Thanks, Les, for so detailed answer!
26.05.2010 20:54, Les Hazlewood пишет:
Because the Servlet API does not have the notion of a global
SessionListener construct as Shiro does, you first have to ensure that
you're using native sessions:
defaultWebSecurityManager.setSessionMode(DefaultWebSecurityManager.NATIVE_SESSION_MODE);
After you've made this call, then you can do the following:
((AbstractNativeSessionManager)defaultWebSecurityManager.getSessionManager()).setSessionListeners(mySessionListenerList);
If it is possible to use the INI config, I highly recommend it as it
will often simplify your config efforts (no need to cast classes,
etc). Here is the above w/ INI config:
[main]
sessionListener1 = com.my.session.listener.Implementation
# as many SessionListeners as you want ...
sessionListenerN = com.my.other.session.listener.Implementation
securityManager.sessionMode = native
securityManager.sessionManager.sessionListeners = $sessionListener1,
..., $sessionListenerN
Also note that INI config does not need to be embedded in web.xml if
you don't want it to be. The IniShiroFilter supports an alternative
'configPath' init-param that allows you to specify any location you
want using classpath:, file: or url: prefixes to point to any of those
respective resource locations.
Cheers,
Les
On Wed, May 26, 2010 at 1:10 AM, Aleksey Didik
<[email protected]> wrote:
Hello all,
I'm tring to find the way to attach some session listeners to my security
manager.
I use Shiro in my web app and use DefaultWebSecurityManager.
But I configure it manually, not with ini in web.xml.
Please, help :)
Best regards,
Aleksey.
