/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.apache.shiro.mgt;
import org.apache.shiro.authz.AuthorizationException;
import org.apache.shiro.cache.CacheManagerAware;
import org.apache.shiro.event.EventBus;
import org.apache.shiro.event.EventBusAware;
import org.apache.shiro.session.Session;
import org.apache.shiro.session.SessionException;
import org.apache.shiro.session.mgt.DefaultSessionManager;
import org.apache.shiro.session.mgt.SessionContext;
import org.apache.shiro.session.mgt.SessionKey;
import org.apache.shiro.session.mgt.SessionManager;
import org.apache.shiro.util.LifecycleUtils;
/**
* Shiro support of a {@link SecurityManager} class hierarchy that delegates all
* {@link org.apache.shiro.session.Session session} operations to a wrapped
* {@link org.apache.shiro.session.mgt.SessionManager SessionManager} instance. That is, this class implements the
* methods in the {@link SessionManager SessionManager} interface, but in reality, those methods are merely
* passthrough calls to the underlying 'real' {@code SessionManager} instance.
* <p/>
* The remaining {@code SecurityManager} methods not implemented by this class or its parents are left to be
* implemented by subclasses.
* <p/>
* In keeping with the other classes in this hierarchy and Shiro's desire to minimize configuration whenever
* possible, suitable default instances for all dependencies will be created upon instantiation.
*
* @since 0.9
*/
public abstract class SessionsSecurityManager extends AuthorizingSecurityManager {
/**
* The internal delegate <code>SessionManager</code> used by this security manager that manages all the
* application's {@link Session Session}s.
*/
private SessionManager sessionManager;
/**
* Default no-arg constructor, internally creates a suitable default {@link SessionManager SessionManager} delegate
* instance.
*/
public SessionsSecurityManager() {
super();
this.sessionManager = new DefaultSessionManager();
applyCacheManagerToSessionManager();
}
/**
* Sets the underlying delegate {@link SessionManager} instance that will be used to support this implementation's
* <tt>SessionManager</tt> method calls.
* <p/>
* This <tt>SecurityManager</tt> implementation does not provide logic to support the inherited
* <tt>SessionManager</tt> interface, but instead delegates these calls to an internal
* <tt>SessionManager</tt> instance.
* <p/>
* If a <tt>SessionManager</tt> instance is not set, a default one will be automatically created and
* initialized appropriately for the the existing runtime environment.
*
* @param sessionManager delegate instance to use to support this manager's <tt>SessionManager</tt> method calls.
*/
public void setSessionManager(SessionManager sessionManager) {
this.sessionManager = sessionManager;
afterSessionManagerSet();
}
protected void afterSessionManagerSet() {
applyCacheManagerToSessionManager();
applyEventBusToSessionManager();
}
/**
* Returns this security manager's internal delegate {@link SessionManager SessionManager}.
*
* @return this security manager's internal delegate {@link SessionManager SessionManager}.
* @see #setSessionManager(org.apache.shiro.session.mgt.SessionManager) setSessionManager
*/
public SessionManager getSessionManager() {
return this.sessionManager;
}
/**
* Calls {@link org.apache.shiro.mgt.AuthorizingSecurityManager#afterCacheManagerSet() super.afterCacheManagerSet()} and then immediately calls
* {@link #applyCacheManagerToSessionManager() applyCacheManagerToSessionManager()} to ensure the
* <code>CacheManager</code> is applied to the SessionManager as necessary.
*/
@Override
protected void afterCacheManagerSet() {
super.afterCacheManagerSet();
applyCacheManagerToSessionManager();
}
/**
* Sets any configured EventBus on the SessionManager if necessary.
*
* @since 1.3
*/
@Override
protected void afterEventBusSet() {
super.afterEventBusSet();
applyEventBusToSessionManager();
}
/**
* Ensures the internal delegate <code>SessionManager</code> is injected with the newly set
* {@link #setCacheManager CacheManager} so it may use it for its internal caching needs.
* <p/>
* Note: This implementation only injects the CacheManager into the SessionManager if the SessionManager
* instance implements the {@link CacheManagerAware CacheManagerAware} interface.
*/
protected void applyCacheManagerToSessionManager() {
if (this.sessionManager instanceof CacheManagerAware) {
((CacheManagerAware) this.sessionManager).setCacheManager(getCacheManager());
}
}
/**
* Ensures the internal delegate <code>SessionManager</code> is injected with the newly set
* {@link #setEventBus EventBus} so it may use it for its internal event needs.
* <p/>
* Note: This implementation only injects the EventBus into the SessionManager if the SessionManager
* instance implements the {@link EventBusAware EventBusAware} interface.
*
* @since 1.3
*/
protected void applyEventBusToSessionManager() {
EventBus eventBus = getEventBus();
if (eventBus != null && this.sessionManager instanceof EventBusAware) {
((EventBusAware)this.sessionManager).setEventBus(eventBus);
}
}
public Session start(SessionContext context) throws AuthorizationException {
return this.sessionManager.start(context);
}
public Session getSession(SessionKey key) throws SessionException {
return this.sessionManager.getSession(key);
}
public void destroy() {
LifecycleUtils.destroy(getSessionManager());
this.sessionManager = null;
super.destroy();
}
}