shiro-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From lhazlew...@apache.org
Subject svn commit: r776483 - in /incubator/jsecurity/trunk/core/src/main/java/org/apache/ki/session/mgt: ./ eis/
Date Tue, 19 May 2009 21:46:52 GMT
Author: lhazlewood
Date: Tue May 19 21:46:51 2009
New Revision: 776483

URL: http://svn.apache.org/viewvc?rev=776483&view=rev
Log:
Added SessionFactory for OO delegation instead of requiring to subclass the SessionManager
implementation.  Also added some JavaDoc

Added:
    incubator/jsecurity/trunk/core/src/main/java/org/apache/ki/session/mgt/SessionFactory.java
    incubator/jsecurity/trunk/core/src/main/java/org/apache/ki/session/mgt/SimpleSessionFactory.java
Modified:
    incubator/jsecurity/trunk/core/src/main/java/org/apache/ki/session/mgt/AbstractSessionManager.java
    incubator/jsecurity/trunk/core/src/main/java/org/apache/ki/session/mgt/DefaultSessionManager.java
    incubator/jsecurity/trunk/core/src/main/java/org/apache/ki/session/mgt/LocalSessionManager.java
    incubator/jsecurity/trunk/core/src/main/java/org/apache/ki/session/mgt/SimpleSession.java
    incubator/jsecurity/trunk/core/src/main/java/org/apache/ki/session/mgt/eis/SessionDAO.java

Modified: incubator/jsecurity/trunk/core/src/main/java/org/apache/ki/session/mgt/AbstractSessionManager.java
URL: http://svn.apache.org/viewvc/incubator/jsecurity/trunk/core/src/main/java/org/apache/ki/session/mgt/AbstractSessionManager.java?rev=776483&r1=776482&r2=776483&view=diff
==============================================================================
--- incubator/jsecurity/trunk/core/src/main/java/org/apache/ki/session/mgt/AbstractSessionManager.java
(original)
+++ incubator/jsecurity/trunk/core/src/main/java/org/apache/ki/session/mgt/AbstractSessionManager.java
Tue May 19 21:46:51 2009
@@ -18,22 +18,17 @@
  */
 package org.apache.ki.session.mgt;
 
+import org.apache.ki.authz.HostUnauthorizedException;
+import org.apache.ki.session.*;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
 import java.io.Serializable;
 import java.net.InetAddress;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.Date;
 
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import org.apache.ki.authz.HostUnauthorizedException;
-import org.apache.ki.session.InvalidSessionException;
-import org.apache.ki.session.Session;
-import org.apache.ki.session.SessionListener;
-import org.apache.ki.session.SessionListenerRegistrar;
-import org.apache.ki.session.UnknownSessionException;
-
 
 /**
  * TODO - complete JavaDoc
@@ -55,7 +50,6 @@
     private long globalSessionTimeout = DEFAULT_GLOBAL_SESSION_TIMEOUT;
     private Collection<SessionListener> listeners = new ArrayList<SessionListener>();
 
-
     public AbstractSessionManager() {
     }
 
@@ -270,5 +264,18 @@
 
     protected abstract Session doGetSession(Serializable sessionId) throws InvalidSessionException;
 
+    /**
+     * Creates a new {@code Session Session} instance based on the specified (possibly {@code
null}) originating host.
+     * Implementing classes must manage the persistent state of this session such that it
could be acquired
+     * via the {@link #getSession(java.io.Serializable)} method.
+     *
+     * @param originatingHost the originating host InetAddress of the external party
+     *                        (user, 3rd party product, etc) that is attempting to initiate
the session, or
+     *                        {@code null} if not known.
+     * @return a new {@code Session} instance.
+     * @throws HostUnauthorizedException if the specified host is not allowed to initiate
a new session.
+     * @throws IllegalArgumentException  if the argiment is invalid, for example, if the
underlying implementation
+     *                                   requires non-{@code null} values and the argument
is {@code null}.
+     */
     protected abstract Session createSession(InetAddress originatingHost) throws HostUnauthorizedException,
IllegalArgumentException;
 }

Modified: incubator/jsecurity/trunk/core/src/main/java/org/apache/ki/session/mgt/DefaultSessionManager.java
URL: http://svn.apache.org/viewvc/incubator/jsecurity/trunk/core/src/main/java/org/apache/ki/session/mgt/DefaultSessionManager.java?rev=776483&r1=776482&r2=776483&view=diff
==============================================================================
--- incubator/jsecurity/trunk/core/src/main/java/org/apache/ki/session/mgt/DefaultSessionManager.java
(original)
+++ incubator/jsecurity/trunk/core/src/main/java/org/apache/ki/session/mgt/DefaultSessionManager.java
Tue May 19 21:46:51 2009
@@ -47,9 +47,12 @@
 
     private static final Logger log = LoggerFactory.getLogger(DefaultSessionManager.class);
 
+    private SessionFactory sessionFactory;
+
     protected SessionDAO sessionDAO;
 
     public DefaultSessionManager() {
+        this.sessionFactory = new SimpleSessionFactory();
         this.sessionDAO = new MemorySessionDAO();
     }
 
@@ -61,6 +64,28 @@
         return this.sessionDAO;
     }
 
+    /**
+     * Returns the {@code SessionFactory} used to generate new {@link Session} instances.
 The default instance
+     * is a {@link SimpleSessionFactory}.
+     *
+     * @return the {@code SessionFactory} used to generate new {@link Session} instances.
+     * @since 1.0
+     */
+    public SessionFactory getSessionFactory() {
+        return sessionFactory;
+    }
+
+    /**
+     * Sets the {@code SessionFactory} used to generate new {@link Session} instances.  The
default instance
+     * is a {@link SimpleSessionFactory}.
+     *
+     * @param sessionFactory the {@code SessionFactory} used to generate new {@link Session}
instances.
+     * @since 1.0
+     */
+    public void setSessionFactory(SessionFactory sessionFactory) {
+        this.sessionFactory = sessionFactory;
+    }
+
     public void setCacheManager(CacheManager cacheManager) {
         if (this.sessionDAO instanceof CacheManagerAware) {
             ((CacheManagerAware) this.sessionDAO).setCacheManager(cacheManager);
@@ -77,9 +102,31 @@
     }
 
     protected Session newSessionInstance(InetAddress inetAddress) {
-        return new SimpleSession(inetAddress);
+        return createSessionFromFactory(inetAddress);
     }
 
+    /**
+     * Creates a {@link Session} using the {@link #setSessionFactory(SessionFactory) configured}
{@code SessionFactory}
+     * instance.
+     *
+     * @param originatingHost the originating host InetAddress of the external party
+     *                        (user, 3rd party product, etc) that is attempting to initiate
the session, or
+     *                        {@code null} if not known.
+     * @return an new {@code Session} instance.
+     * @since 1.0
+     */
+    protected Session createSessionFromFactory(InetAddress originatingHost) {
+        SessionFactory factory = getSessionFactory();
+        return factory.createSession(originatingHost);
+    }
+
+    /**
+     * Persists the given session instance to an underlying EIS (Enterprise Information System).
 This implementation
+     * delegates and calls
+     * <code>this.{@link SessionDAO sessionDAO}.{@link SessionDAO#create(org.apache.ki.session.Session)
create}(session);<code>
+     *
+     * @param session
+     */
     protected void create(Session session) {
         if (log.isDebugEnabled()) {
             log.debug("Creating new EIS record for new session instance [" + session + "]");
@@ -89,7 +136,7 @@
 
     protected void onStop(Session session) {
         if (session instanceof SimpleSession) {
-            SimpleSession ss = (SimpleSession)session;
+            SimpleSession ss = (SimpleSession) session;
             Date stopTs = ss.getStopTimestamp();
             ss.setLastAccessTime(stopTs);
         }

Modified: incubator/jsecurity/trunk/core/src/main/java/org/apache/ki/session/mgt/LocalSessionManager.java
URL: http://svn.apache.org/viewvc/incubator/jsecurity/trunk/core/src/main/java/org/apache/ki/session/mgt/LocalSessionManager.java?rev=776483&r1=776482&r2=776483&view=diff
==============================================================================
--- incubator/jsecurity/trunk/core/src/main/java/org/apache/ki/session/mgt/LocalSessionManager.java
(original)
+++ incubator/jsecurity/trunk/core/src/main/java/org/apache/ki/session/mgt/LocalSessionManager.java
Tue May 19 21:46:51 2009
@@ -1,3 +1,21 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
 package org.apache.ki.session.mgt;
 
 import org.apache.ki.session.Session;

Added: incubator/jsecurity/trunk/core/src/main/java/org/apache/ki/session/mgt/SessionFactory.java
URL: http://svn.apache.org/viewvc/incubator/jsecurity/trunk/core/src/main/java/org/apache/ki/session/mgt/SessionFactory.java?rev=776483&view=auto
==============================================================================
--- incubator/jsecurity/trunk/core/src/main/java/org/apache/ki/session/mgt/SessionFactory.java
(added)
+++ incubator/jsecurity/trunk/core/src/main/java/org/apache/ki/session/mgt/SessionFactory.java
Tue May 19 21:46:51 2009
@@ -0,0 +1,45 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.ki.session.mgt;
+
+import org.apache.ki.session.Session;
+
+import java.net.InetAddress;
+
+/**
+ * A simple factory class that instantiates concrete {@link Session Session} instances. 
This is mainly an
+ * SPI mechanism to allow different concrete instances to be created at runtime if they need
to be different the
+ * defaults.  It is typically not used by end-users of the framework.
+ *
+ * @author Les Hazlewood
+ * @since 1.0
+ */
+public interface SessionFactory {
+
+    /**
+     * Creates a new {@code Session} for the party with the given {@code originatinHost}.
 The host argument may be
+     * {@code null} if unknown to the system.
+     *
+     * @param originatingHost the originating host InetAddress of the external party
+     *                        (user, 3rd party product, etc) that is attempting to initiate
the session, or
+     *                        {@code null} if not known.
+     * @return an new {@code Session} instance.
+     */
+    Session createSession(InetAddress originatingHost);
+}

Modified: incubator/jsecurity/trunk/core/src/main/java/org/apache/ki/session/mgt/SimpleSession.java
URL: http://svn.apache.org/viewvc/incubator/jsecurity/trunk/core/src/main/java/org/apache/ki/session/mgt/SimpleSession.java?rev=776483&r1=776482&r2=776483&view=diff
==============================================================================
--- incubator/jsecurity/trunk/core/src/main/java/org/apache/ki/session/mgt/SimpleSession.java
(original)
+++ incubator/jsecurity/trunk/core/src/main/java/org/apache/ki/session/mgt/SimpleSession.java
Tue May 19 21:46:51 2009
@@ -156,12 +156,10 @@
     }
 
     public Map<Object, Object> getAttributes() {
-        touch();
         return attributes;
     }
 
     public void setAttributes(Map<Object, Object> attributes) {
-        touch();
         this.attributes = attributes;
     }
 

Added: incubator/jsecurity/trunk/core/src/main/java/org/apache/ki/session/mgt/SimpleSessionFactory.java
URL: http://svn.apache.org/viewvc/incubator/jsecurity/trunk/core/src/main/java/org/apache/ki/session/mgt/SimpleSessionFactory.java?rev=776483&view=auto
==============================================================================
--- incubator/jsecurity/trunk/core/src/main/java/org/apache/ki/session/mgt/SimpleSessionFactory.java
(added)
+++ incubator/jsecurity/trunk/core/src/main/java/org/apache/ki/session/mgt/SimpleSessionFactory.java
Tue May 19 21:46:51 2009
@@ -0,0 +1,45 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.ki.session.mgt;
+
+import org.apache.ki.session.Session;
+
+import java.net.InetAddress;
+
+/**
+ * {@code SessionFactory} implementation that generates {@link SimpleSession} instances.
+ *
+ * @author Les Hazlewood
+ * @since 1.0
+ */
+public class SimpleSessionFactory implements SessionFactory {
+
+    /**
+     * This default implementation merely returns
+     * <pre>new {@link SimpleSession#SimpleSession(java.net.InetAddress) SimpleSession}({@link
InetAddress originatingHost});</pre>
+     *
+     * @param originatingHost the originating host InetAddress of the external party
+     *                        (user, 3rd party product, etc) that is attempting to initiate
the session, or
+     *                        {@code null} if not known.
+     * @return a new session instance.
+     */
+    public Session createSession(InetAddress originatingHost) {
+        return new SimpleSession(originatingHost);
+    }
+}

Modified: incubator/jsecurity/trunk/core/src/main/java/org/apache/ki/session/mgt/eis/SessionDAO.java
URL: http://svn.apache.org/viewvc/incubator/jsecurity/trunk/core/src/main/java/org/apache/ki/session/mgt/eis/SessionDAO.java?rev=776483&r1=776482&r2=776483&view=diff
==============================================================================
--- incubator/jsecurity/trunk/core/src/main/java/org/apache/ki/session/mgt/eis/SessionDAO.java
(original)
+++ incubator/jsecurity/trunk/core/src/main/java/org/apache/ki/session/mgt/eis/SessionDAO.java
Tue May 19 21:46:51 2009
@@ -18,16 +18,24 @@
  */
 package org.apache.ki.session.mgt.eis;
 
-import java.io.Serializable;
-import java.util.Collection;
-
 import org.apache.ki.session.Session;
 import org.apache.ki.session.UnknownSessionException;
 
+import java.io.Serializable;
+import java.util.Collection;
+
 
 /**
  * Data Access Object design pattern specification to enable {@link Session} access to an
- * EIS (Enterprise Information System).
+ * EIS (Enterprise Information System).  It provides your four typical CRUD methods:
+ * {@link #create}, {@link #readSession(java.io.Serializable)}, {@link #update(org.apache.ki.session.Session)},
+ * and {@link #delete(org.apache.ki.session.Session)}.
+ * <p/>
+ * The remaining {@link #getActiveSessions()} method exists as a support mechanism to pre-emptively
orphaned sessions,
+ * typically by {@link org.apache.ki.session.mgt.ValidatingSessionManager ValidatingSessionManager}s),
and should
+ * be as performant as possible, especially if there are thousands of active sessions.  Large
scale/high performance
+ * implementations will often return a subset of the total active sessions and perform validation
a little more
+ * frequently, rather than return a massive set and infrequently validate.
  *
  * @author Les Hazlewood
  * @since 0.1
@@ -44,8 +52,8 @@
      * <p/>
      * <code>Serializable id = create( session );<br/>
      * id.equals( session.getId() ) == true</code>
-     *
-     * <p>Implementations are free to throw any exceptions that might occur due to
+     * <p/>
+     * Implementations are free to throw any exceptions that might occur due to
      * integrity violation constraints or other EIS related errors.
      *
      * @param session the {@link org.apache.ki.session.Session} object to create in the EIS.
@@ -69,14 +77,15 @@
      * Updates (persists) data from a previously created Session instance in the EIS identified
by
      * <tt>{@link Session#getId() session.getId()}</tt>.  This effectively propagates
      * the data in the argument to the EIS record previously saved.
-     *
-     * <p>Aside from the UnknownSessionException, implementations are free to throw
any other
+     * <p/>
+     * In addition to UnknownSessionException, implementations are free to throw any other
      * exceptions that might occur due to integrity violation constraints or other EIS related
      * errors.
      *
      * @param session the Session to update
-     * @throws org.apache.ki.session.UnknownSessionException if no existing EIS session record
exists with the
-     *                                 identifier of {@link Session#getId() session.getSessionId()}
+     * @throws org.apache.ki.session.UnknownSessionException
+     *          if no existing EIS session record exists with the
+     *          identifier of {@link Session#getId() session.getSessionId()}
      */
     void update(Session session) throws UnknownSessionException;
 
@@ -92,9 +101,25 @@
     /**
      * Returns all sessions in the EIS that are considered active, meaning all sessions that
      * haven't been stopped/expired.  This is primarily used to validate potential orphans.
-     *
-     * If there are no active sessions in the EIS, this method may return an empty collection
-     * or <tt>null</tt>.
+     * <p/>
+     * If there are no active sessions in the EIS, this method may return an empty collection
or {@code null}.
+     * <h4>Performance</h4>
+     * This method should be as performant as possible, especially in larger systems where
there might be
+     * thousands of active sessions, especially if there are thousands of active sessions.
 Large scale/high performance
+     * implementations will often return a subset of the total active sessions and perform
validation a little more
+     * frequently, rather than return a massive set and validate infrequently.  If performant
and possible, it would
+     * make sense to return the oldest unstopped sessions available, ordered by
+     * {@link org.apache.ki.session.Session#getLastAccessTime() lastAccessTime}.
+     * <h4>Smart Results</h4>
+     * <em>Ideally</em> this method would only return active sessions that the
EIS was certain should be invalided.
+     * Typically that is any session that is not stopped and whos lastAccessTimestamp is
older than the session timeout.
+     * <p/>
+     * For example, if sessions were backed by a relational database or SQL-92 'queryable'
enterprise cache, you might
+     * return something similar to the results returned by this query (assuming
+     * {@link org.apache.ki.session.mgt.SimpleSession SimpleSession}s were being stored):
+     * <pre>select * from sessions s where s.lastAccessTimestamp < ? and s.stopTimestamp
is null</pre>
+     * where the <code>?</code> parameter is a date instance equal to 'now' minus
the session timeout
+     * (e.g. now - 30 minutes).
      *
      * @return a Collection of <tt>Session</tt>s that are considered active,
or an
      *         empty collection or <tt>null</tt> if there are no active sessions.



Mime
View raw message