Class CookieManager
- java.lang.Object
-
- net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
-
- net.shibboleth.utilities.java.support.net.CookieManager
-
- All Implemented Interfaces:
Component,DestructableComponent,InitializableComponent
public final class CookieManager extends AbstractInitializableComponent
A helper class for managing one or more cookies on behalf of a component.This bean centralizes settings related to cookie creation and access, and is parameterized by name so that multiple cookies may be managed with common properties.
-
-
Field Summary
Fields Modifier and Type Field Description private StringcookieDomainDomain of cookie.private StringcookiePathPath of cookie.private booleanhttpOnlyIs cookie marked HttpOnly?private NonnullSupplier<javax.servlet.http.HttpServletRequest>httpRequestSupplierSupplier for the servlet request to read from.private NonnullSupplier<javax.servlet.http.HttpServletResponse>httpResponseSupplierSupplier for the servlet response to write to.private org.slf4j.LoggerlogLog.private intmaxAgeMaximum age in seconds, or -1 for session.private booleansecureIs cookie secure?
-
Constructor Summary
Constructors Constructor Description CookieManager()Constructor.
-
Method Summary
All Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description voidaddCookie(String name, String value)Add a cookie with the specified name and value.private StringcontextPathToCookiePath()Turn the servlet context path into an appropriate cookie path.booleancookieHasValue(String name, String expectedValue)Check whether a cookie has a certain value.protected voiddoInitialize()Performs the initialization of the component.StringgetCookieValue(String name, String defValue)Return the first matching cookie's value.private javax.servlet.http.HttpServletRequestgetHttpServletRequest()Get the current HTTP request if available.private javax.servlet.http.HttpServletResponsegetHttpServletResponse()Get the current HTTP response if available.voidsetCookieDomain(String domain)Set the cookie domain to use for session tracking.voidsetCookiePath(String path)Set the cookie path to use for session tracking.voidsetHttpOnly(boolean flag)Set the HttpOnly flag.voidsetHttpServletRequest(javax.servlet.http.HttpServletRequest request)Deprecated, for removal: This API element is subject to removal in a future version.voidsetHttpServletRequestSupplier(NonnullSupplier<javax.servlet.http.HttpServletRequest> requestSupplier)Set the Supplier for the servlet request to read from.voidsetHttpServletResponse(javax.servlet.http.HttpServletResponse response)Deprecated, for removal: This API element is subject to removal in a future version.voidsetHttpServletResponseSupplier(NonnullSupplier<javax.servlet.http.HttpServletResponse> responseSupplier)Set the supplier for the servlet response to write to.voidsetMaxAge(int age)Maximum age in seconds, or -1 for per-session.voidsetSecure(boolean flag)Set the SSL-only flag.voidunsetCookie(String name)Unsets a cookie with the specified name.-
Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
destroy, doDestroy, initialize, isDestroyed, isInitialized
-
-
-
-
Field Detail
-
log
private final org.slf4j.Logger log
Log.
-
cookiePath
@Nullable private String cookiePath
Path of cookie.
-
cookieDomain
@Nullable private String cookieDomain
Domain of cookie.
-
httpRequestSupplier
@NonnullAfterInit private NonnullSupplier<javax.servlet.http.HttpServletRequest> httpRequestSupplier
Supplier for the servlet request to read from.
-
httpResponseSupplier
@NonnullAfterInit private NonnullSupplier<javax.servlet.http.HttpServletResponse> httpResponseSupplier
Supplier for the servlet response to write to.
-
secure
private boolean secure
Is cookie secure?
-
httpOnly
private boolean httpOnly
Is cookie marked HttpOnly?
-
maxAge
private int maxAge
Maximum age in seconds, or -1 for session.
-
-
Method Detail
-
setCookiePath
public void setCookiePath(@Nullable String path)Set the cookie path to use for session tracking.Defaults to the servlet context path.
- Parameters:
path- cookie path to use, or null for the default
-
setCookieDomain
public void setCookieDomain(@Nullable String domain)Set the cookie domain to use for session tracking.- Parameters:
domain- the cookie domain to use, or null for the default
-
setHttpServletRequestSupplier
public void setHttpServletRequestSupplier(@Nonnull NonnullSupplier<javax.servlet.http.HttpServletRequest> requestSupplier)Set the Supplier for the servlet request to read from.- Parameters:
requestSupplier- servlet request supplier
-
setHttpServletRequest
@Deprecated(since="4.3", forRemoval=true) public void setHttpServletRequest(@Nullable javax.servlet.http.HttpServletRequest request)
Deprecated, for removal: This API element is subject to removal in a future version.Set the current HTTP request.- Parameters:
request- current HTTP request
-
getHttpServletRequest
@NonnullAfterInit private javax.servlet.http.HttpServletRequest getHttpServletRequest()
Get the current HTTP request if available.- Returns:
- current HTTP request
-
setHttpServletResponseSupplier
public void setHttpServletResponseSupplier(@Nonnull NonnullSupplier<javax.servlet.http.HttpServletResponse> responseSupplier)Set the supplier for the servlet response to write to.- Parameters:
responseSupplier- servlet response
-
setHttpServletResponse
@Deprecated(since="4.3", forRemoval=true) public void setHttpServletResponse(@Nullable javax.servlet.http.HttpServletResponse response)
Deprecated, for removal: This API element is subject to removal in a future version.Set the servlet response to write to.- Parameters:
response- current HTTP response
-
getHttpServletResponse
@NonnullAfterInit private javax.servlet.http.HttpServletResponse getHttpServletResponse()
Get the current HTTP response if available.- Returns:
- current HTTP response or null
-
setSecure
public void setSecure(boolean flag)
Set the SSL-only flag.- Parameters:
flag- flag to set
-
setHttpOnly
public void setHttpOnly(boolean flag)
Set the HttpOnly flag.- Parameters:
flag- flag to set
-
setMaxAge
public void setMaxAge(int age)
Maximum age in seconds, or -1 for per-session.- Parameters:
age- max age to set
-
doInitialize
protected void doInitialize() throws ComponentInitializationExceptionPerforms the initialization of the component. This method is executed within the lock on the object being initialized. The default implementation of this method is a no-op.- Overrides:
doInitializein classAbstractInitializableComponent- Throws:
ComponentInitializationException- thrown if there is a problem initializing the component
-
addCookie
public void addCookie(@Nonnull @NotEmpty String name, @Nonnull @NotEmpty String value)
Add a cookie with the specified name and value.- Parameters:
name- name of cookievalue- value of cookie
-
unsetCookie
public void unsetCookie(@Nonnull @NotEmpty String name)
Unsets a cookie with the specified name.- Parameters:
name- name of cookie
-
cookieHasValue
public boolean cookieHasValue(@Nonnull @NotEmpty String name, @Nonnull @NotEmpty String expectedValue)
Check whether a cookie has a certain value.- Parameters:
name- name of cookieexpectedValue- expected value of cookie- Returns:
- true iff the cookie exists and has the expected value
-
getCookieValue
@Nullable public String getCookieValue(@Nonnull @NotEmpty String name, @Nullable String defValue)
Return the first matching cookie's value.- Parameters:
name- cookie namedefValue- default value to return if the cookie isn't found- Returns:
- cookie value
-
-