Package org.alfresco.repo.security.authentication

Class InMemoryTicketComponentImpl

  • All Implemented Interfaces:
    TicketComponent
    public class InMemoryTicketComponentImpl
extends Object
implements TicketComponent
    Store tickets in memory. They can be distributed in a cluster via the cache
    Author:
    andyh

    • Field Detail

      • GRANTED_AUTHORITY_TICKET_PREFIX

        public static final String GRANTED_AUTHORITY_TICKET_PREFIX
        Ticket prefix
        See Also:
        Constant Field Values

    • Constructor Detail

      • InMemoryTicketComponentImpl

        public InMemoryTicketComponentImpl()
        IOC constructor

    • Method Detail

      • setUsernameToTicketIdCache

        public void setUsernameToTicketIdCache​(SimpleCache<String,​String> usernameToTicketIdCache)
        Set the usernameToTicketIdCache as secondary map for supporting cache clustering

      • setUseSingleTicketPerUser

        public void setUseSingleTicketPerUser​(boolean useSingleTicketPerUser)
        Parameters:
        useSingleTicketPerUser - the useSingleTicketPerUser to set

      • getUseSingleTicketPerUser

        public boolean getUseSingleTicketPerUser()
        Description copied from interface: TicketComponent
        Does this ticket component support a single ticket per user or one ticket for each time they login?
        Specified by:
        getUseSingleTicketPerUser in interface TicketComponent
        Returns:
        the useSingleTicketPerUser

      • setOneOff

        @Deprecated
public void setOneOff​(boolean oneOff)
        Deprecated.
        Are tickets single use

      • setTicketsExpire

        public void setTicketsExpire​(boolean ticketsExpire)
        Do tickets expire

      • setExpiryMode

        public void setExpiryMode​(String expiryMode)
        How should tickets expire.

      • setValidDuration

        public void setValidDuration​(String validDuration)
        How long are tickets valid (XML duration as a string)

      • validateTicket

        public String validateTicket​(String ticketString)
                      throws AuthenticationException
        Description copied from interface: TicketComponent
        Check that a certificate is valid and can be used in place of a login. Tickets may be rejected because:
        1. The certificate does not exists
        2. The status of the user has changed
          1. The user is locked
          2. The account has expired
          3. The credentials have expired
          4. The account is disabled
        3. The ticket may have expired
          1. The ticked my be invalid by timed expiry
          2. An attemp to reuse a once only ticket
        Specified by:
        validateTicket in interface TicketComponent
        Parameters:
        ticketString - String
        Returns:
        - the user name
        Throws:
        AuthenticationException

      • getUsersWithTickets

        public Set<String> getUsersWithTickets​(boolean nonExpiredOnly)
        Description copied from interface: TicketComponent
        Get set of users with tickets This may be lower than the ticket count, since a user can have more than one ticket/session
        Specified by:
        getUsersWithTickets in interface TicketComponent
        Parameters:
        nonExpiredOnly - true for non expired tickets, false for all (including expired) tickets

      • countTickets

        public int countTickets​(boolean nonExpiredOnly)
        Description copied from interface: TicketComponent
        Count tickets This may be higher than the user count, since a user can have more than one ticket/session
        Specified by:
        countTickets in interface TicketComponent
        Parameters:
        nonExpiredOnly - true for non expired tickets, false for all (including expired) tickets
        Returns:
        int number of tickets

      • invalidateTickets

        public int invalidateTickets​(boolean expiredOnly)
        Description copied from interface: TicketComponent
        Invalidate tickets
        Specified by:
        invalidateTickets in interface TicketComponent
        Parameters:
        expiredOnly - true for EXPIRED tickets, false for ALL (including non-expired) tickets
        Returns:
        int count of invalidated tickets

      • hashCode

        public int hashCode()
        Overrides:
        hashCode in class Object

      • getCurrentTicket

        public String getCurrentTicket​(String userName,
                               boolean autoCreate)
        Description copied from interface: TicketComponent
        Get the current ticket
        Specified by:
        getCurrentTicket in interface TicketComponent
        Parameters:
        userName - String
        autoCreate - should we create one automatically if there isn't one?
        Returns:
        - the ticket

      • clearCurrentSecurityContext

        public static void clearCurrentSecurityContext()