Package com.iplanet.dpro.session.service

Class AuthenticationSessionStore

  • @Singleton
public class AuthenticationSessionStore
extends Object
    Stores sessions used for authentication which must not yet be written to the store. This comprises both sessions which shouldn't be written to the store (e.g. stateless, authentication), as well as sessions which have yet to be added to the store. Authentication sessions will be stored for the duration of their InternalSession.getTimeLeft() value, after which they will be removed from this store.

    • Constructor Detail

      • AuthenticationSessionStore

        @Inject
public AuthenticationSessionStore​(SessionAccessManager sessionAccessManager)

    • Method Detail

      • getSession

        public InternalSession getSession​(SessionID sessionID)
        Lookup the Session based on its Session ID. Side effect: Calling this method will cull any expired Sessions from this store.
        Parameters:
        sessionID - Looks up the InternalSession by its SessionID.
        Returns:
        Null if no Session was found otherwise a non null Session.

      • promoteSession

        public void promoteSession​(SessionID sessionID)
        Moves the specified session out of this store and into the persistent store.
        Parameters:
        sessionID - Non null sessionID for the session to be promoted.
        Throws:
        IllegalStateException - if session not found in the store.

      • removeSession

        public InternalSession removeSession​(SessionID sessionID)
        There are cases where an authentication session is created but never used. In these cases we should remove it from the store.
        Parameters:
        sessionID - Non null SessionID to remove from the store.
        Returns:
        The InternalSession that was removed.
        Throws:
        IllegalStateException - If the session was not found in the store.