org.apache.shiro.web.servlet.ShiroHttpSession Maven / Gradle / Ivy
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.apache.shiro.web.servlet;
import org.apache.shiro.session.InvalidSessionException;
import org.apache.shiro.session.Session;
import org.apache.shiro.web.session.HttpServletSession;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import javax.servlet.http.HttpSessionBindingEvent;
import javax.servlet.http.HttpSessionBindingListener;
import java.util.Collection;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
/**
* Wrapper class that uses a Shiro {@link Session Session} under the hood for all session operations instead of the
* Servlet Container's session mechanism. This is required in heterogeneous client environments where the Session
* is used on both the business tier as well as in multiple client technologies (web, swing, flash, etc.) since
* Servlet container sessions alone cannot support this feature.
*
* @since 0.2
*/
@SuppressWarnings("checkstyle:MagicNumber")
public class ShiroHttpSession implements HttpSession {
/**
* default session id name.
*/
public static final String DEFAULT_SESSION_ID_NAME = "JSESSIONID";
private static final Enumeration EMPTY_ENUMERATION = new Enumeration<>() {
public boolean hasMoreElements() {
return false;
}
public String nextElement() {
return null;
}
};
@SuppressWarnings({"deprecation"})
private static final javax.servlet.http.HttpSessionContext HTTP_SESSION_CONTEXT =
new javax.servlet.http.HttpSessionContext() {
public HttpSession getSession(String s) {
return null;
}
public Enumeration getIds() {
return EMPTY_ENUMERATION;
}
};
protected ServletContext servletContext;
protected HttpServletRequest currentRequest;
//'real' Shiro Session
protected Session session;
public ShiroHttpSession(Session session, HttpServletRequest currentRequest, ServletContext servletContext) {
if (session instanceof HttpServletSession) {
String msg = "Session constructor argument cannot be an instance of HttpServletSession. This is enforced to "
+ "prevent circular dependencies and infinite loops.";
throw new IllegalArgumentException(msg);
}
this.session = session;
this.currentRequest = currentRequest;
this.servletContext = servletContext;
}
public Session getSession() {
return this.session;
}
public long getCreationTime() {
try {
return getSession().getStartTimestamp().getTime();
} catch (Exception e) {
throw new IllegalStateException(e);
}
}
public String getId() {
return getSession().getId().toString();
}
public long getLastAccessedTime() {
return getSession().getLastAccessTime().getTime();
}
public ServletContext getServletContext() {
return this.servletContext;
}
public void setMaxInactiveInterval(int i) {
try {
getSession().setTimeout(i * 1000L);
} catch (InvalidSessionException e) {
throw new IllegalStateException(e);
}
}
public int getMaxInactiveInterval() {
try {
return (Long.valueOf(getSession().getTimeout() / 1000)).intValue();
} catch (InvalidSessionException e) {
throw new IllegalStateException(e);
}
}
@SuppressWarnings({"deprecation"})
public javax.servlet.http.HttpSessionContext getSessionContext() {
return HTTP_SESSION_CONTEXT;
}
public Object getAttribute(String s) {
try {
return getSession().getAttribute(s);
} catch (InvalidSessionException e) {
throw new IllegalStateException(e);
}
}
@Deprecated
@Override
public Object getValue(String s) {
return getAttribute(s);
}
protected Set getKeyNames() {
Collection
© 2015 - 2025 Weber Informatics LLC | Privacy Policy