public interface HttpSession
The servlet container uses this interface to create a session between an HTTP client and an HTTP server. The session persists for a specified time period, across more than one connection or page request from the user. A session usually corresponds to one user, who may visit a site many times. The server can maintain a session in many ways such as using cookies or rewriting URLs.
This interface allows servlets to
When an application stores an object in or removes an object from a session,
the session checks whether the object implements
HttpSessionBindingListener
. If it does, the servlet notifies the
object that it has been bound to or unbound from the session. Notifications
are sent after the binding methods complete. For session that are invalidated
or expire, notifications are sent after the session has been invalidated or
expired.
When container migrates a session between VMs in a distributed container
setting, all session attributes implementing the
HttpSessionActivationListener
interface are notified.
A servlet should be able to handle cases in which the client does not choose
to join a session, such as when cookies are intentionally turned off. Until
the client joins the session, isNew
returns true
.
If the client chooses not to join the session, getSession
will
return a different session on each request, and isNew
will
always return true
.
Session information is scoped only to the current web application (
ServletContext
), so information stored in one context will not
be directly visible in another.
HttpSessionBindingListener
Modifier and Type | Method and Description |
---|---|
Object |
getAttribute(String name)
Returns the object bound with the specified name in this session, or
null if no object is bound under the name. |
Enumeration<String> |
getAttributeNames()
Returns an
Enumeration of String objects
containing the names of all the objects bound to this session. |
long |
getCreationTime()
Returns the time when this session was created, measured in milliseconds
since midnight January 1, 1970 GMT.
|
String |
getId()
Returns a string containing the unique identifier assigned to this
session.
|
long |
getLastAccessedTime()
Returns the last time the client sent a request associated with this
session, as the number of milliseconds since midnight January 1, 1970
GMT, and marked by the time the container received the request.
|
int |
getMaxInactiveInterval()
Returns the maximum time interval, in seconds, that the servlet container
will keep this session open between client accesses.
|
ServletContext |
getServletContext()
Returns the ServletContext to which this session belongs.
|
HttpSessionContext |
getSessionContext()
Deprecated.
As of Version 2.1, this method is deprecated and has no
replacement. It will be removed in a future version of the
Java Servlet API.
|
Object |
getValue(String name)
Deprecated.
As of Version 2.2, this method is replaced by
getAttribute(java.lang.String) . |
String[] |
getValueNames()
Deprecated.
As of Version 2.2, this method is replaced by
getAttributeNames() |
void |
invalidate()
Invalidates this session then unbinds any objects bound to it.
|
boolean |
isNew()
Returns
true if the client does not yet know about the
session or if the client chooses not to join the session. |
void |
putValue(String name,
Object value)
Deprecated.
As of Version 2.2, this method is replaced by
setAttribute(java.lang.String, java.lang.Object) |
void |
removeAttribute(String name)
Removes the object bound with the specified name from this session.
|
void |
removeValue(String name)
Deprecated.
As of Version 2.2, this method is replaced by
removeAttribute(java.lang.String) |
void |
setAttribute(String name,
Object value)
Binds an object to this session, using the name specified.
|
void |
setMaxInactiveInterval(int interval)
Specifies the time, in seconds, between client requests before the
servlet container will invalidate this session.
|
long getCreationTime()
long
specifying when this session was created,
expressed in milliseconds since 1/1/1970 GMTIllegalStateException
- if this method is called on an invalidated sessionString getId()
IllegalStateException
- if this method is called on an invalidated sessionlong getLastAccessedTime()
Actions that your application takes, such as getting or setting a value associated with the session, do not affect the access time.
long
representing the last time the client sent a
request associated with this session, expressed in milliseconds
since 1/1/1970 GMTIllegalStateException
- if this method is called on an invalidated sessionServletContext getServletContext()
void setMaxInactiveInterval(int interval)
interval
- An integer specifying the number of secondsint getMaxInactiveInterval()
setMaxInactiveInterval
method.
A zero or negative time indicates that the session should never timeout.setMaxInactiveInterval(int)
HttpSessionContext getSessionContext()
Object getAttribute(String name)
null
if no object is bound under the name.name
- a string specifying the name of the objectIllegalStateException
- if this method is called on an invalidated sessionObject getValue(String name)
getAttribute(java.lang.String)
.name
- a string specifying the name of the objectIllegalStateException
- if this method is called on an invalidated sessionEnumeration<String> getAttributeNames()
Enumeration
of String
objects
containing the names of all the objects bound to this session.Enumeration
of String
objects
specifying the names of all the objects bound to this sessionIllegalStateException
- if this method is called on an invalidated sessionString[] getValueNames()
getAttributeNames()
String
objects specifying the names of
all the objects bound to this sessionIllegalStateException
- if this method is called on an invalidated sessionvoid setAttribute(String name, Object value)
After this method executes, and if the new object implements
HttpSessionBindingListener
, the container calls
HttpSessionBindingListener.valueBound
. The container then
notifies any HttpSessionAttributeListener
s in the web
application.
If an object was already bound to this session of this name that
implements HttpSessionBindingListener
, its
HttpSessionBindingListener.valueUnbound
method is called.
If the value passed in is null, this has the same effect as calling
removeAttribute()
.
name
- the name to which the object is bound; cannot be nullvalue
- the object to be boundIllegalStateException
- if this method is called on an invalidated sessionvoid putValue(String name, Object value)
setAttribute(java.lang.String, java.lang.Object)
name
- the name to which the object is bound; cannot be nullvalue
- the object to be bound; cannot be nullIllegalStateException
- if this method is called on an invalidated sessionvoid removeAttribute(String name)
After this method executes, and if the object implements
HttpSessionBindingListener
, the container calls
HttpSessionBindingListener.valueUnbound
. The container then
notifies any HttpSessionAttributeListener
s in the web
application.
name
- the name of the object to remove from this sessionIllegalStateException
- if this method is called on an invalidated sessionvoid removeValue(String name)
removeAttribute(java.lang.String)
name
- the name of the object to remove from this sessionIllegalStateException
- if this method is called on an invalidated sessionvoid invalidate()
IllegalStateException
- if this method is called on an already invalidated sessionboolean isNew()
true
if the client does not yet know about the
session or if the client chooses not to join the session. For example, if
the server used only cookie-based sessions, and the client had disabled
the use of cookies, then a session would be new on each request.true
if the server has created a session, but the
client has not yet joinedIllegalStateException
- if this method is called on an already invalidated sessionCopyright © 2000-2021 Apache Software Foundation. All Rights Reserved.