SessionToken

public class SessionToken extends SelfValidatingAuthenticationToken

Session tokens are formatted as JSON arrays with the following elements:

• Anything but “O” (upper-case “o”), preferred is “S”.

• Realm

• name within the Realm

• list of roles

• list of permissions

• time of token generation (long, ms since 1970)

• validity duration (long, ms)

• salt

• checksum

Constructors

SessionToken

public SessionToken(Principal principal, long date, long timeout, String salt, String checksum, String[] permissions, String[] roles)

SessionToken

public SessionToken(Principal principal, long timeout, String[] permissions, String[] roles)

Methods

calcChecksum

public String calcChecksum(String pepper)

generate

public static SessionToken generate(Subject subject)

parse

public static SessionToken parse(Object[] array)

setFields

protected void setFields(Object[] fields)

Nothing to set in this implemention.

toString

public String toString()