Coverage Report

Coverage Report - org.apache.commons.messagelet.impl.HttpSessionImpl

Classes in this File
Line Coverage
Branch Coverage
Complexity
HttpSessionImpl
0/256
0/82
2.133
 /*
  * Copyright 1999,2004 The Apache Software Foundation.
  * 
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  * 
  *      http://www.apache.org/licenses/LICENSE-2.0
  * 
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 
 
 package org.apache.commons.messagelet.impl;
 
 
 import java.beans.PropertyChangeSupport;
 import java.io.IOException;
 import java.io.NotSerializableException;
 import java.io.ObjectInputStream;
 import java.io.ObjectOutputStream;
 import java.io.Serializable;
 import java.security.Principal;
 import java.util.ArrayList;
 import java.util.Enumeration;
 import java.util.HashMap;
 import java.util.Iterator;
 
 import javax.servlet.ServletContext;
 import javax.servlet.http.HttpSession;
 import javax.servlet.http.HttpSessionActivationListener;
 import javax.servlet.http.HttpSessionBindingEvent;
 import javax.servlet.http.HttpSessionBindingListener;
 import javax.servlet.http.HttpSessionContext;
 import javax.servlet.http.HttpSessionEvent;
 
 import org.apache.commons.collections.iterators.IteratorEnumeration;
 
 /**
  * Based on the Catalina StandardSession class.
  * Standard implementation of the <b>HttpSession</b> interface.  This object is
  * serializable, so that it can be stored in persistent storage or transferred
  * to a different JVM for distributable session support.
  * <p>
  *
  * @author Craig R. McClanahan
  * @author Sean Legassick
  * @author <a href="mailto:jon@latchkey.com">Jon S. Stevens</a>
  * @author <a href="mailto:jstrachan@apache.org">James Strachan</a>
  * @version $Revision: 155459 $ $Date: 2005-02-26 13:24:44 +0000 (Sat, 26 Feb 2005) $
  */
 
 public class HttpSessionImpl implements HttpSession, Serializable {
 
 
 
     // ----------------------------------------------------- Instance Variables
 
 
     /**
      * The dummy attribute value serialized when a NotSerializableException is
      * encountered in <code>writeObject()</code>.
      */
     private static final String NOT_SERIALIZED =
         "___NOT_SERIALIZABLE_EXCEPTION___";
 
 
     /**
      * The collection of user data attributes associated with this Session.
      */
     private HashMap attributes = new HashMap();
 
 
     /**
      * The authentication type used to authenticate our cached Principal,
      * if any.  NOTE:  This value is not included in the serialized
      * version of this object.
      */
     private transient String authType = null;
 
 
     /**
      * The time this session was created, in milliseconds since midnight,
      * January 1, 1970 GMT.
      */
     private long creationTime = 0L;
 
 
     /**
      * The debugging detail level for this component.  NOTE:  This value
      * is not included in the serialized version of this object.
      */
     private transient int debug = 0;
 
 
     /**
      * We are currently processing a session expiration, so bypass
      * certain IllegalStateException tests.  NOTE:  This value is not
      * included in the serialized version of this object.
      */
     private transient boolean expiring = false;
 
 
     /**
      * The session identifier of this Session.
      */
     private String id = null;
 
 
 
     /**
      * The last accessed time for this Session.
      */
     private long lastAccessedTime = creationTime;
 
 
     /**
      * The session event listeners for this Session.
      */
     private transient ArrayList listeners = new ArrayList();
 
 
 
     /**
      * The maximum time interval, in seconds, between client requests before
      * the servlet container may invalidate this session.  A negative time
      * indicates that the session should never time out.
      */
     private int maxInactiveInterval = -1;
 
 
     /**
      * Flag indicating whether this session is new or not.
      */
     private boolean isNew = false;
 
 
     /**
      * Flag indicating whether this session is valid or not.
      */
     private boolean isValid = false;
 
 
     /**
      * Internal notes associated with this session by Catalina components
      * and event listeners.  <b>IMPLEMENTATION NOTE:</b> This object is
      * <em>not</em> saved and restored across session serializations!
      */
     private transient HashMap notes = new HashMap();
 
 
     /**
      * The authenticated Principal associated with this session, if any.
      * <b>IMPLEMENTATION NOTE:</b>  This object is <i>not</i> saved and
      * restored across session serializations!
      */
     private transient Principal principal = null;
 
 
     /**
      * The property change support for this component.  NOTE:  This value
      * is not included in the serialized version of this object.
      */
     private transient PropertyChangeSupport support =
         new PropertyChangeSupport(this);
 
 
     /**
      * The current accessed time for this session.
      */
     private long thisAccessedTime = creationTime;
 
     /**
      * The ServletContext 
      */
     protected ServletContext servletContext;
 
     /**
      * Is this session distributable. If so then 
      * its values must be Serializable.
      */
     private boolean distributable = false;
     
     
     public HttpSessionImpl(ServletContext servletContext) {
         this.servletContext = servletContext;
     }
 
     // ----------------------------------------------------- Session Properties
 
 
     /**
      * Return the authentication type used to authenticate our cached
      * Principal, if any.
      */
     public String getAuthType() {
 
         return (this.authType);
 
     }
 
 
     /**
      * Set the authentication type used to authenticate our cached
      * Principal, if any.
      *
      * @param authType The new cached authentication type
      */
     public void setAuthType(String authType) {
 
         String oldAuthType = this.authType;
         this.authType = authType;
         support.firePropertyChange("authType", oldAuthType, this.authType);
 
     }
 
 
     /**
      * Set the creation time for this session.  This method is called by the
      * Manager when an existing Session instance is reused.
      *
      * @param time The new creation time
      */
     public void setCreationTime(long time) {
 
         this.creationTime = time;
         this.lastAccessedTime = time;
         this.thisAccessedTime = time;
 
     }
 
 
     /**
      * Return the session identifier for this session.
      */
     public String getId() {
 
         return (this.id);
 
     }
 
 
     /**
      * Set the session identifier for this session.
      *
      * @param id The new session identifier
      */
     public void setId(String id) {
 
         this.id = id;
 
         // Notify interested session event listeners
         ///fireSessionEvent(Session.SESSION_CREATED_EVENT, null);
 
     }
 
 
     /**
      * Return the last time the client sent a request associated with this
      * session, as the number of milliseconds since midnight, January 1, 1970
      * GMT.  Actions that your application takes, such as getting or setting
      * a value associated with the session, do not affect the access time.
      */
     public long getLastAccessedTime() {
 
         return (this.lastAccessedTime);
 
     }
 
 
     /**
      * Return the maximum time interval, in seconds, between client requests
      * before the servlet container will invalidate the session.  A negative
      * time indicates that the session should never time out.
      *
      * @exception IllegalStateException if this method is called on
      *  an invalidated session
      */
     public int getMaxInactiveInterval() {
 
         if (!isValid) {
             throw new IllegalStateException( "Cannot call getMaxInactiveInterval on an invalidated session" );
         }
 
         return (this.maxInactiveInterval);
 
     }
 
 
     /**
      * Set the maximum time interval, in seconds, between client requests
      * before the servlet container will invalidate the session.  A negative
      * time indicates that the session should never time out.
      *
      * @param interval The new maximum interval
      */
     public void setMaxInactiveInterval(int interval) {
 
         this.maxInactiveInterval = interval;
 
     }
 
 
     /**
      * Set the <code>isNew</code> flag for this session.
      *
      * @param isNew The new value for the <code>isNew</code> flag
      */
     public void setNew(boolean isNew) {
 
         this.isNew = isNew;
 
     }
 
 
     /**
      * Return the authenticated Principal that is associated with this Session.
      * This provides an <code>Authenticator</code> with a means to cache a
      * previously authenticated Principal, and avoid potentially expensive
      * <code>Realm.authenticate()</code> calls on every request.  If there
      * is no current associated Principal, return <code>null</code>.
      */
     public Principal getPrincipal() {
 
         return (this.principal);
 
     }
 
 
     /**
      * Set the authenticated Principal that is associated with this Session.
      * This provides an <code>Authenticator</code> with a means to cache a
      * previously authenticated Principal, and avoid potentially expensive
      * <code>Realm.authenticate()</code> calls on every request.
      *
      * @param principal The new Principal, or <code>null</code> if none
      */
     public void setPrincipal(Principal principal) {
 
         Principal oldPrincipal = this.principal;
         this.principal = principal;
         support.firePropertyChange("principal", oldPrincipal, this.principal);
 
     }
 
 
 
     /**
      * Return the <code>isValid</code> flag for this session.
      */
     public boolean isValid() {
 
         return (this.isValid);
 
     }
 
 
     /**
      * Set the <code>isValid</code> flag for this session.
      *
      * @param isValid The new value for the <code>isValid</code> flag
      */
     public void setValid(boolean isValid) {
 
         this.isValid = isValid;
     }
 
 
     // ------------------------------------------------- Session Public Methods
 
 
     /**
      * Update the accessed time information for this session.  This method
      * should be called by the context when a request comes in for a particular
      * session, even if the application does not reference it.
      */
     public void access() {
 
         this.isNew = false;
         this.lastAccessedTime = this.thisAccessedTime;
         this.thisAccessedTime = System.currentTimeMillis();
 
     }
 
 
 
     /**
      * Perform the internal processing required to invalidate this session,
      * without triggering an exception if the session has already expired.
      */
     public void expire() {
 
         // Mark this session as "being expired" if needed
         if (expiring)
             return;
         expiring = true;
         setValid(false);
 
         // Unbind any objects associated with this session
         String keys[] = keys();
         for (int i = 0; i < keys.length; i++)
             removeAttribute(keys[i]);
 
         // Notify interested session event listeners
         //fireSessionEvent(Session.SESSION_DESTROYED_EVENT, null);
 
         // We have completed expire of this session
         expiring = false;
     }
 
 
     /**
      * Perform the internal processing required to passivate
      * this session.
      */
     public void passivate() {
 
         // Notify ActivationListeners
         HttpSessionEvent event = null;
         String keys[] = keys();
         for (int i = 0; i < keys.length; i++) {
             Object attribute = getAttribute(keys[i]);
             if (attribute instanceof HttpSessionActivationListener) {
                 if (event == null)
                     event = new HttpSessionEvent(this);
                 // FIXME: Should we catch throwables?
                 ((HttpSessionActivationListener)attribute).sessionWillPassivate(event);
             }
         }
 
     }
 
 
     /**
      * Perform internal processing required to activate this
      * session.
      */
     public void activate() {
 
         // Notify ActivationListeners
         HttpSessionEvent event = null;
         String keys[] = keys();
         for (int i = 0; i < keys.length; i++) {
             Object attribute = getAttribute(keys[i]);
             if (attribute instanceof HttpSessionActivationListener) {
                 if (event == null)
                     event = new HttpSessionEvent(this);
                 // FIXME: Should we catch throwables?
                 ((HttpSessionActivationListener)attribute).sessionDidActivate(event);
             }
         }
 
     }
 
 
     /**
      * Return the object bound with the specified name to the internal notes
      * for this session, or <code>null</code> if no such binding exists.
      *
      * @param name Name of the note to be returned
      */
     public Object getNote(String name) {
 
         synchronized (notes) {
             return (notes.get(name));
         }
 
     }
 
 
     /**
      * Return an Iterator containing the String names of all notes bindings
      * that exist for this session.
      */
     public Iterator getNoteNames() {
 
         synchronized (notes) {
             return (notes.keySet().iterator());
         }
 
     }
 
 
     /**
      * Release all object references, and initialize instance variables, in
      * preparation for reuse of this object.
      */
     public void recycle() {
 
         // Reset the instance variables associated with this Session
         attributes.clear();
         setAuthType(null);
         creationTime = 0L;
         expiring = false;
         id = null;
         lastAccessedTime = 0L;
         maxInactiveInterval = -1;
         setPrincipal(null);
         isNew = false;
         isValid = false;
     }
 
 
     /**
      * Remove any object bound to the specified name in the internal notes
      * for this session.
      *
      * @param name Name of the note to be removed
      */
     public void removeNote(String name) {
 
         synchronized (notes) {
             notes.remove(name);
         }
 
     }
 
 
 
     /**
      * Bind an object to a specified name in the internal notes associated
      * with this session, replacing any existing binding for this name.
      *
      * @param name Name to which the object should be bound
      * @param value Object to be bound to the specified name
      */
     public void setNote(String name, Object value) {
 
         synchronized (notes) {
             notes.put(name, value);
         }
 
     }
 
 
     /**
      * Return a string representation of this object.
      */
     public String toString() {
 
         StringBuffer sb = new StringBuffer();
         sb.append("StandardSession[");
         sb.append(id);
         sb.append("]");
         return (sb.toString());
 
     }
 
 
     // ------------------------------------------------ Session Package Methods
 
 
     /**
      * Read a serialized version of the contents of this session object from
      * the specified object input stream, without requiring that the
      * StandardSession itself have been serialized.
      *
      * @param stream The object input stream to read from
      *
      * @exception ClassNotFoundException if an unknown class is specified
      * @exception IOException if an input/output error occurs
      */
     void readObjectData(ObjectInputStream stream)
         throws ClassNotFoundException, IOException {
 
         readObject(stream);
 
     }
 
 
     /**
      * Write a serialized version of the contents of this session object to
      * the specified object output stream, without requiring that the
      * StandardSession itself have been serialized.
      *
      * @param stream The object output stream to write to
      *
      * @exception IOException if an input/output error occurs
      */
     void writeObjectData(ObjectOutputStream stream)
         throws IOException {
 
         writeObject(stream);
 
     }
 
 
     // ------------------------------------------------- HttpSession Properties
 
 
     /**
      * Return the time when this session was created, in milliseconds since
      * midnight, January 1, 1970 GMT.
      *
      * @exception IllegalStateException if this method is called on an
      *  invalidated session
      */
     public long getCreationTime() {
 
         if (!isValid) {
             throw new IllegalStateException( "Cannot call getCreationTime() on invalidated session" );
         }
 
         return (this.creationTime);
 
     }
 
 
     /**
      * Return the ServletContext to which this session belongs.
      */
     public ServletContext getServletContext() {
         return servletContext;
 
     }
 
 
     /**
      * Return the session context with which this session is associated.
      *
      * @deprecated As of Version 2.1, this method is deprecated and has no
      *  replacement.  It will be removed in a future version of the
      *  Java Servlet API.
      */
     public HttpSessionContext getSessionContext() {
 
         return null;
 
     }
 
 
     // ----------------------------------------------HttpSession Public Methods
 
 
     /**
      * Return the object bound with the specified name in this session, or
      * <code>null</code> if no object is bound with that name.
      *
      * @param name Name of the attribute to be returned
      *
      * @exception IllegalStateException if this method is called on an
      *  invalidated session
      */
     public Object getAttribute(String name) {
 
         if (!isValid) {
             throw new IllegalStateException( "Cannot call getAttribute() on invalidated session" );
         }
 
         synchronized (attributes) {
             return (attributes.get(name));
         }
 
     }
 
 
     /**
      * Return an <code>Enumeration</code> of <code>String</code> objects
      * containing the names of the objects bound to this session.
      *
      * @exception IllegalStateException if this method is called on an
      *  invalidated session
      */
     public Enumeration getAttributeNames() {
 
         if (!isValid) {
             throw new IllegalStateException( "Cannot call getAttributeNames() on invalidated session" );
         }
 
         synchronized (attributes) {
             return (new IteratorEnumeration(attributes.keySet().iterator()));
         }
 
     }
 
 
     /**
      * Return the object bound with the specified name in this session, or
      * <code>null</code> if no object is bound with that name.
      *
      * @param name Name of the value to be returned
      *
      * @exception IllegalStateException if this method is called on an
      *  invalidated session
      *
      * @deprecated As of Version 2.2, this method is replaced by
      *  <code>getAttribute()</code>
      */
     public Object getValue(String name) {
 
         return (getAttribute(name));
 
     }
 
 
     /**
      * Return the set of names of objects bound to this session.  If there
      * are no such objects, a zero-length array is returned.
      *
      * @exception IllegalStateException if this method is called on an
      *  invalidated session
      *
      * @deprecated As of Version 2.2, this method is replaced by
      *  <code>getAttributeNames()</code>
      */
     public String[] getValueNames() {
 
         if (!isValid) {
             throw new IllegalStateException( "Cannot call getValueNames() on invalidated session" );
         }
 
         return (keys());
 
     }
 
 
     /**
      * Invalidates this session and unbinds any objects bound to it.
      *
      * @exception IllegalStateException if this method is called on
      *  an invalidated session
      */
     public void invalidate() {
 
         if (!isValid) {
             throw new IllegalStateException( "Cannot call invalidate() on invalidated session" );
         }
 
         // Cause this session to expire
         expire();
 
     }
 
 
     /**
      * Return <code>true</code> if the client does not yet know about the
      * session, or if the client chooses not to join the session.  For
      * example, if the server used only cookie-based sessions, and the client
      * has disabled the use of cookies, then a session would be new on each
      * request.
      *
      * @exception IllegalStateException if this method is called on an
      *  invalidated session
      */
     public boolean isNew() {
 
         if (!isValid) {
             throw new IllegalStateException( "Cannot call isNew() on invalidated session" );
         }
 
         return (this.isNew);
 
     }
 
 
     /**
      * Bind an object to this session, using the specified name.  If an object
      * of the same name is already bound to this session, the object is
      * replaced.
      * <p>
      * After this method executes, and if the object implements
      * <code>HttpSessionBindingListener</code>, the container calls
      * <code>valueBound()</code> on the object.
      *
      * @param name Name to which the object is bound, cannot be null
      * @param value Object to be bound, cannot be null
      *
      * @exception IllegalStateException if this method is called on an
      *  invalidated session
      *
      * @deprecated As of Version 2.2, this method is replaced by
      *  <code>setAttribute()</code>
      */
     public void putValue(String name, Object value) {
 
         setAttribute(name, value);
 
     }
 
 
     /**
      * Remove the object bound with the specified name from this session.  If
      * the session does not have an object bound with this name, this method
      * does nothing.
      * <p>
      * After this method executes, and if the object implements
      * <code>HttpSessionBindingListener</code>, the container calls
      * <code>valueUnbound()</code> on the object.
      *
      * @param name Name of the object to remove from this session.
      *
      * @exception IllegalStateException if this method is called on an
      *  invalidated session
      */
     public void removeAttribute(String name) {
 
         // Validate our current state
         if (!expiring && !isValid) { 
             throw new IllegalStateException( "Cannot call removeAttribute() on an invalidated session" );
         }
 
         // Remove this attribute from our collection
         Object value = null;
         boolean found = false;
         synchronized (attributes) {
             found = attributes.containsKey(name);
             if (found) {
                 value = attributes.get(name);
                 attributes.remove(name);
             } else {
                 return;
             }
         }
 /*
         // Call the valueUnbound() method if necessary
         HttpSessionBindingEvent event =
           new HttpSessionBindingEvent((HttpSession) this, name, value);
         if ((value != null) &&
             (value instanceof HttpSessionBindingListener))
             ((HttpSessionBindingListener) value).valueUnbound(event);
 
         // Notify interested application event listeners
         StandardContext context = (StandardContext) manager.getContainer();
         Object listeners[] = context.getApplicationListeners();
         if (listeners == null)
             return;
         for (int i = 0; i < listeners.length; i++) {
             if (!(listeners[i] instanceof HttpSessionAttributeListener))
                 continue;
             HttpSessionAttributeListener listener =
                 (HttpSessionAttributeListener) listeners[i];
             try {
                 context.fireContainerEvent("beforeSessionAttributeRemoved",
                                            listener);
                 listener.attributeRemoved(event);
                 context.fireContainerEvent("afterSessionAttributeRemoved",
                                            listener);
             } catch (Throwable t) {
                 context.fireContainerEvent("afterSessionAttributeRemoved",
                                            listener);
                 // FIXME - should we do anything besides log these?
                 log( "Exception firing attribute event", t);
             }
         }
 */
     }
 
 
     /**
      * Remove the object bound with the specified name from this session.  If
      * the session does not have an object bound with this name, this method
      * does nothing.
      * <p>
      * After this method executes, and if the object implements
      * <code>HttpSessionBindingListener</code>, the container calls
      * <code>valueUnbound()</code> on the object.
      *
      * @param name Name of the object to remove from this session.
      *
      * @exception IllegalStateException if this method is called on an
      *  invalidated session
      *
      * @deprecated As of Version 2.2, this method is replaced by
      *  <code>removeAttribute()</code>
      */
     public void removeValue(String name) {
 
         removeAttribute(name);
 
     }
 
 
     /**
      * Bind an object to this session, using the specified name.  If an object
      * of the same name is already bound to this session, the object is
      * replaced.
      * <p>
      * After this method executes, and if the object implements
      * <code>HttpSessionBindingListener</code>, the container calls
      * <code>valueBound()</code> on the object.
      *
      * @param name Name to which the object is bound, cannot be null
      * @param value Object to be bound, cannot be null
      *
      * @exception IllegalArgumentException if an attempt is made to add a
      *  non-serializable object in an environment marked distributable.
      * @exception IllegalStateException if this method is called on an
      *  invalidated session
      */
     public void setAttribute(String name, Object value) {
 
         // Name cannot be null
         if (name == null) {
             throw new IllegalArgumentException( "Attribute name cannot be null" );
         }
 
         // Null value is the same as removeAttribute()
         if (value == null) {
             removeAttribute(name);
             return;
         }
 
         // Validate our current state
         if (!isValid) {
             throw new IllegalStateException( "You cannot call this method on an invalidated session" );
         }
         if (distributable &&
             !(value instanceof Serializable)) {
             throw new IllegalArgumentException( "Attribute value must be Serializable" );
         }
 
         // Replace or add this attribute
         Object unbound = null;
         synchronized (attributes) {
             unbound = attributes.get(name);
             attributes.put(name, value);
         }
 
         // Call the valueUnbound() method if necessary
         if ((unbound != null) &&
             (unbound instanceof HttpSessionBindingListener)) {
             ((HttpSessionBindingListener) unbound).valueUnbound
               (new HttpSessionBindingEvent((HttpSession) this, name));
         }
 
         // Call the valueBound() method if necessary
         HttpSessionBindingEvent event = null;
         if (unbound != null)
             event = new HttpSessionBindingEvent
                 ((HttpSession) this, name, unbound);
         else
             event = new HttpSessionBindingEvent
                 ((HttpSession) this, name, value);
         if (value instanceof HttpSessionBindingListener)
             ((HttpSessionBindingListener) value).valueBound(event);
 
         // Notify interested application event listeners
 /*        
         StandardContext context = (StandardContext) manager.getContainer();
         Object listeners[] = context.getApplicationListeners();
         if (listeners == null)
             return;
         for (int i = 0; i < listeners.length; i++) {
             if (!(listeners[i] instanceof HttpSessionAttributeListener))
                 continue;
             HttpSessionAttributeListener listener =
                 (HttpSessionAttributeListener) listeners[i];
             try {
                 if (unbound != null) {
                     context.fireContainerEvent("beforeSessionAttributeReplaced",
                                                listener);
                     listener.attributeReplaced(event);
                     context.fireContainerEvent("afterSessionAttributeReplaced",
                                                listener);
                 } else {
                     context.fireContainerEvent("beforeSessionAttributeAdded",
                                                listener);
                     listener.attributeAdded(event);
                     context.fireContainerEvent("afterSessionAttributeAdded",
                                                listener);
                 }
             } catch (Throwable t) {
                 if (unbound != null)
                     context.fireContainerEvent("afterSessionAttributeReplaced",
                                                listener);
                 else
                     context.fireContainerEvent("afterSessionAttributeAdded",
                                                listener);
                 // FIXME - should we do anything besides log these?
                 log( "Exception firing attribute event", t);
             }
         }
 */
     }
 
 
     // -------------------------------------------- HttpSession Private Methods
 
 
     /**
      * Read a serialized version of this session object from the specified
      * object input stream.
      * <p>
      * <b>IMPLEMENTATION NOTE</b>:  The reference to the owning Manager
      * is not restored by this method, and must be set explicitly.
      *
      * @param stream The input stream to read from
      *
      * @exception ClassNotFoundException if an unknown class is specified
      * @exception IOException if an input/output error occurs
      */
     private void readObject(ObjectInputStream stream)
         throws ClassNotFoundException, IOException {
 
         // Deserialize the scalar instance variables (except Manager)
         authType = null;        // Transient only
         creationTime = ((Long) stream.readObject()).longValue();
         lastAccessedTime = ((Long) stream.readObject()).longValue();
         maxInactiveInterval = ((Integer) stream.readObject()).intValue();
         isNew = ((Boolean) stream.readObject()).booleanValue();
         isValid = ((Boolean) stream.readObject()).booleanValue();
         thisAccessedTime = ((Long) stream.readObject()).longValue();
         principal = null;        // Transient only
         setId((String) stream.readObject());
         if (debug >= 2)
             log("readObject() loading session " + id);
 
         // Deserialize the attribute count and attribute values
         if (attributes == null)
             attributes = new HashMap();
         int n = ((Integer) stream.readObject()).intValue();
         boolean isValidSave = isValid;
         isValid = true;
         for (int i = 0; i < n; i++) {
             String name = (String) stream.readObject();
             Object value = (Object) stream.readObject();
             if ((value instanceof String) && (value.equals(NOT_SERIALIZED)))
                 continue;
             if (debug >= 2)
                 log("  loading attribute '" + name +
                     "' with value '" + value + "'");
             synchronized (attributes) {
                 attributes.put(name, value);
             }
         }
         isValid = isValidSave;
 
     }
 
 
     /**
      * Write a serialized version of this session object to the specified
      * object output stream.
      * <p>
      * <b>IMPLEMENTATION NOTE</b>:  The owning Manager will not be stored
      * in the serialized representation of this Session.  After calling
      * <code>readObject()</code>, you must set the associated Manager
      * explicitly.
      * <p>
      * <b>IMPLEMENTATION NOTE</b>:  Any attribute that is not Serializable
      * will be unbound from the session, with appropriate actions if it
      * implements HttpSessionBindingListener.  If you do not want any such
      * attributes, be sure the <code>distributable</code> property of the
      * associated Manager is set to <code>true</code>.
      *
      * @param stream The output stream to write to
      *
      * @exception IOException if an input/output error occurs
      */
     private void writeObject(ObjectOutputStream stream) throws IOException {
 
         // Write the scalar instance variables (except Manager)
         stream.writeObject(new Long(creationTime));
         stream.writeObject(new Long(lastAccessedTime));
         stream.writeObject(new Integer(maxInactiveInterval));
         stream.writeObject(new Boolean(isNew));
         stream.writeObject(new Boolean(isValid));
         stream.writeObject(new Long(thisAccessedTime));
         stream.writeObject(id);
         if (debug >= 2)
             log("writeObject() storing session " + id);
 
         // Accumulate the names of serializable and non-serializable attributes
         String keys[] = keys();
         ArrayList saveNames = new ArrayList();
         ArrayList saveValues = new ArrayList();
         ArrayList unbinds = new ArrayList();
         for (int i = 0; i < keys.length; i++) {
             Object value = null;
             synchronized (attributes) {
                 value = attributes.get(keys[i]);
             }
             if (value == null)
                 continue;
             else if (value instanceof Serializable) {
                 saveNames.add(keys[i]);
                 saveValues.add(value);
             } else
                 unbinds.add(keys[i]);
         }
 
         // Serialize the attribute count and the Serializable attributes
         int n = saveNames.size();
         stream.writeObject(new Integer(n));
         for (int i = 0; i < n; i++) {
             stream.writeObject((String) saveNames.get(i));
             try {
                 stream.writeObject(saveValues.get(i));
                 if (debug >= 2)
                     log("  storing attribute '" + saveNames.get(i) +
                         "' with value '" + saveValues.get(i) + "'");
             } catch (NotSerializableException e) {
                 log( "Session is not serializable for attribute name: " + saveNames.get(i) + " and session id: " + id, e);
                 stream.writeObject(NOT_SERIALIZED);
                 if (debug >= 2)
                     log("  storing attribute '" + saveNames.get(i) +
                         "' with value NOT_SERIALIZED");
                 unbinds.add(saveNames.get(i));
             }
         }
 
         // Unbind the non-Serializable attributes
         Iterator names = unbinds.iterator();
         while (names.hasNext()) {
             removeAttribute((String) names.next());
         }
 
     }
 
 
     // -------------------------------------------------------- Private Methods
 
 
     /**
      * Notify all session event listeners that a particular event has
      * occurred for this Session.  The default implementation performs
      * this notification synchronously using the calling thread.
      *
      * @param type Event type
      * @param data Event data
      */
     public void fireSessionEvent(String type, Object data) {
 /*    
         if (listeners.size() < 1)
             return;
         SessionEvent event = new SessionEvent(this, type, data);
         SessionListener list[] = new SessionListener[0];
         synchronized (listeners) {
             list = (SessionListener[]) listeners.toArray(list);
         }
         for (int i = 0; i < list.length; i++)
             ((SessionListener) list[i]).sessionEvent(event);
 */
     }
 
 
     /**
      * Return the names of all currently defined session attributes
      * as an array of Strings.  If there are no defined attributes, a
      * zero-length array is returned.
      */
     private String[] keys() {
 
         String results[] = new String[0];
         synchronized (attributes) {
             return ((String[]) attributes.keySet().toArray(results));
         }
 
     }
 
 
     /**
      * Log a message to the current ServletContext
      *
      * @param message Message to be logged
      */
     protected void log(String message) {
 
         servletContext.log(message);
 
     }
 
 
     /**
      * Log a message to the current ServletContext
      *
      * @param message Message to be logged
      * @param throwable Associated exception
      */
     protected void log(String message, Throwable throwable) {
 
         servletContext.log(message, throwable);
 
     }
 
 
 }