use of org.apache.shiro.session.mgt.SessionContext in project shiro by apache.
the class DelegatingSubject method getSession.
public Session getSession(boolean create) {
if (log.isTraceEnabled()) {
log.trace("attempting to get session; create = " + create + "; session is null = " + (this.session == null) + "; session has id = " + (this.session != null && session.getId() != null));
}
if (this.session == null && create) {
// added in 1.2:
if (!isSessionCreationEnabled()) {
String msg = "Session creation has been disabled for the current subject. This exception indicates " + "that there is either a programming error (using a session when it should never be " + "used) or that Shiro's configuration needs to be adjusted to allow Sessions to be created " + "for the current Subject. See the " + DisabledSessionException.class.getName() + " JavaDoc " + "for more.";
throw new DisabledSessionException(msg);
}
log.trace("Starting session for host {}", getHost());
SessionContext sessionContext = createSessionContext();
Session session = this.securityManager.start(sessionContext);
this.session = decorate(session);
}
return this.session;
}
use of org.apache.shiro.session.mgt.SessionContext in project shiro by apache.
the class DefaultWebSecurityManager method createSessionContext.
@Override
protected SessionContext createSessionContext(SubjectContext subjectContext) {
SessionContext sessionContext = super.createSessionContext(subjectContext);
if (subjectContext instanceof WebSubjectContext) {
WebSubjectContext wsc = (WebSubjectContext) subjectContext;
ServletRequest request = wsc.resolveServletRequest();
ServletResponse response = wsc.resolveServletResponse();
DefaultWebSessionContext webSessionContext = new DefaultWebSessionContext(sessionContext);
if (request != null) {
webSessionContext.setServletRequest(request);
}
if (response != null) {
webSessionContext.setServletResponse(response);
}
sessionContext = webSessionContext;
}
return sessionContext;
}
Aggregations