com.atlassian.seraph.auth.SessionInvalidator
|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||
java.lang.Object
public class SessionInvalidator
Invalidates and performs the manipulation of the session necessary to obtain a fresh JSESSIONID on Tomcat and the equivalent on other containers. It copies the session content over to a new session with a new id (JSESSIONID) and can exclude a given list of session attribute keys from the copy. See http://jira.atlassian.com/browse/JRA-16008
| Constructor Summary | |
|---|---|
SessionInvalidator(java.util.List<java.lang.String> excludeList)
Create a session invalidator configured with the given exclusions. |
|
| Method Summary | |
|---|---|
void |
invalidateSession(javax.servlet.http.HttpServletRequest httpServletRequest)
If there is a session for the given request, invalidate it and create a new session, copying all attributes over except those configured exclusions. |
| Methods inherited from class java.lang.Object |
|---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Constructor Detail |
|---|
public SessionInvalidator(java.util.List<java.lang.String> excludeList)
excludeList - a list of session attribute keys to exclude from invalidated sessions.| Method Detail |
|---|
public void invalidateSession(javax.servlet.http.HttpServletRequest httpServletRequest)
httpServletRequest - the request whose session should be invalidated.
|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||