HttpServletSession类主要定义了获取sessionId,获取最后一次访问时间,并将主机信息放置到session属性中,它实现了Session接口,现对其解析如下:
1.Session接口
可以参考Session接口源码解析,里面主要定义了对于sessionId,最后一次访问时间等的操作。
2.HttpServletSession类
2.1.数据属性
private static final String HOST_SESSION_KEY = HttpServletSession.class.getName() + ".HOST_SESSION_KEY";//主机session key
private static final String TOUCH_OBJECT_SESSION_KEY = HttpServletSession.class.getName() + ".TOUCH_OBJECT_SESSION_KEY";//
private HttpSession httpSession = null;//httpSession
2.2.构造方法
public HttpServletSession(HttpSession httpSession, String host) {
if (httpSession == null) {
String msg = "HttpSession constructor argument cannot be null.";
throw new IllegalArgumentException(msg);
}
if (httpSession instanceof ShiroHttpSession) {
String msg = "HttpSession constructor argument cannot be an instance of ShiroHttpSession. This " +
"is enforced to prevent circular dependencies and infinite loops.";
throw new IllegalArgumentException(msg);
}
this.httpSession = httpSession;
if (StringUtils.hasText(host)) {
setHost(host);
}
}
2.3.获取sessionId(它实现了Session接口的方法)
public Serializable getId() {
return httpSession.getId();
}
2.4.获取创建时间(它实现了Session接口的方法)
public Date getStartTimestamp() {
return new Date(httpSession.getCreationTime());
}
2.5.获取最后一次访问时间(它实现了Session接口的方法)
public Date getLastAccessTime() {
return new Date(httpSession.getLastAccessedTime());
}
2.6.获取超时时间(它实现了Session接口的方法)
public long getTimeout() throws InvalidSessionException {
try {
return httpSession.getMaxInactiveInterval() * 1000;
} catch (Exception e) {
throw new InvalidSessionException(e);
}
}
2.7.设置超时时间(它实现了Session接口的方法)
public void setTimeout(long maxIdleTimeInMillis) throws InvalidSessionException {
try {
int timeout = Long.valueOf(maxIdleTimeInMillis / 1000).intValue();
httpSession.setMaxInactiveInterval(timeout);
} catch (Exception e) {
throw new InvalidSessionException(e);
}
}
2.8.在session中设置主机信息
protected void setHost(String host) {
setAttribute(HOST_SESSION_KEY, host);
}
2.9.获取主机地址(它实现了Session接口的方法)
public String getHost() {
return (String) getAttribute(HOST_SESSION_KEY);
}
2.10.访问session,更新最后一次访问时间(它实现了Session接口的方法)
public void touch() throws InvalidSessionException {
//just manipulate the session to update the access time:
try {
httpSession.setAttribute(TOUCH_OBJECT_SESSION_KEY, TOUCH_OBJECT_SESSION_KEY);
httpSession.removeAttribute(TOUCH_OBJECT_SESSION_KEY);
} catch (Exception e) {
throw new InvalidSessionException(e);
}
}
2.11.暂停session(它实现了Session接口的方法)
public void stop() throws InvalidSessionException {
try {
httpSession.invalidate();
} catch (Exception e) {
throw new InvalidSessionException(e);
}
}
2.12.返回session所有的属性key集合(它实现了Session接口的方法)
public Collection<Object> getAttributeKeys() throws InvalidSessionException {
try {
Enumeration namesEnum = httpSession.getAttributeNames();
Collection<Object> keys = null;
if (namesEnum != null) {
keys = new ArrayList<Object>();
while (namesEnum.hasMoreElements()) {
keys.add(namesEnum.nextElement());
}
}
return keys;
} catch (Exception e) {
throw new InvalidSessionException(e);
}
}
2.13.判断key是否是字符串类型
private static String assertString(Object key) {
if (!(key instanceof String)) {
String msg = "HttpSession based implementations of the Shiro Session interface requires attribute keys " +
"to be String objects. The HttpSession class does not support anything other than String keys.";
throw new IllegalArgumentException(msg);
}
return (String) key;
}
2.14.根据属性key从session中获取属性值信息(它实现了Session接口的方法)
public Object getAttribute(Object key) throws InvalidSessionException {
try {
return httpSession.getAttribute(assertString(key));
} catch (Exception e) {
throw new InvalidSessionException(e);
}
}
2.15.将属性值设置到session中(它实现了Session接口中的方法)
public void setAttribute(Object key, Object value) throws InvalidSessionException {
try {
httpSession.setAttribute(assertString(key), value);
} catch (Exception e) {
throw new InvalidSessionException(e);
}
}
2.16.从session中移除键为key的属性信息(它实现了Session接口中的方法)
public Object removeAttribute(Object key) throws InvalidSessionException {
try {
String sKey = assertString(key);
Object removed = httpSession.getAttribute(sKey);
httpSession.removeAttribute(sKey);
return removed;
} catch (Exception e) {
throw new InvalidSessionException(e);
}
}