Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.alfresco.repo.security.authentication
Class InMemoryTicketComponentImpl

java.lang.Object
  extended by org.alfresco.repo.security.authentication.InMemoryTicketComponentImpl
All Implemented Interfaces:
TicketComponent
public class InMemoryTicketComponentImpl
extends java.lang.Object
implements TicketComponent

Store tickets in memory. They can be distributed in a cluster via the cache

Nested Class Summary
static class InMemoryTicketComponentImpl.ExpiryMode
           
static class InMemoryTicketComponentImpl.Ticket
          Ticket
 
Field Summary
static java.lang.String GRANTED_AUTHORITY_TICKET_PREFIX
          Ticket prefix
 
Constructor Summary
InMemoryTicketComponentImpl()
          IOC constructor
 
Method Summary
static void clearCurrentSecurityContext()
           
 void clearCurrentTicket()
          Clear the current ticket
 int countTickets(boolean nonExpiredOnly)
          Count tickets This may be higher than the user count, since a user can have more than one ticket/session
 boolean equals(java.lang.Object obj)
           
 java.lang.String getAuthorityForTicket(java.lang.String ticketString)
          Get the authority for the given ticket
 java.lang.String getCurrentTicket(java.lang.String userName, java.lang.String sessionId, boolean autoCreate)
          Gets the current ticket.
 java.lang.String getNewTicket(java.lang.String userName, java.lang.String sessionId)
          Register a new ticket.
 java.util.Set getUsersWithTickets(boolean nonExpiredOnly)
          Get set of users with tickets This may be lower than the ticket count, since a user can have more than one ticket/session
 int hashCode()
           
 void invalidateTicketById(java.lang.String ticketString, java.lang.String sessionId)
          Invalidates a ticket, or disassociates it from an app server session.
 void invalidateTicketByUser(java.lang.String userName)
          Invalidate all user tickets
 int invalidateTickets(boolean expiredOnly)
          Invalidate tickets
 void setExpiryMode(java.lang.String expiryMode)
          How should tickets expire.
 void setOneOff(boolean oneOff)
          Are tickets single use
 void setTicketsCache(SimpleCache ticketsCache)
          Set the ticket cache to support clustering
 void setTicketsExpire(boolean ticketsExpire)
          Do tickets expire
 void setValidDuration(java.lang.String validDuration)
          How long are tickets valid (XML duration as a string)
 java.lang.String validateTicket(java.lang.String ticketString, java.lang.String sessionId)
          Check that a certificate is valid and can be used in place of a login.
 
Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

GRANTED_AUTHORITY_TICKET_PREFIX

public static final java.lang.String GRANTED_AUTHORITY_TICKET_PREFIX
Ticket prefix

See Also:
Constant Field Values
Constructor Detail

InMemoryTicketComponentImpl

public InMemoryTicketComponentImpl()
IOC constructor

Method Detail

setTicketsCache

public void setTicketsCache(SimpleCache ticketsCache)
Set the ticket cache to support clustering

Parameters:
ticketsCache -

getNewTicket

public java.lang.String getNewTicket(java.lang.String userName,
                                     java.lang.String sessionId)
                              throws AuthenticationException
Description copied from interface: TicketComponent
Register a new ticket. If a session ID is given, an association with that session ID will be recorded for the returned ticket.

Specified by:
getNewTicket in interface TicketComponent
sessionId - the app server session ID (e.g. HttpSession ID) or null if not applicable.
Returns:
- the ticket
Throws:
AuthenticationException

validateTicket

public java.lang.String validateTicket(java.lang.String ticketString,
                                       java.lang.String sessionId)
                                throws AuthenticationException
Description copied from interface: TicketComponent
Check that a certificate is valid and can be used in place of a login. Optionally records an association between the ticket and a given app server session Id. This is so that we don't expire tickets prematurely referenced by more than one application server session. Tickets may be rejected because:
  1. The certificate does not exists
  2. The status of the user has changed
    1. The user is locked
    2. The account has expired
    3. The credentials have expired
    4. The account is disabled
  3. The ticket may have expired
    1. The ticked my be invalid by timed expiry
    2. An attemp to reuse a once only ticket

Specified by:
validateTicket in interface TicketComponent
sessionId - the app server session ID (e.g. HttpSession ID) or null if not applicable.
Returns:
- the user name
Throws:
AuthenticationException

invalidateTicketById

public void invalidateTicketById(java.lang.String ticketString,
                                 java.lang.String sessionId)
Description copied from interface: TicketComponent
Invalidates a ticket, or disassociates it from an app server session. Once it has been disassociated from all sessions, the ticket will be invalidated globally.

Specified by:
invalidateTicketById in interface TicketComponent
sessionId - the app server session ID (e.g. HttpSession ID) or null if the ticket should be invalidated globally.

getUsersWithTickets

public java.util.Set getUsersWithTickets(boolean nonExpiredOnly)
Description copied from interface: TicketComponent
Get set of users with tickets This may be lower than the ticket count, since a user can have more than one ticket/session

Specified by:
getUsersWithTickets in interface TicketComponent
Parameters:
nonExpiredOnly - true for non expired tickets, false for all (including expired) tickets
Returns:
Set set of users with (one or more) tickets

countTickets

public int countTickets(boolean nonExpiredOnly)
Description copied from interface: TicketComponent
Count tickets This may be higher than the user count, since a user can have more than one ticket/session

Specified by:
countTickets in interface TicketComponent
Parameters:
nonExpiredOnly - true for non expired tickets, false for all (including expired) tickets
Returns:
int number of tickets

invalidateTickets

public int invalidateTickets(boolean expiredOnly)
Description copied from interface: TicketComponent
Invalidate tickets

Specified by:
invalidateTickets in interface TicketComponent
Parameters:
expiredOnly - true for EXPIRED tickets, false for ALL (including non-expired) tickets
Returns:
int count of invalidated tickets

invalidateTicketByUser

public void invalidateTicketByUser(java.lang.String userName)
Description copied from interface: TicketComponent
Invalidate all user tickets

Specified by:
invalidateTicketByUser in interface TicketComponent

hashCode

public int hashCode()
Overrides:
hashCode in class java.lang.Object

equals

public boolean equals(java.lang.Object obj)
Overrides:
equals in class java.lang.Object

setOneOff

public void setOneOff(boolean oneOff)
Are tickets single use

Parameters:
oneOff -

setTicketsExpire

public void setTicketsExpire(boolean ticketsExpire)
Do tickets expire

Parameters:
ticketsExpire -

setExpiryMode

public void setExpiryMode(java.lang.String expiryMode)
How should tickets expire.

Parameters:
exipryMode -

setValidDuration

public void setValidDuration(java.lang.String validDuration)
How long are tickets valid (XML duration as a string)

Parameters:
validDuration -

getAuthorityForTicket

public java.lang.String getAuthorityForTicket(java.lang.String ticketString)
Description copied from interface: TicketComponent
Get the authority for the given ticket

Specified by:
getAuthorityForTicket in interface TicketComponent
Returns:
the authority

getCurrentTicket

public java.lang.String getCurrentTicket(java.lang.String userName,
                                         java.lang.String sessionId,
                                         boolean autoCreate)
Description copied from interface: TicketComponent
Gets the current ticket. If a session ID is given, an association with that session ID will be recorded for the returned ticket.

Specified by:
getCurrentTicket in interface TicketComponent
sessionId - the app server session ID (e.g. HttpSession ID) or null if not applicable.
autoCreate - should we create one automatically if there isn't one?
Returns:
- the ticket

clearCurrentTicket

public void clearCurrentTicket()
Description copied from interface: TicketComponent
Clear the current ticket

Specified by:
clearCurrentTicket in interface TicketComponent

clearCurrentSecurityContext

public static void clearCurrentSecurityContext()
Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2005 - 2010 Alfresco Software, Inc. All Rights Reserved.