Package org.apache.shiro.session.mgt

Class DefaultSessionManager

    • Constructor Detail

      • DefaultSessionManager

        public DefaultSessionManager()

    • Method Detail

      • setSessionDAO

        public void setSessionDAO(SessionDAO sessionDAO)

      • getSessionDAO

        public SessionDAO getSessionDAO()

      • getSessionFactory

        public SessionFactory getSessionFactory()
        Returns the SessionFactory used to generate new Session instances. The default instance is a SimpleSessionFactory.
        Returns:
        the SessionFactory used to generate new Session instances.
        Since:
        1.0

      • setSessionFactory

        public void setSessionFactory(SessionFactory sessionFactory)
        Sets the SessionFactory used to generate new Session instances. The default instance is a SimpleSessionFactory.
        Parameters:
        sessionFactory - the SessionFactory used to generate new Session instances.
        Since:
        1.0

      • isDeleteInvalidSessions

        public boolean isDeleteInvalidSessions()
        Returns true if sessions should be automatically deleted after they are discovered to be invalid, false if invalid sessions will be manually deleted by some process external to Shiro's control. The default is true to ensure no orphans exist in the underlying data store.

        Usage

        It is ok to set this to false ONLY if you have some other process that you manage yourself that periodically deletes invalid sessions from the backing data store over time, such as via a Quartz or Cron job. If you do not do this, the invalid sessions will become 'orphans' and fill up the data store over time.

        This property is provided because some systems need the ability to perform querying/reporting against sessions in the data store, even after they have stopped or expired. Setting this attribute to false will allow such querying, but with the caveat that the application developer/configurer deletes the sessions themselves by some other means (cron, quartz, etc).
        Returns:
        true if sessions should be automatically deleted after they are discovered to be invalid, false if invalid sessions will be manually deleted by some process external to Shiro's control.
        Since:
        1.0

      • setDeleteInvalidSessions

        public void setDeleteInvalidSessions(boolean deleteInvalidSessions)
        Sets whether or not sessions should be automatically deleted after they are discovered to be invalid. Default value is true to ensure no orphans will exist in the underlying data store.

        WARNING

        Only set this value to false if you are manually going to delete sessions yourself by some process (quartz, cron, etc) external to Shiro's control. See the isDeleteInvalidSessions() JavaDoc for more.
        Parameters:
        deleteInvalidSessions - whether or not sessions should be automatically deleted after they are discovered to be invalid.
        Since:
        1.0

      • setCacheManager

        public void setCacheManager(org.apache.shiro.cache.CacheManager cacheManager)
        Specified by:
        setCacheManager in interface org.apache.shiro.cache.CacheManagerAware

      • create

        protected void create(Session session)
        Persists the given session instance to an underlying EIS (Enterprise Information System). This implementation delegates and calls this.sessionDAO.create(session);
        Parameters:
        session - the Session instance to persist to the underlying EIS.

      • delete

        protected void delete(Session session)