SessionServiceConfig.java revision 35ab1c5bca11317474fe12bdd8d22c17cdaf2697
/**
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright (c) 2005 Sun Microsystems Inc. All Rights Reserved
*
* The contents of this file are subject to the terms
* of the Common Development and Distribution License
* (the License). You may not use this file except in
* compliance with the License.
*
* You can obtain a copy of the License at
* See the License for the specific language governing
* permission and limitations under the License.
*
* When distributing Covered Code, include this CDDL
* Header Notice in each file and include the License file
* at opensso/legal/CDDLv1.0.txt.
* If applicable, add the following below the CDDL Header,
* with the fields enclosed by brackets [] replaced by
* your own identifying information:
* "Portions Copyrighted [year] [name of copyright owner]"
*
* $Id: SessionService.java,v 1.37 2010/02/03 03:52:54 bina Exp $
*
* Portions Copyrighted 2010-2015 ForgeRock AS.
*/
/**
* Responsible for collating System Properties and amSession.xml configuration state relating to the Session Service.
*
* @since 13.0.0
*/
public class SessionServiceConfig {
private final Debug sessionDebug;
/*
* Constant Properties
*/
/*
* System Properties
*/
/**
* Property string for max number of sessions
*/
static final int DEFAULT_MAX_SESSIONS = 10000;
private final int maxSessions;
private final boolean logStatus;
private final String httpSessionTrackingCookieName;
private static final boolean DEFAULT_COOKIE_ENCODING = false;
private final boolean cookieEncoding;
private static final int DEFAULT_NOTIFICATION_THEAD_POOL_SIZE = 10;
private final int notificationThreadPoolSize;
private static final int DEFAULT_NOTIFICATION_THEAD_POOL_THRESHOLD = DEFAULT_NOTIFICATION_THEAD_POOL_SIZE * 10;
private final int notificationThreadPoolThreshold;
private final long applicationMaxCachingTime;
private static final boolean DEFAULT_RETURN_APP_SESSION = false;
private final boolean returnAppSession;
// Must be True to permit Session Failover HA to be available.
private static final boolean DEFAULT_USE_REMOTE_SAVE_METHOD = true;
private boolean useRemoteSaveMethod;
// Must be True to permit Session Failover HA to be available.
private static final boolean DEFAULT_USE_INTERNAL_REQUEST_ROUTING = true;
private boolean useInternalRequestRouting;
// Must be True to permit Session Failover HA to be available, but we default this to Disabled or Off for Now.
private static final boolean DEFAULT_SESSION_FAILOVER_ENABLED = false;
private boolean sessionFailoverEnabled;
private final int sessionFailoverClusterStateCheckTimeout;
private final long sessionFailoverClusterStateCheckPeriod;
/*
* amSession.xml (SMS) Properties
*/
private volatile HotSwappableSessionServiceConfig hotSwappableSessionServiceConfig;
/**
* Indicates whether to use crosstalk or session persistence to resolve remote sessions.
* Always true when session persistence/SFO is disabled.
*/
private static final boolean DEFAULT_REDUCED_CROSSTALK_ENABLED = true;
private volatile boolean reducedCrosstalkEnabled = DEFAULT_REDUCED_CROSSTALK_ENABLED;
/**
* The number of minutes to retain {@link com.iplanet.dpro.session.Session} objects in DESTROYED state
* while waiting for delete replication to occur if reduced cross-talk is enabled.
*/
private static final long DEFAULT_REDUCED_CROSSTALK_PURGE_DELAY = 5;
private volatile long reducedCrosstalkPurgeDelay = DEFAULT_REDUCED_CROSSTALK_PURGE_DELAY;
/**
*/
private static final SessionBroadcastMode DEFAULT_LOGOUT_DESTROY_BROADCAST = SessionBroadcastMode.OFF;
/**
* Private value object for storing snapshot state of amSession.xml config settings.
*
* This allows immutable value objects to be published as an atomic operation.
*/
private class HotSwappableSessionServiceConfig {
private static final long DEFAULT_SESSION_RETRIEVAL_TIMEOUT = 5;
private static final int DEFAULT_MAX_SESSION_LIST_SIZE = 200;
private static final int DEFAULT_MAX_WAIT_TIME_FOR_CONSTRAINT = 6000;
private final boolean sessionTrimmingEnabled;
private final boolean sessionConstraintEnabled;
private final boolean denyLoginIfDBIsDown;
private final String constraintHandler;
private final boolean propertyNotificationEnabled;
private final Set notificationProperties;
private final long sessionRetrievalTimeout; // in seconds
private final int maxSessionListSize;
private final int maxWaitTimeForConstraint; // in milli-seconds
}
}
attrs, AM_SESSION_SESSION_LIST_RETRIEVAL_TIMEOUT, DEFAULT_SESSION_RETRIEVAL_TIMEOUT, sessionDebug));
if (sessionDebug.messageEnabled()) {
}
return value;
}
if (sessionDebug.messageEnabled()) {
}
return value;
}
if (sessionDebug.messageEnabled()) {
}
return value;
}
if (propertyNotificationEnabled) {
}
if (sessionDebug.messageEnabled()) {
}
return value;
}
} else {
}
if (sessionDebug.messageEnabled()) {
}
return value;
}
if (sessionDebug.messageEnabled()) {
}
return value;
}
if (sessionDebug.messageEnabled()) {
}
return value;
}
if (sessionDebug.messageEnabled()) {
}
return value;
}
if (sessionDebug.messageEnabled()) {
}
return value;
}
if (sessionDebug.messageEnabled()) {
}
return value;
}
}
this.sessionDebug = sessionDebug;
// Initialize values set from System properties
SystemProperties.get(AM_SESSION_HTTP_SESSION_TRACKING_COOKIE_NAME, DEFAULT_HTTP_SESSION_TRACKING_COOKIE_NAME);
SystemProperties.getAsLong(APPLICATION_SESSION_MAX_CACHING_TIME, DEFAULT_APPLICATION_MAX_CACHING_TIME);
SystemProperties.getAsBoolean(AM_SESSION_FAILOVER_USE_REMOTE_SAVE_METHOD, DEFAULT_USE_REMOTE_SAVE_METHOD);
SystemProperties.getAsBoolean(AM_SESSION_FAILOVER_USE_INTERNAL_REQUEST_ROUTING, DEFAULT_USE_INTERNAL_REQUEST_ROUTING);
try {
// Initialize settings from SMS
/*
* In OpenSSO 8.0, we have switched to create sub configuration with
* site name. hence we need to lookup the site name based on the URL
*/
subCfgName != null ?
null;
// Currently, we are not allowing to default to Session Failover HA,
// even with a single server to enable session persistence.
// But can easily be turned on in the Session SubConfig.
if (sfoEnabled) {
sessionFailoverEnabled = true;
useRemoteSaveMethod = true;
useInternalRequestRouting = true;
// Determine whether crosstalk is enabled or disabled.
if (reducedCrosstalkEnabled) {
}
}
}
if (sessionDebug.messageEnabled()) {
}
// Rethrow exception rather than hobbling on with invalid configuration state
}
}
private int loadNotificationThreadPoolSizeSystemProperty() {
try {
} catch (NumberFormatException e) {
"Invalid value for " + NOTIFICATION_THREADPOOL_SIZE +
" defaulting to " + DEFAULT_NOTIFICATION_THEAD_POOL_SIZE);
}
}
private int loadNotificationThreadPoolThresholdSystemProperty() {
try {
} catch (NumberFormatException e) {
"Invalid value for " + NOTIFICATION_THREADPOOL_THRESHOLD +
" defaulting to " + DEFAULT_NOTIFICATION_THEAD_POOL_THRESHOLD);
}
}
private int loadSessionFailoverClusterStateCheckTimeout() {
try {
} catch (Exception e) {
return ClusterStateService.DEFAULT_TIMEOUT;
}
}
private long loadSessionFailoverClusterStateCheckPeriod() {
try {
} catch (Exception e) {
return ClusterStateService.DEFAULT_PERIOD;
}
}
/**
* Returns true if SystemProperty "com.iplanet.am.session.failover.useRemoteSaveMethod" is true or
* Session Failover is enabled.
*
* @see #isSessionFailoverEnabled()
*/
public boolean isUseRemoteSaveMethod() {
return useRemoteSaveMethod;
}
/**
* Returns amSession.xml property "iplanet-am-session-logout-destroy-broadcast" choice.
*
* Defaults to {@link SessionBroadcastMode.OFF }.
*/
public SessionBroadcastMode getLogoutDestroyBroadcast() {
return logoutDestroyBroadcast;
}
/**
* Returns amSession.xml property "iplanet-am-session-constraint-handler".
*
* This should be the fully qualified name of a class implementing
* {@link com.iplanet.dpro.session.service.QuotaExhaustionAction}.
*
* Defaults to {@link org.forgerock.openam.session.service.DestroyOldestAction}.
*
* @see com.iplanet.dpro.session.service.QuotaExhaustionAction
* @see org.forgerock.openam.session.service.DestroyOldestAction
*/
public String getConstraintHandler() {
}
/**
* Returns true if amSession.xml property "iplanet-am-session-deny-login-if-db-is-down" is "YES" (case insensitive).
*
* Defaults to false.
*/
public boolean isDenyLoginIfDBIsDown() {
}
/**
* Returns true if amSession.xml property "iplanet-am-session-enable-session-constraint" is "ON" (case insensitive).
*
* Defaults to false.
*/
public boolean isSessionConstraintEnabled() {
}
/**
* Returns true if amSession.xml property "iplanet-am-session-enable-session-trimming" is "YES" (case insensitive).
*
* Defaults to false.
*/
public boolean isSessionTrimmingEnabled() {
}
/**
* The number of minutes to retain {@link com.iplanet.dpro.session.Session} objects in DESTROYED state while waiting
* for delete replication to occur if reduced cross-talk is enabled.
*/
public long getReducedCrosstalkPurgeDelay() {
return reducedCrosstalkPurgeDelay;
}
public String getHttpSessionPropertyName() {
return HTTP_SESSION_PROPERTY_NAME;
}
public String getHttpSessionOwnerListPropertyName() {
}
public String getSecurityCookieName() {
return SECURITY_COOKIE_NAME;
}
/**
* Returns SystemProperty "com.iplanet.am.session.maxSessions".
*
* Defaults to 10,000 if not specified.
*/
public int getMaxSessions() {
return maxSessions;
}
/**
* Returns true if SystemProperty "com.iplanet.am.logstatus" is "ACTIVE" (case insensitive).
*
* Defaults to false.
*/
public boolean isLoggingEnabled() {
return logStatus;
}
/**
* session tracking (currently hardcoded to "JSESSIONID")
*/
public String getHttpSessionTrackingCookieName() {
return httpSessionTrackingCookieName;
}
/**
* Returns true if SystemProperty "com.iplanet.am.cookie.encode" is true.
*
* Defaults to false.
*/
public boolean isCookieEncodingEnabled() {
return cookieEncoding;
}
/**
* Returns value of SystemProperty "com.iplanet.am.notification.threadpool.size".
*
* Defaults to 10 if not specified.
*/
public int getNotificationThreadPoolSize() {
return notificationThreadPoolSize;
}
/**
* Returns value of SystemProperty "com.iplanet.am.notification.threadpool.threshold".
*
* Defaults to 100 if not specified.
*/
public int getNotificationThreadPoolThreshold() {
return notificationThreadPoolThreshold;
}
/**
* Returns value of SystemProperty "com.sun.identity.session.returnAppSession".
*
* Defaults to false.
*/
public boolean isReturnAppSessionEnabled() {
return returnAppSession;
}
/**
* Returns true if SystemProperty or amSession.xml property "iplanet-am-session-sfo-enabled" is true.
*
* Defaults to false.
*/
public boolean isSessionFailoverEnabled() {
return sessionFailoverEnabled;
}
/**
* Returns true if amSession.xml property "iplanet-am-session-reduced-crosstalk-enabled" is true
* (and session failover is enabled).
*
* @see #isSessionFailoverEnabled()
*/
public boolean isReducedCrossTalkEnabled() {
return sessionFailoverEnabled && reducedCrosstalkEnabled;
}
/**
* Returns values of amSession.xml property "openam-session-timeout-handler-list".
*
* Each value should be the fully qualified name of a class implementing
* {@link org.forgerock.openam.session.service.SessionTimeoutHandler}.
*
* @see org.forgerock.openam.session.service.SessionTimeoutHandler
*/
}
/**
* Returns value of SystemProperty "com.sun.identity.session.application.maxCacheTime" (minutes).
*
* Defaults to Long.MAX_VALUE / 60 (i.e. essentially forever).
*/
public long getApplicationMaxCachingTime() {
return applicationMaxCachingTime;
}
/**
* Returns value of amSession.xml property "iplanet-am-session-session-list-retrieval-timeout" (seconds).
*
* Defaults to 5.
*/
public long getSessionRetrievalTimeout() {
}
/**
* Returns value of amSession.xml property "iplanet-am-session-max-session-list-size".
*
* Defaults to 200.
*/
public int getMaxSessionListSize() {
}
/**
* Returns true if property change notifications are enabled for the specified property.
*
* Property change notifications are activated by setting the amSession.xml property
* "iplanet-am-session-property-change-notification" to "ON" (case-insensitive); defaults to false.
*
* Properties for which notifications should be sent are then specified vis the amSession.xml property
* "iplanet-am-session-notification-property-list"; no properties are selected by default.
*
* @param key Name of the property to check
*/
}
/**
* Returns true if SystemProperty "com.iplanet.am.session.failover.useInternalRequestRouting" is enabled or
* session failover is enabled.
*
* Defaults to true.
*
* @see #isSessionFailoverEnabled()
*/
public boolean isUseInternalRequestRoutingEnabled() {
return sessionFailoverEnabled && useInternalRequestRouting;
}
/**
* Returns value of amSession.xml property "com.iplanet.am.session.failover.cluster.stateCheck.timeout" (milliseconds).
*
* Defaults to 1000.
*/
public int getSessionFailoverClusterStateCheckTimeout() {
}
/**
* Returns value of amSession.xml property "com.iplanet.am.session.failover.cluster.stateCheck.period" (milliseconds).
*
* Defaults to 1000.
*/
public long getSessionFailoverClusterStateCheckPeriod() {
}
/**
* A single instance of this class is created to listen for changes to the amSession.xml configuration state
* and ensure that {@link SessionServiceConfig#hotSwappableSessionServiceConfig} state is kept in sync.
*/
class SessionConfigListener implements ServiceListener {
private final ServiceSchemaManager serviceSchemaManager;
/**
* Creates a new SessionConfigListener
* @param serviceSchemaManager ServiceSchemaManager
*/
}
/**
* {@inheritDoc}
*/
return;
}
try {
} catch (Exception e) {
}
}
/**
* {@inheritDoc}
*/
// No op.
}
/**
* {@inheritDoc}
*/
// No op.
}
}
}