Inserts a new Session record into the underling EIS (e.g. Relational database, file system, persistent cache, etc, depending on the DAO implementation). <p/> After this method is invoked, the {@link hunt.shiro.session.Session#getId()} method executed on the argument must return a valid session identifier. That is, the following should always be true: <pre> Serializable id = create( session ); id.equals( session.getId() ) == true</pre> <p/> Implementations are free to throw any exceptions that might occur due to integrity violation constraints or other EIS related errors.
Returns all sessions in the EIS that are considered active, meaning all sessions that haven't been stopped/expired. This is primarily used to validate potential orphans. <p/> If there are no active sessions in the EIS, this method may return an empty collection or {@code null}. <h4>Performance</h4> This method should be as efficient as possible, especially in larger systems where there might be thousands of active sessions. Large scale/high performance implementations will often return a subset of the total active sessions and perform validation a little more frequently, rather than return a massive set and validate infrequently. If efficient and possible, it would make sense to return the oldest unstopped sessions available, ordered by {@link hunt.shiro.session.Session#getLastAccessTime() lastAccessTime}. <h4>Smart Results</h4> <em>Ideally</em> this method would only return active sessions that the EIS was certain should be invalided. Typically that is any session that is not stopped and where its lastAccessTimestamp is older than the session timeout. <p/> For example, if sessions were backed by a relational database or SQL-92 'query-able' enterprise cache, you might return something similar to the results returned by this query (assuming {@link hunt.shiro.session.mgt.SimpleSession SimpleSession}s were being stored): <pre> select * from sessions s where s.lastAccessTimestamp < ? and s.stopTimestamp is null </pre> where the {@code ?} parameter is a date instance equal to 'now' minus the session timeout (e.g. now - 30 minutes).
Retrieves the session from the EIS uniquely identified by the specified {@code sessionId}.
Deletes the associated EIS record of the specified {@code session}. If there never existed a session EIS record with the identifier of {@link Session#getId() session.getId()}, then this method does nothing.
Updates (persists) data from a previously created Session instance in the EIS identified by {@code {@link Session#getId() session.getId()}}. This effectively propagates the data in the argument to the EIS record previously saved. <p/> In addition to UnknownSessionException, implementations are free to throw any other exceptions that might occur due to integrity violation constraints or other EIS related errors.
Data Access Object design pattern specification to enable {@link Session} access to an EIS (Enterprise Information System). It provides your four typical CRUD methods: {@link #create}, {@link #readSession(java.io.Serializable)}, {@link #update(hunt.shiro.session.Session)}, and {@link #remove(hunt.shiro.session.Session)}. <p/> The remaining {@link #getActiveSessions()} method exists as a support mechanism to pre-emptively orphaned sessions, typically by {@link hunt.shiro.session.mgt.ValidatingSessionManager ValidatingSessionManager}s), and should be as efficient as possible, especially if there are thousands of active sessions. Large scale/high performance implementations will often return a subset of the total active sessions and perform validation a little more frequently, rather than return a massive set and infrequently validate.