Examples of org.apache.shiro.mgt.DefaultSessionStorageEvaluator

org.apache.shiro.mgt.DefaultSessionStorageEvaluator
A Default {@code SessionStorageEvaluator} that provides reasonable control over if and how Sessions may be used forstoring Subject state. See the {@link #isSessionStorageEnabled(org.apache.shiro.subject.Subject)}method for exact behavior. @since 1.2

        final DefaultSecurityManager securityManager =
                new DefaultSecurityManager(
                        Lists.newArrayList(serverRestInterfaceRealm)
                );
        // disable storing sessions (TODO we might want to write a session store bridge to play's session cookie)
        final DefaultSessionStorageEvaluator sessionStorageEvaluator = new DefaultSessionStorageEvaluator();
        sessionStorageEvaluator.setSessionStorageEnabled(false);
        final DefaultSubjectDAO subjectDAO = new DefaultSubjectDAO();
        subjectDAO.setSessionStorageEvaluator(sessionStorageEvaluator);
        securityManager.setSubjectDAO(subjectDAO);


        final Authenticator authenticator = securityManager.getAuthenticator();

View Full Code Here

            ((ModularRealmAuthenticator) authenticator).setAuthenticationStrategy(new FirstSuccessfulStrategy());
        }
        sm.setAuthorizer(new ModularRealmAuthorizer(Lists.<Realm>newArrayList(mongoDbAuthorizationRealm, inMemoryRealm)));


        final DefaultSubjectDAO subjectDAO = new DefaultSubjectDAO();
        final DefaultSessionStorageEvaluator sessionStorageEvaluator = new DefaultSessionStorageEvaluator() {
            @Override
            public boolean isSessionStorageEnabled(Subject subject) {
                // save to session if we already have a session. do not create on just for saving the subject
                return (subject.getSession(false) != null);
            }
        };
        sessionStorageEvaluator.setSessionStorageEnabled(false);
        subjectDAO.setSessionStorageEvaluator(sessionStorageEvaluator);
        sm.setSubjectDAO(subjectDAO);


        final DefaultSessionManager defaultSessionManager = (DefaultSessionManager) sm.getSessionManager();
        defaultSessionManager.setSessionDAO(mongoDbSessionDAO);

View Full Code Here

        //disable sessions entirely:
        setSessionManager(new DisabledSessionManager());


        //also prevent the SecurityManager impl from using the Session as a storage medium (i.e. after authc):
        DefaultSubjectDAO subjectDao = (DefaultSubjectDAO)getSubjectDAO();
        DefaultSessionStorageEvaluator sessionStorageEvaluator =
                (DefaultSessionStorageEvaluator)subjectDao.getSessionStorageEvaluator();
        sessionStorageEvaluator.setSessionStorageEnabled(false);
    }

View Full Code Here

TOP

Related Classes of org.apache.shiro.mgt.DefaultSessionStorageEvaluator

lib.Global

org.apache.activemq.shiro.mgt.DefaultActiveMqSecurityManager

org.graylog2.bindings.providers.DefaultSecurityManagerProvider

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.