Package io.vertx.ext.web.sstore.cookie
Interface CookieSessionStore
-
- All Superinterfaces:
SessionStore
public interface CookieSessionStore extends SessionStore
A SessionStore that uses a Cookie to store the session data. All data is stored in encrypted form usingAES-256 with AES/GCM/NoPadding.- Author:
- Paulo Lopes
-
-
Field Summary
-
Fields inherited from interface io.vertx.ext.web.sstore.SessionStore
DEFAULT_SESSIONID_LENGTH
-
-
Method Summary
All Methods Static Methods Deprecated Methods Modifier and Type Method Description static CookieSessionStorecreate(Vertx vertx, String secret)Creates a CookieSessionStore.static CookieSessionStorecreate(Vertx vertx, String secret, Buffer salt)Deprecated.usecreate(Vertx, String)Creates a CookieSessionStore.-
Methods inherited from interface io.vertx.ext.web.sstore.SessionStore
clear, close, createSession, createSession, delete, get, init, put, retryTimeout, size
-
-
-
-
Method Detail
-
create
@Deprecated static CookieSessionStore create(Vertx vertx, String secret, Buffer salt)
Deprecated.usecreate(Vertx, String)Creates a CookieSessionStore. This factory method is deprecated and will be removed in a future version. The salt value is ignored and should not be used. This was an artifact of the original implementation which used a different encryption scheme.- Parameters:
vertx- a vert.x instancesecret- a secret to derive a secure private keysalt- ignored- Returns:
- the store
-
create
static CookieSessionStore create(Vertx vertx, String secret)
Creates a CookieSessionStore. Cookie data will be encrypted using the given secret. The secret as the name reflects, should never leave the server, otherwise user agents could tamper with the payload. The choice of GCM, ensures that no (IV, Key) is reusable, which means that there is no need for a salt. Also encrypting the same session multiple times will render different outputs, which prevents rainbow attacks.- Parameters:
vertx- a vert.x instancesecret- a secret to derive a secure private key- Returns:
- the store
-
-