HttpServletSession类

最新推荐文章于 2024-04-30 21:49:28 发布

iteye_10899

最新推荐文章于 2024-04-30 21:49:28 发布

阅读量1.6k

点赞数

CC 4.0 BY-SA版权

分类专栏： shiro源码解析--web环境文章标签： HttpServlet会话类

本文链接：https://blog.youkuaiyun.com/iteye_10899/article/details/82675544

shiro源码解析--web环境专栏收录该内容

7 篇文章

订阅专栏

本文详细解析了HttpServletSession类，包括其数据属性、构造方法、sessionId获取、创建及最后访问时间、超时时间设置、主机信息操作、session属性管理等功能。HttpServletSession实现了Session接口，提供了一套完整的会话管理机制。

摘要生成于 C知道，由 DeepSeek-R1 满血版支持，前往体验 >

HttpServletSession类主要定义了获取sessionId，获取最后一次访问时间，并将主机信息放置到session属性中，它实现了Session接口，现对其解析如下：

1.Session接口

可以参考Session接口源码解析，里面主要定义了对于sessionId，最后一次访问时间等的操作。

2.HttpServletSession类

2.1.数据属性

private static final String HOST_SESSION_KEY = HttpServletSession.class.getName() + ".HOST_SESSION_KEY";//主机session key
private static final String TOUCH_OBJECT_SESSION_KEY = HttpServletSession.class.getName() + ".TOUCH_OBJECT_SESSION_KEY";//

private HttpSession httpSession = null;//httpSession

2.2.构造方法

public HttpServletSession(HttpSession httpSession, String host) {
        if (httpSession == null) {
            String msg = "HttpSession constructor argument cannot be null.";
            throw new IllegalArgumentException(msg);
        }
        if (httpSession instanceof ShiroHttpSession) {
            String msg = "HttpSession constructor argument cannot be an instance of ShiroHttpSession. This " +
                    "is enforced to prevent circular dependencies and infinite loops.";
            throw new IllegalArgumentException(msg);
        }
        this.httpSession = httpSession;
        if (StringUtils.hasText(host)) {
            setHost(host);
        }
    }

2.3.获取sessionId(它实现了Session接口的方法)

public Serializable getId() {
return httpSession.getId();
}

2.4.获取创建时间(它实现了Session接口的方法)

public Date getStartTimestamp() {
return new Date(httpSession.getCreationTime());
}

2.5.获取最后一次访问时间(它实现了Session接口的方法)

public Date getLastAccessTime() {
return new Date(httpSession.getLastAccessedTime());
}

2.6.获取超时时间(它实现了Session接口的方法)

public long getTimeout() throws InvalidSessionException {
        try {
            return httpSession.getMaxInactiveInterval() * 1000;
        } catch (Exception e) {
            throw new InvalidSessionException(e);
        }
}

2.7.设置超时时间(它实现了Session接口的方法)

public void setTimeout(long maxIdleTimeInMillis) throws InvalidSessionException {
        try {
            int timeout = Long.valueOf(maxIdleTimeInMillis / 1000).intValue();
            httpSession.setMaxInactiveInterval(timeout);
        } catch (Exception e) {
            throw new InvalidSessionException(e);
        }
    }

2.8.在session中设置主机信息

protected void setHost(String host) {
setAttribute(HOST_SESSION_KEY, host);
}

2.9.获取主机地址(它实现了Session接口的方法)

public String getHost() {
return (String) getAttribute(HOST_SESSION_KEY);
}

2.10.访问session，更新最后一次访问时间(它实现了Session接口的方法)

public void touch() throws InvalidSessionException {
        //just manipulate the session to update the access time:
        try {
            httpSession.setAttribute(TOUCH_OBJECT_SESSION_KEY, TOUCH_OBJECT_SESSION_KEY);
            httpSession.removeAttribute(TOUCH_OBJECT_SESSION_KEY);
        } catch (Exception e) {
            throw new InvalidSessionException(e);
        }
    }

2.11.暂停session(它实现了Session接口的方法)

public void stop() throws InvalidSessionException {
        try {
            httpSession.invalidate();
        } catch (Exception e) {
            throw new InvalidSessionException(e);
        }
    }

2.12.返回session所有的属性key集合(它实现了Session接口的方法)

public Collection<Object> getAttributeKeys() throws InvalidSessionException {
        try {
            Enumeration namesEnum = httpSession.getAttributeNames();
            Collection<Object> keys = null;
            if (namesEnum != null) {
                keys = new ArrayList<Object>();
                while (namesEnum.hasMoreElements()) {
                    keys.add(namesEnum.nextElement());
                }
            }
            return keys;
        } catch (Exception e) {
            throw new InvalidSessionException(e);
        }
    }

2.13.判断key是否是字符串类型

private static String assertString(Object key) {
        if (!(key instanceof String)) {
            String msg = "HttpSession based implementations of the Shiro Session interface requires attribute keys " +
                    "to be String objects. The HttpSession class does not support anything other than String keys.";
            throw new IllegalArgumentException(msg);
        }
        return (String) key;
    }

2.14.根据属性key从session中获取属性值信息(它实现了Session接口的方法)

public Object getAttribute(Object key) throws InvalidSessionException {
        try {
            return httpSession.getAttribute(assertString(key));
        } catch (Exception e) {
            throw new InvalidSessionException(e);
        }
    }

2.15.将属性值设置到session中(它实现了Session接口中的方法)

public void setAttribute(Object key, Object value) throws InvalidSessionException {
        try {
            httpSession.setAttribute(assertString(key), value);
        } catch (Exception e) {
            throw new InvalidSessionException(e);
        }
    }

2.16.从session中移除键为key的属性信息(它实现了Session接口中的方法)

public Object removeAttribute(Object key) throws InvalidSessionException {
        try {
            String sKey = assertString(key);
            Object removed = httpSession.getAttribute(sKey);
            httpSession.removeAttribute(sKey);
            return removed;
        } catch (Exception e) {
            throw new InvalidSessionException(e);
        }
    }