java.lang.Object
- org.apache.shiro.web.session.mgt.ServletContainerSessionManager

All Implemented Interfaces:

SessionManager, WebSessionManager
```
public class ServletContainerSessionManager
extends Object
implements WebSessionManager
```
SessionManager implementation providing Session implementations that are merely wrappers for the Servlet container's HttpSession.
Despite its name, this implementation does not itself manage Sessions since the Servlet container provides the actual management support. This class mainly exists to 'impersonate' a regular Shiro SessionManager so it can be pluggable into a normal Shiro configuration in a pure web application.
Note that because this implementation relies on the HttpSession, it is only functional in a servlet container - it is not capable of supporting Sessions for any clients other than those using the HTTP protocol.
Therefore, if you need Session support for heterogeneous clients (e.g. web browsers, RMI clients, etc), use the DefaultWebSessionManager instead. The DefaultWebSessionManager supports both traditional web-based access as well as non web-based clients.

Since:

0.9

See Also:

DefaultWebSessionManager

Constructor Summary

Constructors
Constructor Description

ServletContainerSessionManager()

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`protected Session`	`createSession(HttpSession httpSession, String host)`
`protected Session`	`createSession(SessionContext sessionContext)`
`Session`	`getSession(SessionKey key)`	Retrieves the session corresponding to the specified contextual data (such as a session ID if applicable), or `null` if no Session could be found.
`boolean`	`isServletContainerSessions()`	This implementation always delegates to the servlet container for sessions, so this method returns `true` always.
`Session`	`start(SessionContext context)`	Starts a new session based on the specified contextual initialization data, which can be used by the underlying implementation to determine how exactly to create the internal Session instance.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - ServletContainerSessionManager
```
public ServletContainerSessionManager()
```
- Method Detail
  - start
```
public Session start(SessionContext context)
              throws AuthorizationException
```
    Description copied from interface: SessionManager
    
    Starts a new session based on the specified contextual initialization data, which can be used by the underlying implementation to determine how exactly to create the internal Session instance.
    This method is mainly used in framework development, as the implementation will often relay the argument to an underlying SessionFactory which could use the context to construct the internal Session instance in a specific manner. This allows pluggable Session creation logic by simply injecting a SessionFactory into the SessionManager instance.
    
    Specified by:
    
    start in interface SessionManager
    
    Parameters:
    
    context - the contextual initialization data that can be used by the implementation or underlying SessionFactory when instantiating the internal Session instance.
    
    Returns:
    
    the newly created session.
    
    Throws:
    
    AuthorizationException
    
    See Also:
    
    SessionFactory.createSession(SessionContext)
  - getSession
```
public Session getSession(SessionKey key)
                   throws SessionException
```
    Description copied from interface: SessionManager
    
    Retrieves the session corresponding to the specified contextual data (such as a session ID if applicable), or null if no Session could be found. If a session is found but invalid (stopped or expired), a SessionException will be thrown.
    
    Specified by:
    
    getSession in interface SessionManager
    
    Parameters:
    
    key - the Session key to use to look-up the Session
    
    Returns:
    
    the Session instance corresponding to the given lookup key or null if no session could be acquired.
    
    Throws:
    
    SessionException - if a session was found but it was invalid (stopped/expired).
  - createSession
```
protected Session createSession(SessionContext sessionContext)
                         throws AuthorizationException
```
    Throws:
    
    AuthorizationException
    
    Since:
    
    1.0
  - createSession
```
protected Session createSession(HttpSession httpSession,
                                String host)
```
  - isServletContainerSessions
```
public boolean isServletContainerSessions()
```
    This implementation always delegates to the servlet container for sessions, so this method returns true always.
    
    Specified by:
    
    isServletContainerSessions in interface WebSessionManager
    
    Returns:
    
    true always
    
    Since:
    
    1.2

Class ServletContainerSessionManager

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

ServletContainerSessionManager

Method Detail

start

getSession

createSession

createSession

isServletContainerSessions