use of org.apache.shiro.web.servlet.Cookie in project vip by guangdada.
the class ShiroConfig method defaultWebSessionManager.
/**
* session管理器(单机环境)
*/
@Bean
@ConditionalOnProperty(prefix = "guns", name = "spring-session-open", havingValue = "false")
public DefaultWebSessionManager defaultWebSessionManager(CacheManager cacheShiroManager, GunsProperties gunsProperties) {
DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();
sessionManager.setCacheManager(cacheShiroManager);
sessionManager.setSessionValidationInterval(gunsProperties.getSessionValidationInterval() * 1000);
sessionManager.setGlobalSessionTimeout(gunsProperties.getSessionInvalidateTime() * 1000);
sessionManager.setDeleteInvalidSessions(true);
sessionManager.setSessionValidationSchedulerEnabled(true);
Cookie cookie = new SimpleCookie(ShiroHttpSession.DEFAULT_SESSION_ID_NAME);
cookie.setName("shiroCookie");
cookie.setHttpOnly(true);
sessionManager.setSessionIdCookie(cookie);
return sessionManager;
}
use of org.apache.shiro.web.servlet.Cookie in project shiro by apache.
the class CookieRememberMeManager method rememberSerializedIdentity.
/**
* Base64-encodes the specified serialized byte array and sets that base64-encoded String as the cookie value.
* <p/>
* The {@code subject} instance is expected to be a {@link WebSubject} instance with an HTTP Request/Response pair
* so an HTTP cookie can be set on the outgoing response. If it is not a {@code WebSubject} or that
* {@code WebSubject} does not have an HTTP Request/Response pair, this implementation does nothing.
*
* @param subject the Subject for which the identity is being serialized.
* @param serialized the serialized bytes to be persisted.
*/
protected void rememberSerializedIdentity(Subject subject, byte[] serialized) {
if (!WebUtils.isHttp(subject)) {
if (log.isDebugEnabled()) {
String msg = "Subject argument is not an HTTP-aware instance. This is required to obtain a servlet " + "request and response in order to set the rememberMe cookie. Returning immediately and " + "ignoring rememberMe operation.";
log.debug(msg);
}
return;
}
HttpServletRequest request = WebUtils.getHttpRequest(subject);
HttpServletResponse response = WebUtils.getHttpResponse(subject);
// base 64 encode it and store as a cookie:
String base64 = Base64.encodeToString(serialized);
// the class attribute is really a template for the outgoing cookies
Cookie template = getCookie();
Cookie cookie = new SimpleCookie(template);
cookie.setValue(base64);
cookie.saveTo(request, response);
}
use of org.apache.shiro.web.servlet.Cookie in project shiro by apache.
the class DefaultWebSessionManager method storeSessionId.
private void storeSessionId(Serializable currentId, HttpServletRequest request, HttpServletResponse response) {
if (currentId == null) {
String msg = "sessionId cannot be null when persisting for subsequent requests.";
throw new IllegalArgumentException(msg);
}
Cookie template = getSessionIdCookie();
Cookie cookie = new SimpleCookie(template);
String idString = currentId.toString();
cookie.setValue(idString);
cookie.saveTo(request, response);
log.trace("Set session ID cookie for session with id {}", idString);
}
use of org.apache.shiro.web.servlet.Cookie in project shiro by apache.
the class AbstractShiroWebConfiguration method buildCookie.
protected Cookie buildCookie(String name, int maxAge, String path, String domain, boolean secure) {
Cookie cookie = new SimpleCookie(name);
cookie.setHttpOnly(true);
cookie.setMaxAge(maxAge);
cookie.setPath(path);
cookie.setDomain(domain);
cookie.setSecure(secure);
return cookie;
}
Aggregations