Package org.alfresco.repo.security.authentication

Interface TicketComponent

All Known Implementing Classes:

InMemoryTicketComponentImpl

@AlfrescoPublicApi
public interface TicketComponent

Manage authentication tickets

Author:

andyh

Method Summary

Modifier and Type	Method	Description
void	clearCurrentTicket()	Clear the current ticket
int	countTickets(boolean nonExpiredOnly)	Count tickets This may be higher than the user count, since a user can have more than one ticket/session
String	getAuthorityForTicket(String ticket)	Get the authority for the given ticket
String	getCurrentTicket(String userName, boolean autoCreate)	Get the current ticket
String	getNewTicket(String userName)	Register a new ticket
Set<String>	getUsersWithTickets(boolean nonExpiredOnly)	Get set of users with tickets This may be lower than the ticket count, since a user can have more than one ticket/session
boolean	getUseSingleTicketPerUser()	Does this ticket component support a single ticket per user or one ticket for each time they login?
void	invalidateTicketById(String ticket)	Invalidate the tickets by id
void	invalidateTicketByUser(String userName)	Invalidate all user tickets
int	invalidateTickets(boolean expiredOnly)	Invalidate tickets
String	validateTicket(String ticket)	Check that a certificate is valid and can be used in place of a login.

Method Detail

getNewTicket

String getNewTicket(String userName)
             throws AuthenticationException

Register a new ticket

Parameters:

userName - String

Returns:

- the ticket

Throws:

AuthenticationException

getCurrentTicket

String getCurrentTicket(String userName,
                        boolean autoCreate)

Get the current ticket

Parameters:

userName - String

autoCreate - should we create one automatically if there isn't one?

Returns:

- the ticket

validateTicket

@Auditable(parameters="ticket",
           recordable=false)
String validateTicket(String ticket)
               throws AuthenticationException

Check that a certificate is valid and can be used in place of a login. Tickets may be rejected because:

1. The certificate does not exists
2. The status of the user has changed
   1. The user is locked
   2. The account has expired
   3. The credentials have expired
   4. The account is disabled
3. The ticket may have expired
   1. The ticked my be invalid by timed expiry
   2. An attemp to reuse a once only ticket

Parameters:

ticket - String

Returns:

- the user name

Throws:

AuthenticationException

invalidateTicketById

@Auditable(parameters="ticket",
           recordable=false)
void invalidateTicketById(String ticket)

Invalidate the tickets by id

Parameters:

ticket - String

invalidateTicketByUser

void invalidateTicketByUser(String userName)

Invalidate all user tickets

Parameters:

userName - String

countTickets

int countTickets(boolean nonExpiredOnly)

Count tickets This may be higher than the user count, since a user can have more than one ticket/session

Parameters:

nonExpiredOnly - true for non expired tickets, false for all (including expired) tickets

Returns:

int number of tickets

getUsersWithTickets

Set<String> getUsersWithTickets(boolean nonExpiredOnly)

Get set of users with tickets This may be lower than the ticket count, since a user can have more than one ticket/session

Parameters:

nonExpiredOnly - true for non expired tickets, false for all (including expired) tickets

invalidateTickets

int invalidateTickets(boolean expiredOnly)

Invalidate tickets

Parameters:

expiredOnly - true for EXPIRED tickets, false for ALL (including non-expired) tickets

Returns:

int count of invalidated tickets

getAuthorityForTicket

String getAuthorityForTicket(String ticket)

Get the authority for the given ticket

Parameters:

ticket - String

Returns:

the authority

clearCurrentTicket

void clearCurrentTicket()

Clear the current ticket

getUseSingleTicketPerUser

boolean getUseSingleTicketPerUser()

Does this ticket component support a single ticket per user or one ticket for each time they login?

Returns:

boolean