TokenBasedAuthentication (Apache Jackrabbit 2.12.11 API)

java.lang.Object
- org.apache.jackrabbit.core.security.authentication.token.TokenBasedAuthentication

All Implemented Interfaces:

Authentication
```
public class TokenBasedAuthentication
extends Object
implements Authentication
```
Authentication implementation that compares the tokens stored with a given user node to the token present in the SimpleCredentials attributes. Authentication succeeds if the login token refers to a non-expired token node and if all other credential attributes are equal to the corresponding properties.

Field Summary

Fields
Modifier and Type	Field and Description
`static String`	`PARAM_COMPAT` Deprecated. This system parameter allows to enable backwards compatible behavior of the `TokenBasedAuthentication`. Note that as of OAK 1.0 this flag will no be supported.
`static String`	`TOKEN_ATTRIBUTE` The name of the login token attribute.
`static long`	`TOKEN_EXPIRATION` Default expiration time for login tokens is 2 hours.

Constructor Summary

Constructors
Constructor and Description

TokenBasedAuthentication(String token, long tokenExpiration, javax.jcr.Session session)

Constructors
Constructor and Description
`TokenBasedAuthentication(String token, long tokenExpiration, javax.jcr.Session session)`

Method Summary

Methods
Modifier and Type	Method and Description
`boolean`	`authenticate(javax.jcr.Credentials credentials)` True if the Credentials identify the `User` related to this Authentication.
`boolean`	`canHandle(javax.jcr.Credentials credentials)` An Authentication may only be able to handle certain types of `Credentials` as the authentication process is tightly coupled to the semantics of the `Credentials`.
`static javax.jcr.Credentials`	`createToken(User user, javax.jcr.SimpleCredentials credentials, long tokenExpiration, javax.jcr.Session session)` Create a new token node for the specified user.
`static boolean`	`doCreateToken(javax.jcr.Credentials credentials)` Returns `true` if the specified `credentials` should be used to create a new login token.
`static javax.jcr.Node`	`getTokenNode(TokenCredentials credentials, javax.jcr.Session session)`
`static String`	`getUserId(TokenCredentials tokenCredentials, javax.jcr.Session session)`
`static boolean`	`isMandatoryAttribute(String attributeName)` Returns `true` if the specified `attributeName` starts with or equals `TOKEN_ATTRIBUTE`.
`static boolean`	`isTokenBasedLogin(javax.jcr.Credentials credentials)` Returns `true` if the given `credentials` object is an instance of `TokenCredentials`.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - TOKEN_EXPIRATION
```
public static final long TOKEN_EXPIRATION
```
    Default expiration time for login tokens is 2 hours.
    
    See Also:
    Constant Field Values
  - TOKEN_ATTRIBUTE
```
public static final String TOKEN_ATTRIBUTE
```
    The name of the login token attribute.
    
    See Also:
    Constant Field Values
  - PARAM_COMPAT
```
public static final String PARAM_COMPAT
```
    Deprecated. This system parameter allows to enable backwards compatible behavior of the TokenBasedAuthentication. Note that as of OAK 1.0 this flag will no be supported.
    
    See Also:
    Constant Field Values
- Constructor Detail
  - TokenBasedAuthentication
```
public TokenBasedAuthentication(String token,
                        long tokenExpiration,
                        javax.jcr.Session session)
                         throws javax.jcr.RepositoryException
```
    Throws:
    
    javax.jcr.RepositoryException
- Method Detail
  - canHandle
```
public boolean canHandle(javax.jcr.Credentials credentials)
```
    Description copied from interface: Authentication
    
    An Authentication may only be able to handle certain types of Credentials as the authentication process is tightly coupled to the semantics of the Credentials. E.g.: A ticket based Authentication is dependant on a Credentials implementation which allows access to this ticket.
    
    Specified by:
    
    canHandle in interface Authentication
    
    Parameters:
    credentials - in questions
    
    Returns:
    true if the current Authentication handles the given Credentials
    See Also:
    Authentication.canHandle(javax.jcr.Credentials)
  - authenticate
```
public boolean authenticate(javax.jcr.Credentials credentials)
                     throws javax.jcr.RepositoryException
```
    Description copied from interface: Authentication
    
    True if the Credentials identify the User related to this Authentication.
    
    Specified by:
    
    authenticate in interface Authentication
    
    Parameters:
    credentials - to verify
    
    Returns:
    true if Credentials identify the User.
    
    Throws:
    
    javax.jcr.RepositoryException - If an error occurs.
    See Also:
    Authentication.authenticate(javax.jcr.Credentials)
  - isTokenBasedLogin
```
public static boolean isTokenBasedLogin(javax.jcr.Credentials credentials)
```
    Returns true if the given credentials object is an instance of TokenCredentials.
    
    Parameters:
    credentials -
    
    Returns:
    true if the given credentials object is an instance of TokenCredentials; false otherwise.
  - isMandatoryAttribute
```
public static boolean isMandatoryAttribute(String attributeName)
```
    Returns true if the specified attributeName starts with or equals TOKEN_ATTRIBUTE.
    
    Parameters:
    attributeName -
    
    Returns:
    true if the specified attributeName starts with or equals TOKEN_ATTRIBUTE.
  - doCreateToken
```
public static boolean doCreateToken(javax.jcr.Credentials credentials)
```
    Returns true if the specified credentials should be used to create a new login token.
    
    Parameters:
    credentials -
    
    Returns:
    true if upon successful authentication a new login token should be created; false otherwise.
  - createToken
```
public static javax.jcr.Credentials createToken(User user,
                                javax.jcr.SimpleCredentials credentials,
                                long tokenExpiration,
                                javax.jcr.Session session)
                                         throws javax.jcr.RepositoryException
```
    Create a new token node for the specified user.
    
    Parameters:
    user -
    credentials -
    tokenExpiration -
    session -
    
    Returns:
    A new instance of TokenCredentials to be used for further login actions against this Authentication implementation.
    
    Throws:
    
    javax.jcr.RepositoryException - If there is no node corresponding to the specified user in the current workspace or if an error occurs while creating the token node.
  - getTokenNode
```
public static javax.jcr.Node getTokenNode(TokenCredentials credentials,
                          javax.jcr.Session session)
                                   throws javax.jcr.RepositoryException
```
    Throws:
    
    javax.jcr.RepositoryException
  - getUserId
```
public static String getUserId(TokenCredentials tokenCredentials,
               javax.jcr.Session session)
                        throws javax.jcr.RepositoryException
```
    Throws:
    
    javax.jcr.RepositoryException

Class TokenBasedAuthentication

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

TOKEN_EXPIRATION

TOKEN_ATTRIBUTE

PARAM_COMPAT

Constructor Detail

TokenBasedAuthentication

Method Detail

canHandle

authenticate

isTokenBasedLogin

isMandatoryAttribute

doCreateToken

createToken

getTokenNode

getUserId