FileDocCategorySizeDatePackage
SessionCookieConfig.javaAPI DocGlassfish v2 API8991Fri May 04 22:35:32 BST 2007com.sun.enterprise.web.session

SessionCookieConfig

public final class SessionCookieConfig extends Object
Representation of the session cookie configuration element for a web application. This configuration is not specified as part of the standard deployment descriptor but as part of the iAS 7.0's "extended" web application deployment descriptor - ias-web.xml.

(Omit source code)

Fields Summary
public static final String
SESSION_COOKIE_DEFAULT_COMMENT
The default value for the session tracking cookie's comment.
public static final String
DYNAMIC_SECURE
The value that allows the JSESSIONID cookie's secure attribute to be configured based on the connection i.e. secure if HTTPS.
private String
_name
The name of the cookie used for session tracking. Default value is JSESSIONID
private String
_path
The pathname that is set when the cookie is created. The default value is the context path at which the web application is installed. The browser will send the cookie if the pathname for the request contains this pathname. If set to / (slash), the browser will send the cookie to all URLs.
private int
_maxAge
The expiration time in seconds after which the browser expires the cookie. The default value is -1 (never expire).
private String
_domain
The domain for which the cookie is valid.
private String
_comment
The comment that identifies the session tracking cookie in the browser's cookie file. Applications may choose to provide a more specific name for this cookie.
private String
_secure
When set to "dynamic", the cookie is marked as secure only if the connection on which the request was received is secure. To override this behaviour, the value of this property can be set to "true" or "false". If set to "true", user agents will use secure means to contact the origin server when sending back the cookie regardless of whether the connection on which the request was received is secure. If set to "false", user agents do not have to use secure means to contact the origin server when sending back the cookie regardless of whether the connection on which the request was received is secure.
Constructors Summary
public SessionCookieConfig()
Construct a new SessionCookieConfig with default properties.


    // ----------------------------------------------------------- Constructors

                
      
        super();
public SessionCookieConfig(String name, String path, int maxAge, String domain, String comment)
Construct a new SessionCookieConfig with the specified properties.

param
name The name of the cookie used for session tracking
param
path The pathname that is set when the cookie is created
param
maxAge The expiration time (in seconds) of the session cookie (-1 indicates 'never expire')
param
domain The domain for which the cookie is valid
param
comment The comment that identifies the session tracking cookie in the cookie file.


                                                                                                                     
          
                                   
        super();
        setName(name);
        setPath(path);
        setMaxAge(maxAge);
        setDomain(domain);
        setComment(comment);
Methods Summary
public java.lang.StringgetComment()
Return the URLEncoded form of the comment that identifies the session cookie.

        return _comment;
public java.lang.StringgetDomain()
Return the domain for which the cookie is valid.

        return _domain;
public intgetMaxAge()
Return the expiration time for the session cookie.

        return _maxAge;
public java.lang.StringgetName()
Return the name of the session tracking cookie.

        return _name;
public java.lang.StringgetPath()
Return the path that is set when the session tracking cookie is created.

        return _path;
public java.lang.StringgetSecure()
Return whether the cookie is to be marked Secure or not.

returns
"dynamic", "true" or "false"

        return _secure;
public voidsetComment(java.lang.String comment)
Set the comment that identifies the session cookie.

        _comment = comment;
        if (comment != null)
            _comment = URLEncoder.encode(comment);
public voidsetDomain(java.lang.String domain)
Set the domain for which the cookie is valid.

        _domain = domain;
public voidsetMaxAge(int maxAge)
Set the expiration time for the session cookie.

        _maxAge = maxAge;
public voidsetName(java.lang.String name)
Set the name of the session tracking cookie (currently not supported).

        _name = name;
public voidsetPath(java.lang.String path)
Set the path to use when creating the session tracking cookie.

        _path = path;
public voidsetSecure(java.lang.String secure)
Set whether the cookie is marked Secure or not.

param
secure Valid values are "dynamic", "true" or "false"

        if ((secure == null) || (!secure.equalsIgnoreCase("true") &&
                !secure.equalsIgnoreCase("false") &&
                !secure.equalsIgnoreCase(SessionCookieConfig.DYNAMIC_SECURE))) {
            throw new IllegalArgumentException();
        }
        _secure = secure;
public java.lang.StringtoString()
Return a String representation of this object.


        StringBuffer sb = new StringBuffer("SessionCookieConfig[");
        sb.append("name=");
        sb.append(_name);
        if (_path != null) {
            sb.append(", path=");
            sb.append(_path);
        }
        sb.append(", maxAge=");
        sb.append(_maxAge);
        if (_domain != null) {
            sb.append(", domain=");
            sb.append(_domain);
        }
        if (_comment != null) {
            sb.append(", comment=");
            sb.append(_comment);
        }
        sb.append("]");
        return (sb.toString());