public class org.apache.shiro.web.mgt.DefaultWebSecurityManager extends org.apache.shiro.mgt.DefaultSecurityManager implements org.apache.shiro.web.mgt.WebSecurityManager { private static final org.slf4j.Logger log; public static final java.lang.String HTTP_SESSION_MODE; public static final java.lang.String NATIVE_SESSION_MODE; private java.lang.String sessionMode; public void () { org.apache.shiro.mgt.SubjectDAO v; org.apache.shiro.web.mgt.DefaultWebSessionStorageEvaluator v; org.apache.shiro.web.session.mgt.ServletContainerSessionManager v; org.apache.shiro.web.mgt.CookieRememberMeManager v; org.apache.shiro.session.mgt.SessionManager v; org.apache.shiro.web.mgt.DefaultWebSubjectFactory v; org.apache.shiro.web.mgt.DefaultWebSecurityManager v; v := @this: org.apache.shiro.web.mgt.DefaultWebSecurityManager; specialinvoke v.()>(); v = new org.apache.shiro.web.mgt.DefaultWebSessionStorageEvaluator; specialinvoke v.()>(); v = v.; virtualinvoke v.(v); v. = "http"; v = new org.apache.shiro.web.mgt.DefaultWebSubjectFactory; specialinvoke v.()>(); virtualinvoke v.(v); v = new org.apache.shiro.web.mgt.CookieRememberMeManager; specialinvoke v.()>(); virtualinvoke v.(v); v = new org.apache.shiro.web.session.mgt.ServletContainerSessionManager; specialinvoke v.()>(); virtualinvoke v.(v); v = virtualinvoke v.(); virtualinvoke v.(v); return; } public void (org.apache.shiro.realm.Realm) { org.apache.shiro.realm.Realm v; org.apache.shiro.web.mgt.DefaultWebSecurityManager v; v := @this: org.apache.shiro.web.mgt.DefaultWebSecurityManager; v := @parameter: org.apache.shiro.realm.Realm; specialinvoke v.()>(); virtualinvoke v.(v); return; } public void (java.util.Collection) { java.util.Collection v; org.apache.shiro.web.mgt.DefaultWebSecurityManager v; v := @this: org.apache.shiro.web.mgt.DefaultWebSecurityManager; v := @parameter: java.util.Collection; specialinvoke v.()>(); virtualinvoke v.(v); return; } protected org.apache.shiro.subject.SubjectContext createSubjectContext() { org.apache.shiro.web.subject.support.DefaultWebSubjectContext v; org.apache.shiro.web.mgt.DefaultWebSecurityManager v; v := @this: org.apache.shiro.web.mgt.DefaultWebSecurityManager; v = new org.apache.shiro.web.subject.support.DefaultWebSubjectContext; specialinvoke v.()>(); return v; } public void setSubjectDAO(org.apache.shiro.mgt.SubjectDAO) { org.apache.shiro.mgt.SubjectDAO v; org.apache.shiro.web.mgt.DefaultWebSecurityManager v; v := @this: org.apache.shiro.web.mgt.DefaultWebSecurityManager; v := @parameter: org.apache.shiro.mgt.SubjectDAO; specialinvoke v.(v); specialinvoke v.(); return; } protected void afterSessionManagerSet() { org.apache.shiro.web.mgt.DefaultWebSecurityManager v; v := @this: org.apache.shiro.web.mgt.DefaultWebSecurityManager; specialinvoke v.(); specialinvoke v.(); return; } private void applySessionManagerToSessionStorageEvaluatorIfPossible() { org.apache.shiro.mgt.SubjectDAO v; org.apache.shiro.mgt.SessionStorageEvaluator v; org.apache.shiro.session.mgt.SessionManager v; boolean v, v; org.apache.shiro.web.mgt.DefaultWebSecurityManager v; v := @this: org.apache.shiro.web.mgt.DefaultWebSecurityManager; v = virtualinvoke v.(); v = v instanceof org.apache.shiro.mgt.DefaultSubjectDAO; if v == 0 goto label; v = virtualinvoke v.(); v = v instanceof org.apache.shiro.web.mgt.DefaultWebSessionStorageEvaluator; if v == 0 goto label; v = virtualinvoke v.(); virtualinvoke v.(v); label: return; } protected org.apache.shiro.subject.SubjectContext copy(org.apache.shiro.subject.SubjectContext) { org.apache.shiro.subject.SubjectContext v, v; org.apache.shiro.web.subject.support.DefaultWebSubjectContext v; boolean v; org.apache.shiro.web.mgt.DefaultWebSecurityManager v; v := @this: org.apache.shiro.web.mgt.DefaultWebSecurityManager; v := @parameter: org.apache.shiro.subject.SubjectContext; v = v instanceof org.apache.shiro.web.subject.WebSubjectContext; if v == 0 goto label; v = new org.apache.shiro.web.subject.support.DefaultWebSubjectContext; specialinvoke v.(org.apache.shiro.web.subject.WebSubjectContext)>(v); return v; label: v = specialinvoke v.(v); return v; } public java.lang.String getSessionMode() { java.lang.String v; org.apache.shiro.web.mgt.DefaultWebSecurityManager v; v := @this: org.apache.shiro.web.mgt.DefaultWebSecurityManager; v = v.; return v; } public void setSessionMode(java.lang.String) { java.lang.String v, v, v, v, v, v, v, v; org.apache.shiro.session.mgt.SessionManager v, v; boolean v, v, v, v; org.slf4j.Logger v; java.lang.IllegalArgumentException v, v; java.lang.Class v; org.apache.shiro.web.mgt.DefaultWebSecurityManager v; v := @this: org.apache.shiro.web.mgt.DefaultWebSecurityManager; v := @parameter: java.lang.String; v = ; interfaceinvoke v.("The \'sessionMode\' property has been deprecated. Please configure an appropriate WebSessionManager instance instead of using this property. This property/method will be removed in a later version."); if v != null goto label; v = new java.lang.IllegalArgumentException; specialinvoke v.(java.lang.String)>("sessionMode argument cannot be null."); throw v; label: v = virtualinvoke v.(); v = "http"; v = virtualinvoke v.(v); if v != 0 goto label; v = "native"; v = virtualinvoke v.(v); if v != 0 goto label; v = virtualinvoke v.(); v = virtualinvoke v.(); v = dynamicinvoke "makeConcatWithConstants" (v, v) ("Invalid sessionMode [\u]. Allowed values are public static final String constants in the \u class: \'http\' or \'native\', with \'http\' being the default."); v = new java.lang.IllegalArgumentException; specialinvoke v.(java.lang.String)>(v); throw v; label: v = v.; if v == null goto label; v = v.; v = virtualinvoke v.(v); if v != 0 goto label; label: v = 1; goto label; label: v = 0; label: v. = v; if v == 0 goto label; v = virtualinvoke v.(); staticinvoke (v); v = virtualinvoke v.(v); specialinvoke v.(v); label: return; } public void setSessionManager(org.apache.shiro.session.mgt.SessionManager) { org.slf4j.Logger v, v; java.lang.Class v, v, v; java.lang.String v, v, v, v; org.apache.shiro.session.mgt.SessionManager v; boolean v, v; org.apache.shiro.web.mgt.DefaultWebSecurityManager v; v := @this: org.apache.shiro.web.mgt.DefaultWebSecurityManager; v := @parameter: org.apache.shiro.session.mgt.SessionManager; v. = null; if v == null goto label; v = v instanceof org.apache.shiro.web.session.mgt.WebSessionManager; if v != 0 goto label; v = ; v = interfaceinvoke v.(); if v == 0 goto label; v = virtualinvoke v.(); v = virtualinvoke v.(); v = class "Lorg/apache/shiro/web/session/mgt/WebSessionManager;"; v = virtualinvoke v.(); v = virtualinvoke v.(); v = virtualinvoke v.(); v = dynamicinvoke "makeConcatWithConstants" (v, v, v) ("The \u implementation expects SessionManager instances that implement the \u interface. The configured instance is of type [\u] which does not implement this interface.. This may cause unexpected behavior."); v = ; interfaceinvoke v.(v); label: specialinvoke v.(v); return; } private void setInternalSessionManager(org.apache.shiro.session.mgt.SessionManager) { org.apache.shiro.session.mgt.SessionManager v; org.apache.shiro.web.mgt.DefaultWebSecurityManager v; v := @this: org.apache.shiro.web.mgt.DefaultWebSecurityManager; v := @parameter: org.apache.shiro.session.mgt.SessionManager; specialinvoke v.(v); return; } public boolean isHttpSessionMode() { org.apache.shiro.session.mgt.SessionManager v; boolean v, v, v; org.apache.shiro.web.mgt.DefaultWebSecurityManager v; v := @this: org.apache.shiro.web.mgt.DefaultWebSecurityManager; v = virtualinvoke v.(); v = v instanceof org.apache.shiro.web.session.mgt.WebSessionManager; if v == 0 goto label; v = interfaceinvoke v.(); if v == 0 goto label; v = 1; goto label; label: v = 0; label: return v; } protected org.apache.shiro.session.mgt.SessionManager createSessionManager(java.lang.String) { org.apache.shiro.web.session.mgt.DefaultWebSessionManager v; org.slf4j.Logger v, v; org.apache.shiro.web.session.mgt.ServletContainerSessionManager v; java.lang.String v; boolean v; org.apache.shiro.web.mgt.DefaultWebSecurityManager v; v := @this: org.apache.shiro.web.mgt.DefaultWebSecurityManager; v := @parameter: java.lang.String; if v == null goto label; v = virtualinvoke v.("native"); if v != 0 goto label; label: v = ; interfaceinvoke v.("{} mode - enabling ServletContainerSessionManager (HTTP-only Sessions)", "http"); v = new org.apache.shiro.web.session.mgt.ServletContainerSessionManager; specialinvoke v.()>(); return v; label: v = ; interfaceinvoke v.("{} mode - enabling DefaultWebSessionManager (non-HTTP and HTTP Sessions)", "native"); v = new org.apache.shiro.web.session.mgt.DefaultWebSessionManager; specialinvoke v.()>(); return v; } protected org.apache.shiro.session.mgt.SessionContext createSessionContext(org.apache.shiro.subject.SubjectContext) { org.apache.shiro.subject.SubjectContext v; org.apache.shiro.session.mgt.SessionContext v; javax.servlet.ServletRequest v; javax.servlet.ServletResponse v; org.apache.shiro.web.session.mgt.DefaultWebSessionContext v; boolean v; org.apache.shiro.web.mgt.DefaultWebSecurityManager v; v := @this: org.apache.shiro.web.mgt.DefaultWebSecurityManager; v := @parameter: org.apache.shiro.subject.SubjectContext; v = specialinvoke v.(v); v = v instanceof org.apache.shiro.web.subject.WebSubjectContext; if v == 0 goto label; v = interfaceinvoke v.(); v = interfaceinvoke v.(); v = new org.apache.shiro.web.session.mgt.DefaultWebSessionContext; specialinvoke v.(java.util.Map)>(v); if v == null goto label; virtualinvoke v.(v); label: if v == null goto label; virtualinvoke v.(v); label: v = v; label: return v; } protected org.apache.shiro.session.mgt.SessionKey getSessionKey(org.apache.shiro.subject.SubjectContext) { javax.servlet.ServletRequest v; java.io.Serializable v; org.apache.shiro.web.session.mgt.WebSessionKey v; org.apache.shiro.subject.SubjectContext v; javax.servlet.ServletResponse v; org.apache.shiro.session.mgt.SessionKey v; boolean v; org.apache.shiro.web.mgt.DefaultWebSecurityManager v; v := @this: org.apache.shiro.web.mgt.DefaultWebSecurityManager; v := @parameter: org.apache.shiro.subject.SubjectContext; v = staticinvoke (v); if v == 0 goto label; v = interfaceinvoke v.(); v = staticinvoke (v); v = staticinvoke (v); v = new org.apache.shiro.web.session.mgt.WebSessionKey; specialinvoke v.(java.io.Serializable,javax.servlet.ServletRequest,javax.servlet.ServletResponse)>(v, v, v); return v; label: v = specialinvoke v.(v); return v; } protected void beforeLogout(org.apache.shiro.subject.Subject) { org.apache.shiro.subject.Subject v; org.apache.shiro.web.mgt.DefaultWebSecurityManager v; v := @this: org.apache.shiro.web.mgt.DefaultWebSecurityManager; v := @parameter: org.apache.shiro.subject.Subject; specialinvoke v.(v); virtualinvoke v.(v); return; } protected void removeRequestIdentity(org.apache.shiro.subject.Subject) { javax.servlet.ServletRequest v; org.apache.shiro.subject.Subject v; java.lang.Boolean v; java.lang.String v; boolean v; org.apache.shiro.web.mgt.DefaultWebSecurityManager v; v := @this: org.apache.shiro.web.mgt.DefaultWebSecurityManager; v := @parameter: org.apache.shiro.subject.Subject; v = v instanceof org.apache.shiro.web.subject.WebSubject; if v == 0 goto label; v = interfaceinvoke v.(); if v == null goto label; v = ; v = ; interfaceinvoke v.(v, v); label: return; } static void () { org.slf4j.Logger v; v = staticinvoke (class "Lorg/apache/shiro/web/mgt/DefaultWebSecurityManager;"); = v; return; } }