src/site/assets/static/1.5.0/apidocs/src-html/org/apache/shiro/web/session/mgt/ServletContainerSessionManager.html - shiro-site - Git at Google

 <!DOCTYPE HTML>
 <html lang="fr">
 <head>
 <title>Source code</title>
 <link rel="stylesheet" type="text/css" href="../../../../../../../stylesheet.css" title="Style">
 </head>
 <body>
 <main role="main">
 <div class="sourceContainer">
 <pre><span class="sourceLineNo">001</span><a id="line.1">/*</a>
 <span class="sourceLineNo">002</span><a id="line.2"> * Licensed to the Apache Software Foundation (ASF) under one</a>
 <span class="sourceLineNo">003</span><a id="line.3"> * or more contributor license agreements.  See the NOTICE file</a>
 <span class="sourceLineNo">004</span><a id="line.4"> * distributed with this work for additional information</a>
 <span class="sourceLineNo">005</span><a id="line.5"> * regarding copyright ownership.  The ASF licenses this file</a>
 <span class="sourceLineNo">006</span><a id="line.6"> * to you under the Apache License, Version 2.0 (the</a>
 <span class="sourceLineNo">007</span><a id="line.7"> * "License"); you may not use this file except in compliance</a>
 <span class="sourceLineNo">008</span><a id="line.8"> * with the License.  You may obtain a copy of the License at</a>
 <span class="sourceLineNo">009</span><a id="line.9"> *</a>
 <span class="sourceLineNo">010</span><a id="line.10"> *     http://www.apache.org/licenses/LICENSE-2.0</a>
 <span class="sourceLineNo">011</span><a id="line.11"> *</a>
 <span class="sourceLineNo">012</span><a id="line.12"> * Unless required by applicable law or agreed to in writing,</a>
 <span class="sourceLineNo">013</span><a id="line.13"> * software distributed under the License is distributed on an</a>
 <span class="sourceLineNo">014</span><a id="line.14"> * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY</a>
 <span class="sourceLineNo">015</span><a id="line.15"> * KIND, either express or implied.  See the License for the</a>
 <span class="sourceLineNo">016</span><a id="line.16"> * specific language governing permissions and limitations</a>
 <span class="sourceLineNo">017</span><a id="line.17"> * under the License.</a>
 <span class="sourceLineNo">018</span><a id="line.18"> */</a>
 <span class="sourceLineNo">019</span><a id="line.19">package org.apache.shiro.web.session.mgt;</a>
 <span class="sourceLineNo">020</span><a id="line.20"></a>
 <span class="sourceLineNo">021</span><a id="line.21">import org.apache.shiro.authz.AuthorizationException;</a>
 <span class="sourceLineNo">022</span><a id="line.22">import org.apache.shiro.session.Session;</a>
 <span class="sourceLineNo">023</span><a id="line.23">import org.apache.shiro.session.SessionException;</a>
 <span class="sourceLineNo">024</span><a id="line.24">import org.apache.shiro.session.mgt.SessionContext;</a>
 <span class="sourceLineNo">025</span><a id="line.25">import org.apache.shiro.session.mgt.SessionKey;</a>
 <span class="sourceLineNo">026</span><a id="line.26">import org.apache.shiro.web.session.HttpServletSession;</a>
 <span class="sourceLineNo">027</span><a id="line.27">import org.apache.shiro.web.util.WebUtils;</a>
 <span class="sourceLineNo">028</span><a id="line.28"></a>
 <span class="sourceLineNo">029</span><a id="line.29">import javax.servlet.ServletRequest;</a>
 <span class="sourceLineNo">030</span><a id="line.30">import javax.servlet.http.HttpServletRequest;</a>
 <span class="sourceLineNo">031</span><a id="line.31">import javax.servlet.http.HttpSession;</a>
 <span class="sourceLineNo">032</span><a id="line.32"></a>
 <span class="sourceLineNo">033</span><a id="line.33"></a>
 <span class="sourceLineNo">034</span><a id="line.34">/**</a>
 <span class="sourceLineNo">035</span><a id="line.35"> * SessionManager implementation providing {@link Session} implementations that are merely wrappers for the</a>
 <span class="sourceLineNo">036</span><a id="line.36"> * Servlet container's {@link HttpSession}.</a>
 <span class="sourceLineNo">037</span><a id="line.37"> * &lt;p/&gt;</a>
 <span class="sourceLineNo">038</span><a id="line.38"> * Despite its name, this implementation &lt;em&gt;does not&lt;/em&gt; itself manage Sessions since the Servlet container</a>
 <span class="sourceLineNo">039</span><a id="line.39"> * provides the actual management support.  This class mainly exists to 'impersonate' a regular Shiro</a>
 <span class="sourceLineNo">040</span><a id="line.40"> * {@code SessionManager} so it can be pluggable into a normal Shiro configuration in a pure web application.</a>
 <span class="sourceLineNo">041</span><a id="line.41"> * &lt;p/&gt;</a>
 <span class="sourceLineNo">042</span><a id="line.42"> * Note that because this implementation relies on the {@link HttpSession HttpSession}, it is only functional in a</a>
 <span class="sourceLineNo">043</span><a id="line.43"> * servlet container - it is not capable of supporting Sessions for any clients other than those using the HTTP</a>
 <span class="sourceLineNo">044</span><a id="line.44"> * protocol.</a>
 <span class="sourceLineNo">045</span><a id="line.45"> * &lt;p/&gt;</a>
 <span class="sourceLineNo">046</span><a id="line.46"> * Therefore, if you need {@code Session} support for heterogeneous clients (e.g. web browsers,</a>
 <span class="sourceLineNo">047</span><a id="line.47"> * RMI clients, etc), use the {@link DefaultWebSessionManager DefaultWebSessionManager}</a>
 <span class="sourceLineNo">048</span><a id="line.48"> * instead.  The {@code DefaultWebSessionManager} supports both traditional web-based access as well as non web-based</a>
 <span class="sourceLineNo">049</span><a id="line.49"> * clients.</a>
 <span class="sourceLineNo">050</span><a id="line.50"> *</a>
 <span class="sourceLineNo">051</span><a id="line.51"> * @since 0.9</a>
 <span class="sourceLineNo">052</span><a id="line.52"> * @see DefaultWebSessionManager</a>
 <span class="sourceLineNo">053</span><a id="line.53"> */</a>
 <span class="sourceLineNo">054</span><a id="line.54">public class ServletContainerSessionManager implements WebSessionManager {</a>
 <span class="sourceLineNo">055</span><a id="line.55"></a>
 <span class="sourceLineNo">056</span><a id="line.56">    //TODO - complete JavaDoc</a>
 <span class="sourceLineNo">057</span><a id="line.57"></a>
 <span class="sourceLineNo">058</span><a id="line.58">    //TODO - read session timeout value from web.xml</a>
 <span class="sourceLineNo">059</span><a id="line.59"></a>
 <span class="sourceLineNo">060</span><a id="line.60">    public ServletContainerSessionManager() {</a>
 <span class="sourceLineNo">061</span><a id="line.61">    }</a>
 <span class="sourceLineNo">062</span><a id="line.62"></a>
 <span class="sourceLineNo">063</span><a id="line.63">    public Session start(SessionContext context) throws AuthorizationException {</a>
 <span class="sourceLineNo">064</span><a id="line.64">        return createSession(context);</a>
 <span class="sourceLineNo">065</span><a id="line.65">    }</a>
 <span class="sourceLineNo">066</span><a id="line.66"></a>
 <span class="sourceLineNo">067</span><a id="line.67">    public Session getSession(SessionKey key) throws SessionException {</a>
 <span class="sourceLineNo">068</span><a id="line.68">        if (!WebUtils.isHttp(key)) {</a>
 <span class="sourceLineNo">069</span><a id="line.69">            String msg = "SessionKey must be an HTTP compatible implementation.";</a>
 <span class="sourceLineNo">070</span><a id="line.70">            throw new IllegalArgumentException(msg);</a>
 <span class="sourceLineNo">071</span><a id="line.71">        }</a>
 <span class="sourceLineNo">072</span><a id="line.72"></a>
 <span class="sourceLineNo">073</span><a id="line.73">        HttpServletRequest request = WebUtils.getHttpRequest(key);</a>
 <span class="sourceLineNo">074</span><a id="line.74"></a>
 <span class="sourceLineNo">075</span><a id="line.75">        Session session = null;</a>
 <span class="sourceLineNo">076</span><a id="line.76"></a>
 <span class="sourceLineNo">077</span><a id="line.77">        HttpSession httpSession = request.getSession(false);</a>
 <span class="sourceLineNo">078</span><a id="line.78">        if (httpSession != null) {</a>
 <span class="sourceLineNo">079</span><a id="line.79">            session = createSession(httpSession, request.getRemoteHost());</a>
 <span class="sourceLineNo">080</span><a id="line.80">        }</a>
 <span class="sourceLineNo">081</span><a id="line.81"></a>
 <span class="sourceLineNo">082</span><a id="line.82">        return session;</a>
 <span class="sourceLineNo">083</span><a id="line.83">    }</a>
 <span class="sourceLineNo">084</span><a id="line.84"></a>
 <span class="sourceLineNo">085</span><a id="line.85">    private String getHost(SessionContext context) {</a>
 <span class="sourceLineNo">086</span><a id="line.86">        String host = context.getHost();</a>
 <span class="sourceLineNo">087</span><a id="line.87">        if (host == null) {</a>
 <span class="sourceLineNo">088</span><a id="line.88">            ServletRequest request = WebUtils.getRequest(context);</a>
 <span class="sourceLineNo">089</span><a id="line.89">            if (request != null) {</a>
 <span class="sourceLineNo">090</span><a id="line.90">                host = request.getRemoteHost();</a>
 <span class="sourceLineNo">091</span><a id="line.91">            }</a>
 <span class="sourceLineNo">092</span><a id="line.92">        }</a>
 <span class="sourceLineNo">093</span><a id="line.93">        return host;</a>
 <span class="sourceLineNo">094</span><a id="line.94"></a>
 <span class="sourceLineNo">095</span><a id="line.95">    }</a>
 <span class="sourceLineNo">096</span><a id="line.96"></a>
 <span class="sourceLineNo">097</span><a id="line.97">    /**</a>
 <span class="sourceLineNo">098</span><a id="line.98">     * @since 1.0</a>
 <span class="sourceLineNo">099</span><a id="line.99">     */</a>
 <span class="sourceLineNo">100</span><a id="line.100">    protected Session createSession(SessionContext sessionContext) throws AuthorizationException {</a>
 <span class="sourceLineNo">101</span><a id="line.101">        if (!WebUtils.isHttp(sessionContext)) {</a>
 <span class="sourceLineNo">102</span><a id="line.102">            String msg = "SessionContext must be an HTTP compatible implementation.";</a>
 <span class="sourceLineNo">103</span><a id="line.103">            throw new IllegalArgumentException(msg);</a>
 <span class="sourceLineNo">104</span><a id="line.104">        }</a>
 <span class="sourceLineNo">105</span><a id="line.105"></a>
 <span class="sourceLineNo">106</span><a id="line.106">        HttpServletRequest request = WebUtils.getHttpRequest(sessionContext);</a>
 <span class="sourceLineNo">107</span><a id="line.107"></a>
 <span class="sourceLineNo">108</span><a id="line.108">        HttpSession httpSession = request.getSession();</a>
 <span class="sourceLineNo">109</span><a id="line.109"></a>
 <span class="sourceLineNo">110</span><a id="line.110">        //SHIRO-240: DO NOT use the 'globalSessionTimeout' value here on the acquired session.</a>
 <span class="sourceLineNo">111</span><a id="line.111">        //see: https://issues.apache.org/jira/browse/SHIRO-240</a>
 <span class="sourceLineNo">112</span><a id="line.112"></a>
 <span class="sourceLineNo">113</span><a id="line.113">        String host = getHost(sessionContext);</a>
 <span class="sourceLineNo">114</span><a id="line.114"></a>
 <span class="sourceLineNo">115</span><a id="line.115">        return createSession(httpSession, host);</a>
 <span class="sourceLineNo">116</span><a id="line.116">    }</a>
 <span class="sourceLineNo">117</span><a id="line.117"></a>
 <span class="sourceLineNo">118</span><a id="line.118">    protected Session createSession(HttpSession httpSession, String host) {</a>
 <span class="sourceLineNo">119</span><a id="line.119">        return new HttpServletSession(httpSession, host);</a>
 <span class="sourceLineNo">120</span><a id="line.120">    }</a>
 <span class="sourceLineNo">121</span><a id="line.121"></a>
 <span class="sourceLineNo">122</span><a id="line.122">    /**</a>
 <span class="sourceLineNo">123</span><a id="line.123">     * This implementation always delegates to the servlet container for sessions, so this method returns</a>
 <span class="sourceLineNo">124</span><a id="line.124">     * {@code true} always.</a>
 <span class="sourceLineNo">125</span><a id="line.125">     *</a>
 <span class="sourceLineNo">126</span><a id="line.126">     * @return {@code true} always</a>
 <span class="sourceLineNo">127</span><a id="line.127">     * @since 1.2</a>
 <span class="sourceLineNo">128</span><a id="line.128">     */</a>
 <span class="sourceLineNo">129</span><a id="line.129">        public boolean isServletContainerSessions() {</a>
 <span class="sourceLineNo">130</span><a id="line.130">                return true;</a>
 <span class="sourceLineNo">131</span><a id="line.131">        }</a>
 <span class="sourceLineNo">132</span><a id="line.132">}</a>


 </pre>
 </div>
 </main>
 </body>
 </html>
	<!DOCTYPE HTML>
	<html lang="fr">
	<head>
	<title>Source code</title>
	<link rel="stylesheet" type="text/css" href="../../../../../../../stylesheet.css" title="Style">
	</head>
	<body>
	<main role="main">
	<div class="sourceContainer">
	<pre><span class="sourceLineNo">001</span><a id="line.1">/*</a>
	<span class="sourceLineNo">002</span><a id="line.2"> * Licensed to the Apache Software Foundation (ASF) under one</a>
	<span class="sourceLineNo">003</span><a id="line.3"> * or more contributor license agreements. See the NOTICE file</a>
	<span class="sourceLineNo">004</span><a id="line.4"> * distributed with this work for additional information</a>
	<span class="sourceLineNo">005</span><a id="line.5"> * regarding copyright ownership. The ASF licenses this file</a>
	<span class="sourceLineNo">006</span><a id="line.6"> * to you under the Apache License, Version 2.0 (the</a>
	<span class="sourceLineNo">007</span><a id="line.7"> * "License"); you may not use this file except in compliance</a>
	<span class="sourceLineNo">008</span><a id="line.8"> * with the License. You may obtain a copy of the License at</a>
	<span class="sourceLineNo">009</span><a id="line.9"> *</a>
	<span class="sourceLineNo">010</span><a id="line.10"> * http://www.apache.org/licenses/LICENSE-2.0</a>
	<span class="sourceLineNo">011</span><a id="line.11"> *</a>
	<span class="sourceLineNo">012</span><a id="line.12"> * Unless required by applicable law or agreed to in writing,</a>
	<span class="sourceLineNo">013</span><a id="line.13"> * software distributed under the License is distributed on an</a>
	<span class="sourceLineNo">014</span><a id="line.14"> * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY</a>
	<span class="sourceLineNo">015</span><a id="line.15"> * KIND, either express or implied. See the License for the</a>
	<span class="sourceLineNo">016</span><a id="line.16"> * specific language governing permissions and limitations</a>
	<span class="sourceLineNo">017</span><a id="line.17"> * under the License.</a>
	<span class="sourceLineNo">018</span><a id="line.18"> */</a>
	<span class="sourceLineNo">019</span><a id="line.19">package org.apache.shiro.web.session.mgt;</a>
	<span class="sourceLineNo">020</span><a id="line.20"></a>
	<span class="sourceLineNo">021</span><a id="line.21">import org.apache.shiro.authz.AuthorizationException;</a>
	<span class="sourceLineNo">022</span><a id="line.22">import org.apache.shiro.session.Session;</a>
	<span class="sourceLineNo">023</span><a id="line.23">import org.apache.shiro.session.SessionException;</a>
	<span class="sourceLineNo">024</span><a id="line.24">import org.apache.shiro.session.mgt.SessionContext;</a>
	<span class="sourceLineNo">025</span><a id="line.25">import org.apache.shiro.session.mgt.SessionKey;</a>
	<span class="sourceLineNo">026</span><a id="line.26">import org.apache.shiro.web.session.HttpServletSession;</a>
	<span class="sourceLineNo">027</span><a id="line.27">import org.apache.shiro.web.util.WebUtils;</a>
	<span class="sourceLineNo">028</span><a id="line.28"></a>
	<span class="sourceLineNo">029</span><a id="line.29">import javax.servlet.ServletRequest;</a>
	<span class="sourceLineNo">030</span><a id="line.30">import javax.servlet.http.HttpServletRequest;</a>
	<span class="sourceLineNo">031</span><a id="line.31">import javax.servlet.http.HttpSession;</a>
	<span class="sourceLineNo">032</span><a id="line.32"></a>
	<span class="sourceLineNo">033</span><a id="line.33"></a>
	<span class="sourceLineNo">034</span><a id="line.34">/**</a>
	<span class="sourceLineNo">035</span><a id="line.35"> * SessionManager implementation providing {@link Session} implementations that are merely wrappers for the</a>
	<span class="sourceLineNo">036</span><a id="line.36"> * Servlet container's {@link HttpSession}.</a>
	<span class="sourceLineNo">037</span><a id="line.37"> * <p/></a>
	<span class="sourceLineNo">038</span><a id="line.38"> * Despite its name, this implementation <em>does not</em> itself manage Sessions since the Servlet container</a>
	<span class="sourceLineNo">039</span><a id="line.39"> * provides the actual management support. This class mainly exists to 'impersonate' a regular Shiro</a>
	<span class="sourceLineNo">040</span><a id="line.40"> * {@code SessionManager} so it can be pluggable into a normal Shiro configuration in a pure web application.</a>
	<span class="sourceLineNo">041</span><a id="line.41"> * <p/></a>
	<span class="sourceLineNo">042</span><a id="line.42"> * Note that because this implementation relies on the {@link HttpSession HttpSession}, it is only functional in a</a>
	<span class="sourceLineNo">043</span><a id="line.43"> * servlet container - it is not capable of supporting Sessions for any clients other than those using the HTTP</a>
	<span class="sourceLineNo">044</span><a id="line.44"> * protocol.</a>
	<span class="sourceLineNo">045</span><a id="line.45"> * <p/></a>
	<span class="sourceLineNo">046</span><a id="line.46"> * Therefore, if you need {@code Session} support for heterogeneous clients (e.g. web browsers,</a>
	<span class="sourceLineNo">047</span><a id="line.47"> * RMI clients, etc), use the {@link DefaultWebSessionManager DefaultWebSessionManager}</a>
	<span class="sourceLineNo">048</span><a id="line.48"> * instead. The {@code DefaultWebSessionManager} supports both traditional web-based access as well as non web-based</a>
	<span class="sourceLineNo">049</span><a id="line.49"> * clients.</a>
	<span class="sourceLineNo">050</span><a id="line.50"> *</a>
	<span class="sourceLineNo">051</span><a id="line.51"> * @since 0.9</a>
	<span class="sourceLineNo">052</span><a id="line.52"> * @see DefaultWebSessionManager</a>
	<span class="sourceLineNo">053</span><a id="line.53"> */</a>
	<span class="sourceLineNo">054</span><a id="line.54">public class ServletContainerSessionManager implements WebSessionManager {</a>
	<span class="sourceLineNo">055</span><a id="line.55"></a>
	<span class="sourceLineNo">056</span><a id="line.56"> //TODO - complete JavaDoc</a>
	<span class="sourceLineNo">057</span><a id="line.57"></a>
	<span class="sourceLineNo">058</span><a id="line.58"> //TODO - read session timeout value from web.xml</a>
	<span class="sourceLineNo">059</span><a id="line.59"></a>
	<span class="sourceLineNo">060</span><a id="line.60"> public ServletContainerSessionManager() {</a>
	<span class="sourceLineNo">061</span><a id="line.61"> }</a>
	<span class="sourceLineNo">062</span><a id="line.62"></a>
	<span class="sourceLineNo">063</span><a id="line.63"> public Session start(SessionContext context) throws AuthorizationException {</a>
	<span class="sourceLineNo">064</span><a id="line.64"> return createSession(context);</a>
	<span class="sourceLineNo">065</span><a id="line.65"> }</a>
	<span class="sourceLineNo">066</span><a id="line.66"></a>
	<span class="sourceLineNo">067</span><a id="line.67"> public Session getSession(SessionKey key) throws SessionException {</a>
	<span class="sourceLineNo">068</span><a id="line.68"> if (!WebUtils.isHttp(key)) {</a>
	<span class="sourceLineNo">069</span><a id="line.69"> String msg = "SessionKey must be an HTTP compatible implementation.";</a>
	<span class="sourceLineNo">070</span><a id="line.70"> throw new IllegalArgumentException(msg);</a>
	<span class="sourceLineNo">071</span><a id="line.71"> }</a>
	<span class="sourceLineNo">072</span><a id="line.72"></a>
	<span class="sourceLineNo">073</span><a id="line.73"> HttpServletRequest request = WebUtils.getHttpRequest(key);</a>
	<span class="sourceLineNo">074</span><a id="line.74"></a>
	<span class="sourceLineNo">075</span><a id="line.75"> Session session = null;</a>
	<span class="sourceLineNo">076</span><a id="line.76"></a>
	<span class="sourceLineNo">077</span><a id="line.77"> HttpSession httpSession = request.getSession(false);</a>
	<span class="sourceLineNo">078</span><a id="line.78"> if (httpSession != null) {</a>
	<span class="sourceLineNo">079</span><a id="line.79"> session = createSession(httpSession, request.getRemoteHost());</a>
	<span class="sourceLineNo">080</span><a id="line.80"> }</a>
	<span class="sourceLineNo">081</span><a id="line.81"></a>
	<span class="sourceLineNo">082</span><a id="line.82"> return session;</a>
	<span class="sourceLineNo">083</span><a id="line.83"> }</a>
	<span class="sourceLineNo">084</span><a id="line.84"></a>
	<span class="sourceLineNo">085</span><a id="line.85"> private String getHost(SessionContext context) {</a>
	<span class="sourceLineNo">086</span><a id="line.86"> String host = context.getHost();</a>
	<span class="sourceLineNo">087</span><a id="line.87"> if (host == null) {</a>
	<span class="sourceLineNo">088</span><a id="line.88"> ServletRequest request = WebUtils.getRequest(context);</a>
	<span class="sourceLineNo">089</span><a id="line.89"> if (request != null) {</a>
	<span class="sourceLineNo">090</span><a id="line.90"> host = request.getRemoteHost();</a>
	<span class="sourceLineNo">091</span><a id="line.91"> }</a>
	<span class="sourceLineNo">092</span><a id="line.92"> }</a>
	<span class="sourceLineNo">093</span><a id="line.93"> return host;</a>
	<span class="sourceLineNo">094</span><a id="line.94"></a>
	<span class="sourceLineNo">095</span><a id="line.95"> }</a>
	<span class="sourceLineNo">096</span><a id="line.96"></a>
	<span class="sourceLineNo">097</span><a id="line.97"> /**</a>
	<span class="sourceLineNo">098</span><a id="line.98"> * @since 1.0</a>
	<span class="sourceLineNo">099</span><a id="line.99"> */</a>
	<span class="sourceLineNo">100</span><a id="line.100"> protected Session createSession(SessionContext sessionContext) throws AuthorizationException {</a>
	<span class="sourceLineNo">101</span><a id="line.101"> if (!WebUtils.isHttp(sessionContext)) {</a>
	<span class="sourceLineNo">102</span><a id="line.102"> String msg = "SessionContext must be an HTTP compatible implementation.";</a>
	<span class="sourceLineNo">103</span><a id="line.103"> throw new IllegalArgumentException(msg);</a>
	<span class="sourceLineNo">104</span><a id="line.104"> }</a>
	<span class="sourceLineNo">105</span><a id="line.105"></a>
	<span class="sourceLineNo">106</span><a id="line.106"> HttpServletRequest request = WebUtils.getHttpRequest(sessionContext);</a>
	<span class="sourceLineNo">107</span><a id="line.107"></a>
	<span class="sourceLineNo">108</span><a id="line.108"> HttpSession httpSession = request.getSession();</a>
	<span class="sourceLineNo">109</span><a id="line.109"></a>
	<span class="sourceLineNo">110</span><a id="line.110"> //SHIRO-240: DO NOT use the 'globalSessionTimeout' value here on the acquired session.</a>
	<span class="sourceLineNo">111</span><a id="line.111"> //see: https://issues.apache.org/jira/browse/SHIRO-240</a>
	<span class="sourceLineNo">112</span><a id="line.112"></a>
	<span class="sourceLineNo">113</span><a id="line.113"> String host = getHost(sessionContext);</a>
	<span class="sourceLineNo">114</span><a id="line.114"></a>
	<span class="sourceLineNo">115</span><a id="line.115"> return createSession(httpSession, host);</a>
	<span class="sourceLineNo">116</span><a id="line.116"> }</a>
	<span class="sourceLineNo">117</span><a id="line.117"></a>
	<span class="sourceLineNo">118</span><a id="line.118"> protected Session createSession(HttpSession httpSession, String host) {</a>
	<span class="sourceLineNo">119</span><a id="line.119"> return new HttpServletSession(httpSession, host);</a>
	<span class="sourceLineNo">120</span><a id="line.120"> }</a>
	<span class="sourceLineNo">121</span><a id="line.121"></a>
	<span class="sourceLineNo">122</span><a id="line.122"> /**</a>
	<span class="sourceLineNo">123</span><a id="line.123"> * This implementation always delegates to the servlet container for sessions, so this method returns</a>
	<span class="sourceLineNo">124</span><a id="line.124"> * {@code true} always.</a>
	<span class="sourceLineNo">125</span><a id="line.125"> *</a>
	<span class="sourceLineNo">126</span><a id="line.126"> * @return {@code true} always</a>
	<span class="sourceLineNo">127</span><a id="line.127"> * @since 1.2</a>
	<span class="sourceLineNo">128</span><a id="line.128"> */</a>
	<span class="sourceLineNo">129</span><a id="line.129"> public boolean isServletContainerSessions() {</a>
	<span class="sourceLineNo">130</span><a id="line.130"> return true;</a>
	<span class="sourceLineNo">131</span><a id="line.131"> }</a>
	<span class="sourceLineNo">132</span><a id="line.132">}</a>




























































	</pre>
	</div>
	</main>
	</body>
	</html>