org.apache.shiro.web.session.mgt

Class ServletContainerSessionManager

java.lang.Object

org.apache.shiro.web.session.mgt.ServletContainerSessionManager

All Implemented Interfaces:

org.apache.shiro.session.mgt.SessionManager, WebSessionManager

public class ServletContainerSessionManager
extends Object
implements WebSessionManager

SessionManager implementation providing Session implementations that are merely wrappers for the Servlet container's HttpSession.

Despite its name, this implementation does not itself manage Sessions since the Servlet container provides the actual management support. This class mainly exists to 'impersonate' a regular Shiro SessionManager so it can be pluggable into a normal Shiro configuration in a pure web application.

Note that because this implementation relies on the HttpSession, it is only functional in a servlet container - it is not capable of supporting Sessions for any clients other than those using the HTTP protocol.

Therefore, if you need Session support for heterogeneous clients (e.g. web browsers, RMI clients, etc), use the DefaultWebSessionManager instead. The DefaultWebSessionManager supports both traditional web-based access as well as non web-based clients.

Since:

0.9

See Also:

DefaultWebSessionManager

Constructor Summary

Constructors

Constructor and Description
ServletContainerSessionManager()

Method Summary

Modifier and Type	Method and Description
protected org.apache.shiro.session.Session	createSession(javax.servlet.http.HttpSession httpSession, String host)
protected org.apache.shiro.session.Session	createSession(org.apache.shiro.session.mgt.SessionContext sessionContext)
org.apache.shiro.session.Session	getSession(org.apache.shiro.session.mgt.SessionKey key)
boolean	isServletContainerSessions() This implementation always delegates to the servlet container for sessions, so this method returns true always.
org.apache.shiro.session.Session	start(org.apache.shiro.session.mgt.SessionContext context)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

ServletContainerSessionManager

public ServletContainerSessionManager()

Method Detail

start

public org.apache.shiro.session.Session start(org.apache.shiro.session.mgt.SessionContext context)
                                       throws org.apache.shiro.authz.AuthorizationException

Specified by:

start in interface org.apache.shiro.session.mgt.SessionManager

Throws:

org.apache.shiro.authz.AuthorizationException

getSession

public org.apache.shiro.session.Session getSession(org.apache.shiro.session.mgt.SessionKey key)
                                            throws org.apache.shiro.session.SessionException

Specified by:

getSession in interface org.apache.shiro.session.mgt.SessionManager

Throws:

org.apache.shiro.session.SessionException

createSession

protected org.apache.shiro.session.Session createSession(org.apache.shiro.session.mgt.SessionContext sessionContext)
                                                  throws org.apache.shiro.authz.AuthorizationException

Throws:

org.apache.shiro.authz.AuthorizationException

Since:

1.0

createSession

protected org.apache.shiro.session.Session createSession(javax.servlet.http.HttpSession httpSession,
                                                         String host)

isServletContainerSessions

public boolean isServletContainerSessions()

This implementation always delegates to the servlet container for sessions, so this method returns true always.

Specified by:

isServletContainerSessions in interface WebSessionManager

Returns:

true always

Since:

1.2