Search in sources :

Example 1 with InvalidSessionException

use of org.apache.shiro.session.InvalidSessionException in project shiro by apache.

the class AbstractValidatingSessionManager method validateSessions.

/**
 * @see ValidatingSessionManager#validateSessions()
 */
public void validateSessions() {
    if (log.isInfoEnabled()) {
        log.info("Validating all active sessions...");
    }
    int invalidCount = 0;
    Collection<Session> activeSessions = getActiveSessions();
    if (activeSessions != null && !activeSessions.isEmpty()) {
        for (Session s : activeSessions) {
            try {
                // simulate a lookup key to satisfy the method signature.
                // this could probably stand to be cleaned up in future versions:
                SessionKey key = new DefaultSessionKey(s.getId());
                validate(s, key);
            } catch (InvalidSessionException e) {
                if (log.isDebugEnabled()) {
                    boolean expired = (e instanceof ExpiredSessionException);
                    String msg = "Invalidated session with id [" + s.getId() + "]" + (expired ? " (expired)" : " (stopped)");
                    log.debug(msg);
                }
                invalidCount++;
            }
        }
    }
    if (log.isInfoEnabled()) {
        String msg = "Finished session validation.";
        if (invalidCount > 0) {
            msg += "  [" + invalidCount + "] sessions were stopped.";
        } else {
            msg += "  No sessions were stopped.";
        }
        log.info(msg);
    }
}
Also used : InvalidSessionException(org.apache.shiro.session.InvalidSessionException) ExpiredSessionException(org.apache.shiro.session.ExpiredSessionException) Session(org.apache.shiro.session.Session)

Example 2 with InvalidSessionException

use of org.apache.shiro.session.InvalidSessionException in project shiro by apache.

the class HttpServletSession method touch.

public void touch() throws InvalidSessionException {
    // just manipulate the session to update the access time:
    try {
        httpSession.setAttribute(TOUCH_OBJECT_SESSION_KEY, TOUCH_OBJECT_SESSION_KEY);
        httpSession.removeAttribute(TOUCH_OBJECT_SESSION_KEY);
    } catch (Exception e) {
        throw new InvalidSessionException(e);
    }
}
Also used : InvalidSessionException(org.apache.shiro.session.InvalidSessionException) InvalidSessionException(org.apache.shiro.session.InvalidSessionException)

Example 3 with InvalidSessionException

use of org.apache.shiro.session.InvalidSessionException in project shiro by apache.

the class HttpServletSession method removeAttribute.

public Object removeAttribute(Object key) throws InvalidSessionException {
    try {
        String sKey = assertString(key);
        Object removed = httpSession.getAttribute(sKey);
        httpSession.removeAttribute(sKey);
        return removed;
    } catch (Exception e) {
        throw new InvalidSessionException(e);
    }
}
Also used : InvalidSessionException(org.apache.shiro.session.InvalidSessionException) InvalidSessionException(org.apache.shiro.session.InvalidSessionException)

Example 4 with InvalidSessionException

use of org.apache.shiro.session.InvalidSessionException in project shiro by apache.

the class HttpServletSession method setTimeout.

public void setTimeout(long maxIdleTimeInMillis) throws InvalidSessionException {
    try {
        int timeout = Long.valueOf(maxIdleTimeInMillis / 1000).intValue();
        httpSession.setMaxInactiveInterval(timeout);
    } catch (Exception e) {
        throw new InvalidSessionException(e);
    }
}
Also used : InvalidSessionException(org.apache.shiro.session.InvalidSessionException) InvalidSessionException(org.apache.shiro.session.InvalidSessionException)

Example 5 with InvalidSessionException

use of org.apache.shiro.session.InvalidSessionException in project mica2 by obiba.

the class CurrentSessionResource method deleteSession.

@DELETE
public Response deleteSession() {
    // Delete the Shiro session
    try {
        Session session = SecurityUtils.getSubject().getSession();
        Object cookieValue = session.getAttribute(HttpHeaders.SET_COOKIE);
        SecurityUtils.getSubject().logout();
        if (cookieValue != null) {
            NewCookie cookie = NewCookie.valueOf(cookieValue.toString());
            if (OBIBA_ID_COOKIE_NAME.equals(cookie.getName())) {
                return Response.ok().header(HttpHeaders.SET_COOKIE, new NewCookie(OBIBA_ID_COOKIE_NAME, null, micaConfigService.getContextPath() + "/", cookie.getDomain(), "Obiba session deleted", 0, true, true)).build();
            }
        }
    } catch (InvalidSessionException e) {
    // Ignore
    }
    return Response.ok().build();
}
Also used : InvalidSessionException(org.apache.shiro.session.InvalidSessionException) Session(org.apache.shiro.session.Session) NewCookie(javax.ws.rs.core.NewCookie) DELETE(javax.ws.rs.DELETE)

Aggregations

InvalidSessionException (org.apache.shiro.session.InvalidSessionException)8 Session (org.apache.shiro.session.Session)4 ArrayList (java.util.ArrayList)1 Enumeration (java.util.Enumeration)1 DELETE (javax.ws.rs.DELETE)1 NewCookie (javax.ws.rs.core.NewCookie)1 AuthenticationStrategy (org.apache.shiro.authc.pam.AuthenticationStrategy)1 ModularRealmAuthenticator (org.apache.shiro.authc.pam.ModularRealmAuthenticator)1 CacheManager (org.apache.shiro.cache.CacheManager)1 MemoryConstrainedCacheManager (org.apache.shiro.cache.MemoryConstrainedCacheManager)1 EhCacheManager (org.apache.shiro.cache.ehcache.EhCacheManager)1 RememberMeManager (org.apache.shiro.mgt.RememberMeManager)1 AuthorizingRealm (org.apache.shiro.realm.AuthorizingRealm)1 Realm (org.apache.shiro.realm.Realm)1 ExpiredSessionException (org.apache.shiro.session.ExpiredSessionException)1 SessionListener (org.apache.shiro.session.SessionListener)1 SessionListenerAdapter (org.apache.shiro.session.SessionListenerAdapter)1 SubjectContext (org.apache.shiro.subject.SubjectContext)1 CookieRememberMeManager (org.apache.shiro.web.mgt.CookieRememberMeManager)1 DefaultWebSecurityManager (org.apache.shiro.web.mgt.DefaultWebSecurityManager)1