Class SessionInformation

All Implemented Interfaces:
Direct Known Subclasses:

public class SessionInformation extends Object implements Serializable
Represents a record of a session within the Spring Security framework.

This is primarily used for concurrent session support.

Sessions have three states: active, expired, and destroyed. A session can that is invalidated by session.invalidate() or via Servlet Container management is considered "destroyed". An "expired" session, on the other hand, is a session that Spring Security wants to end because it was selected for removal for some reason (generally as it was the least recently used session and the maximum sessions for the user were reached). An "expired" session is removed as soon as possible by a Filter.

See Also:
  • Constructor Details

    • SessionInformation

      public SessionInformation(Object principal, String sessionId, Date lastRequest)
  • Method Details

    • expireNow

      public void expireNow()
    • getLastRequest

      public Date getLastRequest()
    • getPrincipal

      public Object getPrincipal()
    • getSessionId

      public String getSessionId()
    • isExpired

      public boolean isExpired()
    • refreshLastRequest

      public void refreshLastRequest()
      Refreshes the internal lastRequest to the current date and time.