Overview  Package   Class  Tree  Deprecated  Index  Help 
Femto Web Server V1.4-F
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD

dfischer.femtowebserver.filter
Class HttpSessionCookieHandler

java.lang.Object
  |
  +--dfischer.femtowebserver.httpd.HttpdFilter
        |
        +--dfischer.femtowebserver.filter.HttpSessionCookieHandler
public class HttpSessionCookieHandler
extends HttpdFilter

This filter enables cookie based HTTP sessions. The (inactive) session timeout and the maximum session life time is configurable.

If this filter is added to the Httpd, the methods HttpRequest.getSession() and HttpResponse.getSession() will return a reference to a valid HttpdSession.

Hint: programming of own HTTP session handlers is fully supported by the Femto Web Server. In such a case a new HttpdFilter class must be implemented which collaborates with the HttpdSessionHashtable. 

 Configuration Example:
 ...
 ...
 Httpd httpdThread = new Httpd();

 // configure femto web server
 String serverName = "127.0.0.1";
 try { serverName = InetAddress.getLocalHost().getHostName(); } catch (Exception ex) {}
 httpdThread.setServerName(serverName);
 httpdThread.setServerPort(80);
 
 String[] filterArguments = { "15", "360" };    // 15 minutes session timout and 6 hours life time 
 httpdThread.addFilter("dfischer.femtowebserver.filter.HttpSessionCookieHandler", filterArguments);
 ...
 ...
 

 Sourcecode of Filter:

 package dfischer.femtowebserver.filter;
 import dfischer.femtowebserver.httpd.*;

 public class HttpSessionCookieHandler extends HttpdFilter
 {
     public final static String SESSION_COOKIE_NAME = "FEMTO_SESS_ID";
     public final static int SESSION_TIMEOUT = 10;
     public final static int MAX_SESSION_TIME = 240;
	
     public void filterRequest(HttpRequest httpRequest, HttpResponse httpResponse) throws Exception
     {
         // first:  access and cleanup the session hashtable - delete old, inactive sessions and drop long sessions
         HttpdSessionHashtable sessionHashtable = getHttpdProperties().getSessionHashtable();
         	
         int sessionTimeout = SESSION_TIMEOUT;
         if (getFilterArguments().length >= 1)
             sessionTimeout = Integer.valueOf(getFilterArguments()[0]).intValue();
         sessionHashtable.dropInactiveSessions(sessionTimeout);
         
         int maxSessionTime = MAX_SESSION_TIME;
         if (getFilterArguments().length >= 2)
             maxSessionTime = Integer.valueOf(getFilterArguments()[1]).intValue();
         sessionHashtable.dropLongSessions(maxSessionTime);
         
         // session cookie already here ?
         String sessionId = httpRequest.getCookieValue(SESSION_COOKIE_NAME);
         
         synchronized (sessionHashtable)
         {
             // if session cookie here - try to get the (old) session 
             HttpdSession oldHttpdSession = null;
             if (sessionId != null)
                 oldHttpdSession = sessionHashtable.getSession(sessionId);
         
             if ((sessionId == null) || (oldHttpdSession == null))
             {
                 // no old session found - create new session
                 sessionId = "" + Math.random() + System.currentTimeMillis();	// create new session id ...
                 Thread.currentThread().sleep(21);				// ... and wait a little bit to avoid duplications 
         
                 HttpdSession newHttpdSession = new HttpdSession(sessionId, httpRequest.getRemoteAddress(), httpRequest.getMethod() + " " + httpRequest.getRequest());
                 sessionHashtable.addSession(sessionId, newHttpdSession);	// add sesssion to hashtable
         
                 // setup request and response with the new session and transmit (new) session cookie to the agent (browser)
                 httpRequest.setSession(newHttpdSession);
                 httpResponse.setSession(newHttpdSession);
                 httpResponse.setTransientCookie(SESSION_COOKIE_NAME, sessionId, "/", false);
                 return;
             }
         			
         // old session: update last access
         oldHttpdSession.updateLastAccess(httpRequest.getRemoteAddress(), httpRequest.getMethod() + " " + httpRequest.getRequest());
         httpRequest.setSession(oldHttpdSession);
         httpResponse.setSession(oldHttpdSession);
         }
     }

     public void filterResponse(HttpRequest httpRequest, HttpResponse httpResponse) throws Exception
     {
     }
 }

See Also:
HttpdFilter, HttpdSession, HttpdProperties.getSessionHashtable(), HttpdSessionHashtable, HttpRequest.setSession(dfischer.femtowebserver.httpd.HttpdSession), HttpResponse.setSession(dfischer.femtowebserver.httpd.HttpdSession)

Field Summary
static int MAX_SESSION_TIME
          The default value of the maximum session life time is 240 minutes (4 hours).
static java.lang.String SESSION_COOKIE_NAME
          The name of the transient HTTP session cookie is fixed to "FEMTO_SESS_ID".
static int SESSION_TIMEOUT
          The default value of the (inactive) session timeout is 10 minutes.
 
Constructor Summary
HttpSessionCookieHandler()
           
 
Method Summary
 void filterRequest(HttpRequest httpRequest, HttpResponse httpResponse)
          Allows filtering tasks on the HTTP request and to preset the HTTP response (at his time blank).
 void filterResponse(HttpRequest httpRequest, HttpResponse httpResponse)
          Allows filtering tasks on the HTTP response and to access the HTTP request.
 
Methods inherited from class dfischer.femtowebserver.httpd.HttpdFilter
abortRequest, getFilterArguments, getHttpdProperties
 
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

SESSION_COOKIE_NAME

public static final java.lang.String SESSION_COOKIE_NAME
The name of the transient HTTP session cookie is fixed to "FEMTO_SESS_ID".

SESSION_TIMEOUT

public static final int SESSION_TIMEOUT
The default value of the (inactive) session timeout is 10 minutes.

MAX_SESSION_TIME

public static final int MAX_SESSION_TIME
The default value of the maximum session life time is 240 minutes (4 hours).
Constructor Detail

HttpSessionCookieHandler

public HttpSessionCookieHandler()
Method Detail

filterRequest

public void filterRequest(HttpRequest httpRequest,
                          HttpResponse httpResponse)
                   throws java.lang.Exception
Description copied from class: HttpdFilter
Allows filtering tasks on the HTTP request and to preset the HTTP response (at his time blank). Consider that some or all parts of the HTTP response will later be overwritten when the (modified) request is processed by the Femto Web Server.
Overrides:
filterRequest in class HttpdFilter
Following copied from class: dfischer.femtowebserver.httpd.HttpdFilter
Parameters:
httpRequest - The HTTP request data (browser request)
HttpResponse - The HTTP response data (server response)
See Also:
HttpRequest.getSession(), HttpRequest.setSession(dfischer.femtowebserver.httpd.HttpdSession), HttpRequest.getRemoteAddress(), HttpRequest.setRemoteAddress(java.lang.String), HttpRequest.getVirtualHost(), HttpRequest.setVirtualHost(java.lang.String), HttpRequest.getVirtualPort(), HttpRequest.setVirtualPort(int), HttpRequest.getUserAgent(), HttpRequest.setUserAgent(java.lang.String), HttpRequest.getHeaderField(java.lang.String), HttpRequest.addHeaderField(java.lang.String, java.lang.String), HttpRequest.updateHeaderField(java.lang.String, java.lang.String), HttpRequest.removeHeaderField(java.lang.String), HttpRequest.getMethod(), HttpRequest.setMethod(java.lang.String), HttpRequest.getRequest(), HttpRequest.setRequest(java.lang.String), HttpRequest.getParameter(String), HttpRequest.addParameter(java.lang.String, java.lang.String), HttpRequest.updateParameter(java.lang.String, java.lang.String), HttpRequest.removeParameter(java.lang.String), HttpRequest.getContent(), HttpRequest.setContent(byte[]), HttpRequest.clearContent(), HttpRequest.getContentType(), HttpRequest.setContentType(java.lang.String), HttpRequest.getContentSubtype(), HttpRequest.setContentSubtype(java.lang.String)

filterResponse

public void filterResponse(HttpRequest httpRequest,
                           HttpResponse httpResponse)
                    throws java.lang.Exception
Description copied from class: HttpdFilter
Allows filtering tasks on the HTTP response and to access the HTTP request. Consider that modifying the HTTP request will have no impact to the HTTP response result because the request has been already processed by the Femto Web Server.
Overrides:
filterResponse in class HttpdFilter
Following copied from class: dfischer.femtowebserver.httpd.HttpdFilter
Parameters:
httpRequest - The HTTP request data (browser request)
HttpResponse - The HTTP response data (server response)
See Also:
HttpResponse.getSession(), HttpResponse.setSession(dfischer.femtowebserver.httpd.HttpdSession), HttpResponse.getStatus(), HttpResponse.setStatus(int, java.lang.String), HttpResponse.getContentType(), HttpResponse.getContentSubtype(), HttpResponse.setContentType(java.lang.String), HttpResponse.getHeaderField(java.lang.String), HttpResponse.getHeaderFieldNames(), HttpResponse.updateHeaderField(java.lang.String, java.lang.String), HttpResponse.addHeaderField(java.lang.String, java.lang.String), HttpResponse.removeHeaderField(java.lang.String), HttpResponse.getContent(), HttpResponse.getContentAsString(), HttpResponse.setContent(byte[]), HttpResponse.clearContent(), HttpResponse.print(String), HttpResponse.println(String)
Overview  Package   Class  Tree  Deprecated  Index  Help 
Femto Web Server V1.4-F
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD
Copyright 2002, 2003, 2006 by Ingenieurbüro David Fischer GmbH, Switzerland. All rights reserved.