Package org.camunda.bpm.webapp.impl.security.auth

Class AuthenticationUtil

java.lang.Object

org.camunda.bpm.webapp.impl.security.auth.AuthenticationUtil

public class AuthenticationUtil
extends Object

Field Summary

Fields

Modifier and Type	Field	Description
static String	APP_WELCOME
static String[]	APPS
protected static String	CAM_AUTH_SESSION_KEY
protected static WebappLogger	LOGGER

Constructor Summary

Constructors

Constructor	Description
AuthenticationUtil()

Method Summary

Modifier and Type	Method	Description
static UserAuthentication	createAuthentication(String engineName, String username)
static UserAuthentication	createAuthentication(String engineName, String username, List<String> groupIds, List<String> tenantIds)
static UserAuthentication	createAuthentication(ProcessEngine processEngine, String username)
static UserAuthentication	createAuthentication(ProcessEngine processEngine, String username, List<String> groupIds, List<String> tenantIds)	Creates and returns a UserAuthentication with the following information: userId processEngineName groupIds tenantIds authorizedApps
static Authentications	getAuthsFromSession(javax.servlet.http.HttpSession session)	Allows obtaining an Authentications object from the HttpSession.
static List<String>	getGroupsOfUser(ProcessEngine engine, String userId)
protected static Object	getSessionMutex(javax.servlet.http.HttpSession session)	Returns the session mutex to synchronize on.
static List<String>	getTenantsOfUser(ProcessEngine engine, String userId)
protected static boolean	isAuthorizedForApp(AuthorizationService authorizationService, String username, List<String> groupIds, String application)
static void	revalidateSession(javax.servlet.http.HttpServletRequest request, UserAuthentication authentication)	Invalidates the old HttpSession of the current request and creates a new one.
static void	updateCache(Authentications authentications, javax.servlet.http.HttpSession session, long cacheTimeToLive)	Update/remove authentications when cache validation time (= x + TTL) is due.
static void	updateSession(javax.servlet.http.HttpSession session, Authentications authentications)	Store authentications in current session.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

LOGGER

protected static final WebappLogger LOGGER

CAM_AUTH_SESSION_KEY

protected static final String CAM_AUTH_SESSION_KEY

See Also:

Constant Field Values

APPS

public static final String[] APPS

APP_WELCOME

public static final String APP_WELCOME

See Also:

Constant Field Values

Constructor Detail

AuthenticationUtil

public AuthenticationUtil()

Method Detail

createAuthentication

public static UserAuthentication createAuthentication(String engineName,
                                                      String username)

createAuthentication

public static UserAuthentication createAuthentication(ProcessEngine processEngine,
                                                      String username)

createAuthentication

public static UserAuthentication createAuthentication(String engineName,
                                                      String username,
                                                      List<String> groupIds,
                                                      List<String> tenantIds)

createAuthentication

public static UserAuthentication createAuthentication(ProcessEngine processEngine,
                                                      String username,
                                                      List<String> groupIds,
                                                      List<String> tenantIds)

Creates and returns a UserAuthentication with the following information:

• userId
• processEngineName
• groupIds
• tenantIds
• authorizedApps

getTenantsOfUser

public static List<String> getTenantsOfUser(ProcessEngine engine,
                                            String userId)

getGroupsOfUser

public static List<String> getGroupsOfUser(ProcessEngine engine,
                                           String userId)

isAuthorizedForApp

protected static boolean isAuthorizedForApp(AuthorizationService authorizationService,
                                            String username,
                                            List<String> groupIds,
                                            String application)

getAuthsFromSession

public static Authentications getAuthsFromSession(javax.servlet.http.HttpSession session)

Allows obtaining an Authentications object from the HttpSession. If no such object exists in the session, a new instance is created and returned.

Parameters:

session - the HttpSession instance from which to retrieve the Authentications.

revalidateSession

public static void revalidateSession(javax.servlet.http.HttpServletRequest request,
                                     UserAuthentication authentication)

Invalidates the old HttpSession of the current request and creates a new one. Additionally, transfers the existing authentications to the new session and adds a new one.

Parameters:

request - the HttpServletRequest instance from which the session is obtained and a new HttpSession created.

authentication - the new Authentication instance that is created through user login. It is added to the existing authentications.

updateSession

public static void updateSession(javax.servlet.http.HttpSession session,
                                 Authentications authentications)

Store authentications in current session.

updateCache

public static void updateCache(Authentications authentications,
                               javax.servlet.http.HttpSession session,
                               long cacheTimeToLive)

Update/remove authentications when cache validation time (= x + TTL) is due.

The following information is updated:

• groupIds
• tenantIds
• authorizedApps

  An authorization is only removed if the user doesn't exist anymore (user was deleted).

getSessionMutex

protected static Object getSessionMutex(javax.servlet.http.HttpSession session)

Returns the session mutex to synchronize on.

Avoids updating the auth cache by multiple HTTP requests in parallel.