001/* 002 * The contents of this file are subject to the terms of the Common Development and 003 * Distribution License (the License). You may not use this file except in compliance with the 004 * License. 005 * 006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the 007 * specific language governing permission and limitations under the License. 008 * 009 * When distributing Covered Software, include this CDDL Header Notice in each file and include 010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL 011 * Header, with the fields enclosed by brackets [] replaced by your own identifying 012 * information: "Portions copyright [year] [name of copyright owner]". 013 * 014 * Copyright 2015 ForgeRock AS. 015 * 016 */ 017 018package org.forgerock.http.session; 019 020import org.forgerock.json.JsonValue; 021import org.forgerock.services.context.AbstractContext; 022import org.forgerock.services.context.Context; 023import org.forgerock.util.Reject; 024 025/** 026 * A {@code SessionContext} is a mechanism for maintaining state between components when processing a successive 027 * requests from the same logical client or end-user. For example, a filter may store information about the end-user 028 * in the {@code SessionContext} which can then be accessed in subsequent filters and handlers in order to perform 029 * access control decisions, routing decisions, etc. 030 * <p> 031 * Unlike an {@link org.forgerock.services.context.AttributesContext AttributesContext}, a {@code SessionContext} has 032 * a life-cycle that spans successive requests from the same client, although its content may be lost after periods 033 * of inactivity. The exact details of how a "session" is associated with a client, how it is persisted between 034 * requests, and if and when it is expired are the responsibility of the {@link Session} and 035 * {@link SessionManager SessionManager} implementation. 036 * <p> 037 * Use an {@link org.forgerock.services.context.AttributesContext AttributesContext} for transferring transient 038 * state between components when processing a single request. 039 */ 040public final class SessionContext extends AbstractContext { 041 042 /** 043 * Session information associated with the remote client. This field is not serialized in the {@link JsonValue} 044 * representation of this context. 045 */ 046 private Session session; 047 048 /** 049 * Constructs a new {@code SessionContext}. 050 * 051 * @param parent 052 * The parent {@code Context}. 053 * @param session 054 * The HTTP {@code Session}. 055 */ 056 public SessionContext(Context parent, Session session) { 057 super(parent, "session"); 058 Reject.ifNull(session, "Session cannot be null."); 059 this.session = session; 060 } 061 062 /** 063 * Restore from JSON representation. 064 * 065 * @param savedContext 066 * The JSON representation from which this context's attributes should be parsed. 067 * @param classLoader 068 * The ClassLoader which can properly resolve the persisted class-name. 069 */ 070 public SessionContext(final JsonValue savedContext, final ClassLoader classLoader) { 071 super(savedContext, classLoader); 072 } 073 074 /** 075 * Returns the {@code Session} associated with the remote client. 076 * 077 * @return The {@code Session} associated with the remote client. 078 */ 079 public Session getSession() { 080 return session; 081 } 082 083 /** 084 * Sets the {@code Session} associated with the remote client. 085 * 086 * @param session 087 * The session. 088 * @return This {@code SessionContext}. 089 */ 090 public SessionContext setSession(Session session) { 091 this.session = session; 092 return this; 093 } 094}