Package org.alfresco.repo.security.authentication

Class InMemoryTicketComponentImpl

java.lang.Object

org.alfresco.repo.security.authentication.InMemoryTicketComponentImpl

All Implemented Interfaces:

TicketComponent

public class InMemoryTicketComponentImpl
extends Object
implements TicketComponent

Store tickets in memory. They can be distributed in a cluster via the cache

Author:

andyh

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	InMemoryTicketComponentImpl.ExpiryMode
static class	InMemoryTicketComponentImpl.Ticket	Ticket

Field Summary

Fields

Modifier and Type	Field	Description
static String	GRANTED_AUTHORITY_TICKET_PREFIX	Ticket prefix

Constructor Summary

Constructors

Constructor	Description
InMemoryTicketComponentImpl()	IOC constructor

Method Summary

Modifier and Type	Method	Description
static void	clearCurrentSecurityContext()
void	clearCurrentTicket()	Clear the current ticket
int	countTickets(boolean nonExpiredOnly)	Count tickets This may be higher than the user count, since a user can have more than one ticket/session
boolean	equals(Object obj)
String	getAuthorityForTicket(String ticketString)	Get the authority for the given ticket
String	getCurrentTicket(String userName, boolean autoCreate)	Get the current ticket
String	getNewTicket(String userName)	Register a new ticket
Set<String>	getUsersWithTickets(boolean nonExpiredOnly)	Get set of users with tickets This may be lower than the ticket count, since a user can have more than one ticket/session
boolean	getUseSingleTicketPerUser()	Does this ticket component support a single ticket per user or one ticket for each time they login?
int	hashCode()
void	invalidateTicketById(String ticketString)	Invalidate the tickets by id
void	invalidateTicketByUser(String userName)	Invalidate all user tickets
int	invalidateTickets(boolean expiredOnly)	Invalidate tickets
void	setExpiryMode(String expiryMode)	How should tickets expire.
void	setOneOff(boolean oneOff)	Are tickets single use
void	setTicketsCache(SimpleCache<String,InMemoryTicketComponentImpl.Ticket> ticketsCache)	Set the ticket cache to support clustering
void	setTicketsExpire(boolean ticketsExpire)	Do tickets expire
void	setUseSingleTicketPerUser(boolean useSingleTicketPerUser)
void	setValidDuration(String validDuration)	How long are tickets valid (XML duration as a string)
String	validateTicket(String ticketString)	Check that a certificate is valid and can be used in place of a login.

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, toString, wait, wait, wait

Field Detail

GRANTED_AUTHORITY_TICKET_PREFIX

public static final String GRANTED_AUTHORITY_TICKET_PREFIX

Ticket prefix

See Also:

Constant Field Values

Constructor Detail

InMemoryTicketComponentImpl

public InMemoryTicketComponentImpl()

IOC constructor

Method Detail

setTicketsCache

public void setTicketsCache(SimpleCache<String,InMemoryTicketComponentImpl.Ticket> ticketsCache)

Set the ticket cache to support clustering

setUseSingleTicketPerUser

public void setUseSingleTicketPerUser(boolean useSingleTicketPerUser)

Parameters:

useSingleTicketPerUser - the useSingleTicketPerUser to set

getUseSingleTicketPerUser

public boolean getUseSingleTicketPerUser()

Description copied from interface: TicketComponent

Does this ticket component support a single ticket per user or one ticket for each time they login?

Specified by:

getUseSingleTicketPerUser in interface TicketComponent

Returns:

the useSingleTicketPerUser

setOneOff

public void setOneOff(boolean oneOff)

Are tickets single use

setTicketsExpire

public void setTicketsExpire(boolean ticketsExpire)

Do tickets expire

setExpiryMode

public void setExpiryMode(String expiryMode)

How should tickets expire.

setValidDuration

public void setValidDuration(String validDuration)

How long are tickets valid (XML duration as a string)

getNewTicket

public String getNewTicket(String userName)
                    throws AuthenticationException

Description copied from interface: TicketComponent

Register a new ticket

Specified by:

getNewTicket in interface TicketComponent

Parameters:

userName - String

Returns:

- the ticket

Throws:

AuthenticationException

validateTicket

public String validateTicket(String ticketString)
                      throws AuthenticationException

Description copied from interface: TicketComponent

Check that a certificate is valid and can be used in place of a login. Tickets may be rejected because:

1. The certificate does not exists
2. The status of the user has changed
   1. The user is locked
   2. The account has expired
   3. The credentials have expired
   4. The account is disabled
3. The ticket may have expired
   1. The ticked my be invalid by timed expiry
   2. An attemp to reuse a once only ticket

Specified by:

validateTicket in interface TicketComponent

Parameters:

ticketString - String

Returns:

- the user name

Throws:

AuthenticationException

invalidateTicketById

public void invalidateTicketById(String ticketString)

Description copied from interface: TicketComponent

Invalidate the tickets by id

Specified by:

invalidateTicketById in interface TicketComponent

Parameters:

ticketString - String

getUsersWithTickets

public Set<String> getUsersWithTickets(boolean nonExpiredOnly)

Description copied from interface: TicketComponent

Get set of users with tickets This may be lower than the ticket count, since a user can have more than one ticket/session

Specified by:

getUsersWithTickets in interface TicketComponent

Parameters:

nonExpiredOnly - true for non expired tickets, false for all (including expired) tickets

countTickets

public int countTickets(boolean nonExpiredOnly)

Description copied from interface: TicketComponent

Count tickets This may be higher than the user count, since a user can have more than one ticket/session

Specified by:

countTickets in interface TicketComponent

Parameters:

nonExpiredOnly - true for non expired tickets, false for all (including expired) tickets

Returns:

int number of tickets

invalidateTickets

public int invalidateTickets(boolean expiredOnly)

Description copied from interface: TicketComponent

Invalidate tickets

Specified by:

invalidateTickets in interface TicketComponent

Parameters:

expiredOnly - true for EXPIRED tickets, false for ALL (including non-expired) tickets

Returns:

int count of invalidated tickets

invalidateTicketByUser

public void invalidateTicketByUser(String userName)

Description copied from interface: TicketComponent

Invalidate all user tickets

Specified by:

invalidateTicketByUser in interface TicketComponent

Parameters:

userName - String

hashCode

public int hashCode()

Overrides:

hashCode in class Object

equals

public boolean equals(Object obj)

Overrides:

equals in class Object

getAuthorityForTicket

public String getAuthorityForTicket(String ticketString)

Description copied from interface: TicketComponent

Get the authority for the given ticket

Specified by:

getAuthorityForTicket in interface TicketComponent

Parameters:

ticketString - String

Returns:

the authority

getCurrentTicket

public String getCurrentTicket(String userName,
                               boolean autoCreate)

Description copied from interface: TicketComponent

Get the current ticket

Specified by:

getCurrentTicket in interface TicketComponent

Parameters:

userName - String

autoCreate - should we create one automatically if there isn't one?

Returns:

- the ticket

clearCurrentTicket

public void clearCurrentTicket()

Description copied from interface: TicketComponent

Clear the current ticket

Specified by:

clearCurrentTicket in interface TicketComponent

clearCurrentSecurityContext

public static void clearCurrentSecurityContext()