Package net.shibboleth.shared.net

Class CookieManager

java.lang.Object
net.shibboleth.shared.component.AbstractInitializableComponent
net.shibboleth.shared.net.CookieManager
All Implemented Interfaces:
Component, DestructableComponent, InitializableComponent
public class CookieManager extends AbstractInitializableComponent
A helper class for managing one or more cookies on behalf of a component.

This bean centralizes settings related to cookie creation and access, and is parameterized by name so that multiple cookies may be managed with common properties.

  • Field Details

    • cookiePath

      @Nullable private String cookiePath
      Path of cookie.

    • cookieDomain

      @Nullable private String cookieDomain
      Domain of cookie.

    • httpRequestSupplier

      @NonnullAfterInit private NonnullSupplier<HttpServletRequest> httpRequestSupplier
      Supplier for the servlet request to read from.

    • httpResponseSupplier

      @NonnullAfterInit private NonnullSupplier<HttpServletResponse> httpResponseSupplier
      Supplier for the servlet response to write to.

    • secure

      private boolean secure
      Is cookie secure?

    • httpOnly

      private boolean httpOnly
      Is cookie marked HttpOnly?

    • maxAge

      private int maxAge
      Maximum age in seconds, or -1 for session.

  • Constructor Details

    • CookieManager

      public CookieManager()
      Constructor.

  • Method Details

    • getCookiePath

      @Nullable public String getCookiePath()
      Get the cookie path to use.
      Returns:
      cookie path
      Since:
      9.1.0

    • setCookiePath

      public void setCookiePath(@Nullable String path)
      Set the cookie path to use.

      Defaults to the servlet context path.

      Parameters:
      path - cookie path to use, or null for the default

    • getCookieDomain

      @Nullable public String getCookieDomain()
      Get the cookie domain to use.
      Returns:
      cookie domain
      Since:
      9.1.0

    • setCookieDomain

      public void setCookieDomain(@Nullable String domain)
      Set the cookie domain to use.
      Parameters:
      domain - the cookie domain to use, or null for the default

    • setHttpServletRequestSupplier

      public void setHttpServletRequestSupplier(@Nonnull NonnullSupplier<HttpServletRequest> requestSupplier)
      Set the Supplier for the servlet request to read from.
      Parameters:
      requestSupplier - servlet request supplier

    • getHttpServletRequest

      @NonnullAfterInit protected HttpServletRequest getHttpServletRequest()
      Get the current HTTP request if available.
      Returns:
      current HTTP request

    • setHttpServletResponseSupplier

      public void setHttpServletResponseSupplier(@Nonnull NonnullSupplier<HttpServletResponse> responseSupplier)
      Set the supplier for the servlet response to write to.
      Parameters:
      responseSupplier - servlet response

    • getHttpServletResponse

      @NonnullAfterInit protected HttpServletResponse getHttpServletResponse()
      Get the current HTTP response if available.
      Returns:
      current HTTP response or null

    • setSecure

      public void setSecure(boolean flag)
      Set the SSL-only flag.
      Parameters:
      flag - flag to set

    • setHttpOnly

      public void setHttpOnly(boolean flag)
      Set the HttpOnly flag.
      Parameters:
      flag - flag to set

    • getMaxAge

      public int getMaxAge()
      Get maximum age of cookies in seconds.
      Returns:
      max age in seconds
      Since:
      9.1.0

    • setMaxAge

      public void setMaxAge(int age)
      Maximum age in seconds, or -1 for per-session.
      Parameters:
      age - max age to set

    • setMaxAgeDuration

      public void setMaxAgeDuration(@Nonnull Duration age)
      Maximum age expressed as a Duration.
      Parameters:
      age - max age of cookie
      Since:
      9.0.0

    • doInitialize

      protected void doInitialize() throws ComponentInitializationException
      Performs the initialization of the component. This method is executed within the lock on the object being initialized. The default implementation of this method is a no-op.
      Overrides:
      doInitialize in class AbstractInitializableComponent
      Throws:
      ComponentInitializationException - thrown if there is a problem initializing the component

    • addCookie

      public void addCookie(@Nonnull @NotEmpty String name, @Nonnull @NotEmpty String value)
      Add a cookie with the specified name and value.
      Parameters:
      name - name of cookie
      value - value of cookie

    • addCookie

      protected void addCookie(@Nonnull @NotEmpty String name, @Nonnull @NotEmpty String value, int overrideMaxAge)
      Add a cookie with the specified name and value.
      Parameters:
      name - name of cookie
      value - value of cookie
      overrideMaxAge - max-age value to use
      Since:
      9.1.0

    • unsetCookie

      public void unsetCookie(@Nonnull @NotEmpty String name)
      Unsets a cookie with the specified name.
      Parameters:
      name - name of cookie

    • cookieHasValue

      public boolean cookieHasValue(@Nonnull @NotEmpty String name, @Nonnull @NotEmpty String expectedValue)
      Check whether a cookie has a certain value.
      Parameters:
      name - name of cookie
      expectedValue - expected value of cookie
      Returns:
      true iff the cookie exists and has the expected value

    • getCookieValue

      @Nullable public String getCookieValue(@Nonnull @NotEmpty String name, @Nullable String defValue)
      Return the first matching cookie's value.
      Parameters:
      name - cookie name
      defValue - default value to return if the cookie isn't found
      Returns:
      cookie value

    • contextPathToCookiePath

      @Nonnull @NotEmpty private String contextPathToCookiePath()
      Turn the servlet context path into an appropriate cookie path.
      Returns:
      the cookie path