public class ServletContainerSessionManager extends Object implements WebSessionManager
Session implementations that are merely wrappers for the
Servlet container's HttpSession.
Despite its name, this implementation does not itself manage Sessions since the Servlet container
provides the actual management support. This class mainly exists to 'impersonate' a regular Shiro
SessionManager so it can be pluggable into a normal Shiro configuration in a pure web application.
Note that because this implementation relies on the HttpSession, it is only functional in a
servlet container - it is not capable of supporting Sessions for any clients other than those using the HTTP
protocol.
Therefore, if you need Session support for heterogeneous clients (e.g. web browsers,
RMI clients, etc), use the DefaultWebSessionManager
instead. The DefaultWebSessionManager supports both traditional web-based access as well as non web-based
clients.DefaultWebSessionManager| Constructor and Description |
|---|
ServletContainerSessionManager() |
| Modifier and Type | Method and Description |
|---|---|
protected Session |
createSession(javax.servlet.http.HttpSession httpSession,
String host) |
protected Session |
createSession(SessionContext sessionContext) |
Session |
getSession(SessionKey key)
Retrieves the session corresponding to the specified contextual data (such as a session ID if applicable), or
null if no Session could be found. |
boolean |
isServletContainerSessions()
This implementation always delegates to the servlet container for sessions, so this method returns
true always. |
Session |
start(SessionContext context)
Starts a new session based on the specified contextual initialization data, which can be used by the underlying
implementation to determine how exactly to create the internal Session instance.
|
public Session start(SessionContext context) throws AuthorizationException
SessionManagerSessionFactory which could use the context to construct the internal Session
instance in a specific manner. This allows pluggable Session creation
logic by simply injecting a SessionFactory into the SessionManager instance.start in interface SessionManagercontext - the contextual initialization data that can be used by the implementation or underlying
SessionFactory when instantiating the internal Session instance.AuthorizationExceptionSessionFactory.createSession(SessionContext)public Session getSession(SessionKey key) throws SessionException
SessionManagernull if no Session could be found. If a session is found but invalid (stopped or expired), a
SessionException will be thrown.getSession in interface SessionManagerkey - the Session key to use to look-up the SessionSession instance corresponding to the given lookup key or null if no session
could be acquired.SessionException - if a session was found but it was invalid (stopped/expired).protected Session createSession(SessionContext sessionContext) throws AuthorizationException
AuthorizationExceptionprotected Session createSession(javax.servlet.http.HttpSession httpSession, String host)
public boolean isServletContainerSessions()
true always.isServletContainerSessions in interface WebSessionManagertrue alwaysCopyright © 2004–2016 The Apache Software Foundation. All rights reserved.