You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@shiro.apache.org by lh...@apache.org on 2010/05/19 04:39:26 UTC
svn commit: r945999 [1/2] - in /incubator/shiro/trunk: ./ core/src/
core/src/main/java/org/apache/shiro/mgt/
core/src/main/java/org/apache/shiro/session/
core/src/main/java/org/apache/shiro/session/mgt/
core/src/main/java/org/apache/shiro/subject/suppo...
Author: lhazlewood
Date: Wed May 19 02:39:25 2010
New Revision: 945999
URL: http://svn.apache.org/viewvc?rev=945999&view=rev
Log:
SHIRO-164: merge SessionManager API changes from branch into trunk
Added:
incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/AbstractNativeSessionManager.java
- copied unchanged from r945995, incubator/shiro/branches/session_manager_API_change/core/src/main/java/org/apache/shiro/session/mgt/AbstractNativeSessionManager.java
incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/DefaultSessionKey.java
- copied unchanged from r945995, incubator/shiro/branches/session_manager_API_change/core/src/main/java/org/apache/shiro/session/mgt/DefaultSessionKey.java
incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/NativeSessionManager.java
- copied unchanged from r945995, incubator/shiro/branches/session_manager_API_change/core/src/main/java/org/apache/shiro/session/mgt/NativeSessionManager.java
incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/SessionKey.java
- copied unchanged from r945995, incubator/shiro/branches/session_manager_API_change/core/src/main/java/org/apache/shiro/session/mgt/SessionKey.java
incubator/shiro/trunk/web/src/main/java/org/apache/shiro/web/session/WebSessionKey.java
- copied unchanged from r945995, incubator/shiro/branches/session_manager_API_change/web/src/main/java/org/apache/shiro/web/session/WebSessionKey.java
incubator/shiro/trunk/web/src/main/java/org/apache/shiro/web/util/
- copied from r945995, incubator/shiro/branches/session_manager_API_change/web/src/main/java/org/apache/shiro/web/util/
incubator/shiro/trunk/web/src/main/java/org/apache/shiro/web/util/RequestPairSource.java
- copied unchanged from r945995, incubator/shiro/branches/session_manager_API_change/web/src/main/java/org/apache/shiro/web/util/RequestPairSource.java
Removed:
incubator/shiro/trunk/web/src/main/java/org/apache/shiro/web/DelegatingWebSecurityManager.java
incubator/shiro/trunk/web/src/main/java/org/apache/shiro/web/session/DelegatingWebSessionManager.java
incubator/shiro/trunk/web/src/main/java/org/apache/shiro/web/session/WebSessionManager.java
incubator/shiro/trunk/web/src/main/java/org/apache/shiro/web/subject/support/WebSubjectCallable.java
incubator/shiro/trunk/web/src/main/java/org/apache/shiro/web/subject/support/WebSubjectRunnable.java
incubator/shiro/trunk/web/src/main/java/org/apache/shiro/web/subject/support/WebSubjectThreadState.java
incubator/shiro/trunk/web/src/test/java/org/apache/shiro/web/DelegatingWebSecurityManagerTest.java
Modified:
incubator/shiro/trunk/ (props changed)
incubator/shiro/trunk/core/src/ (props changed)
incubator/shiro/trunk/core/src/main/java/org/apache/shiro/mgt/DefaultSecurityManager.java
incubator/shiro/trunk/core/src/main/java/org/apache/shiro/mgt/SessionsSecurityManager.java
incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/ExpiredSessionException.java
incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/InvalidSessionException.java
incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/SessionException.java
incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/StoppedSessionException.java
incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/UnknownSessionException.java
incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/AbstractSessionManager.java
incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/AbstractValidatingSessionManager.java
incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/DefaultSessionContext.java
incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/DefaultSessionManager.java
incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/DelegatingSession.java
incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/SessionContext.java
incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/SessionManager.java
incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/SimpleSession.java
incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/ValidatingSessionManager.java
incubator/shiro/trunk/core/src/main/java/org/apache/shiro/subject/support/DefaultSubjectContext.java
incubator/shiro/trunk/core/src/main/java/org/apache/shiro/subject/support/DelegatingSubject.java
incubator/shiro/trunk/core/src/main/java/org/apache/shiro/util/MapContext.java
incubator/shiro/trunk/core/src/test/java/org/apache/shiro/authz/aop/ (props changed)
incubator/shiro/trunk/core/src/test/java/org/apache/shiro/authz/aop/PermissionAnnotationHandlerTest.java (props changed)
incubator/shiro/trunk/core/src/test/java/org/apache/shiro/authz/aop/RoleAnnotationHandlerTest.java (props changed)
incubator/shiro/trunk/core/src/test/java/org/apache/shiro/session/mgt/DefaultSessionManagerTest.java
incubator/shiro/trunk/core/src/test/java/org/apache/shiro/session/mgt/DelegatingSessionTest.java
incubator/shiro/trunk/pom.xml
incubator/shiro/trunk/samples/pom.xml
incubator/shiro/trunk/samples/spring-hibernate/ (props changed)
incubator/shiro/trunk/support/spring/src/main/java/org/apache/shiro/spring/remoting/SecureRemoteInvocationFactory.java
incubator/shiro/trunk/support/spring/src/main/java/org/apache/shiro/spring/web/package-info.java
incubator/shiro/trunk/support/spring/src/test/java/org/apache/shiro/spring/remoting/SecureRemoteInvocationFactoryTest.java
incubator/shiro/trunk/web/src/main/java/org/apache/shiro/web/DefaultWebSecurityManager.java
incubator/shiro/trunk/web/src/main/java/org/apache/shiro/web/WebUtils.java
incubator/shiro/trunk/web/src/main/java/org/apache/shiro/web/session/DefaultWebSessionManager.java
incubator/shiro/trunk/web/src/main/java/org/apache/shiro/web/session/ServletContainerSessionManager.java
incubator/shiro/trunk/web/src/main/java/org/apache/shiro/web/session/WebSessionContext.java
incubator/shiro/trunk/web/src/main/java/org/apache/shiro/web/subject/WebSubject.java
incubator/shiro/trunk/web/src/main/java/org/apache/shiro/web/subject/WebSubjectContext.java
incubator/shiro/trunk/web/src/main/java/org/apache/shiro/web/subject/support/DefaultWebSubjectContext.java
incubator/shiro/trunk/web/src/main/java/org/apache/shiro/web/subject/support/WebDelegatingSubject.java
incubator/shiro/trunk/web/src/test/java/org/apache/shiro/web/AbstractWebSecurityManagerTest.java
incubator/shiro/trunk/web/src/test/java/org/apache/shiro/web/DefaultWebSecurityManagerTest.java
incubator/shiro/trunk/web/src/test/java/org/apache/shiro/web/session/DefaultWebSessionManagerTest.java
Propchange: incubator/shiro/trunk/
------------------------------------------------------------------------------
--- svn:ignore (original)
+++ svn:ignore Wed May 19 02:39:25 2010
@@ -4,3 +4,5 @@ target
.settings
.project
.classpath
+
+*.idea
Propchange: incubator/shiro/trunk/
------------------------------------------------------------------------------
--- svn:mergeinfo (added)
+++ svn:mergeinfo Wed May 19 02:39:25 2010
@@ -0,0 +1 @@
+/incubator/shiro/branches/session_manager_API_change:945409-945995
Propchange: incubator/shiro/trunk/core/src/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Wed May 19 02:39:25 2010
@@ -1 +1,2 @@
/incubator/jsecurity/import/trunk/src:711429-749338
+/incubator/shiro/branches/session_manager_API_change/core/src:945409-945995
Modified: incubator/shiro/trunk/core/src/main/java/org/apache/shiro/mgt/DefaultSecurityManager.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/core/src/main/java/org/apache/shiro/mgt/DefaultSecurityManager.java?rev=945999&r1=945998&r2=945999&view=diff
==============================================================================
--- incubator/shiro/trunk/core/src/main/java/org/apache/shiro/mgt/DefaultSecurityManager.java (original)
+++ incubator/shiro/trunk/core/src/main/java/org/apache/shiro/mgt/DefaultSecurityManager.java Wed May 19 02:39:25 2010
@@ -23,10 +23,10 @@ import org.apache.shiro.authz.Authorizer
import org.apache.shiro.realm.Realm;
import org.apache.shiro.session.InvalidSessionException;
import org.apache.shiro.session.Session;
-import org.apache.shiro.session.SessionException;
import org.apache.shiro.session.mgt.DefaultSessionContext;
-import org.apache.shiro.session.mgt.DelegatingSession;
+import org.apache.shiro.session.mgt.DefaultSessionKey;
import org.apache.shiro.session.mgt.SessionContext;
+import org.apache.shiro.session.mgt.SessionKey;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.subject.SubjectContext;
@@ -124,11 +124,6 @@ public class DefaultSecurityManager exte
this.rememberMeManager = rememberMeManager;
}
- protected Session getSession(Serializable id) {
- checkValid(id);
- return new DelegatingSession(this, id);
- }
-
protected SubjectContext createSubjectContext() {
return new DefaultSubjectContext();
}
@@ -287,7 +282,7 @@ public class DefaultSecurityManager exte
}
Subject loggedIn = createSubject(token, info, subject);
- //TODO - is binding necessary anymore? Shouldn't the Builders or Builder callers do this now?
+
bind(loggedIn);
onSuccessfulLogin(token, info, loggedIn);
@@ -382,12 +377,13 @@ public class DefaultSecurityManager exte
return context;
}
try {
+ //Context couldn't resolve it directly, let's see if we can since we have direct access to
+ //the session manager:
Session session = resolveContextSession(context);
if (session != null) {
context.setSession(session);
}
} catch (InvalidSessionException e) {
- onInvalidSession(context, e);
log.debug("Resolved SubjectContext context session is invalid. Ignoring and creating an anonymous " +
"(session-less) Subject instance.", e);
}
@@ -395,18 +391,18 @@ public class DefaultSecurityManager exte
}
protected Session resolveContextSession(SubjectContext context) throws InvalidSessionException {
- return resolveContextSessionById(context);
+ SessionKey key = getSessionKey(context);
+ if (key != null) {
+ return getSession(key);
+ }
+ return null;
}
- protected Session resolveContextSessionById(SubjectContext context) throws InvalidSessionException {
- log.trace("No session found in context. Looking for a session id to resolve in to a session.");
- //otherwise try to resolve a session if a session id exists:
- Serializable sessionId = getSessionId(context);
+ protected SessionKey getSessionKey(SubjectContext context) {
+ Serializable sessionId = context.getSessionId();
if (sessionId != null) {
- log.debug("Discovered context session id [{}]. Attempting to acquire the associated Session instance.");
- return getSession(sessionId);
+ return new DefaultSessionKey(sessionId);
}
- log.trace("No session id found in the context. A context session cannot be resolved.");
return null;
}
@@ -490,6 +486,10 @@ public class DefaultSecurityManager exte
if (!CollectionUtils.isEmpty(subjectContext)) {
sessionContext.putAll(subjectContext);
}
+ Serializable sessionId = subjectContext.getSessionId();
+ if (sessionId != null) {
+ sessionContext.setSessionId(sessionId);
+ }
String host = subjectContext.resolveHost();
if (host != null) {
sessionContext.setHost(host);
@@ -497,31 +497,6 @@ public class DefaultSecurityManager exte
return sessionContext;
}
- /**
- * Allows subclasses to react to the fact that attempting to resolve a session based on the given SubjectContext
- * failed. Default implementation does nothing (no-op).
- *
- * @param subjectContext the subjectContext from where the sessionId was discovered
- * @param e the exception thrown while attempting to resolve the context's session
- * @since 1.0
- */
- protected void onInvalidSession(SubjectContext subjectContext, SessionException e) {
- }
-
- /**
- * Utility method to retrieve the session id from the given subject context which will be used to resolve
- * to a {@link Session}, or {@code null} if there is no session id available.
- *
- * @param subjectContext the context map with data that will be used to construct a {@link Subject} instance via
- * a {@link SubjectFactory}
- * @return a session id to resolve to a {@link Session} instance or {@code null} if a session id could not be found.
- * @see SecurityManager#createSubject(SubjectContext)
- * @see SubjectFactory#createSubject(SubjectContext)
- */
- protected Serializable getSessionId(SubjectContext subjectContext) {
- return subjectContext.getSessionId();
- }
-
public void logout(Subject subject) {
if (subject == null) {
@@ -564,24 +539,7 @@ public class DefaultSecurityManager exte
protected void stopSession(Subject subject) {
Session s = subject.getSession(false);
if (s != null) {
- //react to the id and not the session itself - the Session instance could be a proxy/delegate Session
- //in which case the ID might be the only thing accessible. Better to pass off the ID to the underlying
- //SessionManager since this will successfully handle all cases.
- Serializable sessionId = s.getId();
- if (sessionId != null) {
- try {
- stop(sessionId);
- } catch (SessionException e) {
- //ignored - we're invalidating, and have no further need of the session anyway
- //log just in case someone wants to know:
- if (log.isDebugEnabled()) {
- String msg = "Session for Subject [" + (subject != null ? subject.getPrincipal() : null) +
- "] has already been invalidated. Logging exception since session exceptions are " +
- "irrelevant when the owning Subject has logged out.";
- log.debug(msg, e);
- }
- }
- }
+ s.stop();
}
}
Modified: incubator/shiro/trunk/core/src/main/java/org/apache/shiro/mgt/SessionsSecurityManager.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/core/src/main/java/org/apache/shiro/mgt/SessionsSecurityManager.java?rev=945999&r1=945998&r2=945999&view=diff
==============================================================================
--- incubator/shiro/trunk/core/src/main/java/org/apache/shiro/mgt/SessionsSecurityManager.java (original)
+++ incubator/shiro/trunk/core/src/main/java/org/apache/shiro/mgt/SessionsSecurityManager.java Wed May 19 02:39:25 2010
@@ -20,24 +20,21 @@ package org.apache.shiro.mgt;
import org.apache.shiro.authz.AuthorizationException;
import org.apache.shiro.cache.CacheManagerAware;
-import org.apache.shiro.session.InvalidSessionException;
import org.apache.shiro.session.Session;
+import org.apache.shiro.session.SessionException;
import org.apache.shiro.session.mgt.DefaultSessionManager;
import org.apache.shiro.session.mgt.SessionContext;
+import org.apache.shiro.session.mgt.SessionKey;
import org.apache.shiro.session.mgt.SessionManager;
import org.apache.shiro.util.LifecycleUtils;
-import java.io.Serializable;
-import java.util.Collection;
-import java.util.Date;
-
/**
* Shiro support of a {@link SecurityManager} class hierarchy that delegates all
- * {@link org.apache.shiro.session.Session session} operations to a wrapped {@link org.apache.shiro.session.mgt.SessionManager SessionManager}
- * instance. That is, this class implements the methods in the
- * {@link SessionManager SessionManager} interface, but in reality, those methods are merely passthrough calls to
- * the underlying 'real' {@code SessionManager} instance.
+ * {@link org.apache.shiro.session.Session session} operations to a wrapped
+ * {@link org.apache.shiro.session.mgt.SessionManager SessionManager} instance. That is, this class implements the
+ * methods in the {@link SessionManager SessionManager} interface, but in reality, those methods are merely
+ * passthrough calls to the underlying 'real' {@code SessionManager} instance.
* <p/>
* The remaining {@code SecurityManager} methods not implemented by this class or its parents are left to be
* implemented by subclasses.
@@ -121,60 +118,12 @@ public abstract class SessionsSecurityMa
}
}
- public Session start(SessionContext initData) throws AuthorizationException {
- return this.sessionManager.start(initData);
- }
-
- public Date getStartTimestamp(Serializable sessionId) {
- return this.sessionManager.getStartTimestamp(sessionId);
- }
-
- public Date getLastAccessTime(Serializable sessionId) {
- return this.sessionManager.getLastAccessTime(sessionId);
- }
-
- public boolean isValid(Serializable sessionId) {
- return this.sessionManager.isValid(sessionId);
- }
-
- public void checkValid(Serializable sessionId) throws InvalidSessionException {
- this.sessionManager.checkValid(sessionId);
- }
-
- public long getTimeout(Serializable sessionId) throws InvalidSessionException {
- return this.sessionManager.getTimeout(sessionId);
- }
-
- public void setTimeout(Serializable sessionId, long maxIdleTimeInMillis) throws InvalidSessionException {
- this.sessionManager.setTimeout(sessionId, maxIdleTimeInMillis);
- }
-
- public void touch(Serializable sessionId) throws InvalidSessionException {
- this.sessionManager.touch(sessionId);
- }
-
- public String getHost(Serializable sessionId) {
- return this.sessionManager.getHost(sessionId);
- }
-
- public void stop(Serializable sessionId) throws InvalidSessionException {
- this.sessionManager.stop(sessionId);
- }
-
- public Collection<Object> getAttributeKeys(Serializable sessionId) {
- return this.sessionManager.getAttributeKeys(sessionId);
- }
-
- public Object getAttribute(Serializable sessionId, Object key) throws InvalidSessionException {
- return this.sessionManager.getAttribute(sessionId, key);
- }
-
- public void setAttribute(Serializable sessionId, Object key, Object value) throws InvalidSessionException {
- this.sessionManager.setAttribute(sessionId, key, value);
+ public Session start(SessionContext context) throws AuthorizationException {
+ return this.sessionManager.start(context);
}
- public Object removeAttribute(Serializable sessionId, Object key) throws InvalidSessionException {
- return this.sessionManager.removeAttribute(sessionId, key);
+ public Session getSession(SessionKey key) throws SessionException {
+ return this.sessionManager.getSession(key);
}
public void destroy() {
Modified: incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/ExpiredSessionException.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/ExpiredSessionException.java?rev=945999&r1=945998&r2=945999&view=diff
==============================================================================
--- incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/ExpiredSessionException.java (original)
+++ incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/ExpiredSessionException.java Wed May 19 02:39:25 2010
@@ -18,8 +18,6 @@
*/
package org.apache.shiro.session;
-import java.io.Serializable;
-
/**
* A special case of a StoppedSessionException. An expired session is a session that has
* stopped explicitly due to inactivity (i.e. time-out), as opposed to stopping due to log-out or
@@ -64,34 +62,4 @@ public class ExpiredSessionException ext
public ExpiredSessionException(String message, Throwable cause) {
super(message, cause);
}
-
- /**
- * Constructs a new ExpiredSessionException.
- *
- * @param sessionId the session id of the session that expired.
- */
- public ExpiredSessionException(Serializable sessionId) {
- this("Session with id [" + sessionId + "] has expired", sessionId);
- }
-
- /**
- * Constructs a new ExpiredSessionException.
- *
- * @param message the reason for the exception
- * @param sessionId the session id of the session that expired.
- */
- public ExpiredSessionException(String message, Serializable sessionId) {
- super(message, sessionId);
- }
-
- /**
- * Constructs a new ExpiredSessionException.
- *
- * @param message the reason for the exception
- * @param cause the underlying Throwable that caused this exception to be thrown.
- * @param sessionId the session id of the session that expired.
- */
- public ExpiredSessionException(String message, Throwable cause, Serializable sessionId) {
- super(message, cause, sessionId);
- }
}
Modified: incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/InvalidSessionException.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/InvalidSessionException.java?rev=945999&r1=945998&r2=945999&view=diff
==============================================================================
--- incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/InvalidSessionException.java (original)
+++ incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/InvalidSessionException.java Wed May 19 02:39:25 2010
@@ -18,8 +18,6 @@
*/
package org.apache.shiro.session;
-import java.io.Serializable;
-
/**
* Exception thrown when attempting to interact with the system under an established session
* when that session is considered invalid. The meaning of the term 'invalid' is based on
@@ -71,34 +69,4 @@ public class InvalidSessionException ext
super(message, cause);
}
- /**
- * Constructs a new InvalidSessionException.
- *
- * @param sessionId the session id of the session that has been invalidated.
- */
- public InvalidSessionException(Serializable sessionId) {
- this("Session with id [" + sessionId + "] has been invalidated (stopped)", sessionId);
- }
-
- /**
- * Constructs a new InvalidSessionException.
- *
- * @param message the reason for the exception
- * @param sessionId the session id of the session that has been invalidated.
- */
- public InvalidSessionException(String message, Serializable sessionId) {
- super(message, sessionId);
- }
-
- /**
- * Constructs a new InvalidSessionException.
- *
- * @param message the reason for the exception
- * @param cause the underlying Throwable that caused this exception to be thrown.
- * @param sessionId the session id of the session that has been invalidated.
- */
- public InvalidSessionException(String message, Throwable cause, Serializable sessionId) {
- super(message, cause, sessionId);
- }
-
}
Modified: incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/SessionException.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/SessionException.java?rev=945999&r1=945998&r2=945999&view=diff
==============================================================================
--- incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/SessionException.java (original)
+++ incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/SessionException.java Wed May 19 02:39:25 2010
@@ -18,8 +18,6 @@
*/
package org.apache.shiro.session;
-import java.io.Serializable;
-
import org.apache.shiro.ShiroException;
@@ -30,10 +28,7 @@ import org.apache.shiro.ShiroException;
* @author Les Hazlewood
* @since 0.1
*/
-public class SessionException extends ShiroException
-{
-
- private Serializable sessionId;
+public class SessionException extends ShiroException {
/**
* Creates a new SessionException.
@@ -70,54 +65,4 @@ public class SessionException extends Sh
super(message, cause);
}
- /**
- * Constructs a new SessionException.
- *
- * @param sessionId the session id of associated {@link Session Session}.
- */
- public SessionException(Serializable sessionId) {
- setSessionId(sessionId);
- }
-
- /**
- * Constructs a new SessionException.
- *
- * @param message the reason for the exception
- * @param sessionId the session id of associated {@link Session Session}.
- */
- public SessionException(String message, Serializable sessionId) {
- this(message);
- setSessionId(sessionId);
- }
-
- /**
- * Constructs a new InvalidSessionException.
- *
- * @param message the reason for the exception
- * @param cause the underlying Throwable that caused this exception to be thrown.
- * @param sessionId the session id of associated {@link Session Session}.
- */
- public SessionException(String message, Throwable cause, Serializable sessionId) {
- this(message, cause);
- setSessionId(sessionId);
- }
-
- /**
- * Returns the session id of the associated <tt>Session</tt>.
- *
- * @return the session id of the associated <tt>Session</tt>.
- */
- public Serializable getSessionId() {
- return sessionId;
- }
-
- /**
- * Sets the session id of the <tt>Session</tt> associated with this exception.
- *
- * @param sessionId the session id of the <tt>Session</tt> associated with this exception.
- */
- public void setSessionId(Serializable sessionId) {
- this.sessionId = sessionId;
- }
-
}
Modified: incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/StoppedSessionException.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/StoppedSessionException.java?rev=945999&r1=945998&r2=945999&view=diff
==============================================================================
--- incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/StoppedSessionException.java (original)
+++ incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/StoppedSessionException.java Wed May 19 02:39:25 2010
@@ -18,8 +18,6 @@
*/
package org.apache.shiro.session;
-import java.io.Serializable;
-
/**
* Exception thrown when attempting to interact with the system under a session that has been
* stopped. A session may be stopped in any number of ways, most commonly due to explicit
@@ -65,34 +63,4 @@ public class StoppedSessionException ext
super(message, cause);
}
- /**
- * Constructs a new StoppedSessionException.
- *
- * @param sessionId the session id of the session that has been stopped.
- */
- public StoppedSessionException(Serializable sessionId) {
- super(sessionId);
- }
-
- /**
- * Constructs a new StoppedSessionException.
- *
- * @param message the reason for the exception
- * @param sessionId the session id of the session that has been stopped.
- */
- public StoppedSessionException(String message, Serializable sessionId) {
- super(message, sessionId);
- }
-
- /**
- * Constructs a new StoppedSessionException.
- *
- * @param message the reason for the exception
- * @param cause the underlying Throwable that caused this exception to be thrown.
- * @param sessionId the session id of the session that has been stopped.
- */
- public StoppedSessionException(String message, Throwable cause, Serializable sessionId) {
- super(message, cause, sessionId);
- }
-
}
Modified: incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/UnknownSessionException.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/UnknownSessionException.java?rev=945999&r1=945998&r2=945999&view=diff
==============================================================================
--- incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/UnknownSessionException.java (original)
+++ incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/UnknownSessionException.java Wed May 19 02:39:25 2010
@@ -18,8 +18,6 @@
*/
package org.apache.shiro.session;
-import java.io.Serializable;
-
/**
* Exception thrown when attempting to interact with the system under the pretense of a
* particular session (e.g. under a specific session id), and that session does not exist in
@@ -64,36 +62,4 @@ public class UnknownSessionException ext
public UnknownSessionException(String message, Throwable cause) {
super(message, cause);
}
-
- /**
- * Constructs a new UnknownSessionException.
- *
- * @param sessionId the session id given that is unknown to the system.
- */
- public UnknownSessionException(Serializable sessionId) {
- super("Unable to locate session with id [" + sessionId + "] either because it is an invalid id " +
- "or the session has been deleted due to invalidation (stopped, logged out, or expired).",
- sessionId);
- }
-
- /**
- * Constructs a new UnknownSessionException.
- *
- * @param message the reason for the exception
- * @param sessionId the session id given that is unknown to the system.
- */
- public UnknownSessionException(String message, Serializable sessionId) {
- super(message, sessionId);
- }
-
- /**
- * Constructs a new UnknownSessionException.
- *
- * @param message the reason for the exception
- * @param cause the underlying Throwable that caused this exception to be thrown.
- * @param sessionId the session id given that is unknown to the system.
- */
- public UnknownSessionException(String message, Throwable cause, Serializable sessionId) {
- super(message, cause, sessionId);
- }
}
Modified: incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/AbstractSessionManager.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/AbstractSessionManager.java?rev=945999&r1=945998&r2=945999&view=diff
==============================================================================
--- incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/AbstractSessionManager.java (original)
+++ incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/AbstractSessionManager.java Wed May 19 02:39:25 2010
@@ -18,24 +18,9 @@
*/
package org.apache.shiro.session.mgt;
-import org.apache.shiro.authz.AuthorizationException;
-import org.apache.shiro.authz.HostUnauthorizedException;
-import org.apache.shiro.session.InvalidSessionException;
import org.apache.shiro.session.Session;
-import org.apache.shiro.session.SessionListener;
-import org.apache.shiro.session.UnknownSessionException;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import java.io.Serializable;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.Date;
-
/**
- * TODO - complete JavaDoc
- *
* @author Les Hazlewood
* @since 0.1
*/
@@ -50,10 +35,7 @@ public abstract class AbstractSessionMan
*/
public static final long DEFAULT_GLOBAL_SESSION_TIMEOUT = 30 * MILLIS_PER_MINUTE;
- private static final Logger log = LoggerFactory.getLogger(AbstractSessionManager.class);
-
private long globalSessionTimeout = DEFAULT_GLOBAL_SESSION_TIMEOUT;
- private Collection<SessionListener> listeners = new ArrayList<SessionListener>();
public AbstractSessionManager() {
}
@@ -93,201 +75,4 @@ public abstract class AbstractSessionMan
public void setGlobalSessionTimeout(long globalSessionTimeout) {
this.globalSessionTimeout = globalSessionTimeout;
}
-
- public void setSessionListeners(Collection<SessionListener> listeners) {
- this.listeners = listeners != null ? listeners : new ArrayList<SessionListener>();
- }
-
- @SuppressWarnings({"UnusedDeclaration"})
- public Collection<SessionListener> getSessionListeners() {
- return this.listeners;
- }
-
- public Session start(SessionContext initData) throws AuthorizationException {
- Session session = createSession(initData);
- applyGlobalSessionTimeout(session);
- onStart(session);
- notifyStart(session);
- return new DelegatingSession(this, session.getId());
- }
-
- protected void applyGlobalSessionTimeout(Session session) {
- session.setTimeout(getGlobalSessionTimeout());
- onChange(session);
- }
-
- /**
- * Returns the session instance to use to pass to registered {@code SessionListener}s for notification
- * that the session has been invalidated (stopped or expired).
- * <p/>
- * The default implementation returns an {@link ImmutableProxiedSession ImmutableProxiedSession} instance to ensure
- * that the specified {@code session} argument is not modified by any listeners.
- *
- * @param session the {@code Session} object being invalidated.
- * @return the {@code Session} instance to use to pass to registered {@code SessionListener}s for notification.
- */
- protected Session beforeInvalidNotification(Session session) {
- return new ImmutableProxiedSession(session);
- }
-
- /**
- * Notifies any interested {@link SessionListener}s that a Session has started. This method is invoked
- * <em>after</em> the {@link #onStart(org.apache.shiro.session.Session)} method is called.
- *
- * @param session the session that has just started that will be delivered to any
- * {@link #setSessionListeners(java.util.Collection) registered} session listeners.
- * @see SessionListener#onStart(org.apache.shiro.session.Session)
- */
- protected void notifyStart(Session session) {
- for (SessionListener listener : this.listeners) {
- listener.onStart(session);
- }
- }
-
- protected void notifyStop(Session session) {
- Session forNotification = beforeInvalidNotification(session);
- for (SessionListener listener : this.listeners) {
- listener.onStop(forNotification);
- }
- }
-
- protected void notifyExpiration(Session session) {
- Session forNotification = beforeInvalidNotification(session);
- for (SessionListener listener : this.listeners) {
- listener.onExpiration(forNotification);
- }
- }
-
- public Date getStartTimestamp(Serializable sessionId) {
- return getSession(sessionId).getStartTimestamp();
- }
-
- public Date getLastAccessTime(Serializable sessionId) {
- return getSession(sessionId).getLastAccessTime();
- }
-
- public long getTimeout(Serializable sessionId) throws InvalidSessionException {
- return getSession(sessionId).getTimeout();
- }
-
- public void setTimeout(Serializable sessionId, long maxIdleTimeInMillis) throws InvalidSessionException {
- Session s = getSession(sessionId);
- s.setTimeout(maxIdleTimeInMillis);
- onChange(s);
- }
-
- public void touch(Serializable sessionId) throws InvalidSessionException {
- Session s = getSession(sessionId);
- s.touch();
- onChange(s);
- }
-
- public String getHost(Serializable sessionId) {
- return getSession(sessionId).getHost();
- }
-
- public void stop(Serializable sessionId) throws InvalidSessionException {
- Session session = getSession(sessionId);
- stop(session);
- }
-
- protected void stop(Session session) {
- if (log.isDebugEnabled()) {
- log.debug("Stopping session with id [" + session.getId() + "]");
- }
- session.stop();
- onStop(session);
- notifyStop(session);
- afterStopped(session);
- }
-
- protected void afterStopped(Session session) {
- }
-
- public Collection<Object> getAttributeKeys(Serializable sessionId) {
- return getSession(sessionId).getAttributeKeys();
- }
-
- public Object getAttribute(Serializable sessionId, Object key) throws InvalidSessionException {
- return getSession(sessionId).getAttribute(key);
- }
-
- public void setAttribute(Serializable sessionId, Object key, Object value) throws InvalidSessionException {
- if (value == null) {
- removeAttribute(sessionId, key);
- } else {
- Session s = getSession(sessionId);
- s.setAttribute(key, value);
- onChange(s);
- }
- }
-
- public Object removeAttribute(Serializable sessionId, Object key) throws InvalidSessionException {
- Session s = getSession(sessionId);
- Object removed = s.removeAttribute(key);
- if (removed != null) {
- onChange(s);
- }
- return removed;
- }
-
- protected Session getSession(Serializable sessionId) throws InvalidSessionException {
- if (sessionId == null) {
- throw new IllegalArgumentException("sessionId parameter cannot be null.");
- }
- Session session = doGetSession(sessionId);
- if (session == null) {
- String msg = "There is no session with id [" + sessionId + "]";
- throw new UnknownSessionException(msg);
- }
- return session;
- }
-
- public boolean isValid(Serializable sessionId) {
- try {
- checkValid(sessionId);
- return true;
- } catch (InvalidSessionException e) {
- return false;
- }
- }
-
- public void checkValid(Serializable sessionId) throws InvalidSessionException {
- //just try to acquire it. If there is a problem, an exception will be thrown:
- getSession(sessionId);
- }
-
- /**
- * Template method that allows subclasses to react to a new session being created.
- * <p/>
- * This method is invoked <em>before</em> any session listeners are notified.
- *
- * @param session the session that was just {@link #createSession created}.
- */
- protected void onStart(Session session) {
- }
-
- protected void onStop(Session session) {
- onChange(session);
- }
-
- protected void onChange(Session s) {
- }
-
- protected abstract Session doGetSession(Serializable sessionId) throws InvalidSessionException;
-
- /**
- * Creates a new {@code Session Session} instance based on the specified (possibly {@code null})
- * initialization data. Implementing classes must manage the persistent state of the returned session such that it
- * could later be acquired via the {@link #getSession(java.io.Serializable)} method.
- *
- * @param initData the initialization data that can be used by the implementation or underlying
- * {@link SessionFactory} when instantiating the internal {@code Session} instance.
- * @return the new {@code Session} instance.
- * @throws HostUnauthorizedException if the system access control policy restricts access based
- * on client location/IP and the specified hostAddress hasn't been enabled.
- * @throws AuthorizationException if the system access control policy does not allow the currently executing
- * caller to start sessions.
- */
- protected abstract Session createSession(SessionContext initData) throws AuthorizationException;
}
Modified: incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/AbstractValidatingSessionManager.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/AbstractValidatingSessionManager.java?rev=945999&r1=945998&r2=945999&view=diff
==============================================================================
--- incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/AbstractValidatingSessionManager.java (original)
+++ incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/AbstractValidatingSessionManager.java Wed May 19 02:39:25 2010
@@ -28,7 +28,6 @@ import org.apache.shiro.util.LifecycleUt
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-import java.io.Serializable;
import java.util.Collection;
@@ -39,7 +38,7 @@ import java.util.Collection;
* @author Jeremy Haile
* @since 0.1
*/
-public abstract class AbstractValidatingSessionManager extends AbstractSessionManager
+public abstract class AbstractValidatingSessionManager extends AbstractNativeSessionManager
implements ValidatingSessionManager, Destroyable {
//TODO - complete JavaDoc
@@ -70,6 +69,7 @@ public abstract class AbstractValidating
return sessionValidationSchedulerEnabled;
}
+ @SuppressWarnings({"UnusedDeclaration"})
public void setSessionValidationSchedulerEnabled(boolean sessionValidationSchedulerEnabled) {
this.sessionValidationSchedulerEnabled = sessionValidationSchedulerEnabled;
}
@@ -111,98 +111,72 @@ public abstract class AbstractValidating
return sessionValidationInterval;
}
- protected final Session doGetSession(final Serializable sessionId) throws InvalidSessionException {
+ @Override
+ protected final Session doGetSession(final SessionKey key) throws InvalidSessionException {
enableSessionValidationIfNecessary();
- if (log.isTraceEnabled()) {
- log.trace("Attempting to retrieve session with id [" + sessionId + "]");
- }
- Session s;
- try {
- s = retrieveSession(sessionId);
- if (s == null) {
- throw new UnknownSessionException("The session data store did not return a session for " +
- "sessionId [" + sessionId + "]", sessionId);
- }
- } catch (UnknownSessionException e) {
- onUnknownSession(sessionId);
- throw e;
+ log.trace("Attempting to retrieve session with key {}", key);
+
+ Session s = retrieveSession(key);
+ if (s != null) {
+ validate(s, key);
}
- validate(s);
return s;
}
/**
- * Looks up a session from the underlying data store based on the specified {@code sessionId}.
+ * Looks up a session from the underlying data store based on the specified session key.
*
- * @param sessionId the id of the session to retrieve from the data store
+ * @param key the session key to use to look up the target session.
* @return the session identified by {@code sessionId}.
* @throws UnknownSessionException if there is no session identified by {@code sessionId}.
*/
- protected abstract Session retrieveSession(Serializable sessionId) throws UnknownSessionException;
+ protected abstract Session retrieveSession(SessionKey key) throws UnknownSessionException;
- protected Session createSession(SessionContext initData) throws AuthorizationException {
+ protected Session createSession(SessionContext context) throws AuthorizationException {
enableSessionValidationIfNecessary();
- return doCreateSession(initData);
+ return doCreateSession(context);
}
protected abstract Session doCreateSession(SessionContext initData) throws AuthorizationException;
- protected void validate(Session session) throws InvalidSessionException {
+ protected void validate(Session session, SessionKey key) throws InvalidSessionException {
try {
doValidate(session);
} catch (ExpiredSessionException ese) {
- onExpiration(session, ese);
+ onExpiration(session, ese, key);
throw ese;
} catch (InvalidSessionException ise) {
- onInvalidation(session, ise);
+ onInvalidation(session, ise, key);
throw ise;
}
}
- protected void onExpiration(Session s, ExpiredSessionException ese) {
- if (log.isTraceEnabled()) {
- log.trace("Session with id [{}] has expired.", ese.getSessionId());
- }
+ protected void onExpiration(Session s, ExpiredSessionException ese, SessionKey key) {
+ log.trace("Session with id [{}] has expired.", s.getId());
onExpiration(s);
notifyExpiration(s);
afterExpired(s);
}
- protected void onInvalidation(Session s, InvalidSessionException ise) {
+ protected void onExpiration(Session session) {
+ onChange(session);
+ }
+
+ protected void afterExpired(Session session) {
+ }
+
+ protected void onInvalidation(Session s, InvalidSessionException ise, SessionKey key) {
if (ise instanceof ExpiredSessionException) {
- onExpiration(s, (ExpiredSessionException) ise);
+ onExpiration(s, (ExpiredSessionException) ise, key);
return;
}
- if (log.isTraceEnabled()) {
- log.trace("Session with id [{}] is invalid.", ise.getSessionId());
- }
+ log.trace("Session with id [{}] is invalid.", s.getId());
onStop(s);
notifyStop(s);
afterStopped(s);
}
- /**
- * Notification callback for subclasses that occurs when a client attempts to reference the session with the
- * specified ID, but there does not exist any session with that id.
- * <p/>
- * A common case of this occurring is if the client's referenced session times out and is deleted before the next
- * time they interact with the system (such as often occurs with stale session id cookies in an web environment).
- * The next time they send a request with the stale session id, this method would be called.
- *
- * @param sessionId the session id used to try and reference the non-existent session.
- * @since 1.0
- */
- public void onUnknownSession(Serializable sessionId) {
- }
-
- protected void onExpiration(Session session) {
- onChange(session);
- }
-
- protected void afterExpired(Session session) {
- }
-
protected void doValidate(Session session) throws InvalidSessionException {
if (session instanceof ValidatingSession) {
((ValidatingSession) session).validate();
@@ -300,7 +274,7 @@ public abstract class AbstractValidating
if (activeSessions != null && !activeSessions.isEmpty()) {
for (Session s : activeSessions) {
try {
- validate(s);
+ doValidate(s);
} catch (InvalidSessionException e) {
if (log.isDebugEnabled()) {
boolean expired = (e instanceof ExpiredSessionException);
@@ -325,10 +299,4 @@ public abstract class AbstractValidating
}
protected abstract Collection<Session> getActiveSessions();
-
- public void validateSession(Serializable sessionId) {
- //standard getSession call will validate, so just call the method:
- getSession(sessionId);
- }
-
}
Modified: incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/DefaultSessionContext.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/DefaultSessionContext.java?rev=945999&r1=945998&r2=945999&view=diff
==============================================================================
--- incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/DefaultSessionContext.java (original)
+++ incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/DefaultSessionContext.java Wed May 19 02:39:25 2010
@@ -21,6 +21,7 @@ package org.apache.shiro.session.mgt;
import org.apache.shiro.util.MapContext;
import org.apache.shiro.util.StringUtils;
+import java.io.Serializable;
import java.util.Map;
/**
@@ -35,6 +36,7 @@ public class DefaultSessionContext exten
private static final long serialVersionUID = -1424160751361252966L;
private static final String HOST = DefaultSessionContext.class.getName() + ".HOST";
+ private static final String SESSION_ID = DefaultSessionContext.class.getName() + ".SESSION_ID";
public DefaultSessionContext() {
super();
@@ -44,13 +46,21 @@ public class DefaultSessionContext exten
super(map);
}
+ public String getHost() {
+ return getTypedValue(HOST, String.class);
+ }
+
public void setHost(String host) {
if (StringUtils.hasText(host)) {
put(HOST, host);
}
}
- public String getHost() {
- return getTypedValue(HOST, String.class);
+ public Serializable getSessionId() {
+ return getTypedValue(SESSION_ID, Serializable.class);
+ }
+
+ public void setSessionId(Serializable sessionId) {
+ nullSafePut(SESSION_ID, sessionId);
}
}
Modified: incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/DefaultSessionManager.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/DefaultSessionManager.java?rev=945999&r1=945998&r2=945999&view=diff
==============================================================================
--- incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/DefaultSessionManager.java (original)
+++ incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/DefaultSessionManager.java Wed May 19 02:39:25 2010
@@ -151,8 +151,8 @@ public class DefaultSessionManager exten
}
}
- protected Session doCreateSession(SessionContext initData) {
- Session s = newSessionInstance(initData);
+ protected Session doCreateSession(SessionContext context) {
+ Session s = newSessionInstance(context);
if (log.isTraceEnabled()) {
log.trace("Creating session for host {}", s.getHost());
}
@@ -160,8 +160,8 @@ public class DefaultSessionManager exten
return s;
}
- protected Session newSessionInstance(SessionContext initData) {
- return getSessionFactory().createSession(initData);
+ protected Session newSessionInstance(SessionContext context) {
+ return getSessionFactory().createSession(context);
}
/**
@@ -178,6 +178,7 @@ public class DefaultSessionManager exten
sessionDAO.create(session);
}
+ @Override
protected void onStop(Session session) {
if (session instanceof SimpleSession) {
SimpleSession ss = (SimpleSession) session;
@@ -212,8 +213,24 @@ public class DefaultSessionManager exten
sessionDAO.update(session);
}
- protected Session retrieveSession(Serializable sessionId) throws UnknownSessionException {
- return retrieveSessionFromDataSource(sessionId);
+ protected Session retrieveSession(SessionKey sessionKey) throws UnknownSessionException {
+ Serializable sessionId = getSessionId(sessionKey);
+ if (sessionId == null) {
+ log.debug("Unable to resolve session ID from SessionKey [{}]. Returning null to indicate a " +
+ "session could not be found.", sessionKey);
+ return null;
+ }
+ Session s = retrieveSessionFromDataSource(sessionId);
+ if (s == null) {
+ //session ID was provided, meaning one is expected to be found, but we couldn't find one:
+ String msg = "Could not find session with ID [" + sessionId + "]";
+ throw new UnknownSessionException(msg);
+ }
+ return s;
+ }
+
+ protected Serializable getSessionId(SessionKey sessionKey) {
+ return sessionKey.getSessionId();
}
protected Session retrieveSessionFromDataSource(Serializable sessionId) throws UnknownSessionException {
Modified: incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/DelegatingSession.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/DelegatingSession.java?rev=945999&r1=945998&r2=945999&view=diff
==============================================================================
--- incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/DelegatingSession.java (original)
+++ incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/DelegatingSession.java Wed May 19 02:39:25 2010
@@ -28,13 +28,13 @@ import java.util.Date;
/**
* A DelegatingSession is a client-tier representation of a server side
* {@link org.apache.shiro.session.Session Session}.
- * This implementation is basically a proxy to a server-side {@link SessionManager SessionManager},
+ * This implementation is basically a proxy to a server-side {@link NativeSessionManager NativeSessionManager},
* which will return the proper results for each method call.
* <p/>
* <p>A <tt>DelegatingSession</tt> will cache data when appropriate to avoid a remote method invocation,
* only communicating with the server when necessary.
* <p/>
- * <p>Of course, if used in-process with a SessionManager business POJO, as might be the case in a
+ * <p>Of course, if used in-process with a NativeSessionManager business POJO, as might be the case in a
* web-based application where the web classes and server-side business pojos exist in the same
* JVM, a remote method call will not be incurred.
*
@@ -46,84 +46,40 @@ public class DelegatingSession implement
//TODO - complete JavaDoc
- private Serializable id = null;
+ private final SessionKey key;
//cached fields to avoid a server-side method call if out-of-process:
private Date startTimestamp = null;
private String host = null;
/**
- * Handle to a server-side SessionManager. See {@link #setSessionManager} for details.
+ * Handle to the target NativeSessionManager that will support the delegate calls.
*/
- private transient SessionManager sessionManager = null;
+ private final transient NativeSessionManager sessionManager;
- public DelegatingSession() {
- }
-
- public DelegatingSession(SessionManager sessionManager, Serializable id) {
+ public DelegatingSession(NativeSessionManager sessionManager, SessionKey key) {
if (sessionManager == null) {
throw new IllegalArgumentException("sessionManager argument cannot be null.");
}
- if (id == null) {
- throw new IllegalArgumentException("session id argument cannot be null.");
+ if (key == null) {
+ throw new IllegalArgumentException("sessionKey argument cannot be null.");
+ }
+ if (key.getSessionId() == null) {
+ String msg = "The " + DelegatingSession.class.getName() + " implementation requires that the " +
+ "SessionKey argument returns a non-null sessionId to support the " +
+ "Session.getId() invocations.";
+ throw new IllegalArgumentException(msg);
}
this.sessionManager = sessionManager;
- this.id = id;
- }
-
- public DelegatingSession(SessionManager sessionManager, Serializable id, String host) {
- this(sessionManager, id);
- this.host = host;
- }
-
- /**
- * Returns the {@link SessionManager SessionManager} used by this handle to invoke
- * all session-related methods.
- *
- * @return the {@link SessionManager SessionManager} used by this handle to invoke
- * all session-related methods.
- */
- public SessionManager getSessionManager() {
- return sessionManager;
- }
-
- /**
- * Sets the {@link SessionManager SessionManager} to which this <tt>DelegatingSession</tt> will
- * delegate its method calls. In a rich client environment, this <tt>SessionManager</tt> will
- * probably be a remoting proxy which executes remote method invocations. In a single-process
- * environment (e.g. a web application deployed in the same JVM of the application server),
- * the <tt>SessionManager</tt> can be the actual business POJO implementation.
- * <p/>
- * <p>You'll notice the {@link Session Session} interface and the {@link SessionManager}
- * interface are nearly identical. This is to ensure the SessionManager can support
- * most method calls in the Session interface, via this handle/proxy technique. The session
- * manager is implementated as a stateless business POJO, with the handle passing the
- * session id as necessary.
- *
- * @param sessionManager the <tt>SessionManager</tt> this handle will use when delegating
- * method calls.
- */
- public void setSessionManager(SessionManager sessionManager) {
- this.sessionManager = sessionManager;
- }
-
- /**
- * Sets the sessionId used by this handle for all future {@link SessionManager SessionManager}
- * method invocations.
- *
- * @param id the <tt>sessionId</tt> to use for all <tt>SessionManager</tt> invocations.
- * @see #setSessionManager(SessionManager sessionManager)
- */
- public void setId(Serializable id) {
- this.id = id;
+ this.key = key;
}
/**
* @see org.apache.shiro.session.Session#getId()
*/
public Serializable getId() {
- return id;
+ return key.getSessionId();
}
/**
@@ -131,7 +87,7 @@ public class DelegatingSession implement
*/
public Date getStartTimestamp() {
if (startTimestamp == null) {
- startTimestamp = sessionManager.getStartTimestamp(id);
+ startTimestamp = sessionManager.getStartTimestamp(key);
}
return startTimestamp;
}
@@ -141,20 +97,20 @@ public class DelegatingSession implement
*/
public Date getLastAccessTime() {
//can't cache - only business pojo knows the accurate time:
- return sessionManager.getLastAccessTime(id);
+ return sessionManager.getLastAccessTime(key);
}
public long getTimeout() throws InvalidSessionException {
- return sessionManager.getTimeout(id);
+ return sessionManager.getTimeout(key);
}
public void setTimeout(long maxIdleTimeInMillis) throws InvalidSessionException {
- sessionManager.setTimeout(id, maxIdleTimeInMillis);
+ sessionManager.setTimeout(key, maxIdleTimeInMillis);
}
public String getHost() {
if (host == null) {
- host = sessionManager.getHost(id);
+ host = sessionManager.getHost(key);
}
return host;
}
@@ -163,46 +119,45 @@ public class DelegatingSession implement
* @see org.apache.shiro.session.Session#touch()
*/
public void touch() throws InvalidSessionException {
- sessionManager.touch(id);
+ sessionManager.touch(key);
}
/**
* @see org.apache.shiro.session.Session#stop()
*/
public void stop() throws InvalidSessionException {
- sessionManager.stop(id);
+ sessionManager.stop(key);
}
/**
* @see org.apache.shiro.session.Session#getAttributeKeys
*/
- @SuppressWarnings({"unchecked"})
public Collection<Object> getAttributeKeys() throws InvalidSessionException {
- return sessionManager.getAttributeKeys(id);
+ return sessionManager.getAttributeKeys(key);
}
/**
* @see org.apache.shiro.session.Session#getAttribute(Object key)
*/
- public Object getAttribute(Object key) throws InvalidSessionException {
- return sessionManager.getAttribute(id, key);
+ public Object getAttribute(Object attributeKey) throws InvalidSessionException {
+ return sessionManager.getAttribute(this.key, attributeKey);
}
/**
* @see Session#setAttribute(Object key, Object value)
*/
- public void setAttribute(Object key, Object value) throws InvalidSessionException {
+ public void setAttribute(Object attributeKey, Object value) throws InvalidSessionException {
if (value == null) {
- removeAttribute(key);
+ removeAttribute(attributeKey);
} else {
- sessionManager.setAttribute(id, key, value);
+ sessionManager.setAttribute(this.key, attributeKey, value);
}
}
/**
* @see Session#removeAttribute(Object key)
*/
- public Object removeAttribute(Object key) throws InvalidSessionException {
- return sessionManager.removeAttribute(id, key);
+ public Object removeAttribute(Object attributeKey) throws InvalidSessionException {
+ return sessionManager.removeAttribute(this.key, attributeKey);
}
}
Modified: incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/SessionContext.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/SessionContext.java?rev=945999&r1=945998&r2=945999&view=diff
==============================================================================
--- incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/SessionContext.java (original)
+++ incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/SessionContext.java Wed May 19 02:39:25 2010
@@ -18,6 +18,7 @@
*/
package org.apache.shiro.session.mgt;
+import java.io.Serializable;
import java.util.Map;
/**
@@ -83,4 +84,9 @@ public interface SessionContext extends
* @see #setHost(String) setHost(String)
*/
String getHost();
+
+ Serializable getSessionId();
+
+ void setSessionId(Serializable sessionId);
+
}
Modified: incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/SessionManager.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/SessionManager.java?rev=945999&r1=945998&r2=945999&view=diff
==============================================================================
--- incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/SessionManager.java (original)
+++ incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/SessionManager.java Wed May 19 02:39:25 2010
@@ -18,14 +18,8 @@
*/
package org.apache.shiro.session.mgt;
-import org.apache.shiro.authz.AuthorizationException;
-import org.apache.shiro.authz.HostUnauthorizedException;
-import org.apache.shiro.session.InvalidSessionException;
import org.apache.shiro.session.Session;
-
-import java.io.Serializable;
-import java.util.Collection;
-import java.util.Date;
+import org.apache.shiro.session.SessionException;
/**
* A SessionManager manages the creation, maintenance, and clean-up of all application
@@ -45,175 +39,24 @@ public interface SessionManager {
* instance in a specific manner. This allows pluggable {@link org.apache.shiro.session.Session Session} creation
* logic by simply injecting a {@code SessionFactory} into the {@code SessionManager} instance.
*
- * @param initData the contextual initialization data that can be used by the implementation or underlying
- * {@link SessionFactory} when instantiating the internal {@code Session} instance.
+ * @param context the contextual initialization data that can be used by the implementation or underlying
+ * {@link SessionFactory} when instantiating the internal {@code Session} instance.
* @return the newly created session.
- * @throws HostUnauthorizedException if the system access control policy restricts access based
- * on client location/IP and the specified host address hasn't been enabled.
- * @throws AuthorizationException if the system access control policy does not allow the currently executing
- * caller to start sessions.
* @see SessionFactory#createSession(SessionContext)
* @since 1.0
*/
- Session start(SessionContext initData) throws AuthorizationException;
-
- /**
- * Returns the time the Session identified by the specified {@code sessionId} was started
- * in the system.
- *
- * @param sessionId the system identifier for the session of interest.
- * @return the system time the specified session was started (i.e. created).
- * @see org.apache.shiro.session.Session#getStartTimestamp()
- */
- Date getStartTimestamp(Serializable sessionId);
-
- /**
- * Returns the time the {@code Session} identified by the specified {@code sessionId} last
- * interacted with the system.
- *
- * @param sessionId the system identifier for the session of interest
- * @return time the session last accessed the system
- * @see org.apache.shiro.session.Session#getLastAccessTime()
- * @see org.apache.shiro.session.Session#touch()
- */
- Date getLastAccessTime(Serializable sessionId);
-
- /**
- * Returns {@code true} if the session is valid (it exists and is not stopped nor expired), {@code false} otherwise.
- *
- * @param sessionId the id of the session to check
- * @return {@code true} if the session is valid (exists and is not stopped or expired), {@code false} otherwise.
- */
- boolean isValid(Serializable sessionId);
+ Session start(SessionContext context);
/**
- * Returns quietly if the associated session is valid (it exists and is not stopped or expired) or throws
- * an {@link InvalidSessionException} indicating that the session id is invalid. This might be preferred to be
- * used instead of {@link #isValid} since any exception thrown will definitively explain the reason for
- * invalidation.
+ * Retrieves the session corresponding to the specified contextual data (such as a session ID if applicable), or
+ * {@code null} if no Session could be found. If a session is found but invalid (stopped or expired), a
+ * {@link SessionException} will be thrown.
*
- * @param sessionId the session id to check for validity.
- * @throws InvalidSessionException if the session id is invalid (it does not exist or it is stopped or expired).
+ * @param key the Session key to use to look-up the Session
+ * @return the {@code Session} instance corresponding to the given lookup key or {@code null} if no session
+ * could be acquired.
+ * @throws SessionException if a session was found but it was invalid (stopped/expired).
* @since 1.0
*/
- void checkValid(Serializable sessionId) throws InvalidSessionException;
-
- /**
- * Returns the time in milliseconds that the specified session may remain idle before expiring.
- * <ul>
- * <li>A negative return value means the session will never expire.</li>
- * <li>A non-negative return value (0 or greater) means the session expiration will occur if idle for that
- * length of time.</li>
- * </ul>
- *
- * @param sessionId the system identifier of the session of interest.
- * @return the time in milliseconds that the specified session may remain idle before expiring.
- * @throws org.apache.shiro.session.InvalidSessionException
- * if the session has been stopped or expired prior to calling this method.
- * @since 0.2
- */
- long getTimeout(Serializable sessionId) throws InvalidSessionException;
-
- /**
- * Sets the time in milliseconds that the specified session may remain idle before expiring.
- * <ul>
- * <li>A negative return value means the session will never expire.</li>
- * <li>A non-negative return value (0 or greater) means the session expiration will occur if idle for that
- * length of time.</li>
- * </ul>
- *
- * @param sessionId the system identifier of the session of interest.
- * @param maxIdleTimeInMillis the time in milliseconds that the specified session may remain idle before expiring.
- * @throws org.apache.shiro.session.InvalidSessionException
- * if the session has been stopped or expired prior to calling this method.
- * @since 0.2
- */
- void setTimeout(Serializable sessionId, long maxIdleTimeInMillis) throws InvalidSessionException;
-
- /**
- * Updates the last accessed time of the session identified by <code>sessionId</code>. This
- * can be used to explicitly ensure that a session does not time out.
- *
- * @param sessionId the id of the session to update.
- * @throws org.apache.shiro.session.InvalidSessionException
- * if the session has been stopped or expired prior to calling this method.
- * @see org.apache.shiro.session.Session#touch
- */
- void touch(Serializable sessionId) throws InvalidSessionException;
-
- /**
- * Returns the host name or IP string of the host where the session was started, if known. If
- * no host name or IP was specified when starting the session, this method returns {@code null}
- *
- * @param sessionId the id of the session to query.
- * @return the host name or ip address of the host where the session originated, if known. If unknown,
- * this method returns {@code null}.
- * @since 1.0
- */
- String getHost(Serializable sessionId);
-
- /**
- * Explicitly stops the session identified by {@code sessionId}, thereby releasing all
- * associated resources.
- *
- * @param sessionId the system identfier of the system to destroy.
- * @throws InvalidSessionException if the session has stopped or expired prior to calling
- * this method.
- * @see org.apache.shiro.session.Session#stop
- */
- void stop(Serializable sessionId) throws InvalidSessionException;
-
- /**
- * Returns the keys of all the attributes stored under the session identified by {@code sessionId}.
- * If there are no attributes, this returns an empty collection.
- *
- * @param sessionId the system identifier of the system to access.
- * @return the keys of all attributes stored under the specified session, or an empty collection if
- * there are no session attributes.
- * @throws InvalidSessionException if the specified session has stopped or expired prior to calling this method.
- * @see org.apache.shiro.session.Session#getAttributeKeys()
- * @since 0.2
- */
- Collection<Object> getAttributeKeys(Serializable sessionId);
-
- /**
- * Returns the object bound to the specified session identified by the specified key. If there
- * is noobject bound under the key for the given session, {@code null} is returned.
- *
- * @param sessionId the system identifier of the session of interest
- * @param key the unique name of the object bound to the specified session
- * @return the object bound under the specified {@code key} name or {@code null} if there is
- * no object bound under that name.
- * @throws InvalidSessionException if the specified session has stopped or expired prior to calling this method.
- * @see org.apache.shiro.session.Session#getAttribute(Object key)
- */
- Object getAttribute(Serializable sessionId, Object key) throws InvalidSessionException;
-
- /**
- * Binds the specified {@code value} to the specified session uniquely identified by the
- * specifed {@code key} name. If there is already an object bound under the {@code key}
- * name, that existing object will be replaced by the new {@code value}.
- * <p/>
- * If the {@code value} parameter is null, it has the same effect as if the
- * {@link #removeAttribute(Serializable sessionId, Object key)} method was called.
- *
- * @param sessionId the system identifier of the session of interest
- * @param key the name under which the {@code value} object will be bound in this session
- * @param value the object to bind in this session.
- * @throws InvalidSessionException if the specified session has stopped or expired prior to calling this method.
- * @see org.apache.shiro.session.Session#setAttribute(Object key, Object value)
- */
- void setAttribute(Serializable sessionId, Object key, Object value) throws InvalidSessionException;
-
- /**
- * Removes (unbinds) the object bound to this session under the specified {@code key} name.
- *
- * @param sessionId the system identifier of the session of interest
- * @param key the name uniquely identifying the object to remove
- * @return the object removed or {@code null} if there was no object bound under the specified
- * {@code key} name.
- * @throws InvalidSessionException if the specified session has stopped or expired prior to calling this method.
- * @see org.apache.shiro.session.Session#removeAttribute(Object key)
- */
- Object removeAttribute(Serializable sessionId, Object key) throws InvalidSessionException;
+ Session getSession(SessionKey key) throws SessionException;
}
Modified: incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/SimpleSession.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/SimpleSession.java?rev=945999&r1=945998&r2=945999&view=diff
==============================================================================
--- incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/SimpleSession.java (original)
+++ incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/SimpleSession.java Wed May 19 02:39:25 2010
@@ -252,7 +252,7 @@ public class SimpleSession implements Va
String msg = "Session with id [" + getId() + "] has been " +
"explicitly stopped. No further interaction under this session is " +
"allowed.";
- throw new StoppedSessionException(msg, getId());
+ throw new StoppedSessionException(msg);
}
//check for expiration
@@ -274,7 +274,7 @@ public class SimpleSession implements Va
if (log.isTraceEnabled()) {
log.trace(msg);
}
- throw new ExpiredSessionException(msg, sessionId);
+ throw new ExpiredSessionException(msg);
}
}
Modified: incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/ValidatingSessionManager.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/ValidatingSessionManager.java?rev=945999&r1=945998&r2=945999&view=diff
==============================================================================
--- incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/ValidatingSessionManager.java (original)
+++ incubator/shiro/trunk/core/src/main/java/org/apache/shiro/session/mgt/ValidatingSessionManager.java Wed May 19 02:39:25 2010
@@ -18,11 +18,6 @@
*/
package org.apache.shiro.session.mgt;
-import java.io.Serializable;
-
-import org.apache.shiro.session.InvalidSessionException;
-
-
/**
* A ValidatingSessionManager is a SessionManager that can proactively validate any or all sessions
* that may be expired.
@@ -37,13 +32,13 @@ public interface ValidatingSessionManage
* have not been stopped or expired), and validates each one. If a session is
* found to be invalid (e.g. it has expired), it is updated and saved to the EIS.
* <p/>
- * <p>This method is necessary in order to handle orphaned sessions and is expected to be run at
+ * This method is necessary in order to handle orphaned sessions and is expected to be run at
* a regular interval, such as once an hour, once a day or once a week, etc.
* The "best" frequency to run this method is entirely dependent upon the application
* and would be based on factors such as performance, average number of active users, hours of
* least activity, and other things.
* <p/>
- * <p>Most enterprise applications use a request/response programming model.
+ * Most enterprise applications use a request/response programming model.
* This is obvious in the case of web applications due to the HTTP protocol, but it is
* equally true of remote client applications making remote method invocations. The server
* essentially sits idle and only "works" when responding to client requests and/or
@@ -52,34 +47,27 @@ public interface ValidatingSessionManage
* "lazy" behavior enables the system to lie stateless and/or idle and only incur
* overhead for session validation when necessary.
* <p/>
- * <p>However, if a client forgets to log-out, or in the event of a server failure, it is
+ * However, if a client forgets to log-out, or in the event of a server failure, it is
* possible for sessions to be orphaned since no further requests would utilize that session.
* Because of these lower-probability cases, it might be required to regularly clean-up the sessions
* maintained by the system, especially if sessions are backed by a persistent data store.
* <p/>
- * <p>Even in applications that aren't primarily based on a request/response model,
+ * Even in applications that aren't primarily based on a request/response model,
* such as those that use enterprise asynchronous messaging (where data is pushed to
* a client without first receiving a client request), it is almost always acceptable to
* utilize this lazy approach and run this method at defined interval.
* <p/>
- * <p>Systems that want to proactively validate individual sessions may call the
- * {@link #validateSession(Serializable) validateSession} method. Note that even in such
- * proactive systems, this {@code validateSessions} method should be invoked regularaly
- * anyway to <em>guarantee</em> no orphans exist.
+ * Systems that want to proactively validate individual sessions may simply call the
+ * {@link #getSession(SessionKey) getSession(SessionKey)} method on any
+ * {@code ValidatingSessionManager} instance as that method is expected to
+ * validate the session before retrieving it. Note that even with proactive calls to {@code getSession},
+ * this {@code validateSessions()} method should be invoked regularly anyway to <em>guarantee</em> no
+ * orphans exist.
* <p/>
- * <p><b>Note:</b> Shiro supports automatic execution of this method at a regular interval
+ * <b>Note:</b> Shiro supports automatic execution of this method at a regular interval
* by using {@link SessionValidationScheduler}s. The Shiro default SecurityManager implementations
* needing session validation will create and use one by default if one is not provided by the
* application configuration.
*/
void validateSessions();
-
- /**
- * Proactively validates a single session.
- *
- * @param sessionId the id of the session to validate
- * @throws org.apache.shiro.session.InvalidSessionException
- * if, upon validation, the session was stopped or expired.
- */
- void validateSession(Serializable sessionId) throws InvalidSessionException;
}
Modified: incubator/shiro/trunk/core/src/main/java/org/apache/shiro/subject/support/DefaultSubjectContext.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/core/src/main/java/org/apache/shiro/subject/support/DefaultSubjectContext.java?rev=945999&r1=945998&r2=945999&view=diff
==============================================================================
--- incubator/shiro/trunk/core/src/main/java/org/apache/shiro/subject/support/DefaultSubjectContext.java (original)
+++ incubator/shiro/trunk/core/src/main/java/org/apache/shiro/subject/support/DefaultSubjectContext.java Wed May 19 02:39:25 2010
@@ -91,9 +91,7 @@ public class DefaultSubjectContext exten
}
public void setSecurityManager(SecurityManager securityManager) {
- if (securityManager != null) {
- put(SECURITY_MANAGER, securityManager);
- }
+ nullSafePut(SECURITY_MANAGER, securityManager);
}
public SecurityManager resolveSecurityManager() {
@@ -119,9 +117,7 @@ public class DefaultSubjectContext exten
}
public void setSessionId(Serializable sessionId) {
- if (sessionId != null) {
- put(SESSION_ID, sessionId);
- }
+ nullSafePut(SESSION_ID, sessionId);
}
public Subject getSubject() {
@@ -129,9 +125,7 @@ public class DefaultSubjectContext exten
}
public void setSubject(Subject subject) {
- if (subject != null) {
- put(SUBJECT, subject);
- }
+ nullSafePut(SUBJECT, subject);
}
public PrincipalCollection getPrincipals() {
@@ -179,9 +173,7 @@ public class DefaultSubjectContext exten
}
public void setSession(Session session) {
- if (session != null) {
- put(SESSION, session);
- }
+ nullSafePut(SESSION, session);
}
public Session resolveSession() {
@@ -230,9 +222,7 @@ public class DefaultSubjectContext exten
}
public void setAuthenticationInfo(AuthenticationInfo info) {
- if (info != null) {
- put(AUTHENTICATION_INFO, info);
- }
+ nullSafePut(AUTHENTICATION_INFO, info);
}
public AuthenticationToken getAuthenticationToken() {
@@ -240,9 +230,7 @@ public class DefaultSubjectContext exten
}
public void setAuthenticationToken(AuthenticationToken token) {
- if (token != null) {
- put(AUTHENTICATION_TOKEN, token);
- }
+ nullSafePut(AUTHENTICATION_TOKEN, token);
}
public String getHost() {
Modified: incubator/shiro/trunk/core/src/main/java/org/apache/shiro/subject/support/DelegatingSubject.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/core/src/main/java/org/apache/shiro/subject/support/DelegatingSubject.java?rev=945999&r1=945998&r2=945999&view=diff
==============================================================================
--- incubator/shiro/trunk/core/src/main/java/org/apache/shiro/subject/support/DelegatingSubject.java (original)
+++ incubator/shiro/trunk/core/src/main/java/org/apache/shiro/subject/support/DelegatingSubject.java Wed May 19 02:39:25 2010
@@ -29,7 +29,6 @@ import org.apache.shiro.session.InvalidS
import org.apache.shiro.session.ProxiedSession;
import org.apache.shiro.session.Session;
import org.apache.shiro.session.mgt.DefaultSessionContext;
-import org.apache.shiro.session.mgt.DelegatingSession;
import org.apache.shiro.session.mgt.SessionContext;
import org.apache.shiro.subject.ExecutionException;
import org.apache.shiro.subject.PrincipalCollection;
@@ -115,14 +114,6 @@ public class DelegatingSubject implement
return new StoppingAwareProxiedSession(session, this);
}
- protected Session decorateSession(Serializable sessionId) {
- if (sessionId == null) {
- throw new IllegalArgumentException("sessionId cannot be null");
- }
- DelegatingSession target = new DelegatingSession(getSecurityManager(), sessionId);
- return decorate(target);
- }
-
public SecurityManager getSecurityManager() {
return securityManager;
}
Modified: incubator/shiro/trunk/core/src/main/java/org/apache/shiro/util/MapContext.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/core/src/main/java/org/apache/shiro/util/MapContext.java?rev=945999&r1=945998&r2=945999&view=diff
==============================================================================
--- incubator/shiro/trunk/core/src/main/java/org/apache/shiro/util/MapContext.java (original)
+++ incubator/shiro/trunk/core/src/main/java/org/apache/shiro/util/MapContext.java Wed May 19 02:39:25 2010
@@ -27,17 +27,17 @@ import java.util.*;
* @author Les Hazlewood
* @since 1.0
*/
-public class MapContext implements Map<String,Object>, Serializable {
+public class MapContext implements Map<String, Object>, Serializable {
private static final long serialVersionUID = 5373399119017820322L;
-
- private final Map<String,Object> backingMap;
+
+ private final Map<String, Object> backingMap;
public MapContext() {
this.backingMap = new HashMap<String, Object>();
}
- public MapContext(Map<String,Object> map) {
+ public MapContext(Map<String, Object> map) {
this();
if (!CollectionUtils.isEmpty(map)) {
this.backingMap.putAll(map);
@@ -60,6 +60,12 @@ public class MapContext implements Map<S
return found;
}
+ protected void nullSafePut(String key, Object value) {
+ if (value != null) {
+ put(key, value);
+ }
+ }
+
public int size() {
return backingMap.size();
}
Propchange: incubator/shiro/trunk/core/src/test/java/org/apache/shiro/authz/aop/
------------------------------------------------------------------------------
--- svn:mergeinfo (added)
+++ svn:mergeinfo Wed May 19 02:39:25 2010
@@ -0,0 +1,2 @@
+/incubator/jsecurity/import/trunk/src/test/java/org/apache/shiro/authz/aop:711429-749338
+/incubator/shiro/branches/session_manager_API_change/core/src/test/java/org/apache/shiro/authz/aop:945409-945995*
Propchange: incubator/shiro/trunk/core/src/test/java/org/apache/shiro/authz/aop/PermissionAnnotationHandlerTest.java
------------------------------------------------------------------------------
--- svn:mergeinfo (added)
+++ svn:mergeinfo Wed May 19 02:39:25 2010
@@ -0,0 +1,2 @@
+/incubator/jsecurity/import/trunk/src/test/java/org/apache/shiro/authz/aop/PermissionAnnotationHandlerTest.java:711429-749338
+/incubator/shiro/branches/session_manager_API_change/core/src/test/java/org/apache/shiro/authz/aop/PermissionAnnotationHandlerTest.java:945409-945995
Propchange: incubator/shiro/trunk/core/src/test/java/org/apache/shiro/authz/aop/RoleAnnotationHandlerTest.java
------------------------------------------------------------------------------
--- svn:mergeinfo (added)
+++ svn:mergeinfo Wed May 19 02:39:25 2010
@@ -0,0 +1,2 @@
+/incubator/jsecurity/import/trunk/src/test/java/org/apache/shiro/authz/aop/RoleAnnotationHandlerTest.java:711429-749338
+/incubator/shiro/branches/session_manager_API_change/core/src/test/java/org/apache/shiro/authz/aop/RoleAnnotationHandlerTest.java:945409-945995
Modified: incubator/shiro/trunk/core/src/test/java/org/apache/shiro/session/mgt/DefaultSessionManagerTest.java
URL: http://svn.apache.org/viewvc/incubator/shiro/trunk/core/src/test/java/org/apache/shiro/session/mgt/DefaultSessionManagerTest.java?rev=945999&r1=945998&r2=945999&view=diff
==============================================================================
--- incubator/shiro/trunk/core/src/test/java/org/apache/shiro/session/mgt/DefaultSessionManagerTest.java (original)
+++ incubator/shiro/trunk/core/src/test/java/org/apache/shiro/session/mgt/DefaultSessionManagerTest.java Wed May 19 02:39:25 2010
@@ -92,7 +92,7 @@ public class DefaultSessionManagerTest {
};
sm.getSessionListeners().add(listener);
Session session = sm.start(null);
- sm.stop(session.getId());
+ sm.stop(new DefaultSessionKey(session.getId()));
assertTrue(stopped[0]);
}
@@ -109,7 +109,7 @@ public class DefaultSessionManagerTest {
Session session = sm.start(null);
sleep(150);
try {
- sm.checkValid(session.getId());
+ sm.checkValid(new DefaultSessionKey(session.getId()));
fail("check should have thrown an exception.");
} catch (InvalidSessionException expected) {
//do nothing - expected.
@@ -147,7 +147,7 @@ public class DefaultSessionManagerTest {
expect(sessionDAO.readSession(sessionId1)).andReturn(session1).anyTimes();
sessionDAO.update(eq(session1));
replay(sessionDAO);
- sm.setTimeout(sessionId1, 1);
+ sm.setTimeout(new DefaultSessionKey(sessionId1), 1);
verify(sessionDAO);
reset(sessionDAO);
@@ -160,7 +160,7 @@ public class DefaultSessionManagerTest {
//Try to access the same session, but it should throw an UnknownSessionException due to timeout:
try {
- sm.getTimeout(sessionId1);
+ sm.getTimeout(new DefaultSessionKey(sessionId1));
fail("Session with id [" + sessionId1 + "] should have expired due to timeout.");
} catch (ExpiredSessionException expected) {
//expected