Interface HttpSessionIdResolver
- All Known Implementing Classes:
CookieHttpSessionIdResolver
,HeaderHttpSessionIdResolver
public interface HttpSessionIdResolver
Contract for session id resolution strategies. Allows for session id resolution through
the request and for sending the session id or expiring the session through the
response.
- Since:
- 2.0.0
-
Method Summary
Modifier and TypeMethodDescriptionvoid
expireSession
(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) Instruct the client to end the current session.resolveSessionIds
(javax.servlet.http.HttpServletRequest request) Resolve the session ids associated with the providedHttpServletRequest
.void
setSessionId
(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, String sessionId) Send the given session id to the client.
-
Method Details
-
resolveSessionIds
Resolve the session ids associated with the providedHttpServletRequest
. For example, the session id might come from a cookie or a request header.- Parameters:
request
- the current request- Returns:
- the session ids
-
setSessionId
void setSessionId(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, String sessionId) Send the given session id to the client. This method is invoked when a new session is created and should inform a client what the new session id is. For example, it might create a new cookie with the session id in it or set an HTTP response header with the value of the new session id.- Parameters:
request
- the current requestresponse
- the current responsesessionId
- the session id
-
expireSession
void expireSession(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) Instruct the client to end the current session. This method is invoked when a session is invalidated and should inform a client that the session id is no longer valid. For example, it might remove a cookie with the session id in it or set an HTTP response header with an empty value indicating to the client to no longer submit that session id.- Parameters:
request
- the current requestresponse
- the current response
-