Session.java revision 56ed5bbb263838f338eb8afc978091c01a4f2a2b
/**
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright (c) 2005 Sun Microsystems Inc. All Rights Reserved
*
* The contents of this file are subject to the terms
* of the Common Development and Distribution License
* (the License). You may not use this file except in
* compliance with the License.
*
* You can obtain a copy of the License at
* See the License for the specific language governing
* permission and limitations under the License.
*
* When distributing Covered Code, include this CDDL
* Header Notice in each file and include the License file
* at opensso/legal/CDDLv1.0.txt.
* If applicable, add the following below the CDDL Header,
* with the fields enclosed by brackets [] replaced by
* your own identifying information:
* "Portions Copyrighted [year] [name of copyright owner]"
*
* $Id: Session.java,v 1.25 2009/08/14 17:53:35 weisun2 Exp $
*
*/
/*
* Portions Copyrighted 2010-2012 ForgeRock Inc
*/
/**
* The <code>Session</code> class represents a session. It contains session
* related information such as session ID, session type (user/application),
* client ID (user ID or application ID), session idle time, time left on the
* session, and session state. It also allows applications to add listener for
* session events.
*
* <pre>
* The following is the state diagram for a session:
*
* |
* |
* |
* V
* ---------- invalid
* | |
* | |creation (authentication OK)
* | |
* |max login time| max idle time
* |destroy V --------------->
* | valid inactive --
* | | <-------------- |
* | | reactivate |
* | | |
* | | logout | destroy
* | | destroy | max session time
* | | max session time |
* | V |
* ---------> destroy <---------------------
*
* </pre>
*
* @see com.iplanet.dpro.session.SessionID
* @see com.iplanet.dpro.session.SessionListener
*/
public class Session extends GeneralTaskRunnable {
/**
* Used for uniquely referencing this Session object.
*/
/**
* Defines the type of Session that has been created. Where 0 for User
* Session; and 1 for Application Session.
*/
private int sessionType;
/**
* Identification string of the Client using this Session.
*/
/**
* Authenticated.
*/
private String clientDomain;
/**
* Total Maximum time allowed for the session, in minutes.
*/
private long maxSessionTime;
/**
* Maximum idle time allowed for the session, in minutes.
*/
private long maxIdleTime;
/**
* Maximum time for which the cached session is used, in minutes.
*/
private long maxCachingTime;
/**
* The time for which the session has been idle, in seconds.
*/
private long sessionIdleTime;
/**
* Total time left for the session, in seconds.
*/
private long sessionTimeLeft;
/*
* This is the time value (computed as System.currentTimeMillis()/1000) when
* the session timed out. Value zero means the session has not timed out.
*/
private volatile long timedOutAt = 0;
/**
* Four possible values for the state of the session 0 - Invalid 1 -
* Valid 2 - Inactive 3 - Destroyed
*/
private int sessionState;
/**
* All session related properties are stored as key-value pair in this
* table.
*/
/**
* URL of the Session Server, where this session resides.
*/
private URL sessionServiceURL;
/**
* Type of the Event
*/
private int eventType = -1;
/**
* Last time the client sent a request associated with this session, as the
* number of seconds since midnight January 1, 1970 GMT.
*/
private volatile long latestRefreshTime;
/**
* Session Tracking Cookie Name
*/
"JSESSIONID");
/**
* Indicates whether the latest access time need to be reset on the session.
*/
volatile boolean needToReset = false;
/*
* indicates whether to use local or remote calls to Session Service
*
*/
private boolean sessionIsLocal = false;
public static final int INVALID = 0;
public static final int VALID = 1;
public static final int INACTIVE = 2;
public static final int DESTROYED = 3;
public static final int USER_SESSION = 0;
public static final int APPLICATION_SESSION = 1;
private static String cookieName =
public static String lbCookieName =
private static final boolean resetLBCookie =
.booleanValue();
/**
* This is the maximum extra time for which the timed out sessions can live
* in the session server
*/
private static long purgeDelay;
// Debug instance
/**
* Indicates whether session to use polling or notifications to clear the
* client cache
*/
private static boolean pollingEnabled = false;
private static boolean pollerPoolInitialized = false;
private static final String ENABLE_POLLING_PROPERTY =
"com.iplanet.am.session.client.polling.enable";
/**
* Indicates whether to enable or disable the session cleanup thread.
*/
private static boolean sessionCleanupEnabled =
.booleanValue();
/**
* The session table indexed by Session ID objects.
*/
/**
* The session service URL table indexed by server address contained in the
* Session ID object.
*/
/**
* Set of session event listeners for THIS session only
*/
new HashSet<SessionListener>();
/**
* Set of session event listeners for ALL sessions
*/
new HashSet<SessionListener>();
/**
* This is used only in polling mode to find the polling state of this
* session.
*/
private volatile boolean isPolling = false;
private static final int DEFAULT_POOL_SIZE = 5;
private static final int DEFAULT_THRESHOLD = 10000;
.get("com.iplanet.am.session.client.polling.cacheBased",
"false")).booleanValue();
private static long appSSOTokenRefreshTime;
static {
"com.iplanet.am.session.purgedelay", "120");
try {
purgeDelay = 120;
}
"com.iplanet.am.client.appssotoken.refreshtime", "3");
try {
}
}
static private String getAMServerID() {
try {
}
return serverid;
}
/**
* Enables the Session Polling
* @param b if <code>true</code> polling is enabled, disabled otherwise
*/
protected void setIsPolling(boolean b) {
isPolling = b;
}
/**
* Checks if Polling is enabled
* @return <code> true if polling is enabled , <code>false<code> otherwise
*/
protected boolean getIsPolling() {
return isPolling;
}
/**
* Checks if Polling is enabled
* @return <code> true if polling is enabled , <code>false<code> otherwise
*/
protected static boolean isPollingEnabled(){
// This is only a transitional solution before the complete
// implementation for making the session properties
// hot-swappable is in place
if (!isServerMode()) {
"false")).booleanValue();
}
if (sessionDebug.messageEnabled()) {
+ pollingEnabled);
}
if(!pollerPoolInitialized){
if (pollingEnabled) {
int poolSize;
int threshold;
try {
} catch (Exception e) {
}
try {
} catch (Exception e) {
}
if (shutdownMan.acquireValidLock()) {
try {
threshold, true, sessionDebug);
new ShutdownListener() {
public void shutdown() {
threadPool = null;
pollerPoolInitialized = false;
}
}
);
} finally {
}
}
pollerPoolInitialized = true;
} else {
if (sessionDebug.messageEnabled()) {
}
}
}
return pollingEnabled;
}
/*
* Used in this package only.
*/
if (isServerMode()) {
}
}
/**
* Returns cookie name for the Session
* @return cookie name
*/
public static String getCookieName() {
return cookieName;
}
return false;
}
return false;
}
public boolean isEmpty() {
return true;
}
public long getRunPeriod() {
return -1;
}
public void run() {
if (isPollingEnabled()) {
try {
if (!getIsPolling()) {
long expectedTime = -1;
if (cacheBasedPolling) {
* 1000);
}
} else {
}
if (expectedTime > scheduledExecutionTime()) {
// Get an instance as required otherwise it causes issues on container restart.
return;
}
}
new RestrictedTokenAction() {
try {
setIsPolling(true);
} catch (ThreadPoolException e) {
setIsPolling(false);
e);
}
return null;
}
});
}
} catch (SessionException se) {
"session is not in timeout state so clean it", se);
}
} else {
if (sessionCleanupEnabled) {
if (sessionDebug.messageEnabled()) {
}
long expectedTime = -1;
* 1000;
}
if (expectedTime > scheduledExecutionTime()) {
return;
}
try {
if (sessionDebug.messageEnabled()) {
+ "time exceeded the Max Session Time");
}
+ "up Session Cache", ex);
}
}
}
}
/**
* Returns load balancer cookie value for the Session.
*
* @param sid Session string for load balancer cookie.
* @return load balancer cookie value.
* @throws SessionException if session is invalid.
*/
throws SessionException {
}
/**
* Returns load balancer cookie value for the Session.
* @param sid Session ID for load balancer cookie.
* @return load balancer cookie value.
* @throws SessionException if session is invalid.
*/
throws SessionException {
if(sessionDebug.messageEnabled()){
"lbCookieName is:" + lbCookieName);
}
"invalidSessionID", null);
}
if(isServerMode() &&
}
if(resetLBCookie) {
if (isServerMode()) {
}
} else {
}
}
}
}
}
/**
* Returns the session ID.
* @return The session ID.
*/
return sessionID;
}
/**
* Returns the session type.
*
* @return The session type.
*/
public int getType() {
return sessionType;
}
/**
* Returns the client ID in the session.
*
* @return The client ID in the session.
*/
public String getClientID() {
return clientID;
}
/**
* Returns the client domain in the session.
*
* @return The client domain in the session.
*/
public String getClientDomain() {
return clientDomain;
}
/**
* Returns the maximum session time in minutes.
*
* @return The maximum session time.
*/
public long getMaxSessionTime() {
return maxSessionTime;
}
/**
* Returns the maximum session idle time in minutes.
*
* @return The maximum session idle time.
*/
public long getMaxIdleTime() {
return maxIdleTime;
}
/**
* Returns true if the session has timed out.
* @return <code>true</code> if session timed out,
* <code>false</code>otherwise
* @exception SessionException
*/
public boolean isTimedOut() throws SessionException {
/**
* Before going to the server, check if the session has been already
* marked TimedOut or not.
*/
if (timedOutAt > 0) {
return true;
}
if (!cacheBasedPolling && maxCachingTimeReached()){
try {
refresh(false);
} catch (SessionTimedOutException e) {
}
}
return timedOutAt > 0;
}
/**
* Returns the extra time left(in seconds) for the client Session after the
* session timed out. If extra time left is zero, it means the session is
* ready to be removed permanently. If it returns -1 it means the session
* did not even reached the time out state.
* @return <code>Session</code> Purge time left
* @exception <code>SessionException</code>
*/
public long getTimeLeftBeforePurge() throws SessionException {
/**
* period.
*/
if (!isTimedOut()) {
return -1;
}
/**
* Return the extra time left, if the session has timed out due to
*/
}
/**
* Returns the maximum session caching time in minutes.
*
* @return The maximum session caching time.
*/
public long getMaxCachingTime() {
return maxCachingTime;
}
/**
* Returns the session idle time in seconds.
*
* @return The session idle time.
* @exception SessionException if the session reached its maximum session
* time, or the session was destroyed, or there was an error
* during communication with session service.
*/
public long getIdleTime() throws SessionException {
if (!cacheBasedPolling && maxCachingTimeReached()) {
refresh(false);
}
return sessionIdleTime;
}
/**
* Returns the time left for this session in seconds.
*
* @return The time left for this session.
* @exception SessionException is thrown if the session reached its
* maximum session time, or the session was destroyed, or
* there was an error during communication with session
* service.
*/
public long getTimeLeft() throws SessionException {
if (!cacheBasedPolling && maxCachingTimeReached()) {
refresh(false);
}
return sessionTimeLeft;
}
/**
* Returns the state of the session.
*
* @param reset
* This parameter indicates that whether the Session Service
* needs to reset the latest access time on this session.
* @return The state of the session. The session state is one of the
* following: <code>INVALID, VALID, INACTIVE, and DESTROYED</code>.
* @exception SessionException is thrown if the session reached its
* maximum session time, or the session was destroyed, or
* there was an error during communication with session
* service.
*/
if (!cacheBasedPolling && maxCachingTimeReached()) {
} else {
if (reset) {
needToReset = true;
}
}
return sessionState;
}
}
/**
* Returns the type of the event which caused the state change of this
* session.
*
* @return The type of the event. The event types are defined in class
* SessionEvent as static integers : SESSION_CREATION, IDLE_TIMEOUT,
* MAX_TIMEOUT, LOGOUT, ACTIVATION, REACTIVATION, and DESTROY.
*/
public int getEventType() {
return eventType;
}
/**
* Gets the property stored in this session.
*
* @param name The property name.
* @return The property value in String format.
* @exception SessionException is thrown if the session reached its
* maximum session time, or the session was destroyed, or
* there was an error during communication with session
* service.
*/
if ((!cacheBasedPolling && maxCachingTimeReached()) ||
refresh(false);
}
}
}
/**
* Given a restricted token, returns the SSOTokenID of the master token
* can only be used if the requester is an app token
*
* @param s Must be an app token
* @param restrictedId The SSOTokenID of the restricted token
* @return The SSOTokenID string of the master token
* @throws SSOException If the master token cannot be dereferenced
*/
throws SessionException {
try {
}
catch (Exception e) {
throw new SessionException(e);
}
return masterSID;
}
/**
* Returns true if the SSOTokenID associated with this SSOToken is a
* restricted token, false otherwise.
*
* @return true if the token is restricted
* @throws SSOException If we are unable to determine if the session is
* restricted
*/
public boolean isRestricted() throws SessionException {
return (this.getRestriction() != null ? true : false);
}
/**
* Gets the property stored in this session.
*
* @param name The property name.
* @return The property value in String format only
* when run in the server mode else return null
*/
if (isServerMode()) {
}
return null;
}
/**
* Sets a property for this session.
*
* @param name The property name.
* @param value The property value.
* @exception SessionException if the session reached its maximum session
* time, or the session was destroyed, or there was an error
* during communication with session service, or if the property
* name or value was null.
*/
throw new SessionException("Session property name/value cannot be null");
}
try {
if (isLocal()) {
} else {
if (sessionDebug.messageEnabled()) {
+ "added admSSOToken in sreq to set "
+ "externalProtectedProperty in remote server");
}
}
}
} catch (Exception e) {
throw new SessionException(e);
}
}
/**
* Used to find out if the maximum caching time has reached or not.
*/
protected boolean maxCachingTimeReached() {
return true;
else
return false;
}
/**
* Gets the Session Service URL for this session object.
*
* @return The Session Service URL for this session.
* @exception SessionException when cannot get Session URL.
*/
if (isServerMode()) {
return getSessionServiceURL(sessionID);
}
// we can cache the result because in client mode
// session service location does not change
// dynamically
if (sessionServiceURL == null) {
}
return sessionServiceURL;
}
/**
* Destroys a session.
*
* @param session The session to be destroyed.
* @exception SessionException if there was an error during
* communication with session service, or the corresponding
* session was destroyed.
*/
try {
} else {
false);
sreq);
}
} catch (Exception e) {
throw new SessionException(e);
}
finally {
}
}
/**
* Logs out a session.
*
* @throws SessionException if there was an error during communication
* with session service. If the session logged out already,
* no exception will be thrown.
*/
public void logout() throws SessionException {
try {
if (isLocal()) {
} else {
}
} catch (Exception e) {
throw new SessionException(e);
}
}
/**
* Removes the <code>SessionID</code> from session table.
*
* @param sid Session ID.
*/
}
}
/**
* Invokes the Session Listener.
* @param evt Session Event.
*/
// THIS SESSION FIRST ...
}
// ALL SESSIONS
}
}
/**
* Adds a session listener for session change events.
*
* @param listener Session Listener object.
* @exception SessionException if the session state is not valid.
*/
throws SessionException {
"invalidSessionState", null);
}
}
/**
* Returns a session based on a Session ID object.
*
* @param sid Session ID.
* @return A Session object.
* @throws SessionException if the Session ID object does not contain a
* valid session string, or the session string was valid before
* but has been destroyed, or there was an error during
* communication with session service.
*/
"invalidSessionID", null);
}
/*
* In cookie hijacking mode...
* After the server remove the agent token id from the
* user token id. server needs to create the agent token
* from this agent token id. Now, the restriction context
* required for session creation is null, so we added it
* to get the agent session created.*/
try {
if (isServerMode()) {
if ((restriction != null)
&& !restriction.isSatisfied(
"restrictionViolation", null);
}
}
} catch (SessionException se) {
throw se;
} catch (Exception e) {
throw new SessionException(e);
}
}
return session;
}
if (!isPollingEnabled()) {
}
return session;
}
private void scheduleToTimerPool() {
if (isPollingEnabled()) {
if (cacheBasedPolling) {
}
if (scheduledExecutionTime() > timeoutTime) {
cancel();
}
if (scheduledExecutionTime() == -1) {
}
} else {
60))) {
* 1000;
if (scheduledExecutionTime() > timeoutTime) {
cancel();
}
if (scheduledExecutionTime() == -1) {
}
}
}
}
/**
* Returns a Session Response object based on the XML document received from
* remote Session Server. This is in response to a request that we send to
* the session server.
*
* @param svcurl The URL of the Session Service.
* @param sreq The Session Request XML document.
* @return a Vector of responses from the remote server
* @exception SessionException if there was an error in sending the XML
* document or if the response has multiple components.
*/
try {
if (!isServerMode()) {
}
"unexpectedResponse", null);
}
} catch (Exception e) {
throw new SessionException(e);
}
}
/**
* Gets all valid sessions from the specified session server. This session
* is subject to access control in order to get all sessions.
*
* @param server
* The session server name. If the server name contains protocol
* and port, the protocol and port will be used. Otherwise, the
* server protocol and port is default to the same protocol and
* port of the calling session.
* @return A Vector of Session objects.
* @exception SessionException if there was an error during
* communication with session service.
*/
throws SessionException {
if (pos != -1) {
}
if (pos != -1) {
if (pos1 != -1 ) {
}
}
}
/**
* Get all the event listeners for this Session.
*
* @return SessionEventListener vector
*/
return sessionEventListeners;
}
/**
* Get all the event listeners for all the Sessions.
*
* @return SessionEventListener vector
*/
return allSessionEventListeners;
}
/**
* Returns Session Service URL for a Session ID.
*
* @param sid Session ID
* @return Session Service URL.
* @exception SessionException
*/
throws SessionException {
if (isServerMode()) {
if (ss.isSessionFailoverEnabled()) {
} else {
return getSessionServiceURL(primary_id);
}
}
} else {
if (primary_id != null) {
return getSessionServiceURL(serverID);
}
}
}
}
}
/**
* Returns Session Service URL.
*
* @param protocol Session Server protocol.
* @param server Session Server host name.
* @param port Session Server port.
* @param uri Session Server URI.
* @return URL Session Service URL.
* @exception SessionException
*/
static public URL getSessionServiceURL(
) throws SessionException {
try {
return url;
} catch (Exception e) {
throw new SessionException(e);
}
}
return url;
}
/**
* Returns Session Service URL for a given server ID.
*
* @param serverID server ID from the platform server list.
* @return Session Service URL.
* @exception SessionException
*/
throws SessionException {
try {
return getSessionServiceURL(
} catch (Exception e) {
throw new SessionException(e);
}
}
/**
* Returns all the valid sessions for a particular Session Service URL. If a
* user is not allowed to access the Sessions of the input Session Server,
* it will return null.
*
* @param svcurl Session Service URL.
* @exception SessionException
*/
throws SessionException {
try {
int status[] = { 0 };
} else {
}
}
}
}
}
/**
* Adds a session listener for all sessions residing on the same session
* server as this session object resides. This session is subject to access
* control in order to receive session events on all sessions.
*
* @param listener A reference to the Session Listener object.
* @exception SessionException if there was an error.
*/
throws SessionException {
if (!isPollingEnabled()) {
try {
if (sessionService != null) {
} else {
"unsupportedFunction", null);
}
} catch (Exception e) {
throw new SessionException(e);
}
}
}
/**
* Gets the latest session from session server and updates the local cache
* of this session.
*
* @param reset The flag to indicate whether to reset the latest session
* access time in the session server.
* @exception SessionException if the session reached its
* maximum session time, or the session was destroyed, or
* there was an error during communication with session
* service.
*/
// recalculate whether session is local or remote on every refresh
// this is just an optmization
// it is functionally safe to always use remote mode
// but it is not efficient
// this check takes care of migration "remote -> local"
// reverse migration "local - > remote" will be
// done by calling Session.markNonLocal() from
// SessionService.handleReleaseSession()
if (activeContext == null) {
activeContext = this.context;
}
try {
new RestrictedTokenAction() {
return null;
}
});
} catch (Exception e) {
if (sessionDebug.messageEnabled()) {
+ sessionID);
}
throw new SessionException(e);
}
}
/*
* Refreshes the Session Information
* @param <code>true</code> refreshes the Session Information
*/
needToReset = false;
if (isLocal()) {
} else {
sreq);
"invalidSessionState", null);
}
"unexpectedSession", null);
}
}
long oldMaxCachingTime = maxCachingTime;
long oldMaxIdleTime = maxIdleTime;
long oldMaxSessionTime = maxSessionTime;
(oldMaxSessionTime > maxSessionTime)) {
}
}
/**
* Updates the session from the session information server.
*
* @param info Session Information.
*/
if (timedOutAt <= 0) {
.get("SessionTimedOut");
if (sessionTimedOutProp != null) {
try {
} catch (NumberFormatException e) {
+ sessionTimedOutProp, e);
}
}
}
// note : do not use getProperty() call here to avoid unexpected
// recursion via
// refresh()
if (restrictionProp != null) {
try {
} catch (Exception e) {
throw new SessionException(e);
}
}
}
/**
* populate context object with admin token
* @exception SessionException
* @param appSSOToken application SSO Token to bet set
*/
{
if (appSSOToken == null) {
if (sessionDebug.warningEnabled()) {
+ "createContext():, "
+ "cannot obtain application SSO token, "
+ "defaulting to IP address");
}
} else {
+ "createContext():, "
+ "setting context to application SSO token");
}
}
/**
* Sends remote session request without retries.
*
* @param svcurl Session Service URL.
* @param sreq Session Request object.
* @exception SessionException
*/
}
try {
}
}
// send request again
}
} catch (Exception e) {
throw new SessionException(e);
}
return sres;
}
/**
* Handle exception coming back from server in the Sessionresponse
* @exception SessionException
* @param sres SessionResponse object holding the exception
*/
throws SessionException {
try {
if (sessionDebug.messageEnabled()) {
+ "processSessionResponseException: exception received"
}
// Check if this exception was thrown due to Session Time out or not
// If yes then set the private variable timedOutAt to the current
// time But before that check if this timedOutAt is already set
// or not. No need of setting it again
if(timedOutAt <= 0) {
}
}
"appTokenInvalid")) != -1) {
if (sessionDebug.messageEnabled()) {
+ "processSessionResponseException: AppTokenInvalid = TRUE");
}
if (!isServerMode()) {
if (sessionDebug.messageEnabled()) {
+ "processSessionResponseException: Destorying AppToken");
}
if (sessionDebug.warningEnabled()) {
+"processSessionResponseException"
+" processSessionResponseException"
+": server responded with app token invalid"
+" error,refetching the app sso token");
}
if (sessionDebug.messageEnabled()) {
+ "processSessionResponseException: creating New AppToken"
+ " TokenID = " + newAppSSOToken);
}
} else {
if (sessionDebug.messageEnabled()) {
+ "processSessionResponseException: AppToken invalid in" +
" server mode; throwing exception");
}
}
} else {
}
throw new SessionException(ex);
}
}
/**
* When used in internal request routing mode, it sends remote session
* request with retries. If not in internal request routing mode simply
* calls <code>getSessionResponseWithoutRetry</code>.
*
* @param svcurl Session Service URL.
* @param sreq Session Request object.
* @exception SessionException
*/
throws SessionException {
try {
} catch (SessionException e) {
// attempt retry if appropriate
// proceed with retry
// Note that there is a small risk of repeating request
// twice (e.g., normal exception followed by server failure)
// This danger is insignificant because most of our requests
// are idempotent. For those which are not (e.g.,
// it is not critical if we get an exception attempting to
// repeat this type of request again.
}
}
throw e;
}
} else {
}
}
/**
* Add listener to Internal Session.
*/
private void addInternalSessionListener() {
try {
}
if (isLocal()) {
} else {
}
} catch (Exception e) {
}
}
/**
* Returns the encoded URL , rewriten to include the session id. cookie will
* be rewritten in the URL as a query string with entity escaping of
* ampersand before appending session ID if other query parameters exists in
* the URL.
* <p>
*
* @param res HTTP Servlet Response.
* @param url the URL to be encoded.
* @return the encoded URL if cookies are not supported and URL if cookies
* are supported
*/
}
/**
* Returns the encoded URL , rewriten to include the session id. cookie will
* be rewritten in the URL as a query string with entity escaping of
* ampersand before appending session id if other query parameters exists in
* the URL.
* <p>
*
* @param res HTTP Servlet Response.
* @param url the URL to be encoded
* @param cookieName AM cookie name
* @return the encoded URL if cookies are not supported and URL if cookies
* are supported
*/
String cookieName) {
}
/**
* Returns the encoded URL , rewritten to include the session id. Cookie
* will be written to the URL in as a query string.
*
* @param url the URL to be encoded.
* @param escape true if ampersand entity escaping needs to done
* else false. This parameter is valid only when encoding scheme
* is <code>SessionUtils.QUERY</code>.
* @return the encoded URL if cookies are not supported or the URL if
* cookies are supported.
*/
}
/**
* Returns the encoded URL , rewritten to include the session id. Cookie
* will be written to the URL in as a query string.
*
* @param url the URL to be encoded
* @param escape true if ampersand entity escaping needs to
* done else false.This parameter is valid only when encoding
* scheme is <code>SessionUtils.QUERY</code>.
* @param cookieName cookie name.
* @return the encoded URL if cookies are not supported or the URL if
* cookies are supported.
*/
}
/**
* Returns the encoded URL , rewritten to include the session id in the
* query string with entity escaping
*
* @param url the URL to be encoded
* @return the encoded URL if cookies are not supported or the URL if
* cookies are supported.
*/
}
/**
* Returns the encoded URL , rewritten to include the session id in the
* query string with entity escaping
*
* @param url the URL to be encoded.
* @param cookieName the cookie name.
* @return the encoded URL if cookies are not supported or the URL if
* cookies are supported.
*/
}
/**
* Returns the encoded URL , rewritten to include the session id.
*
* @param url the URL to be encoded.
* @param encodingScheme the scheme to rewrite the cookie value in URL as
* a Query String or Path Info (Slash or Semicolon separated.
* Allowed values are <code>SessionUtils.QUERY</code>,
* <code>SessionUtils.SLASH</code> and
* <code>SessionUtils.SEMICOLON</code>
* @param escape true if ampersand entity escaping needs to done
* else false. This parameter is valid only when encoding scheme
* is <code>SessionUtils.QUERY</code>.
* @return the encoded URL if cookies are not supported or the URL if
* cookies are supported.
*/
}
/**
* Returns the encoded URL , rewritten to include the session id.
*
* @param url the URL to be encoded.
* @param encodingScheme the scheme to rewrite the cookie value in URL as
* a Query String or Path Info (Slash or Semicolon separated. Allowed
* values are <code>SessionUtils.QUERY</code>,
* <code>SessionUtils.SLASH</code> and
* <code>SessionUtils.SEMICOLON</code>.
* @param escape true if ampersand entity escaping needs to done
* else false. This parameter is valid only when encoding scheme
* is <code>SessionUtils.QUERY</code>.
* @param cookieName name of the cookie.
* @return the encoded URL if cookies are not supported or the URL if
* cookies are supported.
*/
String cookieName) {
} else { // cookie str not set so call encodeURL
}
}
}
return encodedURL;
}
/**
* Returns true if cookies are supported else false. The
* <code>cookieSupport</code> value is first determined from the Session ID
* object , if that is null then it is determined based on the cookie mode
* value set in the Session object else <code>cookieSupport</code> value is
* retrieved from the session property <code>cookieSupport</code>. If
* cookie Support value is not determined then the the default "false" is
* assumed.
*/
private boolean getCookieSupport() {
boolean cookieSupport = false;
try {
if (cookieMode != null) {
} else if (this.cookieMode != null) {
} else {
if (cookieSupportStr != null) {
}
}
cookieSupport = true;
}
if (sessionDebug.messageEnabled()) {
}
return cookieSupport;
}
/**
* Set the cookie Mode based on whether the request has cookies or not. This
* method is called from <code>createSSOToken(request)</code> method in
* <code>SSOTokenManager</code>.
*
* @param cookieMode whether request has cookies or not.
*/
if (sessionDebug.messageEnabled()) {
}
if (cookieMode != null) {
this.cookieMode = cookieMode;
}
}
/**
* Indicates whether local or remote invocation of Sesion Service should be
* used
*
* @return true if local invocation should be used, false otherwise
*/
boolean isLocal() {
return sessionIsLocal;
}
/**
* Marks session referenced by Session ID as non-local so that remote
* invocations of Session Service methods are to be used.
*
* @param sid session ID.
*/
sess.sessionIsLocal = false;
}
}
/**
* Actively checks whether current session should be considered local (so
* that local invocations of Session Service methods are to be used)
*
* @return true if the session local.
*/
private boolean checkSessionLocal() throws SessionException {
if (isServerMode()) {
} else {
return false;
}
}
return restriction;
}
Object getContext() {
return context;
}
/**
* Determines whether session code runs in core server or client SDK
* run-time mode
*
* @return true if running in core server mode, false otherwise
*/
static boolean isServerMode() {
return SystemProperties.isServerMode();
}
/**
* Checks if the cookie name is in the cookie string.
*
* @param cookieStr cookie string (<code>cookieName=cookieValue</code>).
* @param cookieName name of the cookie.
* @return true if <code>cookieName</code> is in the <code>cookieStr</code>.
*/
boolean foundCookieName = false;
if (sessionDebug.messageEnabled()) {
}
}
foundCookieName = true;
}
return foundCookieName;
}
class SessionPollerSender implements Runnable {
}
public void run() {
try {
.getSessionServiceURL(), sreq);
return;
}
}
if (debug.messageEnabled())
+ ex.getMessage());
}
if (debug.messageEnabled()) {
}
try {
} else {
if ((scheduledExecutionTime() == -1) ||
}
}
} catch (SessionException se) {
se);
}
} else {
}
session.setIsPolling(false);
}
}
}