1, session of the introduction about the session
Session: From starting a session to closing the session as a conversation, a package that interacts with the client and server side, with timeliness
Generation of sessions:
Typically generated from a container.
Web container:web containers, such as Tomcat, implement the session, which can produce a session
EJB Stateful Session Beans: less use
Application of the session:
Mobile
Web
Distributed clusters
Shiro Session
Based on Pojo
You can customize the way the session is stored, save to memory, file, database can
Container-independent clusters
Client Access Diversification
Event Monitoring
Host address memory, you can know by which host created
The web uses transparency, does not need to care about how the session is created, just need to know how to use
SSO-enabled, single sign-on
Use session
Subject CurrentUser == currentuser.getsession (true); Session.setattribute ("Somekey", Somvalue);
Subject.getsession (flag)
If subject has a session, return to session directly
If the subject does not exist session,flag=true, a new ssssion is created and returned
Returns null if subject does not exist Session,flag=false
Session in a servlet like
Support for all applications, but not limited to Web applications
2, SessionManager
Defaultsessionmanager: Default implementation
Duration of Session timeout:session
Session Listeners: Event-oriented, implementation of Sessionlistener interface
Save form of Session Storage:session
Sessiondao Interface Abstraction
In-memory-only: Default, save session with memory
EHCache Sessiondao: Using Disk to save session implementation
Use of EhCache Sessiondao
Configure Ehcache.xml
Session Cache Name
Session IDs
Sessionidgenerator components: for generating SessionID
Javauuidsessionidgenerator: Default implementation, using Java's UUID
Custom
Session Validation
Determine if the session expires
Lazy Validation: Judging when using
Session orphan (Orphan): When using lazy, some sessions expire, and still exist for a long time.
Sessionvalidationscheduler
Delete Session orphans regularly
Executorservicesessionvalidationscheduler: Default implementation
Custom Sessionvalidationscheduler
Close Session Validation
Close Session Delete function
3. Session Cluster
Cluster to implement session
Shiro supports distributed caching
Web Container Environment
Native environment
Based on Pojo multilayer architecture
Support for Cluster Sessiondao
The Transparent SessionManager
Supports integration of multiple distributed cache servers
Enterprisecachesessiondao
Activesessionscache
Third-party integration
Ehcache+terracotta
Zookeeper
4. session and User status
Stateful applications
Shiro use session to save authentication status by default
Get user status through SessionID
Non-stateful applications
Custom Blending Scenarios
Sessionstorageevaluator
"Shiro" VI, Apache Shiro Session Management