Class AuthenticationManager.CredentialCache

  • Enclosing class:
    AuthenticationManager

    public static final class AuthenticationManager.CredentialCache
    extends java.lang.Object
    Encapsulates a map of server contexts to credentials that may be used to access them. This allows for reuse of Credentials against services hosted on the same server/portal. NOTE: It is imperative that this cache be cleared in between user sessions. For example, if user A logs in and accesses some resources, then logs out so that user B can log in, the credential cache should be cleared so that user B cannot inadvertently access resources that they don't have authorization for but user A did.

    Since 100.5.0, the server contexts in the credential cache are in all lower case.

    Since:
    100.0.0
    • Constructor Detail

      • CredentialCache

        public CredentialCache()
    • Method Detail

      • toJson

        public static java.lang.String toJson()
        Returns a json String representation of the credential cache, allowing it to be persisted to disk and reloaded in a later session. This will allow the app to reload previous resources that required authentication, without needing the user to reenter any credentials. It is imperative that this String is encrypted before being persisted to disk, or else it may pose a security vulnerability.
        Returns:
        a json String representation of the credential cache
        Since:
        100.0.0
      • restoreFromJson

        public static void restoreFromJson​(java.lang.String json)
        Restores the state of a previously persisted credential cache, overwriting any values currently in the cache. This allows the app to reload previous resources that required authentication, without needing the user to reenter any credentials.
        Parameters:
        json - the String representing the persisted state of the credential cache
        Since:
        100.0.0
      • clear

        public static void clear()
        Clears all cached credential information, including Token, PKI/Certificate and HTTP.
        Since:
        100.0.0
      • removeAndRevokeCredentialAsync

        public static ListenableFuture<java.lang.Void> removeAndRevokeCredentialAsync​(Credential credential)
        Removes the given credential from the cache. If the credential is used for OAuth authentication, a request is sent to revoke its OAuth token. If the resultant Future indicates an exception occurred, the exception relates to the request to revoke the OAuth token. The credential is removed from the cache even if OAuth token revocation fails.
        Parameters:
        credential - the credential to revoke and remove from cache
        Returns:
        a ListenableFuture for tracking when the operation is done and getting the result; also allows cancellation. Calling get() on the returned future may throw an IOException if the network request fails
        Throws:
        java.lang.IllegalArgumentException - if credential is null
        Since:
        100.6.0
      • removeAndRevokeAllCredentialsAsync

        public static ListenableFuture<java.util.Map<Credential,​java.lang.Exception>> removeAndRevokeAllCredentialsAsync()
        Removes all credentials from the cache. If any credential is used for OAuth authentication, a request is sent to revoke its OAuth token. The resultant Future returns a Map that will be empty if no exceptions occurred. If it's not empty, each entry contains a Credential for which OAuth token revocation failed and an Exception indicating why it failed. All credentials are removed from the cache even if OAuth token revocation fails.
        Returns:
        a ListenableFuture for tracking when the operation is done and getting the result; also allows cancellation
        Since:
        100.6.0
      • addCredentialCacheChangedListener

        public static void addCredentialCacheChangedListener​(AuthenticationManager.CredentialCache.CredentialCacheChangedListener listener)
        Adds a CredentialCacheChangedListener to the CredentialCache.
        Parameters:
        listener - a CredentialCacheChangedListener
        Throws:
        java.lang.IllegalArgumentException - if listener is null
        Since:
        100.8.0
      • removeCredentialCacheChangedListener

        public static boolean removeCredentialCacheChangedListener​(AuthenticationManager.CredentialCache.CredentialCacheChangedListener listener)
        Removes a CredentialCacheChangedListener from the CredentialCache.
        Parameters:
        listener - a CredentialCacheChangedListener
        Returns:
        true if the CredentialCacheChangedListener has been removed, otherwise false
        Throws:
        java.lang.IllegalArgumentException - if listener is null
        Since:
        100.8.0
      • getPersistence

        public static CredentialPersistence getPersistence()
        Gets the credential persistence object.
        Returns:
        the credential persistence object.
        Since:
        100.9.0
      • setPersistence

        public static void setPersistence​(CredentialPersistence credentialPersistence)
        Sets the credential persistence object. If a credential persistence object was set previously, it will be cleared from the credential cache and any credentials in the credential cache will be removed. The previous credential persistence object won't be notified about the clearing of the credential cache. When a credential persistence object is set, the credential cache will call CredentialPersistence.getCredentials() on a background thread in order to populate the credential cache. After that, the new credential persistence object will be notified of any changes to the credential cache.
        Parameters:
        credentialPersistence - the credential persistence object to set, or null in order to clear a credential persistence object
        Since:
        100.9.0