ScriptHttpSession (XWiki Platform - Old Core 12.10.10 API)

java.lang.Object
- com.xpn.xwiki.render.ScriptHttpSession

All Implemented Interfaces:

javax.servlet.http.HttpSession, javax.servlet.http.HttpSessionContext
```
@Unstable
public class ScriptHttpSession
extends Object
implements javax.servlet.http.HttpSession, javax.servlet.http.HttpSessionContext
```
A wrapper around HttpSession with security related checks.

Since:

12.4RC1, 11.10.5

Version:

$Id: e15c5f4013e537d637dbc9cf060b6b3d5b74ac85 $

Constructor Summary

Constructors
Constructor and Description

ScriptHttpSession(javax.servlet.http.HttpSession session, ContextualAuthorizationManager authorization)

Constructors
Constructor and Description
`ScriptHttpSession(javax.servlet.http.HttpSession session, ContextualAuthorizationManager authorization)`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`Object`	`getAttribute(String name)`
`Enumeration<String>`	`getAttributeNames()`
`long`	`getCreationTime()`
`String`	`getId()`
`Enumeration<String>`	`getIds()`
`long`	`getLastAccessedTime()`
`int`	`getMaxInactiveInterval()`
`Object`	`getSafeAttribute(String name)` Access an attribute that is safe to use for any script author.
`Enumeration<String>`	`getSafeAttributeNames()`
`javax.servlet.ServletContext`	`getServletContext()`
`javax.servlet.http.HttpSession`	`getSession(String sessionId)`
`javax.servlet.http.HttpSessionContext`	`getSessionContext()`
`Object`	`getValue(String name)`
`String[]`	`getValueNames()`
`void`	`invalidate()`
`boolean`	`isNew()`
`void`	`putValue(String name, Object value)`
`void`	`removeAttribute(String name)`
`void`	`removeSafeAttribute(String name)` Remove an attribute that is safe to use for any script author.
`void`	`removeValue(String name)`
`void`	`setAttribute(String name, Object value)`
`void`	`setMaxInactiveInterval(int interval)`
`void`	`setSafeAttribute(String name, Object value)` Set an attribute that is safe to use for any script author.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - ScriptHttpSession
```
public ScriptHttpSession(javax.servlet.http.HttpSession session,
                         ContextualAuthorizationManager authorization)
```
    Parameters:
    
    session - the wrapped session
    
    authorization - used to check rights of the current author
- Method Detail
  - getCreationTime
```
public long getCreationTime()
```
    Specified by:
    
    getCreationTime in interface javax.servlet.http.HttpSession
  - getId
```
public String getId()
```
    Specified by:
    
    getId in interface javax.servlet.http.HttpSession
  - getLastAccessedTime
```
public long getLastAccessedTime()
```
    Specified by:
    
    getLastAccessedTime in interface javax.servlet.http.HttpSession
  - getServletContext
```
public javax.servlet.ServletContext getServletContext()
```
    Specified by:
    
    getServletContext in interface javax.servlet.http.HttpSession
  - setMaxInactiveInterval
```
public void setMaxInactiveInterval(int interval)
```
    Specified by:
    
    setMaxInactiveInterval in interface javax.servlet.http.HttpSession
  - getMaxInactiveInterval
```
public int getMaxInactiveInterval()
```
    Specified by:
    
    getMaxInactiveInterval in interface javax.servlet.http.HttpSession
  - getSessionContext
```
public javax.servlet.http.HttpSessionContext getSessionContext()
```
    Specified by:
    
    getSessionContext in interface javax.servlet.http.HttpSession
  - getSafeAttribute
```
public Object getSafeAttribute(String name)
```
    Access an attribute that is safe to use for any script author.
    
    Parameters:
    
    name - the name of the attribute
    
    Returns:
    
    the value of the attribute
  - setSafeAttribute
```
public void setSafeAttribute(String name,
                             Object value)
```
    Set an attribute that is safe to use for any script author.
    It's recommended to not store anything sensitive in there.
    
    Parameters:
    
    name - the name of the attribute
    
    value - the value of the attribute
  - removeSafeAttribute
```
public void removeSafeAttribute(String name)
```
    Remove an attribute that is safe to use for any script author.
    
    Parameters:
    
    name - the name of the attribute
  - getSafeAttributeNames
```
public Enumeration<String> getSafeAttributeNames()
```
    Returns:
    
    the names of the attributes which are safe to use for any script author.
  - getAttribute
```
public Object getAttribute(String name)
```
    Allow to manipulate only a limited set of attributes when not a programming right user since other might be sensitive data.
    
    Specified by:
    
    getAttribute in interface javax.servlet.http.HttpSession
    
    See Also:
    
    HttpSession.getAttribute(java.lang.String)
  - getValue
```
public Object getValue(String name)
```
    Specified by:
    
    getValue in interface javax.servlet.http.HttpSession
  - getAttributeNames
```
public Enumeration<String> getAttributeNames()
```
    Specified by:
    
    getAttributeNames in interface javax.servlet.http.HttpSession
  - getValueNames
```
public String[] getValueNames()
```
    Specified by:
    
    getValueNames in interface javax.servlet.http.HttpSession
  - setAttribute
```
public void setAttribute(String name,
                         Object value)
```
    Allow to manipulate only a limited set of attributes when not a programming right user since other might be sensitive data.
    
    Specified by:
    
    setAttribute in interface javax.servlet.http.HttpSession
    
    See Also:
    
    HttpSession.setAttribute(java.lang.String, java.lang.Object)
  - putValue
```
public void putValue(String name,
                     Object value)
```
    Specified by:
    
    putValue in interface javax.servlet.http.HttpSession
  - removeAttribute
```
public void removeAttribute(String name)
```
    Allow to manipulate only a limited set of attributes when not a programming right user since other might be sensitive data.
    
    Specified by:
    
    removeAttribute in interface javax.servlet.http.HttpSession
    
    See Also:
    
    HttpSession.removeAttribute(java.lang.String)
  - removeValue
```
public void removeValue(String name)
```
    Specified by:
    
    removeValue in interface javax.servlet.http.HttpSession
  - invalidate
```
public void invalidate()
```
    Allow to manipulate only a limited set of attributes when not a programming right user since other might be sensitive data.
    
    Specified by:
    
    invalidate in interface javax.servlet.http.HttpSession
    
    See Also:
    
    HttpSession.removeAttribute(java.lang.String)
  - isNew
```
public boolean isNew()
```
    Specified by:
    
    isNew in interface javax.servlet.http.HttpSession
  - getSession
```
public javax.servlet.http.HttpSession getSession(String sessionId)
```
    Specified by:
    
    getSession in interface javax.servlet.http.HttpSessionContext
  - getIds
```
public Enumeration<String> getIds()
```
    Specified by:
    
    getIds in interface javax.servlet.http.HttpSessionContext

Class ScriptHttpSession

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

ScriptHttpSession

Method Detail

getCreationTime

getId

getLastAccessedTime

getServletContext

setMaxInactiveInterval

getMaxInactiveInterval

getSessionContext

getSafeAttribute

setSafeAttribute

removeSafeAttribute

getSafeAttributeNames

getAttribute

getValue

getAttributeNames

getValueNames

setAttribute

putValue

removeAttribute

removeValue

invalidate

isNew

getSession

getIds