Interface WebSession

All Known Implementing Classes:
MockWebSession

public interface WebSession
Main contract for using a server-side session that provides access to session attributes across HTTP requests.

The creation of a WebSession instance does not automatically start a session thus causing the session id to be sent to the client (typically via a cookie). A session starts implicitly when session attributes are added. A session may also be created explicitly via start().

Since:
5.0
Author:
Rossen Stoyanchev
  • Method Summary

    Modifier and Type
    Method
    Description
    reactor.core.publisher.Mono<Void>
    Generate a new id for the session and update the underlying session storage to reflect the new id.
    default <T> T
    Return the session attribute value if present.
    default <T> T
    getAttributeOrDefault(String name, T defaultValue)
    Return the session attribute value, or a default, fallback value.
    Return a map that holds session attributes.
    Return the time when the session was created.
    Return a unique session identifier.
    Return the last time of session access as a result of user activity such as an HTTP request.
    Return the maximum time after the lastAccessTime before a session expires.
    default <T> T
    Return the session attribute value or if not present raise an IllegalArgumentException.
    reactor.core.publisher.Mono<Void>
    Invalidate the current session and clear session storage.
    boolean
    Return true if the session expired after maxIdleTime elapsed.
    boolean
    Whether a session with the client has been started explicitly via start() or implicitly by adding session attributes.
    reactor.core.publisher.Mono<Void>
    Save the session through the WebSessionStore as follows: If the session is new (i.e.
    void
    setMaxIdleTime(Duration maxIdleTime)
    Configure the max amount of time that may elapse after the lastAccessTime before a session is considered expired.
    void
    Force the creation of a session causing the session id to be sent when save() is called.
  • Method Details

    • getId

      String getId()
      Return a unique session identifier.
    • getAttributes

      Map<String,Object> getAttributes()
      Return a map that holds session attributes.
    • getAttribute

      @Nullable default <T> T getAttribute(String name)
      Return the session attribute value if present.
      Type Parameters:
      T - the attribute type
      Parameters:
      name - the attribute name
      Returns:
      the attribute value
    • getRequiredAttribute

      default <T> T getRequiredAttribute(String name)
      Return the session attribute value or if not present raise an IllegalArgumentException.
      Type Parameters:
      T - the attribute type
      Parameters:
      name - the attribute name
      Returns:
      the attribute value
    • getAttributeOrDefault

      default <T> T getAttributeOrDefault(String name, T defaultValue)
      Return the session attribute value, or a default, fallback value.
      Type Parameters:
      T - the attribute type
      Parameters:
      name - the attribute name
      defaultValue - a default value to return instead
      Returns:
      the attribute value
    • start

      void start()
      Force the creation of a session causing the session id to be sent when save() is called.
    • isStarted

      boolean isStarted()
      Whether a session with the client has been started explicitly via start() or implicitly by adding session attributes. If "false" then the session id is not sent to the client and the save() method is essentially a no-op.
    • changeSessionId

      reactor.core.publisher.Mono<Void> changeSessionId()
      Generate a new id for the session and update the underlying session storage to reflect the new id. After a successful call getId() reflects the new session id.
      Returns:
      completion notification (success or error)
    • invalidate

      reactor.core.publisher.Mono<Void> invalidate()
      Invalidate the current session and clear session storage.
      Returns:
      completion notification (success or error)
    • save

      reactor.core.publisher.Mono<Void> save()
      Save the session through the WebSessionStore as follows:
      • If the session is new (i.e. created but never persisted), it must have been started explicitly via start() or implicitly by adding attributes, or otherwise this method should have no effect.
      • If the session was retrieved through the WebSessionStore, the implementation for this method must check whether the session was invalidated and if so return an error.

      Note that this method is not intended for direct use by applications. Instead it is automatically invoked just before the response is committed.

      Returns:
      Mono to indicate completion with success or error
    • isExpired

      boolean isExpired()
      Return true if the session expired after maxIdleTime elapsed.

      Typically expiration checks should be automatically made when a session is accessed, a new WebSession instance created if necessary, at the start of request processing so that applications don't have to worry about expired session by default.

    • getCreationTime

      Instant getCreationTime()
      Return the time when the session was created.
    • getLastAccessTime

      Instant getLastAccessTime()
      Return the last time of session access as a result of user activity such as an HTTP request. Together with maxIdleTimeInSeconds this helps to determine when a session is expired.
    • setMaxIdleTime

      void setMaxIdleTime(Duration maxIdleTime)
      Configure the max amount of time that may elapse after the lastAccessTime before a session is considered expired. A negative value indicates the session should not expire.
    • getMaxIdleTime

      Duration getMaxIdleTime()
      Return the maximum time after the lastAccessTime before a session expires. A negative time indicates the session doesn't expire.