TokenBasedAuthentication (Apache Jackrabbit 2.20.16 API)

java.lang.Object
- org.apache.jackrabbit.core.security.authentication.token.TokenBasedAuthentication

All Implemented Interfaces:

Authentication
```
public class TokenBasedAuthentication
extends Object
implements Authentication
```
Authentication implementation that compares the tokens stored with a given user node to the token present in the SimpleCredentials attributes. Authentication succeeds if the login token refers to a non-expired token node and if all other credential attributes are equal to the corresponding properties.

Field Summary

Fields
Modifier and Type	Field and Description
`static String`	`PARAM_COMPAT` Deprecated. This system parameter allows to enable backwards compatible behavior of the `TokenBasedAuthentication`. Note that as of OAK 1.0 this flag will no be supported.
`static String`	`TOKEN_ATTRIBUTE` The name of the login token attribute.
`static long`	`TOKEN_EXPIRATION` Default expiration time for login tokens is 2 hours.

Constructor Summary

Constructors
Constructor and Description

TokenBasedAuthentication(String token, long tokenExpiration, Session session)

Constructors
Constructor and Description
`TokenBasedAuthentication(String token, long tokenExpiration, Session session)`

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`boolean`	`authenticate(Credentials credentials)` True if the Credentials identify the `User` related to this Authentication.
`boolean`	`canHandle(Credentials credentials)` An Authentication may only be able to handle certain types of `Credentials` as the authentication process is tightly coupled to the semantics of the `Credentials`.
`static Credentials`	`createToken(org.apache.jackrabbit.api.security.user.User user, SimpleCredentials credentials, long tokenExpiration, Session session)` Create a new token node for the specified user.
`static boolean`	`doCreateToken(Credentials credentials)` Returns `true` if the specified `credentials` should be used to create a new login token.
`static Node`	`getTokenNode(org.apache.jackrabbit.api.security.authentication.token.TokenCredentials credentials, Session session)`
`static String`	`getUserId(org.apache.jackrabbit.api.security.authentication.token.TokenCredentials tokenCredentials, Session session)`
`static boolean`	`isMandatoryAttribute(String attributeName)` Returns `true` if the specified `attributeName` starts with or equals `TOKEN_ATTRIBUTE`.
`static boolean`	`isTokenBasedLogin(Credentials credentials)` Returns `true` if the given `credentials` object is an instance of `TokenCredentials`.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - TOKEN_EXPIRATION
```
public static final long TOKEN_EXPIRATION
```
    Default expiration time for login tokens is 2 hours.
    
    See Also:
    
    Constant Field Values
  - TOKEN_ATTRIBUTE
```
public static final String TOKEN_ATTRIBUTE
```
    The name of the login token attribute.
    
    See Also:
    
    Constant Field Values
  - PARAM_COMPAT
```
public static final String PARAM_COMPAT
```
    Deprecated. This system parameter allows to enable backwards compatible behavior of the TokenBasedAuthentication. Note that as of OAK 1.0 this flag will no be supported.
    
    See Also:
    
    Constant Field Values
- Constructor Detail
  - TokenBasedAuthentication
```
public TokenBasedAuthentication(String token,
                                long tokenExpiration,
                                Session session)
                         throws RepositoryException
```
    Throws:
    
    RepositoryException
- Method Detail
  - canHandle
```
public boolean canHandle(Credentials credentials)
```
    Description copied from interface: Authentication
    
    An Authentication may only be able to handle certain types of Credentials as the authentication process is tightly coupled to the semantics of the Credentials. E.g.: A ticket based Authentication is dependant on a Credentials implementation which allows access to this ticket.
    
    Specified by:
    
    canHandle in interface Authentication
    
    Parameters:
    
    credentials - in questions
    
    Returns:
    
    true if the current Authentication handles the given Credentials
    
    See Also:
    
    Authentication.canHandle(javax.jcr.Credentials)
  - authenticate
```
public boolean authenticate(Credentials credentials)
                     throws RepositoryException
```
    Description copied from interface: Authentication
    
    True if the Credentials identify the User related to this Authentication.
    
    Specified by:
    
    authenticate in interface Authentication
    
    Parameters:
    
    credentials - to verify
    
    Returns:
    
    true if Credentials identify the User.
    
    Throws:
    
    RepositoryException - If an error occurs.
    
    See Also:
    
    Authentication.authenticate(javax.jcr.Credentials)
  - isTokenBasedLogin
```
public static boolean isTokenBasedLogin(Credentials credentials)
```
    Returns true if the given credentials object is an instance of TokenCredentials.
    
    Parameters:
    
    credentials -
    
    Returns:
    
    true if the given credentials object is an instance of TokenCredentials; false otherwise.
  - isMandatoryAttribute
```
public static boolean isMandatoryAttribute(String attributeName)
```
    Returns true if the specified attributeName starts with or equals TOKEN_ATTRIBUTE.
    
    Parameters:
    
    attributeName -
    
    Returns:
    
    true if the specified attributeName starts with or equals TOKEN_ATTRIBUTE.
  - doCreateToken
```
public static boolean doCreateToken(Credentials credentials)
```
    Returns true if the specified credentials should be used to create a new login token.
    
    Parameters:
    
    credentials -
    
    Returns:
    
    true if upon successful authentication a new login token should be created; false otherwise.
  - createToken
```
public static Credentials createToken(org.apache.jackrabbit.api.security.user.User user,
                                      SimpleCredentials credentials,
                                      long tokenExpiration,
                                      Session session)
                               throws RepositoryException
```
    Create a new token node for the specified user.
    
    Parameters:
    
    user -
    
    credentials -
    
    tokenExpiration -
    
    session -
    
    Returns:
    
    A new instance of TokenCredentials to be used for further login actions against this Authentication implementation.
    
    Throws:
    
    RepositoryException - If there is no node corresponding to the specified user in the current workspace or if an error occurs while creating the token node.
  - getTokenNode
```
public static Node getTokenNode(org.apache.jackrabbit.api.security.authentication.token.TokenCredentials credentials,
                                Session session)
                         throws RepositoryException
```
    Throws:
    
    RepositoryException
  - getUserId
```
public static String getUserId(org.apache.jackrabbit.api.security.authentication.token.TokenCredentials tokenCredentials,
                               Session session)
                        throws RepositoryException
```
    Throws:
    
    RepositoryException

Class TokenBasedAuthentication

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

TOKEN_EXPIRATION

TOKEN_ATTRIBUTE

PARAM_COMPAT

Constructor Detail

TokenBasedAuthentication

Method Detail

canHandle

authenticate

isTokenBasedLogin

isMandatoryAttribute

doCreateToken

createToken

getTokenNode

getUserId