Class Authentications

  • All Implemented Interfaces:

    public class Authentications
    extends java.lang.Object

    Wrapper around current authentications.

    In Camunda Platform rest and web applications, authentications are managed per process engine: at a given point in time, there might be multiple authentications active for different users and process engines in a single session. The situation is that a "physical" user may possess credentials for different process engines, each of these representing a different process engine user. For each process engine, there can be at most one authentication active in a given session.

    In addition, the AuthenticationFilter binds an instance of this class to a thread local and may be obtained by getCurrent()

    Daniel Meyer
    See Also:
    Serialized Form
    • Field Detail

      • authentications

        protected java.util.Map<java.lang.String,​UserAuthentication> authentications
        holds an entry for each processEngine->userId pair currently authenticated
    • Constructor Detail

      • Authentications

        public Authentications()
    • Method Detail

      • getAuthenticationForProcessEngine

        public Authentication getAuthenticationForProcessEngine​(java.lang.String engineName)
        Returns an Authentication for a provided process engine name or "null".
        engineName - the name of the process engine for which the userId should be retrieved.
        Authentication for the provided process engine or "null" if no user is authenticated for this process engine.
      • addOrReplace

        public void addOrReplace​(UserAuthentication authentication)
        Adds an authentication to the list of current authentications. If there already exists an authentication of the same process engine, it is replaced silently.
        authentication - the authentication to add
      • removeByEngineName

        public void removeByEngineName​(java.lang.String engineName)
        Removes the authentication for the provided process engine name.
        engineName - the name of the process engine for which the authentication should be removed.
      • hasAuthenticationForProcessEngine

        public boolean hasAuthenticationForProcessEngine​(java.lang.String engineName)
        Allows checking whether a user is currently authenticated for a given process engine name.
        engineName - the name of the process engine for which we want to check for authentication.
        true if a user is authenticated for the provided process engine name.
      • clearCurrent

        public static void clearCurrent()
        clears the Authentications for the current thread.
      • getCurrent

        public static Authentications getCurrent()
        Returns the authentications for the current thread.
        the authentications.