A handler that maintains a Session for each browser session.

It looks up the session for each request based on a session cookie which contains a session ID. It stores the session when the response is ended in the session store.

The session is available on the routing context with .

The session handler requires a CookieHandler to be on the routing chain before it.

no subtypes hierarchy

SessionHandler(SessionHandler unknown)
Inherited Attributes
Attributes inherited from: Object
hash, string
handleshared default void handle(RoutingContext arg0)
setCookieHttpOnlyFlagshared default SessionHandler setCookieHttpOnlyFlag(Boolean httpOnly)

Sets whether the 'HttpOnly' flag should be set for the session cookie. When set this flag instructs browsers to prevent Javascript access to the the cookie. Used as a line of defence against the most common XSS attacks.

  • httpOnly

    true to set the HttpOnly flag on the cookie

setCookieSecureFlagshared default SessionHandler setCookieSecureFlag(Boolean secure)

Sets whether the 'secure' flag should be set for the session cookie. When set this flag instructs browsers to only send the cookie over HTTPS. Note that this will probably stop your sessions working if used without HTTPS (e.g. in development).

  • secure

    true to set the secure flag on the cookie

setMinLengthshared default SessionHandler setMinLength(Integer minLength)

Set expected session id minimum length.

  • minLength

    the session id minimal length

setNagHttpsshared default SessionHandler setNagHttps(Boolean nag)

Set whether a nagging log warning should be written if the session handler is accessed over HTTP, not HTTPS

  • nag

    true to nag

setSessionCookieNameshared default SessionHandler setSessionCookieName(String sessionCookieName)

Set the session cookie name

  • sessionCookieName

    the session cookie name

setSessionTimeoutshared default SessionHandler setSessionTimeout(Integer timeout)

Set the session timeout

  • timeout

    the timeout, in ms.

Inherited Methods
Methods inherited from: Object