org.apache.shiro.web.session.mgt
Class ServletContainerSessionManager

java.lang.Object
  extended by org.apache.shiro.web.session.mgt.ServletContainerSessionManager
All Implemented Interfaces:
SessionManager, WebSessionManager

public class ServletContainerSessionManager
extends Object
implements WebSessionManager

SessionManager implementation providing Session implementations that are merely wrappers for the Servlet container's HttpSession.

Despite its name, this implementation does not itself manage Sessions since the Servlet container provides the actual management support. This class mainly exists to 'impersonate' a regular Shiro SessionManager so it can be pluggable into a normal Shiro configuration in a pure web application.

Note that because this implementation relies on the HttpSession, it is only functional in a servlet container - it is not capable of supporting Sessions for any clients other than those using the HTTP protocol.

Therefore, if you need Session support for heterogeneous clients (e.g. web browsers, RMI clients, etc), use the DefaultWebSessionManager instead. The DefaultWebSessionManager supports both traditional web-based access as well as non web-based clients.

Since:
0.9
See Also:
DefaultWebSessionManager

Constructor Summary
ServletContainerSessionManager()
           
 
Method Summary
protected  Session createSession(HttpSession httpSession, String host)
           
protected  Session createSession(SessionContext sessionContext)
           
 Session getSession(SessionKey key)
          Retrieves the session corresponding to the specified contextual data (such as a session ID if applicable), or null if no Session could be found.
 boolean isServletContainerSessions()
          This implementation always delegates to the servlet container for sessions, so this method returns true always.
 Session start(SessionContext context)
          Starts a new session based on the specified contextual initialization data, which can be used by the underlying implementation to determine how exactly to create the internal Session instance.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

ServletContainerSessionManager

public ServletContainerSessionManager()
Method Detail

start

public Session start(SessionContext context)
              throws AuthorizationException
Description copied from interface: SessionManager
Starts a new session based on the specified contextual initialization data, which can be used by the underlying implementation to determine how exactly to create the internal Session instance.

This method is mainly used in framework development, as the implementation will often relay the argument to an underlying SessionFactory which could use the context to construct the internal Session instance in a specific manner. This allows pluggable Session creation logic by simply injecting a SessionFactory into the SessionManager instance.

Specified by:
start in interface SessionManager
Parameters:
context - the contextual initialization data that can be used by the implementation or underlying SessionFactory when instantiating the internal Session instance.
Returns:
the newly created session.
Throws:
AuthorizationException
See Also:
SessionFactory.createSession(SessionContext)

getSession

public Session getSession(SessionKey key)
                   throws SessionException
Description copied from interface: SessionManager
Retrieves the session corresponding to the specified contextual data (such as a session ID if applicable), or null if no Session could be found. If a session is found but invalid (stopped or expired), a SessionException will be thrown.

Specified by:
getSession in interface SessionManager
Parameters:
key - the Session key to use to look-up the Session
Returns:
the Session instance corresponding to the given lookup key or null if no session could be acquired.
Throws:
SessionException - if a session was found but it was invalid (stopped/expired).

createSession

protected Session createSession(SessionContext sessionContext)
                         throws AuthorizationException
Throws:
AuthorizationException
Since:
1.0

createSession

protected Session createSession(HttpSession httpSession,
                                String host)

isServletContainerSessions

public boolean isServletContainerSessions()
This implementation always delegates to the servlet container for sessions, so this method returns true always.

Specified by:
isServletContainerSessions in interface WebSessionManager
Returns:
true always
Since:
1.2


Copyright © 2004-2014 The Apache Software Foundation. All Rights Reserved.