@ThreadSafe
public class HTTPSession
extends java.lang.Object
implements java.io.Closeable
A Session encapsulate a number of other objects:
As a rule, if the client gives an HTTPSession object to the "create method"
procedures of HTTPFactory (e.g. HTTPFactory.Get or HTTPFactory.Post)
then that creation call must specify a url that is "compatible" with the
scope of the session. The method url is
If the HTTPFactory method creation call does not specify a session
object, then one is created (and destroyed) behind the scenes
along with the method.
Note that the term legalurl in the following code means that the url has
reserved characters within identifiers in escaped form. This is
particularly an issue for queries. Especially square brackets
(e.g. ?x[0:5]) are an issue. Recently (2018) Apache Tomcat stopped
accepting square brackets (and maybe other characters) as ok
when left unencoded. So, now we need to be aware of this
and cause queries encoding to include square brackets.
As of the move to Apache Httpclient 4.4 and later, the underlying
HttpClient objects are generally immutable. This means that at least
this class (HTTPSession) and the HTTPMethod class must store the
relevant info and create the HttpClient and HttpMethod objects
dynamically. This also means that when a parameter is changed (Agent,
for example), any existing cached HttpClient must be thrown away and
reconstructed using the change. As a rule, the HttpClient object will be
created at the last minute so that multiple parameter changes can be
effected without have to re-create the HttpClient for each parameter
change. Also note that the immutable objects will be cached and reused
if no parameters are changed.
Authorization
We assume that the session supports two CredentialsProvider instances:
one global to all HTTPSession objects and one specific to each
HTTPSession object. The global one is used unless a local one was specified.
As an aside, authentication is a bit tricky because some
authorization schemes use redirection. That is, the initial request
is made to server X, but X says: goto to server Y" to get, say, and
authorization token. Then Y says: return to X with this token and
proceed.
SSL
TBD.
Notes:
1. Setting of credentials via HTTPSession is no longer supported.
Instead, the user must use CredentialsProvider.setCredentials
2. CredentialsProviders are all assumed to be caching (see
the code for BasicCredentialsProvider for the canonical case.
This has consequences for proxy because an attempt
will be made to insert them into the chosen CredentialsProvider.
3. The new class HTTPAuthCache is used instead of BasicAuthCache
so that when authorization fails, the AuthCache.remove method
is forwarded to the CredentialsProvider.clear or the
HTTPCredentialsProvider.remove method.
| Modifier and Type | Class and Description |
|---|---|
static class |
HTTPSession.Methods |
| Modifier and Type | Field and Description |
|---|---|
static java.lang.String |
ACCEPT_ENCODING |
protected static ucar.httpservices.HTTPSession.AuthControls |
authcontrols |
protected org.apache.http.client.config.RequestConfig |
cachedconfig |
protected boolean |
cachevalid |
protected static org.apache.http.HttpResponseInterceptor |
CEKILL |
protected boolean |
closed |
protected static ucar.httpservices.HTTPConnections |
connmgr |
protected static java.util.Map<java.lang.String,org.apache.http.client.entity.InputStreamFactory> |
contentDecoderMap |
protected static java.util.List<org.apache.http.HttpRequestInterceptor> |
dbgreq |
protected static java.util.List<org.apache.http.HttpResponseInterceptor> |
dbgrsp |
static java.lang.String |
HEADER_USERAGENT |
protected java.lang.String |
identifier |
protected java.util.Map<ucar.httpservices.HTTPSession.Prop,java.lang.Object> |
localsettings |
protected java.util.concurrent.ConcurrentSkipListSet<HTTPMethod> |
methods |
protected java.net.URI |
requestURI |
protected org.apache.http.auth.AuthScope |
scope |
protected java.net.URI |
scopeURI |
protected HTTPAuthCache |
sessioncache |
protected org.apache.http.client.protocol.HttpClientContext |
sessioncontext |
protected org.apache.http.client.CredentialsProvider |
sessionprovider |
protected java.lang.String |
sessionURI |
static boolean |
TESTING |
protected static boolean |
USEPOOL
Determine wether to use a Pooling connection manager
or to manage a bunch of individual connections.
|
| Modifier | Constructor and Description |
|---|---|
protected |
HTTPSession() |
| Modifier and Type | Method and Description |
|---|---|
protected static java.security.KeyStore |
buildkeystore(java.lang.String keypath,
java.lang.String keypassword) |
protected static java.lang.String |
checkCompressors(java.lang.String compressors) |
HTTPSession |
clearCookies() |
static void |
clearkeystore() |
protected void |
clearProvider()
This is used by HTTPMethod to sclear the credentials provider.
|
void |
clearState()
Deprecated.
|
void |
close()
Close the session.
|
static HTTPUtil.InterceptRequest |
debugRequestInterceptor() |
static HTTPUtil.InterceptResponse |
debugResponseInterceptor() |
org.apache.http.auth.AuthScope |
getAuthScope() |
java.util.List<org.apache.http.cookie.Cookie> |
getCookies() |
protected static int |
getDPropInt(java.lang.String key) |
static int |
getGlobalMaxConnection() |
static java.lang.Object |
getGlobalSetting(java.lang.String key) |
static java.lang.String |
getGlobalUserAgent() |
com.google.common.collect.ImmutableMap<java.lang.String,java.lang.String> |
getMergedSettings() |
int |
getMethodcount() |
static int |
getRetryCount()
Deprecated.
|
java.lang.String |
getSessionID()
Extract the sessionid cookie value
|
java.lang.String |
getSessionURI() |
java.lang.String |
getSessionURL()
Deprecated.
|
java.lang.Object |
getSetting(java.lang.String key) |
protected void |
init(org.apache.http.auth.AuthScope scope,
java.lang.String actualurl) |
boolean |
isClosed() |
java.util.Map<ucar.httpservices.HTTPSession.Prop,java.lang.Object> |
mergedSettings() |
static void |
rebuildkeystore(java.lang.String path,
java.lang.String pwd) |
static void |
removeGlobalCompression() |
static void |
resetInterceptors() |
protected void |
setAuthenticationAndProxy(org.apache.http.impl.client.HttpClientBuilder cb)
Handle authentication and Proxy'ing
|
HTTPSession |
setConnectionTimeout(int timeout) |
protected void |
setCredentials(java.net.URI uri)
This is used by HTTPMethod to set the in-url name+pwd into
the credentials provider, if defined.
|
HTTPSession |
setCredentialsProvider(org.apache.http.auth.AuthScope scope,
org.apache.http.client.CredentialsProvider provider)
Deprecated.
|
HTTPSession |
setCredentialsProvider(org.apache.http.client.CredentialsProvider provider) |
HTTPSession |
setCredentialsProvider(java.lang.String url,
org.apache.http.client.CredentialsProvider provider)
Deprecated.
|
protected static void |
setDefaults(java.util.Map<ucar.httpservices.HTTPSession.Prop,java.lang.Object> props) |
HTTPSession |
setFollowRedirects(boolean tf)
Enable/disable redirection following
Default is yes.
|
static void |
setGlobalCompression()
Deprecated.
|
static void |
setGlobalCompression(java.lang.String compressors) |
static void |
setGlobalConnectionTimeout(int timeout) |
static void |
setGlobalCredentialsProvider(org.apache.http.auth.AuthScope scope,
org.apache.http.client.CredentialsProvider provider)
Deprecated.
|
static void |
setGlobalCredentialsProvider(org.apache.http.client.CredentialsProvider provider) |
static void |
setGlobalCredentialsProvider(org.apache.http.client.CredentialsProvider provider,
java.lang.String scheme)
Deprecated.
|
static void |
setGlobalCredentialsProvider(java.lang.String url,
org.apache.http.client.CredentialsProvider provider)
Deprecated.
|
static void |
setGlobalFollowRedirects(boolean tf)
Enable/disable redirection following
Default is yes.
|
static void |
setGlobalMaxConnections(int n) |
static void |
setGlobalMaxRedirects(int n)
Set the max number of redirects to follow
|
static void |
setGlobalProxy(java.lang.String host,
int port)
Deprecated.
|
static void |
setGlobalRetryCount(int n) |
static void |
setGlobalSoTimeout(int timeout) |
static void |
setGlobalUserAgent(java.lang.String userAgent) |
static void |
setInterceptors(boolean print) |
protected static void |
setInterceptors(org.apache.http.impl.client.HttpClientBuilder cb) |
HTTPSession |
setMaxRedirects(int n)
Set the max number of redirects to follow
|
void |
setProxy(java.lang.String host,
int port)
Deprecated.
|
HTTPSession |
setSoTimeout(int timeout) |
HTTPSession |
setUserAgent(java.lang.String agent) |
HTTPSession |
setUseSessions(boolean tf)
Should we use sessionid's?
|
protected static void |
track(HTTPSession session) |
public static boolean TESTING
protected static final boolean USEPOOL
public static final java.lang.String HEADER_USERAGENT
public static final java.lang.String ACCEPT_ENCODING
protected static org.apache.http.HttpResponseInterceptor CEKILL
protected static java.util.List<org.apache.http.HttpRequestInterceptor> dbgreq
protected static java.util.List<org.apache.http.HttpResponseInterceptor> dbgrsp
protected static ucar.httpservices.HTTPConnections connmgr
protected static java.util.Map<java.lang.String,org.apache.http.client.entity.InputStreamFactory> contentDecoderMap
protected static ucar.httpservices.HTTPSession.AuthControls authcontrols
protected java.lang.String sessionURI
protected java.net.URI scopeURI
protected org.apache.http.auth.AuthScope scope
protected boolean closed
protected org.apache.http.client.CredentialsProvider sessionprovider
protected java.util.concurrent.ConcurrentSkipListSet<HTTPMethod> methods
protected java.lang.String identifier
protected java.util.Map<ucar.httpservices.HTTPSession.Prop,java.lang.Object> localsettings
protected org.apache.http.client.protocol.HttpClientContext sessioncontext
protected HTTPAuthCache sessioncache
protected java.net.URI requestURI
protected boolean cachevalid
protected org.apache.http.client.config.RequestConfig cachedconfig
protected HTTPSession()
throws HTTPException
HTTPExceptionprotected static int getDPropInt(java.lang.String key)
protected static void setDefaults(java.util.Map<ucar.httpservices.HTTPSession.Prop,java.lang.Object> props)
protected static java.security.KeyStore buildkeystore(java.lang.String keypath,
java.lang.String keypassword)
public static void setGlobalUserAgent(java.lang.String userAgent)
public static java.lang.String getGlobalUserAgent()
public static void setGlobalMaxConnections(int n)
public static int getGlobalMaxConnection()
public static void setGlobalConnectionTimeout(int timeout)
public static void setGlobalSoTimeout(int timeout)
public static void setGlobalFollowRedirects(boolean tf)
public static void setGlobalMaxRedirects(int n)
n - public static java.lang.Object getGlobalSetting(java.lang.String key)
public static void setGlobalCompression(java.lang.String compressors)
public static void removeGlobalCompression()
protected static java.lang.String checkCompressors(java.lang.String compressors)
public static void setGlobalCredentialsProvider(org.apache.http.client.CredentialsProvider provider)
throws HTTPException
provider - the credentials providerHTTPExceptionpublic static void setGlobalRetryCount(int n)
protected void init(org.apache.http.auth.AuthScope scope,
java.lang.String actualurl)
throws HTTPException
HTTPExceptionprotected static void setInterceptors(org.apache.http.impl.client.HttpClientBuilder cb)
public org.apache.http.auth.AuthScope getAuthScope()
public java.lang.String getSessionURI()
public java.lang.String getSessionID()
public HTTPSession setUserAgent(java.lang.String agent)
public HTTPSession setSoTimeout(int timeout)
public HTTPSession setConnectionTimeout(int timeout)
public HTTPSession setMaxRedirects(int n)
n - public HTTPSession setFollowRedirects(boolean tf)
public HTTPSession setUseSessions(boolean tf)
tf - public java.util.List<org.apache.http.cookie.Cookie> getCookies()
public HTTPSession clearCookies()
public java.lang.Object getSetting(java.lang.String key)
public void close()
close in interface java.io.Closeableclose in interface java.lang.AutoCloseablepublic HTTPSession setCredentialsProvider(org.apache.http.client.CredentialsProvider provider) throws HTTPException
provider - the credentials providerHTTPExceptionprotected void clearProvider()
protected void setCredentials(java.net.URI uri)
throws HTTPException
HTTPExceptionprotected void setAuthenticationAndProxy(org.apache.http.impl.client.HttpClientBuilder cb)
throws HTTPException
cb - HTTPExceptionpublic java.util.Map<ucar.httpservices.HTTPSession.Prop,java.lang.Object> mergedSettings()
public com.google.common.collect.ImmutableMap<java.lang.String,java.lang.String> getMergedSettings()
public boolean isClosed()
public int getMethodcount()
protected static void track(HTTPSession session)
public static void setInterceptors(boolean print)
public static void resetInterceptors()
public static HTTPUtil.InterceptRequest debugRequestInterceptor()
public static HTTPUtil.InterceptResponse debugResponseInterceptor()
public static void clearkeystore()
public static void rebuildkeystore(java.lang.String path,
java.lang.String pwd)
@Deprecated
public static void setGlobalCredentialsProvider(org.apache.http.auth.AuthScope scope,
org.apache.http.client.CredentialsProvider provider)
throws HTTPException
HTTPException@Deprecated
public static void setGlobalCredentialsProvider(java.lang.String url,
org.apache.http.client.CredentialsProvider provider)
throws HTTPException
HTTPException@Deprecated public HTTPSession setCredentialsProvider(java.lang.String url, org.apache.http.client.CredentialsProvider provider) throws HTTPException
HTTPException@Deprecated public HTTPSession setCredentialsProvider(org.apache.http.auth.AuthScope scope, org.apache.http.client.CredentialsProvider provider) throws HTTPException
HTTPException@Deprecated public static int getRetryCount()
@Deprecated public static void setGlobalCompression()
@Deprecated
public static void setGlobalProxy(java.lang.String host,
int port)
@Deprecated
public void setProxy(java.lang.String host,
int port)
@Deprecated
public static void setGlobalCredentialsProvider(org.apache.http.client.CredentialsProvider provider,
java.lang.String scheme)
throws HTTPException
HTTPException@Deprecated public void clearState()
@Deprecated public java.lang.String getSessionURL()