public class ServletContainerSessionManager extends Objectimplements WebSessionManager
Session implementations that are merely wrappers for the Servlet container's
HttpSession.
Despite its name, this implementation
does not itself manage Sessions since the Servlet container provides the actual management support. This class mainly exists to 'impersonate' a regular Shiro
SessionManager so it can be pluggable into a normal Shiro configuration in a pure web application.
Note that because this implementation relies on the
HttpSession, it is only functional in a servlet container - it is not capable of supporting Sessions for any clients other than those using the HTTP protocol.
Therefore, if you need
Session support for heterogeneous clients (e.g. web browsers, RMI clients, etc), use the
DefaultWebSessionManager instead. The
DefaultWebSessionManager supports both traditional web-based access as well as non web-based clients.
DefaultWebSessionManager
| Constructor and Description |
|---|
ServletContainerSessionManager()
|
| Modifier and Type | Method and Description |
|---|---|
protected Session |
createSession(HttpSession httpSession, String
|
protected Session |
createSession(SessionContext
|
Session |
getSession(SessionKey
|
boolean |
isServletContainerSessions()
This implementation always delegates to the servlet container for sessions, so this method returns
true always.
|
Session |
start(SessionContext
|
public Sessionstart(SessionContext context) throws AuthorizationException
start in interface
SessionManager
AuthorizationException
public SessiongetSession(SessionKey key) throws SessionException
getSession in interface
SessionManager
SessionException
protected SessioncreateSession(SessionContext sessionContext) throws AuthorizationException
AuthorizationException
public boolean isServletContainerSessions()
true always.
isServletContainerSessions in interface
WebSessionManager
true always