Session is a stateful data context associated with a single Subject (user, daemon process,
etc) who interacts with a software system over a period of time.
Interface to be implemented by components that wish to be notified of events that occur during a
's life cycle.
Session implementation that immediately delegates all corresponding calls to an
underlying proxied session instance.
Simple adapter implementation of the
interface, effectively providing
no-op implementations of all methods.
A special case of a StoppedSessionException.
Exception thrown when attempting to interact with the system under an established session
when that session is considered invalid.
General security exception attributed to problems during interaction with the system during
Exception thrown when attempting to interact with the system under a session that has been
Exception thrown when attempting to interact with the system under the pretense of a
particular session (e.g. under a specific session id), and that session does not exist in
Package org.apache.shiro.session Description
Components related to managing sessions, the time-based data contexts in which a Subject
interacts with an application.
Sessions in Shiro are completely POJO-based and do not require
an application to use Web-based
or EJB-based session management infrastructure - the client and/or server technology is irrelevant in
Shiro's architecture, allowing session management to be employed in the smallest standalone application
to the largest enterprise deployments.
This design decision opens up a new world to Java applications - most notably the ability to participate in
a session regardless if the client is using HTTP, custom sockets, web services, or even non-Java programming
languages. Aside from Shiro, there is currently no technology in Java today allows this heterogenous
Also because of this freedom, Shiro naturally supports Single Sign-On for any application as well, using
this heterogeneous session support.