org.springframework.web.server.session

Class InMemoryWebSessionStore

  • java.lang.Object
    • org.springframework.web.server.session.InMemoryWebSessionStore
  • All Implemented Interfaces:
    WebSessionStore


    public class InMemoryWebSessionStore
    extends java.lang.Object
    implements WebSessionStore
    Simple Map-based storage for WebSession instances.
    Since:
    5.0
    Author:
    Rossen Stoyanchev, Rob Winch
    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method and Description
      reactor.core.publisher.Mono<WebSession> createWebSession()
      Create a new WebSession.
      java.time.Clock getClock()
      Return the configured clock for session lastAccessTime calculations.
      int getMaxSessions()
      Return the maximum number of sessions that can be stored.
      java.util.Map<java.lang.String,WebSession> getSessions()
      Return the map of sessions with an unmodifiable wrapper.
      void removeExpiredSessions()
      Check for expired sessions and remove them.
      reactor.core.publisher.Mono<java.lang.Void> removeSession(java.lang.String id)
      Remove the WebSession for the specified id.
      reactor.core.publisher.Mono<WebSession> retrieveSession(java.lang.String id)
      Return the WebSession for the given id.
      void setClock(java.time.Clock clock)
      Configure the Clock to use to set lastAccessTime on every created session and to calculate if it is expired.
      void setMaxSessions(int maxSessions)
      Set the maximum number of sessions that can be stored.
      reactor.core.publisher.Mono<WebSession> updateLastAccessTime(WebSession session)
      Update the last accessed timestamp to "now".
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Constructor Detail

      • InMemoryWebSessionStore

        public InMemoryWebSessionStore()
    • Method Detail

      • setMaxSessions

        public void setMaxSessions(int maxSessions)
        Set the maximum number of sessions that can be stored. Once the limit is reached, any attempt to store an additional session will result in an IllegalStateException.

        By default set to 10000.

        Parameters:
        maxSessions - the maximum number of sessions
        Since:
        5.0.8
      • getMaxSessions

        public int getMaxSessions()
        Return the maximum number of sessions that can be stored.
        Since:
        5.0.8
      • setClock

        public void setClock(java.time.Clock clock)
        Configure the Clock to use to set lastAccessTime on every created session and to calculate if it is expired.

        This may be useful to align to different timezone or to set the clock back in a test, e.g. Clock.offset(clock, Duration.ofMinutes(-31)) in order to simulate session expiration.

        By default this is Clock.system(ZoneId.of("GMT")).

        Parameters:
        clock - the clock to use
      • getClock

        public java.time.Clock getClock()
        Return the configured clock for session lastAccessTime calculations.
      • getSessions

        public java.util.Map<java.lang.String,WebSession> getSessions()
        Return the map of sessions with an unmodifiable wrapper. This could be used for management purposes, to list active sessions, invalidate expired ones, etc.
        Since:
        5.0.8
      • createWebSession

        public reactor.core.publisher.Mono<WebSession> createWebSession()
        Description copied from interface: WebSessionStore
        Create a new WebSession.

        Note that this does nothing more than create a new instance. The session can later be started explicitly via WebSession.start() or implicitly by adding attributes -- and then persisted via WebSession.save().

        Specified by:
        createWebSession in interface WebSessionStore
        Returns:
        the created session instance
      • retrieveSession

        public reactor.core.publisher.Mono<WebSession> retrieveSession(java.lang.String id)
        Description copied from interface: WebSessionStore
        Return the WebSession for the given id.

        Note: This method should perform an expiration check, and if it has expired remove the session and return empty. This method should also update the lastAccessTime of retrieved sessions.

        Specified by:
        retrieveSession in interface WebSessionStore
        Parameters:
        id - the session to load
        Returns:
        the session, or an empty Mono .
      • removeSession

        public reactor.core.publisher.Mono<java.lang.Void> removeSession(java.lang.String id)
        Description copied from interface: WebSessionStore
        Remove the WebSession for the specified id.
        Specified by:
        removeSession in interface WebSessionStore
        Parameters:
        id - the id of the session to remove
        Returns:
        a completion notification (success or error)
      • updateLastAccessTime

        public reactor.core.publisher.Mono<WebSession> updateLastAccessTime(WebSession session)
        Description copied from interface: WebSessionStore
        Update the last accessed timestamp to "now".
        Specified by:
        updateLastAccessTime in interface WebSessionStore
        Parameters:
        session - the session to update
        Returns:
        the session with the updated last access time
      • removeExpiredSessions

        public void removeExpiredSessions()
        Check for expired sessions and remove them. Typically such checks are kicked off lazily during calls to create or retrieve, no less than 60 seconds apart. This method can be called to force a check at a specific time.
        Since:
        5.0.8