A handler that maintains a Session for each browser session.
It looks up the session for each request based on a session cookie which contains a session ID. It stores the session when the response is ended in the session store.
The session is available on the routing context with .
The session handler requires a CookieHandler to be on the routing chain before it.
Anything
Object
SessionHandler
Basic
Identifiable
Object
Anything
no subtypes hierarchy
Initializer |
SessionHandler(SessionHandler unknown) |
Inherited Attributes |
Attributes inherited from: Object hash , string |
Methods | |
handle | shared default void handle(RoutingContext arg0) |
setCookieHttpOnlyFlag | shared default SessionHandler setCookieHttpOnlyFlag(Boolean httpOnly) Sets whether the 'HttpOnly' flag should be set for the session cookie. When set this flag instructs browsers to prevent Javascript access to the the cookie. Used as a line of defence against the most common XSS attacks. Parameters:
|
setCookieSecureFlag | shared default SessionHandler setCookieSecureFlag(Boolean secure) Sets whether the 'secure' flag should be set for the session cookie. When set this flag instructs browsers to only send the cookie over HTTPS. Note that this will probably stop your sessions working if used without HTTPS (e.g. in development). Parameters:
|
setNagHttps | shared default SessionHandler setNagHttps(Boolean nag) Set whether a nagging log warning should be written if the session handler is accessed over HTTP, not HTTPS Parameters:
|
setSessionCookieName | shared default SessionHandler setSessionCookieName(String sessionCookieName) Set the session cookie name Parameters:
|
setSessionTimeout | shared default SessionHandler setSessionTimeout(Integer timeout) Set the session timeout Parameters:
|
Inherited Methods |
Methods inherited from: Object equals |