public class WebFilter extends Object implements javax.servlet.Filter
IMap
.
Using this filter requires also registering a SessionListener
to provide session timeout notifications.
Failure to register the listener when using this filter will result in session state getting out of sync between
the servlet container and Hazelcast.
This filter supports the following <init-param>
values:
use-client
: When enabled, a HazelcastClient
is
used to connect to the cluster, rather than joining as a full node. (Default: false
)config-location
: Specifies the location of an XML configuration file that can be used to
initialize the HazelcastInstance
(Default: None; the HazelcastInstance
is initialized
using its own defaults)client-config-location
: Specifies the location of an XML configuration file that can be
used to initialize the HazelcastInstance
. This setting is only checked when use-client
is set to true
. (Default: Falls back on config-location
)instance-name
: Names the HazelcastInstance
. This can be used to reference an already-
initialized HazelcastInstance
in the same JVM (Default: The configured instance name, or a
generated name if the configuration does not specify a value)shutdown-on-destroy
: When enabled, shuts down the HazelcastInstance
when the filter is
destroyed (Default: true
)map-name
: Names the IMap
the filter should use to persist session details (Default:
"_web_" + ServletContext.getServletContextName()
; e.g. "_web_MyApp")session-ttl-seconds
: Sets the MapConfig.setMaxIdleSeconds(int)
(int) time-to-live} for
the IMap
used to persist session details (Default: Uses the existing MapConfig
setting
for the IMap
, which defaults to infinite)sticky-session
: When enabled, optimizes IMap
interactions by assuming individual sessions
are only used from a single node (Default: true
)deferred-write
: When enabled, optimizes IMap
interactions by only writing session attributes
at the end of a request. This can yield significant performance improvements for session-heavy applications
(Default: false
)cookie-name
: Sets the name for the Hazelcast session cookie (Default:
"hazelcast.sessionId"
cookie-domain
: Sets the domain for the Hazelcast session cookie (Default: null
)cookie-secure
: When enabled, indicates the Hazelcast session cookie should only be sent over
secure protocols (Default: false
)cookie-http-only
: When enabled, marks the Hazelcast session cookie as "HttpOnly", indicating
it should not be available to scripts (Default: false
)
cookie-http-only
requires a Servlet 3.0-compatible container, such as Tomcat 7+ or Jetty 8+Modifier and Type | Class and Description |
---|---|
protected class |
WebFilter.RequestWrapper |
protected static class |
WebFilter.ResponseWrapper |
Modifier and Type | Field and Description |
---|---|
protected javax.servlet.FilterConfig |
filterConfig |
protected static String |
HAZELCAST_REQUEST |
protected static String |
HAZELCAST_SESSION_COOKIE_NAME |
protected static ILogger |
LOGGER |
protected static LocalCacheEntry |
NULL_ENTRY |
protected javax.servlet.ServletContext |
servletContext |
static String |
WEB_FILTER_ATTRIBUTE_KEY |
Constructor and Description |
---|
WebFilter() |
WebFilter(Properties properties) |
Modifier and Type | Method and Description |
---|---|
protected HazelcastHttpSession |
createHazelcastHttpSession(String id,
javax.servlet.http.HttpSession originalSession,
boolean deferredWrite)
HazelcastHttpSession instance creation is split off to a separate method to allow subclasses to return a
customized / extended version of HazelcastHttpSession . |
protected HazelcastHttpSession |
createNewSession(WebFilter.RequestWrapper requestWrapper,
String existingSessionId) |
void |
destroy() |
protected void |
destroySession(HazelcastHttpSession session,
boolean invalidate)
Destroys a session, determining if it should be destroyed clusterwide automatically or via expiry.
|
void |
doFilter(javax.servlet.ServletRequest req,
javax.servlet.ServletResponse res,
javax.servlet.FilterChain chain) |
ClusteredSessionService |
getClusteredSessionService() |
Properties |
getProperties() |
void |
init(javax.servlet.FilterConfig config) |
public static final String WEB_FILTER_ATTRIBUTE_KEY
protected static final ILogger LOGGER
protected static final LocalCacheEntry NULL_ENTRY
protected static final String HAZELCAST_REQUEST
protected static final String HAZELCAST_SESSION_COOKIE_NAME
protected javax.servlet.ServletContext servletContext
protected javax.servlet.FilterConfig filterConfig
public WebFilter()
public WebFilter(Properties properties)
public Properties getProperties()
public ClusteredSessionService getClusteredSessionService()
public final void init(javax.servlet.FilterConfig config) throws javax.servlet.ServletException
init
in interface javax.servlet.Filter
javax.servlet.ServletException
protected HazelcastHttpSession createNewSession(WebFilter.RequestWrapper requestWrapper, String existingSessionId)
protected HazelcastHttpSession createHazelcastHttpSession(String id, javax.servlet.http.HttpSession originalSession, boolean deferredWrite)
HazelcastHttpSession instance
creation is split off to a separate method to allow subclasses to return a
customized / extended version of HazelcastHttpSession
.id
- the session idoriginalSession
- the original sessiondeferredWrite
- whether writes are deferredprotected void destroySession(HazelcastHttpSession session, boolean invalidate)
session
- the session to be destroyed locallyinvalidate
- true
if the session has been invalidated and should be destroyed on all nodes
in the cluster; otherwise, false
to only remove the session globally if this
node was the final node referencing itpublic final void doFilter(javax.servlet.ServletRequest req, javax.servlet.ServletResponse res, javax.servlet.FilterChain chain) throws IOException, javax.servlet.ServletException
doFilter
in interface javax.servlet.Filter
IOException
javax.servlet.ServletException
public final void destroy()
destroy
in interface javax.servlet.Filter
Copyright © 2016 Hazelcast, Inc.. All Rights Reserved.