Examples of org.apache.shiro.session.Session

org.apache.shiro.session.Session
A {@code Session} is a stateful data context associated with a single Subject (user, daemon process,etc) who interacts with a software system over a period of time.
A {@code Session} is intended to be managed by the business tier and accessible via othertiers without being tied to any given client technology. This is a great benefit to Java systems, since until now, the only viable session mechanisms were the {@code javax.servlet.http.HttpSession} or Stateful Session EJB's, which many timesunnecessarily coupled applications to web or ejb technologies. @author Les Hazlewood @since 0.1

        if (sessionId == null) {
            log.debug("Unable to resolve session ID from SessionKey [{}].  Returning null to indicate a " +
                    "session could not be found.", sessionKey);
            return null;
        }
        Session s = retrieveSessionFromDataSource(sessionId);
        if (s == null) {
            //session ID was provided, meaning one is expected to be found, but we couldn't find one:
            String msg = "Could not find session with ID [" + sessionId + "]";
            throw new UnknownSessionException(msg);
        }

View Full Code Here

            try {
                // HACK Check if can get the securityManager - this'll cause an exception if it's not set 
                SecurityUtils.getSecurityManager();
                if (!sessionManagerMethodInvocation) {
                    Subject subject = SecurityUtils.getSubject();
                    Session session = subject.getSession(false);
                    if (session != null) {
                        sessionId = session.getId();
                        host = session.getHost();
                    }
                }
            }
            catch (Exception e) {
                log.trace("No security manager set. Trying next to get session id from system property");

View Full Code Here

            throw new IllegalArgumentException(msg);
        }


        HttpServletRequest request = WebUtils.getHttpRequest(key);


        Session session = null;


        HttpSession httpSession = request.getSession(false);
        if (httpSession != null) {
            session = createSession(httpSession, request.getRemoteHost());
        }

View Full Code Here

    protected final Session doGetSession(final SessionKey key) throws InvalidSessionException {
        enableSessionValidationIfNecessary();


        log.trace("Attempting to retrieve session with key {}", key);


        Session s = retrieveSession(key);
        if (s != null) {
            validate(s, key);
        }
        return s;
    }

View Full Code Here


        // get the currently executing user:
        Subject currentUser = SecurityUtils.getSubject();


        // Do some stuff with a Session (no need for a web or EJB container!!!)
        Session session = currentUser.getSession();
        session.setAttribute("someKey", "aValue");
        String value = (String) session.getAttribute("someKey");
        if (value.equals("aValue")) {
            log.info("Retrieved the correct value! [" + value + "]");
        }


        // let's login the current user so we can check against roles and permissions:

View Full Code Here

        String value = "testValue";
        DefaultSecurityManager sm = new DefaultSecurityManager();


        DelegatingSubject subject = new DelegatingSubject(sm);


        Session session = subject.getSession();
        session.setAttribute(key, value);
        assertTrue(session.getAttribute(key).equals(value));
        Serializable firstSessionId = session.getId();
        assertNotNull(firstSessionId);


        session.stop();


        session = subject.getSession();
        assertNotNull(session);
        assertNull(session.getAttribute(key));
        Serializable secondSessionId = session.getId();
        assertNotNull(secondSessionId);
        assertFalse(firstSessionId.equals(secondSessionId));


        subject.logout();

View Full Code Here

        SecurityManager sm = factory.getInstance();


        //try to log-in:
        Subject subject = new Subject.Builder(sm).buildSubject();
        subject.login(new UsernamePasswordToken("admin", "admin"));
        Session session = subject.getSession();
        session.setAttribute("hello", "world");
        //session should have been started, and a cache is in use.  Assert that the SessionDAO is still using
        //the cache instances provided by our custom CacheManager and not the Default MemoryConstrainedCacheManager


        SessionDAO sessionDAO = ((DefaultSessionManager) ((DefaultSecurityManager) sm).getSessionManager()).getSessionDAO();
        assertTrue(sessionDAO instanceof EnterpriseCacheSessionDAO);

View Full Code Here

        subject.login(token);
        assertTrue(subject.isAuthenticated());
        assertTrue("guest".equals(subject.getPrincipal()));
        assertTrue(subject.hasRole("guest"));


        Session session = subject.getSession();
        session.setAttribute("key", "value");
        assertEquals(session.getAttribute("key"), "value");


        subject.logout();


        assertNull(subject.getSession(false));
        assertNull(subject.getPrincipal());

View Full Code Here

     * <a href="https://issues.apache.org/jira/browse/JSEC-46">JSEC-46</a>
     */
    @Test
    public void testAutoCreateSessionAfterInvalidation() {
        Subject subject = SecurityUtils.getSubject();
        Session session = subject.getSession();
        Serializable origSessionId = session.getId();


        String key = "foo";
        String value1 = "bar";
        session.setAttribute(key, value1);
        assertEquals(value1, session.getAttribute(key));


        //now test auto creation:
        session.setTimeout(50);
        try {
            Thread.sleep(150);
        } catch (InterruptedException e) {
            //ignored
        }
        try {
            session.setTimeout(AbstractValidatingSessionManager.DEFAULT_GLOBAL_SESSION_TIMEOUT);
            fail("Session should have expired.");
        } catch (ExpiredSessionException expected) {
        }
    }

View Full Code Here

        subject.login(token);
        assertTrue(subject.isAuthenticated());
        assertTrue("guest".equals(subject.getPrincipal()));
        assertTrue(subject.hasRole("guest"));


        Session session = subject.getSession();
        Serializable firstSessionId = session.getId();


        session.setAttribute("key", "value");
        assertEquals(session.getAttribute("key"), "value");


        subject.logout();


        assertNull(subject.getSession(false));
        assertNull(subject.getPrincipal());

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of org.apache.shiro.session.Session

cn.dreampie.common.plugin.patchca.PatchcaRender

cn.dreampie.common.plugin.shiro.freemarker.IsLoginFailureTag

cn.dreampie.common.plugin.shiro.freemarker.LoginExceptionTag

cn.dreampie.common.plugin.shiro.freemarker.LoginUsernameTag

cn.dreampie.common.plugin.shiro.MyAuthenticatingFilter

cn.dreampie.common.plugin.shiro.MyFormAuthenticationFilter

cn.dreampie.common.plugin.shiro.plugin.ShiroInterceptor

cn.dreampie.common.util.SubjectUtils

cn.dreampie.shiro.core.SubjectKit

cn.dreampie.shiro.freemarker.IsLoginFailureTag

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.