Package net.shibboleth.utilities.java.support.net

Class CookieManager

java.lang.Object
net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
net.shibboleth.utilities.java.support.net.CookieManager
All Implemented Interfaces:
Component, DestructableComponent, InitializableComponent
public final class CookieManager extends AbstractInitializableComponent
A helper class for managing one or more cookies on behalf of a component.

This bean centralizes settings related to cookie creation and access, and is parameterized by name so that multiple cookies may be managed with common properties.

  • Field Details

    • log

      private final org.slf4j.Logger log
      Log.

    • cookiePath

      @Nullable private String cookiePath
      Path of cookie.

    • cookieDomain

      @Nullable private String cookieDomain
      Domain of cookie.

    • httpRequestSupplier

      @NonnullAfterInit private NonnullSupplier<javax.servlet.http.HttpServletRequest> httpRequestSupplier
      Supplier for the servlet request to read from.

    • httpResponseSupplier

      @NonnullAfterInit private NonnullSupplier<javax.servlet.http.HttpServletResponse> httpResponseSupplier
      Supplier for the servlet response to write to.

    • secure

      private boolean secure
      Is cookie secure?

    • httpOnly

      private boolean httpOnly
      Is cookie marked HttpOnly?

    • maxAge

      private int maxAge
      Maximum age in seconds, or -1 for session.

  • Constructor Details

    • CookieManager

      public CookieManager()
      Constructor.

  • Method Details

    • setCookiePath

      public void setCookiePath(@Nullable String path)
      Set the cookie path to use for session tracking.

      Defaults to the servlet context path.

      Parameters:
      path - cookie path to use, or null for the default

    • setCookieDomain

      public void setCookieDomain(@Nullable String domain)
      Set the cookie domain to use for session tracking.
      Parameters:
      domain - the cookie domain to use, or null for the default

    • setHttpServletRequestSupplier

      public void setHttpServletRequestSupplier(@Nonnull NonnullSupplier<javax.servlet.http.HttpServletRequest> requestSupplier)
      Set the Supplier for the servlet request to read from.
      Parameters:
      requestSupplier - servlet request supplier

    • setHttpServletRequest

      @Deprecated(since="4.3", forRemoval=true) public void setHttpServletRequest(@Nullable javax.servlet.http.HttpServletRequest request)
      Deprecated, for removal: This API element is subject to removal in a future version.
      Set the current HTTP request.
      Parameters:
      request - current HTTP request

    • getHttpServletRequest

      @NonnullAfterInit private javax.servlet.http.HttpServletRequest getHttpServletRequest()
      Get the current HTTP request if available.
      Returns:
      current HTTP request

    • setHttpServletResponseSupplier

      public void setHttpServletResponseSupplier(@Nonnull NonnullSupplier<javax.servlet.http.HttpServletResponse> responseSupplier)
      Set the supplier for the servlet response to write to.
      Parameters:
      responseSupplier - servlet response

    • setHttpServletResponse

      @Deprecated(since="4.3", forRemoval=true) public void setHttpServletResponse(@Nullable javax.servlet.http.HttpServletResponse response)
      Deprecated, for removal: This API element is subject to removal in a future version.
      Set the servlet response to write to.
      Parameters:
      response - current HTTP response

    • getHttpServletResponse

      @NonnullAfterInit private javax.servlet.http.HttpServletResponse getHttpServletResponse()
      Get the current HTTP response if available.
      Returns:
      current HTTP response or null

    • setSecure

      public void setSecure(boolean flag)
      Set the SSL-only flag.
      Parameters:
      flag - flag to set

    • setHttpOnly

      public void setHttpOnly(boolean flag)
      Set the HttpOnly flag.
      Parameters:
      flag - flag to set

    • setMaxAge

      public void setMaxAge(int age)
      Maximum age in seconds, or -1 for per-session.
      Parameters:
      age - max age to set

    • doInitialize

      protected void doInitialize() throws ComponentInitializationException
      Performs the initialization of the component. This method is executed within the lock on the object being initialized. The default implementation of this method is a no-op.
      Overrides:
      doInitialize in class AbstractInitializableComponent
      Throws:
      ComponentInitializationException - thrown if there is a problem initializing the component

    • addCookie

      public void addCookie(@Nonnull @NotEmpty String name, @Nonnull @NotEmpty String value)
      Add a cookie with the specified name and value.
      Parameters:
      name - name of cookie
      value - value of cookie

    • unsetCookie

      public void unsetCookie(@Nonnull @NotEmpty String name)
      Unsets a cookie with the specified name.
      Parameters:
      name - name of cookie

    • cookieHasValue

      public boolean cookieHasValue(@Nonnull @NotEmpty String name, @Nonnull @NotEmpty String expectedValue)
      Check whether a cookie has a certain value.
      Parameters:
      name - name of cookie
      expectedValue - expected value of cookie
      Returns:
      true iff the cookie exists and has the expected value

    • getCookieValue

      @Nullable public String getCookieValue(@Nonnull @NotEmpty String name, @Nullable String defValue)
      Return the first matching cookie's value.
      Parameters:
      name - cookie name
      defValue - default value to return if the cookie isn't found
      Returns:
      cookie value

    • contextPathToCookiePath

      @Nonnull @NotEmpty private String contextPathToCookiePath()
      Turn the servlet context path into an appropriate cookie path.
      Returns:
      the cookie path