er.extensions.appserver
Class ERXSession

java.lang.Object
  com.webobjects.appserver.WOSession
      er.extensions.appserver.ajax.ERXAjaxSession
          er.extensions.appserver.ERXSession

All Implemented Interfaces:

NSKeyValueCoding, NSKeyValueCoding.ErrorHandling, NSKeyValueCodingAdditions, Serializable, Cloneable

Direct Known Subclasses:

Session

public class ERXSession
extends ERXAjaxSession
implements Serializable

The ERXSession aguments the regular WOSession object by adding a few nice additions. Of interest, notifications are now posted when a session when a session goes to sleep, David Neumann's browser backtracking detection has been added from his security framework, a somewhat comprehensive user-agent parsing is provided to know what type of browser is being used, flags have also been added to tell if javascript has been enabled, and enhanced localization support has been added.

See Also:

Serialized Form

Nested Class Summary

static class

ERXSession.Observer The Observer inner class encapsulates functions to handle various notifications.

Nested classes/interfaces inherited from class com.webobjects.appserver.WOSession

WOSession.PageFragmentCache

Nested classes/interfaces inherited from interface com.webobjects.foundation.NSKeyValueCodingAdditions

NSKeyValueCodingAdditions.DefaultImplementation, NSKeyValueCodingAdditions.Utility

Field Summary

protected NSMutableDictionary	_debuggingStore holds a debugging store for a given session.
protected Boolean	_didBacktrack flag to indicate if the user is currently backtracking, meaning they hit the back button and then clicked on a link.
protected Boolean	_javaScriptEnabled flag for if java script is enabled
String	_originalThreadName _originalThreadName holds the original name from the WorkerThread whic is the value before executing awake()
static String	JAVASCRIPT_ENABLED_COOKIE_NAME cookie name that if set it means that the user has cookies enabled
boolean	lastActionWasDA flag to indicate if the last action was a direct action
static Logger	log logging support
static String	SessionWillAwakeNotification Notification name that is posted after a session wakes up.
static String	SessionWillSleepNotification Notification name that is posted when a session is about to sleep.

Fields inherited from class er.extensions.appserver.ajax.ERXAjaxSession

_permanentContextIDArray, _permanentPageCache, DONT_STORE_PAGE, FORCE_STORE_PAGE, PAGE_REPLACEMENT_CACHE_LOOKUP_KEY

Fields inherited from class com.webobjects.appserver.WOSession

_componentState, _httpSession, _httpSessionWatcher, SessionDidCreateNotification, SessionDidRestoreNotification, SessionDidTimeOutNotification

Fields inherited from interface com.webobjects.foundation.NSKeyValueCoding.ErrorHandling

_CLASS

Fields inherited from interface com.webobjects.foundation.NSKeyValueCodingAdditions

_CLASS, _KeyPathSeparatorChar, KeyPathSeparator

Constructor Summary

ERXSession()

Method Summary

void	_appendCookieToResponse(WOResponse response)
NSTimestamp	_birthDate()
void	_clearCookieFromResponse(WOResponse response)
protected void	_convertSessionCookiesToSecure(WOResponse response)
static WOSession	anySession()
void	appendToResponse(WOResponse aResponse, WOContext aContext) Provides automatic encoding support for component action with messageEncoding object.
ERXApplication	application() Bringing application into KVC.
NSArray	availableLanguagesForTheApplication() Returns the NSArray of language names available for this application.
NSArray	availableLanguagesForThisSession() Returns the NSArray of language names available for this particular session.
void	awake() Overridden to provide a few checks to see if javascript is enabled.
ERXBrowser	browser() Returns the browser object representing the web browser's "user-agent" string.
static String	currentSessionID()
NSMutableDictionary	debuggingStore() Simple mutable dictionary that can be used at runtime to stash objects that can be useful for debugging.
EOEditingContext	defaultEditingContext() Ensures that the returned editingContext was created with the ERXEC factory.
boolean	didBacktrack() Method inspects the passed in request to see if the user backtracked.
boolean	javaScriptEnabled() Returns if this user has javascript enabled.
String	language() Returns the primary language of the current session's localizer.
ERXLocalizer	localizer() Method to get the current localizer for this session.
ERXMessageEncoding	messageEncoding() Returns the message encoding of the current session.
EOEditingContext	newDefaultEditingContext()
NSKeyValueCodingAdditions	objectStore() This is a cover method which enables use of the session's object store which is usually access with setObjectForKey and objectForKey.
ERXSession.Observer	observer() returns the observer object for this session.
String	requestsContextID(WORequest aRequest) Utility method that gets the context ID string from the passed in request.
static ERXSession	session()
void	setDefaultEditingContext(EOEditingContext ec)
void	setJavaScriptEnabled(boolean newValue) Sets if javascript is enabled for this session.
void	setLanguage(String language) Cover method to set the current localizer to the localizer for that language.
void	setLanguages(NSArray languageList) Sets the languages list for which the session is localized.
static void	setSession(ERXSession session)
void	sleep() Overridden to post the notification that the session will sleep.
void	takeValuesFromRequest(WORequest aRequest, WOContext aContext) Provides automatic encoding support for component action with messageEncoding object.
void	terminate() Overrides terminate to free up resources and unregister for notifications.
String	threadName() override this method in order to provide a different name for the WorkerThread for this rr loop very useful for logging stuff: assign a log statement to a log entry.
String	toString()
boolean	useSecureSessionCookies() Override and return true, or set er.extensions.ERXSession.useSecureSessionCookies if you want secure-only session and instance cookies.

Methods inherited from class er.extensions.appserver.ajax.ERXAjaxSession

_permanentPageCache, _permanentPageWithContextID, _saveCurrentPage, _shouldPutInPermanentCache, cleanPageReplacementCacheIfNecessary, cleanPageReplacementCacheIfNecessary, restorePageForContextID, savePage, savePageInPermanentCache

Methods inherited from class com.webobjects.appserver.WOSession

_allowToViewEvents, _allowToViewStatistics, _awakeInContext, _contextCounter, _contextDidIncrementContextID, _contextIDMatchingIDs, _formattedStatistics, _lifeInMillis, _requestCounter, _setContext, _setHttpSession, _setHttpSessionWatcher, _setSessionID, _sleepInContext, _terminateByJ2EE, _terminateByTimeout, allowedToViewEvents, allowedToViewStatistics, canAccessFieldsDirectly, clone, context, debugString, domainForIDCookies, expirationDateForIDCookies, getPageFromPageCacheForContextID, getPageFromPageFragmentCacheForContextID, handleQueryWithUnboundKey, handleTakeValueForUnboundKey, invokeAction, isDistributionEnabled, isTerminating, keyEnumerator, keySet, languages, lockDefaultEditingContext, logString, objectForKey, removeObjectForKey, savePageInPageCache, savePageInPageFragmentCache, sessionID, setDistributionEnabled, setObjectForKey, setStoresIDsInCookies, setStoresIDsInURLs, setTimeOut, statistics, storesIDsInCookies, storesIDsInURLs, takeValueForKey, takeValueForKeyPath, timeOut, timeOutForIDCookies, timeOutMillis, unableToSetNullForKey, validateEventsLogin, validateStatisticsLogin, validationFailedWithException, valueForKey, valueForKeyPath

Methods inherited from class java.lang.Object

equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

log

public static Logger log

logging support

SessionWillAwakeNotification

public static final String SessionWillAwakeNotification

Notification name that is posted after a session wakes up.

See Also:

Constant Field Values

SessionWillSleepNotification

public static final String SessionWillSleepNotification

Notification name that is posted when a session is about to sleep.

See Also:

Constant Field Values

JAVASCRIPT_ENABLED_COOKIE_NAME

public static final String JAVASCRIPT_ENABLED_COOKIE_NAME

cookie name that if set it means that the user has cookies enabled

See Also:

Constant Field Values

_javaScriptEnabled

protected Boolean _javaScriptEnabled

flag for if java script is enabled

_debuggingStore

protected NSMutableDictionary _debuggingStore

holds a debugging store for a given session.

_originalThreadName

public String _originalThreadName

_originalThreadName holds the original name from the WorkerThread whic is the value before executing awake()

_didBacktrack

protected Boolean _didBacktrack

flag to indicate if the user is currently backtracking, meaning they hit the back button and then clicked on a link.

lastActionWasDA

public boolean lastActionWasDA

flag to indicate if the last action was a direct action

Constructor Detail

ERXSession

public ERXSession()

Method Detail

observer

public ERXSession.Observer observer()

returns the observer object for this session. If it doesn't ever exist, one will be created.

Returns:

the observer

localizer

public ERXLocalizer localizer()

Method to get the current localizer for this session. If local instance variable is null then a localizer is fetched for the session's languages array. See ERXLocalizer for more information about using a localizer.

Returns:

the current localizer for this session

language

public String language()

Returns the primary language of the current session's localizer. This method is just a cover for calling the method localizer().language().

Returns:

primary language

setLanguage

public void setLanguage(String language)

Cover method to set the current localizer to the localizer for that language.

Also updates languages list with the new single language.

Parameters:

language - to set the current localizer for.

See Also:

language(), setLanguages(com.webobjects.foundation.NSArray)

setLanguages

public void setLanguages(NSArray languageList)

Sets the languages list for which the session is localized. The ordering of language strings in the array determines the order in which the application will search .lproj directories for localized strings, images, and component definitions.

Also updates localizer and messageEncodings.

Overrides:

setLanguages in class WOSession

Parameters:

languageList - the array of languages for the session

See Also:

language(), setLanguage(java.lang.String)

availableLanguagesForTheApplication

public NSArray availableLanguagesForTheApplication()

Returns the NSArray of language names available for this application. This is simply a cover method of ERXLocalizer#availableLanguages, but will be convenient for binding to dynamic elements like language selector popup.

Returns:

NSArray of language name strings available for this application

See Also:

availableLanguagesForThisSession(), ERXLocalizer#availableLanguages

availableLanguagesForThisSession

public NSArray availableLanguagesForThisSession()

Returns the NSArray of language names available for this particular session. The resulting array is an intersect of web browser's language array (ERXRequest#browserLanguages) and localizer's available language array (ERXLocalizer#availableLanguages).

Note that the order of the resulting language names is not defined at this morment.

Returns:

NSArray of language name strings available for this particular session

See Also:

availableLanguagesForTheApplication(), ERXRequest#browserLanguages, ERXLocalizer#availableLanguages

messageEncoding

public ERXMessageEncoding messageEncoding()

Returns the message encoding of the current session. If it's not already set up but no current language() available for the session, it creates one with the default encoding.

Returns:

message encoding object

browser

public ERXBrowser browser()

Returns the browser object representing the web browser's "user-agent" string. You can obtain browser name, version, platform and Mozilla version, etc. through this object.
Good for WOConditional's condition binding to deal with different browser versions.

Returns:

browser object

debuggingStore

public NSMutableDictionary debuggingStore()

Simple mutable dictionary that can be used at runtime to stash objects that can be useful for debugging.

Returns:

debugging store dictionary

defaultEditingContext

public EOEditingContext defaultEditingContext()

Ensures that the returned editingContext was created with the ERXEC factory.

Overrides:

defaultEditingContext in class WOSession

Returns:

the session's default editing context with the default delegate set.

setDefaultEditingContext

public void setDefaultEditingContext(EOEditingContext ec)

Overrides:

setDefaultEditingContext in class WOSession

javaScriptEnabled

public boolean javaScriptEnabled()

Returns if this user has javascript enabled. This checks a form value "javaScript" and a cookie "js" if the value is 1.

Returns:

if js is enabled, defaults to true.

setJavaScriptEnabled

public void setJavaScriptEnabled(boolean newValue)

Sets if javascript is enabled for this session. crafty entry pages can set form values via javascript to test if it is enabled.

Parameters:

newValue - says if javascript is enabled

awake

public void awake()

Overridden to provide a few checks to see if javascript is enabled.

Overrides:

awake in class WOSession

sleep

public void sleep()

Overridden to post the notification that the session will sleep.

Overrides:

sleep in class WOSession

threadName

public String threadName()

override this method in order to provide a different name for the WorkerThread for this rr loop very useful for logging stuff: assign a log statement to a log entry. Something useful could be: return session().sessionID() + valueForKeyPath("user.username");

requestsContextID

public String requestsContextID(WORequest aRequest)

Utility method that gets the context ID string from the passed in request.

Parameters:

aRequest - request to get the context id from

Returns:

the context id as a string

didBacktrack

public boolean didBacktrack()

Method inspects the passed in request to see if the user backtracked. If the context ID for the request is 2 clicks less than the context ID for the current WOContext, we know the backtracked.

Returns:

if the user has backtracked or not.

takeValuesFromRequest

public void takeValuesFromRequest(WORequest aRequest,
                                  WOContext aContext)

Provides automatic encoding support for component action with messageEncoding object.

Overrides:

takeValuesFromRequest in class WOSession

Parameters:

aRequest - current request

aContext - current context

appendToResponse

public void appendToResponse(WOResponse aResponse,
                             WOContext aContext)

Provides automatic encoding support for component action with messageEncoding object.

Overrides:

appendToResponse in class WOSession

Parameters:

aResponse - current response object

aContext - current context object

application

public ERXApplication application()

Bringing application into KVC.

terminate

public void terminate()

Overrides terminate to free up resources and unregister for notifications.

Overrides:

terminate in class WOSession

objectStore

public NSKeyValueCodingAdditions objectStore()

This is a cover method which enables use of the session's object store which is usually access with setObjectForKey and objectForKey. One can use this method with KVC, like for example in .wod bindings: myString: WOString { value = session.objectStore.myLastSearchResult.count; }

Returns:

an Object which implements KVC + KVC additions

_birthDate

public NSTimestamp _birthDate()

Overrides:

_birthDate in class WOSession

toString

public String toString()

Overrides:

toString in class WOSession

newDefaultEditingContext

public EOEditingContext newDefaultEditingContext()

Overrides:

newDefaultEditingContext in class WOSession

anySession

public static WOSession anySession()

session

public static ERXSession session()

currentSessionID

public static String currentSessionID()

setSession

public static void setSession(ERXSession session)

useSecureSessionCookies

public boolean useSecureSessionCookies()

Override and return true, or set er.extensions.ERXSession.useSecureSessionCookies if you want secure-only session and instance cookies. This prevents cookie hijacking man-in-the-middle attacks. Note that to make this effective (and for sessions to work at all), your site must be behind HTTPS at all times. In development mode, you can disable secure mode (@see er.extensions.ERXRequest.isSecureDisabled) for running in direct-connect with this mode enabled.

Returns:

whether or not secure cookies are enabled

_convertSessionCookiesToSecure

protected void _convertSessionCookiesToSecure(WOResponse response)

_appendCookieToResponse

public void _appendCookieToResponse(WOResponse response)

Overrides:

_appendCookieToResponse in class WOSession

_clearCookieFromResponse

public void _clearCookieFromResponse(WOResponse response)

Overrides:

_clearCookieFromResponse in class WOSession