Package com.axelor.auth.pac4j
Class AxelorSessionManager
- java.lang.Object
-
- org.apache.shiro.web.session.mgt.ServletContainerSessionManager
-
- com.axelor.auth.pac4j.AxelorSessionManager
-
- All Implemented Interfaces:
org.apache.shiro.session.mgt.SessionManager
,org.apache.shiro.web.session.mgt.WebSessionManager
@Singleton public class AxelorSessionManager extends org.apache.shiro.web.session.mgt.ServletContainerSessionManager
Session ManagerLets the Servlet container manage the sessions and uses SameSite attribute for secure requests.
-
-
Field Summary
Fields Modifier and Type Field Description protected static String
COOKIE_ATTR_SEPARATOR
-
Constructor Summary
Constructors Constructor Description AxelorSessionManager()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected void
addSameSiteCookieHeader(BiConsumer<String,String> adder, String header)
void
changeSessionId()
protected org.apache.shiro.session.Session
createSession(Object source, javax.servlet.http.HttpServletRequest request, String host)
org.apache.shiro.session.Session
getSession(org.apache.shiro.session.mgt.SessionKey key)
protected void
setSameSiteNone(javax.servlet.http.HttpServletResponse response)
org.apache.shiro.session.Session
start(org.apache.shiro.session.mgt.SessionContext context)
-
-
-
Field Detail
-
COOKIE_ATTR_SEPARATOR
protected static final String COOKIE_ATTR_SEPARATOR
- See Also:
- Constant Field Values
-
-
Method Detail
-
start
public org.apache.shiro.session.Session start(org.apache.shiro.session.mgt.SessionContext context) throws org.apache.shiro.authz.AuthorizationException
- Specified by:
start
in interfaceorg.apache.shiro.session.mgt.SessionManager
- Overrides:
start
in classorg.apache.shiro.web.session.mgt.ServletContainerSessionManager
- Throws:
org.apache.shiro.authz.AuthorizationException
-
getSession
public org.apache.shiro.session.Session getSession(org.apache.shiro.session.mgt.SessionKey key) throws org.apache.shiro.session.SessionException
- Specified by:
getSession
in interfaceorg.apache.shiro.session.mgt.SessionManager
- Overrides:
getSession
in classorg.apache.shiro.web.session.mgt.ServletContainerSessionManager
- Throws:
org.apache.shiro.session.SessionException
-
changeSessionId
public void changeSessionId()
-
createSession
protected org.apache.shiro.session.Session createSession(Object source, javax.servlet.http.HttpServletRequest request, String host)
-
setSameSiteNone
protected void setSameSiteNone(javax.servlet.http.HttpServletResponse response)
-
addSameSiteCookieHeader
protected void addSameSiteCookieHeader(BiConsumer<String,String> adder, String header)
-
-