Class AuthenticationUtil
java.lang.Object
org.camunda.bpm.webapp.impl.security.auth.AuthenticationUtil
-
Field Summary
Modifier and TypeFieldDescriptionstatic final String
static final String[]
protected static final String
protected static final WebappLogger
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionstatic UserAuthentication
createAuthentication
(String engineName, String username) static UserAuthentication
createAuthentication
(String engineName, String username, List<String> groupIds, List<String> tenantIds) static UserAuthentication
createAuthentication
(ProcessEngine processEngine, String username) static UserAuthentication
createAuthentication
(ProcessEngine processEngine, String username, List<String> groupIds, List<String> tenantIds) Creates and returns aUserAuthentication
with the following information:userId
processEngineName
groupIds
tenantIds
authorizedApps
static Authentications
getAuthsFromSession
(jakarta.servlet.http.HttpSession session) Allows obtaining anAuthentications
object from theHttpSession
.getGroupsOfUser
(ProcessEngine engine, String userId) protected static Object
getSessionMutex
(jakarta.servlet.http.HttpSession session) Returns the session mutex to synchronize on.getTenantsOfUser
(ProcessEngine engine, String userId) protected static boolean
isAuthorizedForApp
(AuthorizationService authorizationService, String username, List<String> groupIds, String application) static void
revalidateSession
(jakarta.servlet.http.HttpServletRequest request, UserAuthentication authentication) Invalidates the oldHttpSession
of the current request and creates a new one.static void
updateCache
(Authentications authentications, jakarta.servlet.http.HttpSession session, long cacheTimeToLive) Update/remove authentications when cache validation time (= x + TTL) is due.static void
updateSession
(jakarta.servlet.http.HttpSession session, Authentications authentications) Store authentications in current session.
-
Field Details
-
LOGGER
-
CAM_AUTH_SESSION_KEY
- See Also:
-
APPS
-
APP_WELCOME
- See Also:
-
-
Constructor Details
-
AuthenticationUtil
public AuthenticationUtil()
-
-
Method Details
-
createAuthentication
-
createAuthentication
-
createAuthentication
-
createAuthentication
public static UserAuthentication createAuthentication(ProcessEngine processEngine, String username, List<String> groupIds, List<String> tenantIds) Creates and returns a
UserAuthentication
with the following information:userId
processEngineName
groupIds
tenantIds
authorizedApps
-
getTenantsOfUser
-
getGroupsOfUser
-
isAuthorizedForApp
protected static boolean isAuthorizedForApp(AuthorizationService authorizationService, String username, List<String> groupIds, String application) -
getAuthsFromSession
Allows obtaining anAuthentications
object from theHttpSession
. If no such object exists in the session, a new instance is created and returned.- Parameters:
session
- theHttpSession
instance from which to retrieve theAuthentications
.
-
revalidateSession
public static void revalidateSession(jakarta.servlet.http.HttpServletRequest request, UserAuthentication authentication) Invalidates the oldHttpSession
of the current request and creates a new one. Additionally, transfers the existing authentications to the new session and adds a new one.- Parameters:
request
- theHttpServletRequest
instance from which the session is obtained and a newHttpSession
created.authentication
- the newAuthentication
instance that is created through user login. It is added to the existing authentications.
-
updateSession
public static void updateSession(jakarta.servlet.http.HttpSession session, Authentications authentications) Store authentications in current session. -
updateCache
public static void updateCache(Authentications authentications, jakarta.servlet.http.HttpSession session, long cacheTimeToLive) Update/remove authentications when cache validation time (= x + TTL) is due.
The following information is updated:
groupIds
tenantIds
authorizedApps
An authorization is only removed if the user doesn't exist anymore (user was deleted).
-
getSessionMutex
Returns the session mutex to synchronize on.
Avoids updating the auth cache by multiple HTTP requests in parallel.
-