See wam Menu

WAM ManagedSession API Classes

This section provides an overview of the interfaces and classes within the WAM Session API.

See the WAM Javadoc for more information about the important classes and interfaces in the WAM Session API.

com.cafesoft.cams.session.ManagedSession, com.cafesoft.cams.session.Session, and com.cafesoft.cams.session.SessionStatus

A ManagedSession is an extended WAM session with the additional functionality to close, expire, and get the authenticated subject. It is the primary session object used throughout the WAM server.

SessionStatus is a type-safe constant that may have any of the following values:

  • ACTIVE: The session is currenly active.

  • EXPIRED: The session expired and was closed automatically because it was inactive for too long.

  • CLOSED: A session was closed by a user or management application.

com.cafesoft.cams.session.ManagedSessionEvent and com.cafesoft.cams.session.ManagedSessionEventType

A ManagedSessionEvent defines an event generated by a security domain’s authentication service when:

  • A subject successfully authenticates and a new ManagedSession is created.

  • A ManagedSession expires.

  • A ManagedSession is closed (the Subject explicitly logs out).

The type of event is specified by the type-safe constant ManagedSessionEventType, which may have any of the following values:

  • SESSION_CREATED: A session was newly created due to a successful user authentication.

  • SESSION_EXPIRED: A session expired and was closed automatically because it was inactive for too long.

  • SESSION_CLOSED: A session was closed by a user or management application.


This is the interface that must be implemented by any class that is to be registered as a WAM session event handler. This interface provides a way for WAM to initialize handler instances and to notify the instance of a ManagedSessionEvent.

com.cafesoft.cams.Config, com.cafesoft.cams.Context, com.cafesoft.core.service.ServiceFinder, and com.cafesoft.core.log.Logger

A Config object is supplied to a ManagedSessionEventHandler via an initialize() method and provides access to a Context object, which references the Logger used by the enclosing security domain.

Your ManagedSessionEventHandler can use this Logger to report DEBUG, INFO, WARNING, ERROR, and FATAL messages that get logged to the security domain’s trace logger.

The Context object also provides access to a ServiceFinder that enables access to WAM services (See Programming with WAM Services).

Figure 2 shows the relationship of various classes and interfaces to ManagedSessionEventHandlers. In summary, you’ll create a class that implements interface ManagedSessionEventHandler.

Figure 2 - WAM ManagedSessionEventHandler class relationships

This interface extends ManagedSessionEventListener, which provides the method invoked by a session manager to handle a ManagedSessionEvent.

Each ManagedSessionEvent has a ManagedSessionEventType (type-safe constant) corresponding to CREATED, EXPIRED, and CLOSED event types. A ManagedSessionEventHandler is initialized with a Config object by which configuration parameters, a ServiceFinder (for finding and using WAM services) and a Logger (for logging trace messages) can be accessed.

Figure 3 summarizes the relationships of various WAM interfaces and classes to a WAM ManagedSession, which extends interface Session.

Figure 3 - WAM ManagedSession class relationships

Each WAM session corresponds to an authenticated user which is represented by a The subject contains one or more, usually corresponding to usernames, roles, groups, etc. Each session also has a status represented by type-safe constant: SessionStatus.

Have a Question?

Have a how-to question? Seeing a weird error? Contact us.

Found a bug? Submit a support ticket.

Have a product idea or request? Share it with us in our Ideas Portal.