.. java:import:: java.sql Timestamp .. java:import:: java.util Collection .. java:import:: java.util LinkedList .. java:import:: org.apache.shiro.authz AuthorizationInfo .. java:import:: org.apache.shiro.subject Subject .. java:import:: org.caosdb.server CaosDBServer .. java:import:: org.caosdb.server ServerProperties .. java:import:: org.caosdb.server.permissions ResponsibleAgent .. java:import:: org.caosdb.server.permissions Role .. java:import:: org.caosdb.server.utils Utils .. java:import:: org.restlet.data Cookie .. java:import:: org.restlet.data CookieSetting AuthenticationUtils =================== .. java:package:: org.caosdb.server.accessControl :noindex: .. java:type:: public class AuthenticationUtils Useful static methods, mainly for parsing and serializing SessionTokens by the means of web cookies and producing session timeout cookies. :author: tf Fields ------ SESSION_TIMEOUT_COOKIE ^^^^^^^^^^^^^^^^^^^^^^ .. java:field:: public static final String SESSION_TIMEOUT_COOKIE :outertype: AuthenticationUtils SESSION_TOKEN_COOKIE ^^^^^^^^^^^^^^^^^^^^ .. java:field:: public static final String SESSION_TOKEN_COOKIE :outertype: AuthenticationUtils Methods ------- createSessionTimeoutCookie ^^^^^^^^^^^^^^^^^^^^^^^^^^ .. java:method:: public static CookieSetting createSessionTimeoutCookie(SessionToken token) :outertype: AuthenticationUtils Create a session timeout cookie. The value is a plain UTC timestamp which tells the user how long his session will stay active. This cookie will be ignored by the server and carries only additional information for the user interfaces (E.g. they can remind the user before her session is expiring or do an auto-logout based on this timestamp). Of course, the cookie will be flagged with httpOnly:false (but secure:true). :param token: a SessionToken createSessionTokenCookie ^^^^^^^^^^^^^^^^^^^^^^^^ .. java:method:: public static CookieSetting createSessionTokenCookie(SelfValidatingAuthenticationToken token) :outertype: AuthenticationUtils getAuthorizationInfo ^^^^^^^^^^^^^^^^^^^^ .. java:method:: public static AuthorizationInfo getAuthorizationInfo(Subject user) :outertype: AuthenticationUtils getLogoutCookies ^^^^^^^^^^^^^^^^ .. java:method:: public static Collection getLogoutCookies() :outertype: AuthenticationUtils getLogoutSessionTokenCookie ^^^^^^^^^^^^^^^^^^^^^^^^^^^ .. java:method:: public static CookieSetting getLogoutSessionTokenCookie() :outertype: AuthenticationUtils getRoles ^^^^^^^^ .. java:method:: public static Collection getRoles(Subject user) :outertype: AuthenticationUtils isAnonymous ^^^^^^^^^^^ .. java:method:: public static boolean isAnonymous(Subject user) :outertype: AuthenticationUtils isAnonymous ^^^^^^^^^^^ .. java:method:: public static boolean isAnonymous(Principal principal) :outertype: AuthenticationUtils isFromOneTimeTokenRealm ^^^^^^^^^^^^^^^^^^^^^^^ .. java:method:: public static boolean isFromOneTimeTokenRealm(Subject subject) :outertype: AuthenticationUtils isResponsibleAgentExistent ^^^^^^^^^^^^^^^^^^^^^^^^^^ .. java:method:: public static boolean isResponsibleAgentExistent(ResponsibleAgent agent) :outertype: AuthenticationUtils parseSessionTokenCookie ^^^^^^^^^^^^^^^^^^^^^^^ .. java:method:: public static SelfValidatingAuthenticationToken parseSessionTokenCookie(Cookie cookie) :outertype: AuthenticationUtils Parse a SessionToken from a cookie with optional cryptographic curry. :param cookie: :param curry: :return: A new SessionToken **See also:** :java:ref:`{@linkAuthenticationUtils.createSessionTokenCookie(SessionToken)},{@linkSessionToken}`