Package com.vaadin.server

Class VaadinService

    • Constructor Detail

      • VaadinService

        public VaadinService​(DeploymentConfiguration deploymentConfiguration)
        Creates a new vaadin service based on a deployment configuration
        Parameters:
        deploymentConfiguration - the deployment configuration for the service

    • Method Detail

      • init

        public void init()
          throws ServiceException
        Initializes this service. The service should be initialized before it is used.
        Throws:
        ServiceException - if a problem occurs when creating the service
        Since:
        7.1

      • createRequestHandlers

        protected List<RequestHandler> createRequestHandlers()
                                              throws ServiceException
        Called during initialization to add the request handlers for the service. Note that the returned list will be reversed so the last handler will be called first. This enables overriding this method and using add on the returned list to add a custom request handler which overrides any predefined handler.
        Returns:
        The list of request handlers used by this service.
        Throws:
        ServiceException - if a problem occurs when creating the request handlers

      • getStaticFileLocation

        public abstract String getStaticFileLocation​(VaadinRequest request)
        Return the URL from where static files, e.g. the widgetset and the theme, are served. In a standard configuration the VAADIN folder inside the returned folder is what is used for widgetsets and themes. The returned folder is usually the same as the context path and independent of e.g. the servlet mapping.
        Parameters:
        request - the request for which the location should be determined
        Returns:
        The location of static resources (should contain the VAADIN directory). Never ends with a slash (/).

      • getConfiguredWidgetset

        public abstract String getConfiguredWidgetset​(VaadinRequest request)
        Gets the widgetset that is configured for this deployment, e.g. from a parameter in web.xml.
        Parameters:
        request - the request for which a widgetset is required
        Returns:
        the name of the widgetset

      • getConfiguredTheme

        public abstract String getConfiguredTheme​(VaadinRequest request)
        Gets the theme that is configured for this deployment, e.g. from a portal parameter or just some sensible default value.
        Parameters:
        request - the request for which a theme is required
        Returns:
        the name of the theme

      • isStandalone

        public abstract boolean isStandalone​(VaadinRequest request)
        Checks whether the UI will be rendered on its own in the browser or whether it will be included into some other context. A standalone UI may do things that might interfere with other parts of a page, e.g. changing the page title and requesting focus upon loading.
        Parameters:
        request - the request for which the UI is loaded
        Returns:
        a boolean indicating whether the UI should be standalone

      • getClassLoader

        public ClassLoader getClassLoader()
        Gets the class loader to use for loading classes loaded by name, e.g. custom UI classes. This is by default the class loader that was used to load the Servlet or Portlet class to which this service belongs.
        Returns:
        the class loader to use, or null
        See Also:
        setClassLoader(ClassLoader)

      • setClassLoader

        public void setClassLoader​(ClassLoader classLoader)
        Sets the class loader to use for loading classes loaded by name, e.g. custom UI classes. Invokers of this method should be careful to not break any existing class loader hierarchy, e.g. by ensuring that a class loader set for this service delegates to the previously set class loader if the class is not found.
        Parameters:
        classLoader - the new class loader to set, not null.
        See Also:
        getClassLoader()

      • getMimeType

        public abstract String getMimeType​(String resourceName)
        Returns the MIME type of the specified file, or null if the MIME type is not known. The MIME type is determined by the configuration of the container, and may be specified in a deployment descriptor. Common MIME types are "text/html" and "image/gif".
        Parameters:
        resourceName - a String specifying the name of a file
        Returns:
        a String specifying the file's MIME type
        See Also:
        ServletContext.getMimeType(String)

      • getDeploymentConfiguration

        public DeploymentConfiguration getDeploymentConfiguration()
        Gets the deployment configuration.
        Returns:
        the deployment configuration

      • setSystemMessagesProvider

        public void setSystemMessagesProvider​(SystemMessagesProvider systemMessagesProvider)
        Sets the system messages provider to use for getting system messages to display to users of this service.
        Parameters:
        systemMessagesProvider - the system messages provider; null is not allowed.
        See Also:
        getSystemMessagesProvider()

      • getSystemMessages

        public SystemMessages getSystemMessages​(Locale locale,
                                        VaadinRequest request)
        Gets the system message to use for a specific locale. This method may also be implemented to use information from current instances of various objects, which means that this method might return different values for the same locale under different circumstances.
        Parameters:
        locale - the desired locale for the system messages
        request -
        Returns:
        the system messages to use

      • getBaseDirectory

        public abstract File getBaseDirectory()
        Returns the context base directory. Typically an application is deployed in a such way that is has an application directory. For web applications this directory is the root directory of the web applications. In some cases applications might not have an application directory (for example web applications running inside a war).
        Returns:
        The application base directory or null if the application has no base directory.

      • addSessionInitListener

        public void addSessionInitListener​(SessionInitListener listener)
        Adds a listener that gets notified when a new Vaadin service session is initialized for this service.

        Because of the way different service instances share the same session, the listener is not necessarily notified immediately when the session is created but only when the first request for that session is handled by this service.

        Parameters:
        listener - the Vaadin service session initialization listener
        See Also:
        removeSessionInitListener(SessionInitListener), SessionInitListener

      • removeSessionInitListener

        public void removeSessionInitListener​(SessionInitListener listener)
        Removes a Vaadin service session initialization listener from this service.
        Parameters:
        listener - the Vaadin service session initialization listener to remove.
        See Also:
        addSessionInitListener(SessionInitListener)

      • addSessionDestroyListener

        public void addSessionDestroyListener​(SessionDestroyListener listener)
        Adds a listener that gets notified when a Vaadin service session that has been initialized for this service is destroyed.

        The session being destroyed is locked and its UIs have been removed when the listeners are called.

        Parameters:
        listener - the vaadin service session destroy listener
        See Also:
        addSessionInitListener(SessionInitListener)

      • fireSessionDestroy

        public void fireSessionDestroy​(VaadinSession vaadinSession)
        Handles destruction of the given session. Internally ensures proper locking is done.
        Parameters:
        vaadinSession - The session to destroy

      • findVaadinSession

        public VaadinSession findVaadinSession​(VaadinRequest request)
                                throws ServiceException,
                                       SessionExpiredException
        Attempts to find a Vaadin service session associated with this request.

        Handles locking of the session internally to avoid creation of duplicate sessions by two threads simultaneously.

        Parameters:
        request - the request to get a vaadin service session for.
        Returns:
        the vaadin service session for the request, or null if no session is found and this is a request for which a new session shouldn't be created.
        Throws:
        ServiceException
        SessionExpiredException
        See Also:
        VaadinSession

      • setSessionLock

        protected void setSessionLock​(WrappedSession wrappedSession,
                              Lock lock)
        Associates the given lock with this service and the given wrapped session. This method should not be called more than once when the lock is initialized for the session.
        Parameters:
        wrappedSession - The wrapped session the lock is associated with
        lock - The lock object
        See Also:
        getSessionLock(WrappedSession)

      • getLockAttributeName

        protected String getLockAttributeName()
        Returns the name used to store the lock in the HTTP session.
        Returns:
        The attribute name for the lock

      • getSessionLock

        protected Lock getSessionLock​(WrappedSession wrappedSession)
        Gets the lock instance used to lock the VaadinSession associated with the given wrapped session.

        This method uses the wrapped session instead of VaadinSession to be able to lock even before the VaadinSession has been initialized.

        Parameters:
        wrappedSession - The wrapped session
        Returns:
        A lock instance used for locking access to the wrapped session

      • lockSession

        protected Lock lockSession​(WrappedSession wrappedSession)
        Locks the given session for this service instance. Typically you want to call VaadinSession.lock() instead of this method.

        Note: The method and its signature has been changed to return lock instance in Vaadin 7.7.27. If you have overriden this method, you need to update your implementation.

        Note: Overriding this method is not recommended, for custom lock storage strategy override getSessionLock(WrappedSession) and setSessionLock(WrappedSession,Lock) instead.

        Parameters:
        wrappedSession - The session to lock
        Returns:
        Lock instance
        Throws:
        IllegalStateException - if the session is invalidated before it can be locked

      • unlockSession

        protected void unlockSession​(WrappedSession wrappedSession,
                             Lock lock)
        Releases the lock for the given session for this service instance. Typically you want to call VaadinSession.unlock() instead of this method.

        Note: The method and its signature has been changed to get lock instance as parameter in Vaadin 7.7.27. If you have overriden this method, you need to update your implementation.

        Note: Overriding this method is not recommended, for custom lock storage strategy override getSessionLock(WrappedSession) and setSessionLock(WrappedSession,Lock) instead.

        Parameters:
        wrappedSession - The session to unlock, used only with assert
        lock - Lock instance to unlock

      • createVaadinSession

        protected VaadinSession createVaadinSession​(VaadinRequest request)
                                     throws ServiceException
        Creates a new Vaadin session for this service and request
        Parameters:
        request - The request for which to create a VaadinSession
        Returns:
        A new VaadinSession
        Throws:
        ServiceException

      • requestCanCreateSession

        protected abstract boolean requestCanCreateSession​(VaadinRequest request)
        Checks whether it's valid to create a new service session as a result of the given request.
        Parameters:
        request - the request
        Returns:
        true if it's valid to create a new service session for the request; else false

      • getCurrent

        public static VaadinService getCurrent()
        Gets the currently used Vaadin service. The current service is automatically defined when processing requests related to the service and in threads started at a point when the current service is defined (see InheritableThreadLocal). In other cases, (e.g. from background threads started in some other way), the current service is not automatically defined.
        Returns:
        the current Vaadin service instance if available, otherwise null
        See Also:
        setCurrentInstances(VaadinRequest, VaadinResponse)

      • setCurrentInstances

        public void setCurrentInstances​(VaadinRequest request,
                                VaadinResponse response)
        Sets the this Vaadin service as the current service and also sets the current Vaadin request and Vaadin response. This method is used by the framework to set the current instances when a request related to the service is processed and they are cleared when the request has been processed.

        The application developer can also use this method to define the current instances outside the normal request handling, e.g. when initiating custom background threads.

        Parameters:
        request - the Vaadin request to set as the current request, or null if no request should be set.
        response - the Vaadin response to set as the current response, or null if no response should be set.
        See Also:
        getCurrent(), getCurrentRequest(), getCurrentResponse()

      • setCurrent

        public static void setCurrent​(VaadinService service)
        Sets the given Vaadin service as the current service.
        Parameters:
        service -

      • getCurrentRequest

        public static VaadinRequest getCurrentRequest()
        Gets the currently processed Vaadin request. The current request is automatically defined when the request is started. The current request can not be used in e.g. background threads because of the way server implementations reuse request instances.
        Returns:
        the current Vaadin request instance if available, otherwise null
        See Also:
        setCurrentInstances(VaadinRequest, VaadinResponse)

      • getCurrentResponse

        public static VaadinResponse getCurrentResponse()
        Gets the currently processed Vaadin response. The current response is automatically defined when the request is started. The current response can not be used in e.g. background threads because of the way server implementations reuse response instances.
        Returns:
        the current Vaadin response instance if available, otherwise null
        See Also:
        setCurrentInstances(VaadinRequest, VaadinResponse)

      • getServiceName

        public abstract String getServiceName()
        Gets a unique name for this service. The name should be unique among different services of the same type but the same for corresponding instances running in different JVMs in a cluster. This is typically based on e.g. the configured servlet's or portlet's name.
        Returns:
        the unique name of this service instance.

      • findUI

        public UI findUI​(VaadinRequest request)
        Finds the UI that belongs to the provided request. This is generally only supported for UIDL requests as other request types are not related to any particular UI or have the UI information encoded in a non-standard way. The returned UI is also set as the current UI ( UI.setCurrent(UI)).
        Parameters:
        request - the request for which a UI is desired
        Returns:
        the UI belonging to the request or null if no UI is found

      • preserveUIOnRefresh

        public boolean preserveUIOnRefresh​(UIProvider provider,
                                   UICreateEvent event)
        Check if the given UI should be associated with the window.name so that it can be re-used if the browser window is reloaded. This is typically determined by the UI provider which typically checks the @PreserveOnRefresh annotation but UI providers and ultimately VaadinService implementations may choose to override the defaults.
        Parameters:
        provider - the UI provider responsible for the UI
        event - the UI create event with details about the UI
        Returns:
        true if the UI should be preserved on refresh; false if a new UI instance should be initialized on refreshed.

      • reinitializeSession

        public static void reinitializeSession​(VaadinRequest request)
        Discards the current session and creates a new session with the same contents. The purpose of this is to introduce a new session key in order to avoid session fixation attacks.

        Please note that this method makes certain assumptions about how data is stored in the underlying session and may thus not be compatible with some environments.

        Parameters:
        request - The Vaadin request for which the session should be reinitialized

      • getThemeResourceAsStream

        public abstract InputStream getThemeResourceAsStream​(UI ui,
                                                     String themeName,
                                                     String resource)
                                              throws IOException
        Finds the given theme resource from the web content folder or using the class loader and returns a stream for it
        Parameters:
        ui - The ui for which to find the resource
        themeName - The name of the theme
        resource - The name of the resource, e.g. "layouts/mycustomlayout.html"
        Returns:
        A stream for the resource or null if the resource was not found
        Throws:
        IOException - if a problem occurred while finding or opening the resource

      • getMainDivId

        public abstract String getMainDivId​(VaadinSession session,
                                    VaadinRequest request,
                                    Class<? extends UI> uiClass)
        Creates and returns a unique ID for the DIV where the UI is to be rendered.
        Parameters:
        session - The service session to which the bootstrapped UI will belong.
        request - The request for which a div id is needed
        uiClass - The class of the UI that will be bootstrapped
        Returns:
        the id to use in the DOM

      • closeSession

        public void closeSession​(VaadinSession session)
        Sets the given session to be closed and all its UI state to be discarded at the end of the current request, or at the end of the next request if there is no ongoing one.

        After the session has been discarded, any UIs that have been left open will give a Session Expired error and a new session will be created for serving new UIs.

        To avoid causing out of sync errors, you should typically redirect to some other page using Page.setLocation(String) to make the browser unload the invalidated UI.

        Parameters:
        session - the session to close
        See Also:
        SystemMessages.getSessionExpiredCaption()

      • requestStart

        public void requestStart​(VaadinRequest request,
                         VaadinResponse response)
        Called before the framework starts handling a request
        Parameters:
        request - The request
        response - The response

      • requestEnd

        public void requestEnd​(VaadinRequest request,
                       VaadinResponse response,
                       VaadinSession session)
        Called after the framework has handled a request and the response has been written.
        Parameters:
        request - The request object
        response - The response object
        session - The session which was used during the request or null if the request did not use a session

      • getRequestHandlers

        public Iterable<RequestHandler> getRequestHandlers()
        Returns the request handlers that are registered with this service. The iteration order of the returned collection is the same as the order in which the request handlers will be invoked when a request is handled.
        Returns:
        a collection of request handlers in the order they are invoked
        Since:
        7.1
        See Also:
        createRequestHandlers()

      • handleRequest

        public void handleRequest​(VaadinRequest request,
                          VaadinResponse response)
                   throws ServiceException
        Handles the incoming request and writes the response into the response object. Uses getRequestHandlers() for handling the request.

        If a session expiration is detected during request handling then each request handler has an opportunity to handle the expiration event if it implements SessionExpiredHandler. If no request handler handles session expiration a default expiration message will be written.

        Parameters:
        request - The incoming request
        response - The outgoing response
        Throws:
        ServiceException - Any exception that occurs during response handling will be wrapped in a ServiceException

      • writeStringResponse

        public void writeStringResponse​(VaadinResponse response,
                                String contentType,
                                String responseString)
                         throws IOException
        Writes the given string as a response using the given content type.
        Parameters:
        response - The response reference
        contentType - The content type of the response
        responseString - The actual response
        Throws:
        IOException - If an error occured while writing the response

      • writeUncachedStringResponse

        public void writeUncachedStringResponse​(VaadinResponse response,
                                        String contentType,
                                        String responseString)
                                 throws IOException
        Writes the given string as a response with headers to prevent caching and using the given content type.
        Parameters:
        response - The response reference
        contentType - The content type of the response
        responseString - The actual response
        Throws:
        IOException - If an error occurred while writing the response
        Since:
        7.7.45

      • handleSessionExpired

        protected void handleSessionExpired​(VaadinRequest request,
                                    VaadinResponse response)
                             throws ServiceException
        Called when the session has expired and the request handling is therefore aborted.
        Parameters:
        request - The request
        response - The response
        Throws:
        ServiceException - Thrown if there was any problem handling the expiration of the session

      • createCriticalNotificationJSON

        public static String createCriticalNotificationJSON​(String caption,
                                                    String message,
                                                    String details,
                                                    String url)
        Creates a JSON message which, when sent to client as-is, will cause a critical error to be shown with the given details.
        Parameters:
        caption - The caption of the error or null to omit
        message - The error message or null to omit
        details - Additional error details or null to omit
        url - A url to redirect to. If no other details are given then the user will be immediately redirected to this URL. Otherwise the message will be shown and the browser will redirect to the given URL only after the user acknowledges the message. If null then the browser will refresh the current page.
        Returns:
        A JSON string to be sent to the client

      • ensurePushAvailable

        public boolean ensurePushAvailable()
        Enables push if push support is available and push has not yet been enabled. If push support is not available, a warning explaining the situation will be logged at least the first time this method is invoked.
        Returns:
        true if push can be used; false if push is not available.

      • isAtmosphereAvailable

        protected boolean isAtmosphereAvailable()
        Checks whether Atmosphere is avilable for use
        Returns:
        true if Atmosphere is available, false otherwise
        Since:
        7.6

      • isOtherSessionLocked

        public static boolean isOtherSessionLocked​(VaadinSession session)
        Checks whether there might be some VaadinSession other than the provided one for which the current thread holds a lock. This method might not detect all cases where some other session is locked, but it should cover the most typical situations.
        Parameters:
        session - the session that is expected to be locked
        Returns:
        true if another session is also locked by the current thread; false if no such session was found
        Since:
        7.2

      • isCsrfTokenValid

        public static boolean isCsrfTokenValid​(VaadinSession session,
                                       String requestToken)
        Verifies that the given CSRF token (aka double submit cookie) is valid for the given session. This is used to protect against Cross Site Request Forgery attacks.

        This protection is enabled by default, but it might need to be disabled to allow a certain type of testing. For these cases, the check can be disabled by setting the init parameter disable-xsrf-protection to true.

        Parameters:
        session - the vaadin session for which the check should be done
        requestToken - the CSRF token provided in the request
        Returns:
        true if the token is valid or if the protection is disabled; false if protection is enabled and the token is invalid
        Since:
        7.1
        See Also:
        DeploymentConfiguration.isXsrfProtectionEnabled()

      • accessSession

        public Future<Void> accessSession​(VaadinSession session,
                                  Runnable runnable)
        Implementation for VaadinSession.access(Runnable). This method is implemented here instead of in VaadinSession to enable overriding the implementation without using a custom subclass of VaadinSession.
        Parameters:
        session - the vaadin session to access
        runnable - the runnable to run with the session locked
        Returns:
        a future that can be used to check for task completion and to cancel the task
        Since:
        7.1
        See Also:
        VaadinSession.access(Runnable)

      • ensureAccessQueuePurged

        public void ensureAccessQueuePurged​(VaadinSession session)
        Makes sure the pending access queue is purged for the provided session. If the session is currently locked by the current thread or some other thread, the queue will be purged when the session is unlocked. If the lock is not held by any thread, it is acquired and the queue is purged right away.
        Parameters:
        session - the session for which the access queue should be purged
        Since:
        7.1.2

      • runPendingAccessTasks

        public void runPendingAccessTasks​(VaadinSession session)
        Purges the queue of pending access invocations enqueued with VaadinSession.access(Runnable).

        This method is automatically run by the framework at appropriate situations and is not intended to be used by application developers.

        Parameters:
        session - the vaadin session to purge the queue for
        Since:
        7.1

      • destroy

        public void destroy()
        Called when the servlet, portlet or similar for this service is being destroyed. After this method has been called, no more requests will be handled by this service.
        Since:
        7.2
        See Also:
        addServiceDestroyListener(ServiceDestroyListener), Servlet.destroy()

      • setDefaultClassLoader

        protected void setDefaultClassLoader()
        Tries to acquire default class loader and sets it as a class loader for this VaadinService if found. If current security policy disallows acquiring class loader instance it will log a message and re-throw SecurityException
        Throws:
        SecurityException - If current security policy forbids acquiring class loader
        Since:
        7.3.5

      • storeSession

        protected void storeSession​(VaadinSession session,
                            WrappedSession wrappedSession)
        Called when the VaadinSession should be stored.

        By default stores the VaadinSession in the underlying HTTP session.

        Parameters:
        session - the VaadinSession to store
        wrappedSession - the underlying HTTP session
        Since:
        7.6

      • writeToHttpSession

        protected void writeToHttpSession​(WrappedSession wrappedSession,
                                  VaadinSession session)
        Performs the actual write of the VaadinSession to the underlying HTTP session after sanity checks have been performed.

        Called by storeSession(VaadinSession, WrappedSession)

        Parameters:
        wrappedSession - the underlying HTTP session
        session - the VaadinSession to store
        Since:
        7.6

      • loadSession

        protected VaadinSession loadSession​(WrappedSession wrappedSession)
        Called when the VaadinSession should be loaded from the underlying HTTP session
        Parameters:
        wrappedSession - the underlying HTTP session
        Returns:
        the VaadinSession in the HTTP session or null if not found
        Since:
        7.6

      • readFromHttpSession

        protected VaadinSession readFromHttpSession​(WrappedSession wrappedSession)
        Performs the actual read of the VaadinSession from the underlying HTTP session after sanity checks have been performed.

        Called by loadSession(WrappedSession).

        Parameters:
        wrappedSession - the underlying HTTP session
        Returns:
        the VaadinSession or null if no session was found
        Since:
        7.6

      • removeSession

        public void removeSession​(WrappedSession wrappedSession)
        Called when the VaadinSession should be removed from the underlying HTTP session
        Parameters:
        wrappedSession - the underlying HTTP session
        Since:
        7.6

      • removeFromHttpSession

        protected void removeFromHttpSession​(WrappedSession wrappedSession)
        Performs the actual removal of the VaadinSession from the underlying HTTP session after sanity checks have been performed
        Parameters:
        wrappedSession - the underlying HTTP session
        Since:
        7.6

      • getSessionAttributeName

        protected String getSessionAttributeName()
        Returns the name used for storing the VaadinSession in the underlying HTTP session
        Returns:
        the attribute name used for storing the VaadinSession
        Since:
        7.6