cookie.setMaxAge(int)

getName

public java.lang.String getName()
Description copied from interface: javax.servlet.SessionCookieConfig
Gets the name that will be assigned to any session tracking cookies created on behalf of the application represented by the ServletContext from which this SessionCookieConfig was acquired.

By default, JSESSIONID will be used as the cookie name.

Specified by:
getName in interface javax.servlet.SessionCookieConfig
Returns:
the cookie name set via SessionCookieConfig.setName(java.lang.String), or null if SessionCookieConfig.setName(java.lang.String) was never called
See Also:
Cookie.getName()

setName

public void setName(java.lang.String name)
Description copied from interface: javax.servlet.SessionCookieConfig
Sets the name that will be assigned to any session tracking cookies created on behalf of the application represented by the ServletContext from which this SessionCookieConfig was acquired.

NOTE: Changing the name of session tracking cookies may break other tiers (for example, a load balancing frontend) that assume the cookie name to be equal to the default JSESSIONID, and therefore should only be done cautiously.

Specified by:
setName in interface javax.servlet.SessionCookieConfig
Parameters:
name - the cookie name to use
Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2000-2009 Apache Software Foundation. All Rights Reserved.