Package org.camunda.bpm.webapp.impl.security.auth

Class Authentications

  • All Implemented Interfaces:
    java.io.Serializable
    public class Authentications
extends java.lang.Object
implements java.io.Serializable

    Wrapper around current authentications.

    In Camunda Platform rest and web applications, authentications are managed per process engine: at a given point in time, there might be multiple authentications active for different users and process engines in a single session. The situation is that a "physical" user may possess credentials for different process engines, each of these representing a different process engine user. For each process engine, there can be at most one authentication active in a given session.

    In addition, the AuthenticationFilter binds an instance of this class to a thread local and may be obtained by getCurrent()

    Author:
    Daniel Meyer
    See Also:
    Serialized Form

    • Field Detail

      • authentications

        protected java.util.Map<java.lang.String,​UserAuthentication> authentications
        holds an entry for each processEngine->userId pair currently authenticated

    • Constructor Detail

      • Authentications

        public Authentications()

    • Method Detail

      • getAuthenticationForProcessEngine

        public Authentication getAuthenticationForProcessEngine​(java.lang.String engineName)
        Returns an Authentication for a provided process engine name or "null".
        Parameters:
        engineName - the name of the process engine for which the userId should be retrieved.
        Returns:
        Authentication for the provided process engine or "null" if no user is authenticated for this process engine.

      • addOrReplace

        public void addOrReplace​(UserAuthentication authentication)
        Adds an authentication to the list of current authentications. If there already exists an authentication of the same process engine, it is replaced silently.
        Parameters:
        authentication - the authentication to add

      • removeByEngineName

        public UserAuthentication removeByEngineName​(java.lang.String engineName)
        Removes the authentication for the provided process engine name.
        Parameters:
        engineName - the name of the process engine for which the authentication should be removed.
        Returns:
        the removed user authentication

      • hasAuthenticationForProcessEngine

        public boolean hasAuthenticationForProcessEngine​(java.lang.String engineName)
        Allows checking whether a user is currently authenticated for a given process engine name.
        Parameters:
        engineName - the name of the process engine for which we want to check for authentication.
        Returns:
        true if a user is authenticated for the provided process engine name.

      • clearCurrent

        public static void clearCurrent()
        clears the Authentications for the current thread.

      • getCurrent

        public static Authentications getCurrent()
        Returns the authentications for the current thread.
        Returns:
        the authentications.