001/*
002 * Copyright 2008 Les Hazlewood
003 *
004 * Licensed under the Apache License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 *     http://www.apache.org/licenses/LICENSE-2.0
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 */
016package org.apache.shiro.session.mgt;
017
018import java.io.Serializable;
019
020/**
021 * A {@code SessionKey} is a key that allows look-up of any particular {@link org.apache.shiro.session.Session Session}
022 * instance.  This is not to be confused what is probably better recognized as a session <em>attribute</em> key - a key
023 * that is used to acquire a session attribute via the
024 * {@link org.apache.shiro.session.Session#getAttribute(Object) Session.getAttribute} method.  A {@code SessionKey}
025 * looks up a Session object directly.
026 * <p/>
027 * While a {@code SessionKey} allows lookup of <em>any</em> Session that might exist, this is not something in practice
028 * done too often by most Shiro end-users.  Instead, it is usually more convenient to acquire the currently executing
029 * {@code Subject}'s session via the {@link org.apache.shiro.subject.Subject#getSession} method.  This interface and
030 * its usages are best suited for framework development.
031 *
032 * @since 1.0
033 */
034public interface SessionKey {
035
036    /**
037     * Returns the id of the session to acquire.
038     * <p/>
039     * Acquiring sessions by ID only is a suitable strategy when sessions are natively managed by Shiro directly.
040     * For example, the Servlet specification does not have an API that allows session acquisition by session ID, so
041     * the session ID alone is not sufficient for ServletContainer-based SessionManager implementations.
042     *
043     * @return the id of the session to acquire.
044     */
045    Serializable getSessionId();
046}