org.jsecurity.web.session
Class ServletContainerSessionManager
java.lang.Object
org.jsecurity.session.mgt.AbstractSessionManager
org.jsecurity.web.session.ServletContainerSessionManager
- All Implemented Interfaces:
- SessionManager, SessionListenerRegistrar, WebSessionManager
public class ServletContainerSessionManager
- extends AbstractSessionManager
- implements WebSessionManager
SessionManager implementation providing Session implementations that are merely wrappers for the
Servlet container's HttpSession.
Despite its name, this implementation does not itself manage Sessions since the Servlet container
provides the actual management support. This class mainly exists to 'impersonate' a regular JSecurity
SessionManager so it can be pluggable into a normal JSecurity configuration in a pure web application.
Note that because this implementation relies on the HttpSession, it is only functional in a servlet
container. I.e. it is NOT capable of supporting Sessions any clients other than HttpRequest/HttpResponse
based clients.
Therefore, if you need heterogenous Session support across multiple client mediums (e.g. web pages,
Flash applets, Java Web Start applications, etc.), use the WebSessionManager instead. The
WebSessionManager supports both traditional web-based access as well as non web-based clients.
- Since:
- 0.9
- Author:
- Les Hazlewood
| Methods inherited from class org.jsecurity.session.mgt.AbstractSessionManager |
add, beforeInvalidNotification, getAttribute, getAttributeKeys, getHostAddress, getLastAccessTime, getSession, getStartTimestamp, getTimeout, isValid, notifyExpiration, notifyStart, notifyStop, onChange, onExpiration, onStop, remove, removeAttribute, setAttribute, setSessionListeners, setTimeout, start, stop, stop, touch |
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Methods inherited from interface org.jsecurity.session.mgt.SessionManager |
getAttribute, getAttributeKeys, getHostAddress, getLastAccessTime, getStartTimestamp, getTimeout, isValid, removeAttribute, setAttribute, setTimeout, start, stop, touch |
ServletContainerSessionManager
public ServletContainerSessionManager()
doGetSession
protected Session doGetSession(Serializable sessionId)
throws InvalidSessionException
- Specified by:
doGetSession in class AbstractSessionManager
- Throws:
InvalidSessionException
getSession
public Session getSession(ServletRequest request,
ServletResponse response)
throws AuthorizationException
- Description copied from interface:
WebSessionManager
- Returns the current
Session associated with the specified request pair, or
null if there is no session associated with the request.
- Specified by:
getSession in interface WebSessionManager
- Parameters:
request - the incoming ServletRequestresponse - the outgoing ServletResponse
- Returns:
- the current
Session associated with the specified request pair, or
null if there is no session associated with the request.
- Throws:
AuthorizationException
createSession
protected Session createSession(InetAddress originatingHost)
throws HostUnauthorizedException,
IllegalArgumentException
- Specified by:
createSession in class AbstractSessionManager
- Throws:
HostUnauthorizedException
IllegalArgumentException
createSession
protected Session createSession(HttpSession httpSession,
InetAddress inet)
Copyright © 2004-2008 JSecurity.