Package org.apache.shiro.mgt
Class SessionsSecurityManager
- java.lang.Object
-
- org.apache.shiro.mgt.CachingSecurityManager
-
- org.apache.shiro.mgt.RealmSecurityManager
-
- org.apache.shiro.mgt.AuthenticatingSecurityManager
-
- org.apache.shiro.mgt.AuthorizingSecurityManager
-
- org.apache.shiro.mgt.SessionsSecurityManager
-
- All Implemented Interfaces:
Authenticator,Authorizer,CacheManagerAware,EventBusAware,SecurityManager,SessionManager,Destroyable
- Direct Known Subclasses:
DefaultSecurityManager
public abstract class SessionsSecurityManager extends AuthorizingSecurityManager
Shiro support of aSecurityManagerclass hierarchy that delegates allsessionoperations to a wrappedSessionManagerinstance. That is, this class implements the methods in theSessionManagerinterface, but in reality, those methods are merely passthrough calls to the underlying 'real'SessionManagerinstance. The remainingSecurityManagermethods not implemented by this class or its parents are left to be implemented by subclasses. In keeping with the other classes in this hierarchy and Shiro's desire to minimize configuration whenever possible, suitable default instances for all dependencies will be created upon instantiation.- Since:
- 0.9
-
-
Constructor Summary
Constructors Constructor Description SessionsSecurityManager()Default no-arg constructor, internally creates a suitable defaultSessionManagerdelegate instance.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected voidafterCacheManagerSet()Callssuper.afterCacheManagerSet()and then immediately callsapplyCacheManagerToSessionManager()to ensure theCacheManageris applied to the SessionManager as necessary.protected voidafterEventBusSet()Sets any configured EventBus on the SessionManager if necessary.protected voidafterSessionManagerSet()protected voidapplyCacheManagerToSessionManager()Ensures the internal delegateSessionManageris injected with the newly setCacheManagerso it may use it for its internal caching needs.protected voidapplyEventBusToSessionManager()Ensures the internal delegateSessionManageris injected with the newly setEventBusso it may use it for its internal event needs.voiddestroy()Destroys thecacheManagerviaLifecycleUtils.destroy.SessiongetSession(SessionKey key)Retrieves the session corresponding to the specified contextual data (such as a session ID if applicable), ornullif no Session could be found.SessionManagergetSessionManager()Returns this security manager's internal delegateSessionManager.voidsetSessionManager(SessionManager sessionManager)Sets the underlying delegateSessionManagerinstance that will be used to support this implementation's SessionManager method calls.Sessionstart(SessionContext context)Starts a new session based on the specified contextual initialization data, which can be used by the underlying implementation to determine how exactly to create the internal Session instance.-
Methods inherited from class org.apache.shiro.mgt.AuthorizingSecurityManager
afterRealmsSet, checkPermission, checkPermission, checkPermissions, checkPermissions, checkRole, checkRoles, checkRoles, getAuthorizer, hasAllRoles, hasRole, hasRoles, isPermitted, isPermitted, isPermitted, isPermitted, isPermittedAll, isPermittedAll, setAuthorizer
-
Methods inherited from class org.apache.shiro.mgt.AuthenticatingSecurityManager
authenticate, getAuthenticator, setAuthenticator
-
Methods inherited from class org.apache.shiro.mgt.RealmSecurityManager
applyCacheManagerToRealms, applyEventBusToRealms, getRealms, setRealm, setRealms
-
Methods inherited from class org.apache.shiro.mgt.CachingSecurityManager
applyEventBusToCacheManager, getCacheManager, getEventBus, setCacheManager, setEventBus
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.apache.shiro.mgt.SecurityManager
createSubject, login, logout
-
-
-
-
Constructor Detail
-
SessionsSecurityManager
public SessionsSecurityManager()
Default no-arg constructor, internally creates a suitable defaultSessionManagerdelegate instance.
-
-
Method Detail
-
setSessionManager
public void setSessionManager(SessionManager sessionManager)
Sets the underlying delegateSessionManagerinstance that will be used to support this implementation's SessionManager method calls. This SecurityManager implementation does not provide logic to support the inherited SessionManager interface, but instead delegates these calls to an internal SessionManager instance. If a SessionManager instance is not set, a default one will be automatically created and initialized appropriately for the the existing runtime environment.- Parameters:
sessionManager- delegate instance to use to support this manager's SessionManager method calls.
-
afterSessionManagerSet
protected void afterSessionManagerSet()
-
getSessionManager
public SessionManager getSessionManager()
Returns this security manager's internal delegateSessionManager.- Returns:
- this security manager's internal delegate
SessionManager. - See Also:
setSessionManager
-
afterCacheManagerSet
protected void afterCacheManagerSet()
Callssuper.afterCacheManagerSet()and then immediately callsapplyCacheManagerToSessionManager()to ensure theCacheManageris applied to the SessionManager as necessary.- Overrides:
afterCacheManagerSetin classRealmSecurityManager
-
afterEventBusSet
protected void afterEventBusSet()
Sets any configured EventBus on the SessionManager if necessary.- Overrides:
afterEventBusSetin classRealmSecurityManager- Since:
- 1.3
-
applyCacheManagerToSessionManager
protected void applyCacheManagerToSessionManager()
Ensures the internal delegateSessionManageris injected with the newly setCacheManagerso it may use it for its internal caching needs. Note: This implementation only injects the CacheManager into the SessionManager if the SessionManager instance implements theCacheManagerAwareinterface.
-
applyEventBusToSessionManager
protected void applyEventBusToSessionManager()
Ensures the internal delegateSessionManageris injected with the newly setEventBusso it may use it for its internal event needs. Note: This implementation only injects the EventBus into the SessionManager if the SessionManager instance implements theEventBusAwareinterface.- Since:
- 1.3
-
start
public Session start(SessionContext context) throws AuthorizationException
Description copied from interface:SessionManagerStarts a new session based on the specified contextual initialization data, which can be used by the underlying implementation to determine how exactly to create the internal Session instance. This method is mainly used in framework development, as the implementation will often relay the argument to an underlyingSessionFactorywhich could use the context to construct the internal Session instance in a specific manner. This allows pluggableSessioncreation logic by simply injecting aSessionFactoryinto theSessionManagerinstance.- Parameters:
context- the contextual initialization data that can be used by the implementation or underlyingSessionFactorywhen instantiating the internalSessioninstance.- Returns:
- the newly created session.
- Throws:
AuthorizationException- See Also:
SessionFactory.createSession(SessionContext)
-
getSession
public Session getSession(SessionKey key) throws SessionException
Description copied from interface:SessionManagerRetrieves the session corresponding to the specified contextual data (such as a session ID if applicable), ornullif no Session could be found. If a session is found but invalid (stopped or expired), aSessionExceptionwill be thrown.- Parameters:
key- the Session key to use to look-up the Session- Returns:
- the
Sessioninstance corresponding to the given lookup key ornullif no session could be acquired. - Throws:
SessionException- if a session was found but it was invalid (stopped/expired).
-
destroy
public void destroy()
Description copied from class:CachingSecurityManagerDestroys thecacheManagerviaLifecycleUtils.destroy.- Specified by:
destroyin interfaceDestroyable- Overrides:
destroyin classAuthorizingSecurityManager
-
-