001/* 002 * Copyright 2012-2018 the original author or authors. 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 */ 016 017package org.springframework.boot.web.servlet.server; 018 019import java.io.File; 020import java.time.Duration; 021import java.time.temporal.ChronoUnit; 022import java.util.Set; 023 024import org.springframework.boot.convert.DurationUnit; 025 026/** 027 * Session properties. 028 * 029 * @author Andy Wilkinson 030 * @since 2.0.0 031 */ 032public class Session { 033 034 @DurationUnit(ChronoUnit.SECONDS) 035 private Duration timeout = Duration.ofMinutes(30); 036 037 private Set<Session.SessionTrackingMode> trackingModes; 038 039 private boolean persistent; 040 041 /** 042 * Directory used to store session data. 043 */ 044 private File storeDir; 045 046 private final Cookie cookie = new Cookie(); 047 048 private final SessionStoreDirectory sessionStoreDirectory = new SessionStoreDirectory(); 049 050 public Cookie getCookie() { 051 return this.cookie; 052 } 053 054 public Duration getTimeout() { 055 return this.timeout; 056 } 057 058 public void setTimeout(Duration timeout) { 059 this.timeout = timeout; 060 } 061 062 /** 063 * Return the {@link SessionTrackingMode session tracking modes}. 064 * @return the session tracking modes 065 */ 066 public Set<Session.SessionTrackingMode> getTrackingModes() { 067 return this.trackingModes; 068 } 069 070 public void setTrackingModes(Set<Session.SessionTrackingMode> trackingModes) { 071 this.trackingModes = trackingModes; 072 } 073 074 /** 075 * Return whether to persist session data between restarts. 076 * @return {@code true} to persist session data between restarts. 077 */ 078 public boolean isPersistent() { 079 return this.persistent; 080 } 081 082 public void setPersistent(boolean persistent) { 083 this.persistent = persistent; 084 } 085 086 /** 087 * Return the directory used to store session data. 088 * @return the session data store directory 089 */ 090 public File getStoreDir() { 091 return this.storeDir; 092 } 093 094 public void setStoreDir(File storeDir) { 095 this.sessionStoreDirectory.setDirectory(storeDir); 096 this.storeDir = storeDir; 097 } 098 099 SessionStoreDirectory getSessionStoreDirectory() { 100 return this.sessionStoreDirectory; 101 } 102 103 /** 104 * Cookie properties. 105 */ 106 public static class Cookie { 107 108 private String name; 109 110 private String domain; 111 112 private String path; 113 114 private String comment; 115 116 private Boolean httpOnly; 117 118 private Boolean secure; 119 120 @DurationUnit(ChronoUnit.SECONDS) 121 private Duration maxAge; 122 123 /** 124 * Return the session cookie name. 125 * @return the session cookie name 126 */ 127 public String getName() { 128 return this.name; 129 } 130 131 public void setName(String name) { 132 this.name = name; 133 } 134 135 /** 136 * Return the domain for the session cookie. 137 * @return the session cookie domain 138 */ 139 public String getDomain() { 140 return this.domain; 141 } 142 143 public void setDomain(String domain) { 144 this.domain = domain; 145 } 146 147 /** 148 * Return the path of the session cookie. 149 * @return the session cookie path 150 */ 151 public String getPath() { 152 return this.path; 153 } 154 155 public void setPath(String path) { 156 this.path = path; 157 } 158 159 /** 160 * Return the comment for the session cookie. 161 * @return the session cookie comment 162 */ 163 public String getComment() { 164 return this.comment; 165 } 166 167 public void setComment(String comment) { 168 this.comment = comment; 169 } 170 171 /** 172 * Return whether to use "HttpOnly" cookies for session cookies. 173 * @return {@code true} to use "HttpOnly" cookies for session cookies. 174 */ 175 public Boolean getHttpOnly() { 176 return this.httpOnly; 177 } 178 179 public void setHttpOnly(Boolean httpOnly) { 180 this.httpOnly = httpOnly; 181 } 182 183 /** 184 * Return whether to always mark the session cookie as secure. 185 * @return {@code true} to mark the session cookie as secure even if the request 186 * that initiated the corresponding session is using plain HTTP 187 */ 188 public Boolean getSecure() { 189 return this.secure; 190 } 191 192 public void setSecure(Boolean secure) { 193 this.secure = secure; 194 } 195 196 /** 197 * Return the maximum age of the session cookie. 198 * @return the maximum age of the session cookie 199 */ 200 public Duration getMaxAge() { 201 return this.maxAge; 202 } 203 204 public void setMaxAge(Duration maxAge) { 205 this.maxAge = maxAge; 206 } 207 208 } 209 210 /** 211 * Available session tracking modes (mirrors 212 * {@link javax.servlet.SessionTrackingMode}. 213 */ 214 public enum SessionTrackingMode { 215 216 /** 217 * Send a cookie in response to the client's first request. 218 */ 219 COOKIE, 220 221 /** 222 * Rewrite the URL to append a session ID. 223 */ 224 URL, 225 226 /** 227 * Use SSL build-in mechanism to track the session. 228 */ 229 SSL 230 231 } 232 233}