Package org.apache.shiro.web.session.mgt
Class ServletContainerSessionManager
- java.lang.Object
-
- org.apache.shiro.web.session.mgt.ServletContainerSessionManager
-
- All Implemented Interfaces:
SessionManager
,WebSessionManager
public class ServletContainerSessionManager extends Object implements WebSessionManager
SessionManager implementation providingSession
implementations that are merely wrappers for the Servlet container'sHttpSession
. Despite its name, this implementation does not itself manage Sessions since the Servlet container provides the actual management support. This class mainly exists to 'impersonate' a regular ShiroSessionManager
so it can be pluggable into a normal Shiro configuration in a pure web application. Note that because this implementation relies on theHttpSession
, it is only functional in a servlet container - it is not capable of supporting Sessions for any clients other than those using the HTTP protocol. Therefore, if you needSession
support for heterogeneous clients (e.g. web browsers, RMI clients, etc), use theDefaultWebSessionManager
instead. TheDefaultWebSessionManager
supports both traditional web-based access as well as non web-based clients.- Since:
- 0.9
- See Also:
DefaultWebSessionManager
-
-
Constructor Summary
Constructors Constructor Description ServletContainerSessionManager()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected Session
createSession(HttpSession httpSession, String host)
protected Session
createSession(SessionContext sessionContext)
Session
getSession(SessionKey key)
Retrieves the session corresponding to the specified contextual data (such as a session ID if applicable), ornull
if no Session could be found.boolean
isServletContainerSessions()
This implementation always delegates to the servlet container for sessions, so this method returnstrue
always.Session
start(SessionContext context)
Starts a new session based on the specified contextual initialization data, which can be used by the underlying implementation to determine how exactly to create the internal Session instance.
-
-
-
Constructor Detail
-
ServletContainerSessionManager
public ServletContainerSessionManager()
-
-
Method Detail
-
start
public Session start(SessionContext context) throws AuthorizationException
Description copied from interface:SessionManager
Starts a new session based on the specified contextual initialization data, which can be used by the underlying implementation to determine how exactly to create the internal Session instance. This method is mainly used in framework development, as the implementation will often relay the argument to an underlyingSessionFactory
which could use the context to construct the internal Session instance in a specific manner. This allows pluggableSession
creation logic by simply injecting aSessionFactory
into theSessionManager
instance.- Specified by:
start
in interfaceSessionManager
- Parameters:
context
- the contextual initialization data that can be used by the implementation or underlyingSessionFactory
when instantiating the internalSession
instance.- Returns:
- the newly created session.
- Throws:
AuthorizationException
- See Also:
SessionFactory.createSession(SessionContext)
-
getSession
public Session getSession(SessionKey key) throws SessionException
Description copied from interface:SessionManager
Retrieves the session corresponding to the specified contextual data (such as a session ID if applicable), ornull
if no Session could be found. If a session is found but invalid (stopped or expired), aSessionException
will be thrown.- Specified by:
getSession
in interfaceSessionManager
- Parameters:
key
- the Session key to use to look-up the Session- Returns:
- the
Session
instance corresponding to the given lookup key ornull
if no session could be acquired. - Throws:
SessionException
- if a session was found but it was invalid (stopped/expired).
-
createSession
protected Session createSession(SessionContext sessionContext) throws AuthorizationException
- Throws:
AuthorizationException
- Since:
- 1.0
-
createSession
protected Session createSession(HttpSession httpSession, String host)
-
isServletContainerSessions
public boolean isServletContainerSessions()
This implementation always delegates to the servlet container for sessions, so this method returnstrue
always.- Specified by:
isServletContainerSessions
in interfaceWebSessionManager
- Returns:
true
always- Since:
- 1.2
-
-