4D Documentation

Edit

セッション

Session objects are returned by the Session command when scalable sessions are enabled in your project. The Session object is automatically created and maintained by the 4D web server to control the session of a web client (e.g. a browser). This object provides the web developer with an interface to the user session, allowing to manage privileges, store contextual data, share information between processes, and launch session-related preemptive processes.

For detailed information about the session implementation, please refer to the web server Sessions section.

Summary
.clearPrivileges()

    removes all the privileges associated to the session

.expirationDate : Text

    the expiration date and time of the session cookie

.hasPrivilege( privilege : Text ) : Boolean

    returns True if the privilege is associated to the session, and False otherwise

.idleTimeout : Integer

    the inactivity session timeout (in minutes), after which the session is automatically closed by 4D

.isGuest() : Boolean

    returns True if the session is a Guest session (i.e. it has no privileges)

.setPrivileges( privilege : Text )
.setPrivileges( privileges : Collection )
.setPrivileges( settings : Object )

    associates the privilege(s) defined in the parameter to the session

.userName : Text

    the user name associated to the session

セッション

履歴

バージョン内容
v18 R6追加

Session : 4D.Session

参照タイプ説明
戻り値4D.Session<-Session object

説明

The Session command returns the Session object corresponding to the current scalable user web session.

This command only works when scalable sessions are enabled. It returns Null when sessions are disabled or when legacy sessions are used.

When scalable sessions are enabled, the Session object is available from any web processes in the following contexts:

  • On Web Authentication, On Web Connection, and On REST Authentication database methods,
  • ORDA Data Model Class functions called with REST requests,
  • code processed through 4D tags in semi-dynamic pages (4DTEXT, 4DHTML, 4DEVAL, 4DSCRIPT/, 4DCODE)
  • project methods with the "Available through 4D tags and URLs (4DACTION...)" attribute and called through 4DACTION/ urls.

例題

You have defined the action_Session method with attribute "Available through 4D tags and URLs". You call the method by entering the following URL in your browser:

IP:port/4DACTION/action_Session

  //action_Session method
 Case of
    :(Session#Null)
       If(Session.hasPrivilege("WebAdmin")) //calling the hasPrivilege function
          WEB SEND TEXT("4DACTION --> Session is WebAdmin")
       Else
          WEB SEND TEXT("4DACTION --> Session is not WebAdmin")
       End if
    Else
       WEB SEND TEXT("4DACTION --> Sesion is null")
 End case

.clearPrivileges()

履歴

バージョン内容
v18 R6追加

.clearPrivileges() | 参照 | タイプ | | 説明 | | -- | --- |::| ------------------------------- | | | | | Does not require any parameters |

説明

The .clearPrivileges() function removes all the privileges associated to the session. As a result, the session automatically becomes a Guest session.

例題

//Invalidate a session
var $isGuest : Boolean  

Session.clearPrivileges()
$isGuest:=Session.isGuest() //$isGuest is True

.expirationDate

履歴

バージョン内容
v18 R6追加

.expirationDate : Text

説明

The .expirationDate property contains the expiration date and time of the session cookie. The value is expressed as text in the ISO 8601 format: YYYY-MM-DDTHH:MM:SS.mmmZ.

This property is read-only. It is automatically recomputed if the .idleTimeout property value is modified.

例題

var $expiration : Text
$expiration:=Session.expirationDate //eg "2021-11-05T17:10:42Z"

.hasPrivilege()

履歴

バージョン内容
v18 R6追加

.hasPrivilege( privilege : Text ) : Boolean

参照タイプ説明
privilegeテキスト<-Name of the privilege to verify
戻り値ブール<-True if session has privilege, False otherwise

説明

The .hasPrivilege() function returns True if the privilege is associated to the session, and False otherwise.

例題

You want to check if the "WebAdmin" privilege is associated to the session:

If (Session.hasPrivilege("WebAdmin"))
    //Access is granted, do nothing
Else
    //Display an authentication page

End if

.idleTimeout

履歴

バージョン内容
v18 R6追加

.idleTimeout : Integer

説明

The .idleTimeout property contains the inactivity session timeout (in minutes), after which the session is automatically closed by 4D.

If this property is not set, the default value is 60 (1h).

When this property is set, the .expirationDate property is updated accordingly.

The value cannot be less than 60: if a lower value is set, the timeout is raised up to 60.

This property is read write.

例題

If (Session.isGuest())
        // A Guest session will close after 60 minutes of inactivity
    Session.idleTimeout:=60
Else
        // Other sessions will close after 120 minutes of inactivity
    Session.idleTimeout:=120
End if

.isGuest()

履歴

バージョン内容
v18 R6追加

.isGuest() : Boolean

参照タイプ説明
戻り値ブール<-True if session is a Guest one, False otherwise

説明

The .isGuest() function returns True if the session is a Guest session (i.e. it has no privileges).

例題

In the On Web Connection database method:

If (Session.isGuest())
    //Do something for Guest user
End if

.setPrivileges()

履歴

バージョン内容
v18 R6追加

.setPrivileges( privilege : Text )
.setPrivileges( privileges : Collection )
.setPrivileges( settings : Object )

参照タイプ説明
privilegeテキスト->Privilege name
privilegesコレクション->Collection of privilege names
settingsオブジェクト->Object with a "privileges" property (string or collection)

説明

The .setPrivileges() function associates the privilege(s) defined in the parameter to the session.

  • In the privilege parameter, pass a string containing a privilege name (or several comma-separated privilege names).

  • In the privileges parameter, pass a collection of strings containing privilege names.

  • In the settings parameter, pass an object containing the following properties:

プロパティタイプ説明
privilegesText or Collection
  • String containing a privilege name, or
  • Collection of strings containing privilege names
    • userNameテキストUser name to associate to the session (optional)

    If the privileges property contains an invalid privilege name, it is ignored.

    In the current implementation (v18 R6), only the "WebAdmin" privilege is available.

    By default when no privilege is associated to the session, the session is a Guest session.

    The userName property is available at session object level (read-only).

    例題

    In a custom authentication method, you set the "WebAdmin" privilege to the user:

    var $userOK : Boolean

... //Authenticate the user

If ($userOK) //The user has been approved
  var $info : Object
  $info:=New object()
  $info.privileges:=New collection("WebAdmin")
  Session.setPrivileges($info)
End if

    .storage

    履歴

    バージョン内容
    v18 R6追加

    .storage : Object

    説明

    The .storage property contains a shared object that can be used to store information available to all requests of the web client.

    When a Session object is created, the .storage property is empty. Since it is a shared object, this property will be available in the Storage object of the server.

    This property is read only itself but it returns a read-write object.

    例題

    You want to store the client IP in the .storage property. You can write in the On Web Authentication database method:

    If (Session.storage.clientIP=Null) //first access
    Use (Session.storage)
        Session.storage.clientIP:=New shared object("value"; $clientIP)
    End use 
End if

    .userName

    履歴

    バージョン内容
    v18 R6追加

    .userName : Text

    説明

    The .userName property contains the user name associated to the session. You can use it to identify the user within your code.

    This property is an empty string by default. It can be set using the privileges property of the setPrivileges() function.

    This property is read only.

    POP3TransporterSignal