001/*
002 * The contents of this file are subject to the terms of the Common Development and
003 * Distribution License (the License). You may not use this file except in compliance with the
004 * License.
005 *
006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
007 * specific language governing permission and limitations under the License.
008 *
009 * When distributing Covered Software, include this CDDL Header Notice in each file and include
010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
011 * Header, with the fields enclosed by brackets [] replaced by your own identifying
012 * information: "Portions copyright [year] [name of copyright owner]".
013 *
014 * Copyright 2015 ForgeRock AS.
015 *
016 */
017
018package org.forgerock.http.session;
019
020import org.forgerock.json.JsonValue;
021import org.forgerock.services.context.AbstractContext;
022import org.forgerock.services.context.Context;
023import org.forgerock.util.Reject;
024
025/**
026 * A {@code SessionContext} is a mechanism for maintaining state between components when processing a successive
027 * requests from the same logical client or end-user. For example, a filter may store information about the end-user
028 * in the {@code SessionContext} which can then be accessed in subsequent filters and handlers in order to perform
029 * access control decisions, routing decisions, etc.
030 * <p>
031 * Unlike an {@link org.forgerock.services.context.AttributesContext AttributesContext}, a {@code SessionContext} has
032 * a life-cycle that spans successive requests from the same client, although its content may be lost after periods
033 * of inactivity. The exact details of how a "session" is associated with a client, how it is persisted between
034 * requests, and if and when it is expired are the responsibility of the {@link Session} and
035 * {@link SessionManager SessionManager} implementation.
036 * <p>
037 * Use an {@link org.forgerock.services.context.AttributesContext AttributesContext} for transferring transient
038 * state between components when processing a single request.
039 */
040public final class SessionContext extends AbstractContext {
041
042    /**
043     * Session information associated with the remote client. This field is not serialized in the {@link JsonValue}
044     * representation of this context.
045     */
046    private Session session;
047
048    /**
049     * Constructs a new {@code SessionContext}.
050     *
051     * @param parent
052     *         The parent {@code Context}.
053     * @param session
054     *         The HTTP {@code Session}.
055     */
056    public SessionContext(Context parent, Session session) {
057        super(parent, "session");
058        Reject.ifNull(session, "Session cannot be null.");
059        this.session = session;
060    }
061
062    /**
063     * Restore from JSON representation.
064     *
065     * @param savedContext
066     *         The JSON representation from which this context's attributes should be parsed.
067     * @param classLoader
068     *         The ClassLoader which can properly resolve the persisted class-name.
069     */
070    public SessionContext(final JsonValue savedContext, final ClassLoader classLoader) {
071        super(savedContext, classLoader);
072    }
073
074    /**
075     * Returns the {@code Session} associated with the remote client.
076     *
077     * @return The {@code Session} associated with the remote client.
078     */
079    public Session getSession() {
080        return session;
081    }
082
083    /**
084     * Sets the {@code Session} associated with the remote client.
085     *
086     * @param session
087     *         The session.
088     * @return This {@code SessionContext}.
089     */
090    public SessionContext setSession(Session session) {
091        this.session = session;
092        return this;
093    }
094}