blob: 94872a16571b3bbb117a10685bc9a957efb17ac1 [file] [log] [blame]
Michael E. Rodriguezd8af66f2005-12-08 20:55:55 +00001/*
2 * Copyright 1999,2005 The Apache Software Foundation.
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17package javax.servlet.http;
18
19
20/**
21 *
22 * Provides a way to identify a user across more than one page
23 * request or visit to a Web site and to store information about that user.
24 *
25 * <p>The servlet container uses this interface to create a session
26 * between an HTTP client and an HTTP server. The session persists
27 * for a specified time period, across more than one connection or
28 * page request from the user. A session usually corresponds to one
29 * user, who may visit a site many times. The server can maintain a
30 * session in many ways such as using cookies or rewriting URLs.
31 *
32 * <p>This interface allows servlets to
33 * <ul>
34 * <li>View and manipulate information about a session, such as
35 * the session identifier, creation time, and last accessed time
36 * <li>Bind objects to sessions, allowing user information to persist
37 * across multiple user connections
38 * </ul>
39 *
40 * <p>When an application stores an object in or removes an object from a
41 * session, the session checks whether the object implements
42 * {@link HttpSessionBindingListener}. If it does,
43 * the servlet notifies the object that it has been bound to or unbound
44 * from the session. Notifications are sent after the binding methods complete.
45 * For session that are invalidated or expire, notifications are sent after
46 * the session has been invalidatd or expired.
47 *
48 * <p>A servlet should be able to handle cases in which
49 * the client does not choose to join a session, such as when cookies are
50 * intentionally turned off. Until the client joins the session,
51 * <code>isNew</code> returns <code>true</code>. If the client chooses
52 * not to join
53 * the session, <code>getSession</code> will return a different session
54 * on each request, and <code>isNew</code> will always return
55 * <code>true</code>.
56 *
57 * <p>Session information is scoped only to the current web application
58 * (<code>ServletContext</code>), so information stored in one context
59 * will not be directly visible in another.
60 *
61 * @author Various
62 * @version $Version$
63 *
64 *
65 * @see HttpSessionBindingListener
66 * @see HttpSessionContext
67 *
68 */
69
70public interface HttpSession {
71
72
73
74
75 /**
76 *
77 * Returns the time when this session was created, measured
78 * in milliseconds since midnight January 1, 1970 GMT.
79 *
80 * @return a <code>long</code> specifying
81 * when this session was created,
82 * expressed in
83 * milliseconds since 1/1/1970 GMT
84 *
85 * @exception IllegalStateException if this method is called on an
86 * invalidated session
87 *
88 */
89
90 public long getCreationTime();
91
92
93
94
95 /**
96 *
97 * Returns a string containing the unique identifier assigned
98 * to this session. The identifier is assigned
99 * by the servlet container and is implementation dependent.
100 *
101 * @return a string specifying the identifier
102 * assigned to this session
103 *
104 * @exeption IllegalStateException if this method is called on an
105 * invalidated session
106 *
107 */
108
109 public String getId();
110
111
112
113
114 /**
115 *
116 * Returns the last time the client sent a request associated with
117 * this session, as the number of milliseconds since midnight
118 * January 1, 1970 GMT, and marked by the time the container recieved the request.
119 *
120 * <p>Actions that your application takes, such as getting or setting
121 * a value associated with the session, do not affect the access
122 * time.
123 *
124 * @return a <code>long</code>
125 * representing the last time
126 * the client sent a request associated
127 * with this session, expressed in
128 * milliseconds since 1/1/1970 GMT
129 *
130 * @exeption IllegalStateException if this method is called on an
131 * invalidated session
132 *
133 */
134
135 public long getLastAccessedTime();
136
137
138 /**
139 *
140 * Specifies the time, in seconds, between client requests before the
141 * servlet container will invalidate this session. A negative time
142 * indicates the session should never timeout.
143 *
144 * @param interval An integer specifying the number
145 * of seconds
146 *
147 */
148
149 public void setMaxInactiveInterval(int interval);
150
151
152
153
154 /**
155 * Returns the maximum time interval, in seconds, that
156 * the servlet container will keep this session open between
157 * client accesses. After this interval, the servlet container
158 * will invalidate the session. The maximum time interval can be set
159 * with the <code>setMaxInactiveInterval</code> method.
160 * A negative time indicates the session should never timeout.
161 *
162 *
163 * @return an integer specifying the number of
164 * seconds this session remains open
165 * between client requests
166 *
167 * @see #setMaxInactiveInterval
168 *
169 *
170 */
171
172 public int getMaxInactiveInterval();
173
174
175
176
177 /**
178 *
179 * @deprecated As of Version 2.1, this method is
180 * deprecated and has no replacement.
181 * It will be removed in a future
182 * version of the Java Servlet API.
183 *
184 */
185
186 public HttpSessionContext getSessionContext();
187
188
189
190
191 /**
192 *
193 *
194 * @param name a string specifying the name of the object
195 *
196 * @return the object with the specified name
197 *
198 * @exception IllegalStateException if this method is called on an
199 * invalidated session
200 *
201 */
202
203 public Object getValue(String name);
204
205
206
207
208 /**
209 *
210 *
211 * @return an array of <code>String</code>
212 * objects specifying the
213 * names of all the objects bound to
214 * this session
215 *
216 * @exception IllegalStateException if this method is called on an
217 * invalidated session
218 *
219 */
220
221 public String[] getValueNames();
222
223
224
225
226 /**
227 *
228 *
229 * @param name the name to which the object is bound;
230 * cannot be null
231 *
232 * @param value the object to be bound; cannot be null
233 *
234 * @exception IllegalStateException if this method is called on an
235 * invalidated session
236 *
237 */
238
239 public void putValue(String name, Object value);
240
241
242
243
244
245 /**
246 *
247 *
248 * @param name the name of the object to
249 * remove from this session
250 *
251 * @exception IllegalStateException if this method is called on an
252 * invalidated session
253 */
254
255 public void removeValue(String name);
256
257
258
259
260 /**
261 *
262 * Invalidates this session then unbinds any objects bound
263 * to it.
264 *
265 * @exception IllegalStateException if this method is called on an
266 * already invalidated session
267 *
268 */
269
270 public void invalidate();
271
272
273
274
275 /**
276 *
277 * Returns <code>true</code> if the client does not yet know about the
278 * session or if the client chooses not to join the session. For
279 * example, if the server used only cookie-based sessions, and
280 * the client had disabled the use of cookies, then a session would
281 * be new on each request.
282 *
283 * @return <code>true</code> if the
284 * server has created a session,
285 * but the client has not yet joined
286 *
287 * @exception IllegalStateException if this method is called on an
288 * already invalidated session
289 *
290 */
291
292 public boolean isNew();
293}
294