StatelessTicketCache
| org.springframework.security.cas.authentication.StatelessTicketCache |
 Known Indirect Subclasses
|
Class Overview
Caches CAS service tickets and CAS proxy tickets for stateless connections.
When a service ticket or proxy ticket is validated against the CAS server,
it is unable to be used again. Most types of callers are stateful and are
associated with a given HttpSession. This allows the
affirmative CAS validation outcome to be stored in the
HttpSession, meaning the removal of the ticket from the CAS
server is not an issue.
Stateless callers, such as remoting protocols, cannot take advantage of
HttpSession. If the stateless caller is located a significant
network distance from the CAS server, acquiring a fresh service ticket or
proxy ticket for each invocation would be expensive.
To avoid this issue with stateless callers, it is expected stateless callers
will obtain a single service ticket or proxy ticket, and then present this
same ticket to the Spring Security secured application on each
occasion. As no HttpSession is available for such callers, the
affirmative CAS validation outcome cannot be stored in this location.
The StatelessTicketCache enables the service tickets and proxy
tickets belonging to stateless callers to be placed in a cache. This
in-memory cache stores the CasAuthenticationToken, effectively
providing the same capability as a HttpSession with the ticket
identifier being the key rather than a session identifier.
Implementations should provide a reasonable timeout on stored entries, such that the stateless caller are not required to unnecessarily acquire fresh CAS service tickets or proxy tickets.
Summary
| Public Methods | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
Retrieves the
CasAuthenticationToken associated with the
specified ticket. | |||||||||||
Adds the specified
CasAuthenticationToken to the cache. | |||||||||||
Removes the specified ticket from the cache, as per
removeTicketFromCache(String). | |||||||||||
Removes the specified ticket from the cache, meaning that future calls
will require a new service ticket.
| |||||||||||
Public Methods
public abstract CasAuthenticationToken getByTicketId (String serviceTicket)
Retrieves the CasAuthenticationToken associated with the
specified ticket.
If not found, returns a
nullCasAuthenticationToken.
Returns
- the fully populated authentication token
public abstract void putTicketInCache (CasAuthenticationToken token)
Adds the specified CasAuthenticationToken to the cache.
The getCredentials() method is used to
retrieve the service ticket number.
Parameters
| token | to be added to the cache |
|---|
public abstract void removeTicketFromCache (CasAuthenticationToken token)
Removes the specified ticket from the cache, as per removeTicketFromCache(String).
Implementations should use getCredentials() to obtain the ticket and then
delegate to to the removeTicketFromCache(String) method.
Parameters
| token | to be removed |
|---|
public abstract void removeTicketFromCache (String serviceTicket)
Removes the specified ticket from the cache, meaning that future calls will require a new service ticket.
This is in case applications wish to provide a session termination capability for their stateless clients.
Parameters
| serviceTicket | to be removed |
|---|