org.alfresco.repo.security.authentication
Interface TicketComponent

All Known Implementing Classes:
InMemoryTicketComponentImpl

public interface TicketComponent

Manage authentication tickets


Method Summary
 void clearCurrentTicket()
          Clear the current ticket
 int countTickets(boolean nonExpiredOnly)
          Count tickets This may be higher than the user count, since a user can have more than one ticket/session
 java.lang.String getAuthorityForTicket(java.lang.String ticket)
          Get the authority for the given ticket
 java.lang.String getCurrentTicket(java.lang.String userName, java.lang.String sessionId, boolean autoCreate)
          Gets the current ticket.
 java.lang.String getNewTicket(java.lang.String userName, java.lang.String sessionId)
          Register a new ticket.
 java.util.Set getUsersWithTickets(boolean nonExpiredOnly)
          Get set of users with tickets This may be lower than the ticket count, since a user can have more than one ticket/session
 void invalidateTicketById(java.lang.String ticket, java.lang.String sessionId)
          Invalidates a ticket, or disassociates it from an app server session.
 void invalidateTicketByUser(java.lang.String userName)
          Invalidate all user tickets
 int invalidateTickets(boolean expiredOnly)
          Invalidate tickets
 java.lang.String validateTicket(java.lang.String ticket, java.lang.String sessionId)
          Check that a certificate is valid and can be used in place of a login.
 

Method Detail

getNewTicket

java.lang.String getNewTicket(java.lang.String userName,
                              java.lang.String sessionId)
                              throws AuthenticationException
Register a new ticket. If a session ID is given, an association with that session ID will be recorded for the returned ticket.

Parameters:
userName -
sessionId - the app server session ID (e.g. HttpSession ID) or null if not applicable.
Returns:
- the ticket
Throws:
AuthenticationException

getCurrentTicket

java.lang.String getCurrentTicket(java.lang.String userName,
                                  java.lang.String sessionId,
                                  boolean autoCreate)
Gets the current ticket. If a session ID is given, an association with that session ID will be recorded for the returned ticket.

Parameters:
userName -
sessionId - the app server session ID (e.g. HttpSession ID) or null if not applicable.
autoCreate - should we create one automatically if there isn't one?
Returns:
- the ticket

validateTicket

java.lang.String validateTicket(java.lang.String ticket,
                                java.lang.String sessionId)
                                throws AuthenticationException
Check that a certificate is valid and can be used in place of a login. Optionally records an association between the ticket and a given app server session Id. This is so that we don't expire tickets prematurely referenced by more than one application server session. Tickets may be rejected because:
  1. The certificate does not exists
  2. The status of the user has changed
    1. The user is locked
    2. The account has expired
    3. The credentials have expired
    4. The account is disabled
  3. The ticket may have expired
    1. The ticked my be invalid by timed expiry
    2. An attemp to reuse a once only ticket

Parameters:
ticket -
sessionId - the app server session ID (e.g. HttpSession ID) or null if not applicable.
Returns:
- the user name
Throws:
AuthenticationException

invalidateTicketById

void invalidateTicketById(java.lang.String ticket,
                          java.lang.String sessionId)
Invalidates a ticket, or disassociates it from an app server session. Once it has been disassociated from all sessions, the ticket will be invalidated globally.

Parameters:
ticket -
sessionId - the app server session ID (e.g. HttpSession ID) or null if the ticket should be invalidated globally.

invalidateTicketByUser

void invalidateTicketByUser(java.lang.String userName)
Invalidate all user tickets

Parameters:
userName -

countTickets

int countTickets(boolean nonExpiredOnly)
Count tickets This may be higher than the user count, since a user can have more than one ticket/session

Parameters:
nonExpiredOnly - true for non expired tickets, false for all (including expired) tickets
Returns:
int number of tickets

getUsersWithTickets

java.util.Set getUsersWithTickets(boolean nonExpiredOnly)
Get set of users with tickets This may be lower than the ticket count, since a user can have more than one ticket/session

Parameters:
nonExpiredOnly - true for non expired tickets, false for all (including expired) tickets
Returns:
Set set of users with (one or more) tickets

invalidateTickets

int invalidateTickets(boolean expiredOnly)
Invalidate tickets

Parameters:
expiredOnly - true for EXPIRED tickets, false for ALL (including non-expired) tickets
Returns:
int count of invalidated tickets

getAuthorityForTicket

java.lang.String getAuthorityForTicket(java.lang.String ticket)
Get the authority for the given ticket

Parameters:
ticket -
Returns:
the authority

clearCurrentTicket

void clearCurrentTicket()
Clear the current ticket



Copyright © 2005 - 2010 Alfresco Software, Inc. All Rights Reserved.