Class AuthenticationUtil

java.lang.Object
org.camunda.bpm.webapp.impl.security.auth.AuthenticationUtil

public class AuthenticationUtil extends Object
  • Field Details

  • Constructor Details

    • AuthenticationUtil

      public AuthenticationUtil()
  • Method Details

    • createAuthentication

      public static UserAuthentication createAuthentication(String engineName, String username)
    • createAuthentication

      public static UserAuthentication createAuthentication(ProcessEngine processEngine, String username)
    • createAuthentication

      public static UserAuthentication createAuthentication(String engineName, String username, List<String> groupIds, List<String> tenantIds)
    • createAuthentication

      public static UserAuthentication createAuthentication(ProcessEngine processEngine, String username, List<String> groupIds, List<String> tenantIds)

      Creates and returns a UserAuthentication with the following information:

      • userId
      • processEngineName
      • groupIds
      • tenantIds
      • authorizedApps
    • getTenantsOfUser

      public static List<String> getTenantsOfUser(ProcessEngine engine, String userId)
    • getGroupsOfUser

      public static List<String> getGroupsOfUser(ProcessEngine engine, String userId)
    • isAuthorizedForApp

      protected static boolean isAuthorizedForApp(AuthorizationService authorizationService, String username, List<String> groupIds, String application)
    • getAuthsFromSession

      public static Authentications getAuthsFromSession(jakarta.servlet.http.HttpSession session)
      Allows obtaining an Authentications object from the HttpSession. If no such object exists in the session, a new instance is created and returned.
      Parameters:
      session - the HttpSession instance from which to retrieve the Authentications.
    • revalidateSession

      public static void revalidateSession(jakarta.servlet.http.HttpServletRequest request, UserAuthentication authentication)
      Invalidates the old HttpSession of the current request and creates a new one. Additionally, transfers the existing authentications to the new session and adds a new one.
      Parameters:
      request - the HttpServletRequest instance from which the session is obtained and a new HttpSession created.
      authentication - the new Authentication instance that is created through user login. It is added to the existing authentications.
    • updateSession

      public static void updateSession(jakarta.servlet.http.HttpSession session, Authentications authentications)
      Store authentications in current session.
    • updateCache

      public static void updateCache(Authentications authentications, jakarta.servlet.http.HttpSession session, long cacheTimeToLive)

      Update/remove authentications when cache validation time (= x + TTL) is due.

      The following information is updated:

      • groupIds
      • tenantIds
      • authorizedApps

        An authorization is only removed if the user doesn't exist anymore (user was deleted).

    • getSessionMutex

      protected static Object getSessionMutex(jakarta.servlet.http.HttpSession session)

      Returns the session mutex to synchronize on.

      Avoids updating the auth cache by multiple HTTP requests in parallel.