org.glassfish.common.util.admin.AuthTokenManager
|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||
java.lang.Object
@Service @Scoped(value=org.jvnet.hk2.component.Singleton.class) public class AuthTokenManager
Coordinates generation and consumption of very-limited-use authentication tokens.
Some DAS commands submit admin commands to be run elsewhere - either in another process on the same host or, via ssh, to another host. Given that it is already executing, the DAS command in progress has already been authenticated (if required). Therefore we want the soon-to-be submitted commands to also be authenticated, but we do not want to send the username and/or password information that was used to authenticate the currently-running DAS command to the other process for it to use.
Instead, the currently-running DAS command can use this service to obtain a one-time authentication token. The DAS command then includes the token, rather than username/password credentials, in the submitted command.
This service records which tokens have been given out but not yet used up. When an admin request arrives with a token, the AdminAdapter consults this service to see if the token is valid and, if so, the AdminAdapter allows the request to run.
We allow each token to be used twice, once for retrieving the command metadata and then the second time to execute the command.
Tokens have a limited life as measured in time also. If a token is created but not fully consumed before it expires, then this manager considers the token invalid and removes it from the collection of known valid tokens. NOTE Commands that trigger other commands on multiple hosts - such as start-cluster - will need to reuse the authentication token more than twice. For such purposes the code using the token can append a "+" to the token. When such a token is used, this manager does NOT decrement the remaining number of uses. Rather, it only refreshes the token's expiration time.
| Field Summary | |
|---|---|
static String |
AUTH_TOKEN_OPTION_NAME
|
| Constructor Summary | |
|---|---|
AuthTokenManager()
|
|
| Method Summary | |
|---|---|
boolean |
consumeToken(String token)
Records the use of an authentication token by an admin request. |
String |
createToken()
Creates a new limited use authentication token. |
static String |
markTokenForReuse(String token)
|
| Methods inherited from class java.lang.Object |
|---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Field Detail |
|---|
public static final String AUTH_TOKEN_OPTION_NAME
| Constructor Detail |
|---|
public AuthTokenManager()
| Method Detail |
|---|
public String createToken()
public boolean consumeToken(String token)
Just to make it easier for callers, the token value can have any number of trailing reuse markers. This simplifies the code in RemoteAdminCommand which actually sends two requests for each command: one to retrieve metadata and one to execute the command. It might be that the command itself might be reusing the token, in which case it will already have appened a reuse marker to it. Then the code which sends the metadata request can freely append the marker again without having to check if it is already present.
token - the token consumed, with 0 or more cppies of the reuse marker appended
public static String markTokenForReuse(String token)
|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||