Package org.alfresco.repo.security.authentication

Class InMemoryTicketComponentImpl

java.lang.Object
org.alfresco.repo.security.authentication.InMemoryTicketComponentImpl
All Implemented Interfaces:
TicketComponent
public class InMemoryTicketComponentImpl extends Object implements TicketComponent
Store tickets in memory. They can be distributed in a cluster via the cache
Author:
andyh

  • Field Details

    • GRANTED_AUTHORITY_TICKET_PREFIX

      public static final String GRANTED_AUTHORITY_TICKET_PREFIX
      Ticket prefix
      See Also:

  • Constructor Details

    • InMemoryTicketComponentImpl

      public InMemoryTicketComponentImpl()
      IOC constructor

  • Method Details

    • setTicketsCache

      public void setTicketsCache(SimpleCache<String,InMemoryTicketComponentImpl.Ticket> ticketsCache)
      Set the ticket cache to support clustering

    • setUsernameToTicketIdCache

      public void setUsernameToTicketIdCache(SimpleCache<String,String> usernameToTicketIdCache)
      Set the usernameToTicketIdCache as secondary map for supporting cache clustering

    • setUseSingleTicketPerUser

      public void setUseSingleTicketPerUser(boolean useSingleTicketPerUser)
      Parameters:
      useSingleTicketPerUser - the useSingleTicketPerUser to set

    • getUseSingleTicketPerUser

      public boolean getUseSingleTicketPerUser()
      Description copied from interface: TicketComponent
      Does this ticket component support a single ticket per user or one ticket for each time they login?
      Specified by:
      getUseSingleTicketPerUser in interface TicketComponent
      Returns:
      the useSingleTicketPerUser

    • setOneOff

      @Deprecated public void setOneOff(boolean oneOff)
      Deprecated.
      Are tickets single use

    • setTicketsExpire

      public void setTicketsExpire(boolean ticketsExpire)
      Do tickets expire

    • setExpiryMode

      public void setExpiryMode(String expiryMode)
      How should tickets expire.

    • setValidDuration

      public void setValidDuration(String validDuration)
      How long are tickets valid (XML duration as a string)

    • getNewTicket

      public String getNewTicket(String userName) throws AuthenticationException
      Description copied from interface: TicketComponent
      Register a new ticket
      Specified by:
      getNewTicket in interface TicketComponent
      Parameters:
      userName - String
      Returns:
      - the ticket
      Throws:
      AuthenticationException

    • validateTicket

      public String validateTicket(String ticketString) throws AuthenticationException
      Description copied from interface: TicketComponent
      Check that a certificate is valid and can be used in place of a login. Tickets may be rejected because:
      1. The certificate does not exists
      2. The status of the user has changed
        1. The user is locked
        2. The account has expired
        3. The credentials have expired
        4. The account is disabled
      3. The ticket may have expired
        1. The ticked my be invalid by timed expiry
        2. An attemp to reuse a once only ticket
      Specified by:
      validateTicket in interface TicketComponent
      Parameters:
      ticketString - String
      Returns:
      - the user name
      Throws:
      AuthenticationException

    • invalidateTicketById

      public void invalidateTicketById(String ticketString)
      Description copied from interface: TicketComponent
      Invalidate the tickets by id
      Specified by:
      invalidateTicketById in interface TicketComponent
      Parameters:
      ticketString - String

    • getUsersWithTickets

      public Set<String> getUsersWithTickets(boolean nonExpiredOnly)
      Description copied from interface: TicketComponent
      Get set of users with tickets This may be lower than the ticket count, since a user can have more than one ticket/session
      Specified by:
      getUsersWithTickets in interface TicketComponent
      Parameters:
      nonExpiredOnly - true for non expired tickets, false for all (including expired) tickets

    • countTickets

      public int countTickets(boolean nonExpiredOnly)
      Description copied from interface: TicketComponent
      Count tickets This may be higher than the user count, since a user can have more than one ticket/session
      Specified by:
      countTickets in interface TicketComponent
      Parameters:
      nonExpiredOnly - true for non expired tickets, false for all (including expired) tickets
      Returns:
      int number of tickets

    • invalidateTickets

      public int invalidateTickets(boolean expiredOnly)
      Description copied from interface: TicketComponent
      Invalidate tickets
      Specified by:
      invalidateTickets in interface TicketComponent
      Parameters:
      expiredOnly - true for EXPIRED tickets, false for ALL (including non-expired) tickets
      Returns:
      int count of invalidated tickets

    • invalidateTicketByUser

      public void invalidateTicketByUser(String userName)
      Description copied from interface: TicketComponent
      Invalidate all user tickets
      Specified by:
      invalidateTicketByUser in interface TicketComponent
      Parameters:
      userName - String

    • hashCode

      public int hashCode()
      Overrides:
      hashCode in class Object

    • equals

      public boolean equals(Object obj)
      Overrides:
      equals in class Object

    • getAuthorityForTicket

      public String getAuthorityForTicket(String ticketString)
      Description copied from interface: TicketComponent
      Get the authority for the given ticket
      Specified by:
      getAuthorityForTicket in interface TicketComponent
      Parameters:
      ticketString - String
      Returns:
      the authority

    • getCurrentTicket

      public String getCurrentTicket(String userName, boolean autoCreate)
      Description copied from interface: TicketComponent
      Get the current ticket
      Specified by:
      getCurrentTicket in interface TicketComponent
      Parameters:
      userName - String
      autoCreate - should we create one automatically if there isn't one?
      Returns:
      - the ticket

    • clearCurrentTicket

      public void clearCurrentTicket()
      Description copied from interface: TicketComponent
      Clear the current ticket
      Specified by:
      clearCurrentTicket in interface TicketComponent

    • clearCurrentSecurityContext

      public static void clearCurrentSecurityContext()