org.springframework.security.core.token.Token |
Known Indirect Subclasses |
A token issued by TokenService
.
It is important that the keys assigned to tokens are sufficiently randomised and secured that
they can serve as identifying a unique user session. Implementations of TokenService
are free to use encryption or encoding strategies of their choice. It is strongly recommended that
keys are of sufficient length to balance safety against persistence cost. In relation to persistence
cost, it is strongly recommended that returned keys are small enough for encoding in a cookie.
Public Methods | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Obtains the extended information associated within the token, which was presented when the token
was first created.
| |||||||||||
Obtains the randomised, secure key assigned to this token.
| |||||||||||
The time the token key was initially created is available from this method.
|
Obtains the extended information associated within the token, which was presented when the token was first created.
Obtains the randomised, secure key assigned to this token. Presentation of this token to
TokenService
will always return a Token
that is equal to the original
Token
issued for that key.
The time the token key was initially created is available from this method. Note that a given
token must never have this creation time changed. If necessary, a new token can be
requested from the TokenService
to replace the original token.
getTime()
.