@Unstable public class ScriptHttpSession extends Object implements javax.servlet.http.HttpSession, javax.servlet.http.HttpSessionContext
HttpSession
with security related checks.Constructor and Description |
---|
ScriptHttpSession(javax.servlet.http.HttpSession session,
ContextualAuthorizationManager authorization) |
Modifier and Type | Method and Description |
---|---|
Object |
getAttribute(String name) |
Enumeration<String> |
getAttributeNames() |
long |
getCreationTime() |
String |
getId() |
Enumeration<String> |
getIds() |
long |
getLastAccessedTime() |
int |
getMaxInactiveInterval() |
Object |
getSafeAttribute(String name)
Access an attribute that is safe to use for any script author.
|
Enumeration<String> |
getSafeAttributeNames() |
javax.servlet.ServletContext |
getServletContext() |
javax.servlet.http.HttpSession |
getSession(String sessionId) |
javax.servlet.http.HttpSessionContext |
getSessionContext() |
Object |
getValue(String name) |
String[] |
getValueNames() |
void |
invalidate() |
boolean |
isNew() |
void |
putValue(String name,
Object value) |
void |
removeAttribute(String name) |
void |
removeSafeAttribute(String name)
Remove an attribute that is safe to use for any script author.
|
void |
removeValue(String name) |
void |
setAttribute(String name,
Object value) |
void |
setMaxInactiveInterval(int interval) |
void |
setSafeAttribute(String name,
Object value)
Set an attribute that is safe to use for any script author.
|
public ScriptHttpSession(javax.servlet.http.HttpSession session, ContextualAuthorizationManager authorization)
session
- the wrapped sessionauthorization
- used to check rights of the current authorpublic long getCreationTime()
getCreationTime
in interface javax.servlet.http.HttpSession
public String getId()
getId
in interface javax.servlet.http.HttpSession
public long getLastAccessedTime()
getLastAccessedTime
in interface javax.servlet.http.HttpSession
public javax.servlet.ServletContext getServletContext()
getServletContext
in interface javax.servlet.http.HttpSession
public void setMaxInactiveInterval(int interval)
setMaxInactiveInterval
in interface javax.servlet.http.HttpSession
public int getMaxInactiveInterval()
getMaxInactiveInterval
in interface javax.servlet.http.HttpSession
public javax.servlet.http.HttpSessionContext getSessionContext()
getSessionContext
in interface javax.servlet.http.HttpSession
public Object getSafeAttribute(String name)
name
- the name of the attributepublic void setSafeAttribute(String name, Object value)
It's recommended to not store anything sensitive in there.
name
- the name of the attributevalue
- the value of the attributepublic void removeSafeAttribute(String name)
name
- the name of the attributepublic Enumeration<String> getSafeAttributeNames()
public Object getAttribute(String name)
Allow to manipulate only a limited set of attributes when not a programming right user since other might be sensitive data.
getAttribute
in interface javax.servlet.http.HttpSession
HttpSession.getAttribute(java.lang.String)
public Object getValue(String name)
getValue
in interface javax.servlet.http.HttpSession
public Enumeration<String> getAttributeNames()
getAttributeNames
in interface javax.servlet.http.HttpSession
public String[] getValueNames()
getValueNames
in interface javax.servlet.http.HttpSession
public void setAttribute(String name, Object value)
Allow to manipulate only a limited set of attributes when not a programming right user since other might be sensitive data.
setAttribute
in interface javax.servlet.http.HttpSession
HttpSession.setAttribute(java.lang.String, java.lang.Object)
public void putValue(String name, Object value)
putValue
in interface javax.servlet.http.HttpSession
public void removeAttribute(String name)
Allow to manipulate only a limited set of attributes when not a programming right user since other might be sensitive data.
removeAttribute
in interface javax.servlet.http.HttpSession
HttpSession.removeAttribute(java.lang.String)
public void removeValue(String name)
removeValue
in interface javax.servlet.http.HttpSession
public void invalidate()
Allow to manipulate only a limited set of attributes when not a programming right user since other might be sensitive data.
invalidate
in interface javax.servlet.http.HttpSession
HttpSession.removeAttribute(java.lang.String)
public boolean isNew()
isNew
in interface javax.servlet.http.HttpSession
public javax.servlet.http.HttpSession getSession(String sessionId)
getSession
in interface javax.servlet.http.HttpSessionContext
public Enumeration<String> getIds()
getIds
in interface javax.servlet.http.HttpSessionContext
Copyright © 2004–2021 XWiki. All rights reserved.