Class StorageAwareCookieManager
- All Implemented Interfaces:
Component,DestructableComponent,InitializableComponent
CookieManager that allows use of a StorageService.
Reads are backed up by a read into the storage service, while writes are passed through to it.
The cookie path and domain, and the username (as obtained by a lookup function)
are used to construct the storage context and key to maintain the expected isolation.
Notably, the function operates by obtaining the ProfileRequestContext from the
bound request attribute to address the fact that the API does not directly include it.
This is NOT suitable for use cases in which consistency of data is critical, as there are few if any storage options (other than the client itself) that will provide sufficient reliability and locking to avoid problems. It's best used for advisory cookies whose absence does not create issues with security or expected behavior.
- Since:
- 5.1.0
-
Field Summary
FieldsModifier and TypeFieldDescriptionprivate org.slf4j.LoggerClass logger.private StringStorage context based on fixed value and cookie attributes.private StorageServiceOptional storage service to backstop the cookie.private Function<ProfileRequestContext,String> Lookup strategy for username. -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoidprotected voidgetCookieValue(String name, String defValue) protected StringgetPartitionedCookieName(String cookieName) Get cookie name as partitioned in storage by username.Get the storage context used to hold the cookies.voidSets theStorageServiceto read/write.voidSets the lookup strategy to obtain the username for cookie partitioning.voidunsetCookie(String name) Methods inherited from class net.shibboleth.shared.net.CookieManager
addCookie, cookieHasValue, getCookieDomain, getCookiePath, getHttpServletRequest, getHttpServletResponse, getMaxAge, setCookieDomain, setCookiePath, setHttpOnly, setHttpServletRequestSupplier, setHttpServletResponseSupplier, setMaxAge, setMaxAgeDuration, setSecureMethods inherited from class net.shibboleth.shared.component.AbstractInitializableComponent
checkComponentActive, checkSetterPreconditions, destroy, doDestroy, ifDestroyedThrowDestroyedComponentException, ifInitializedThrowUnmodifiabledComponentException, ifNotInitializedThrowUninitializedComponentException, initialize, isDestroyed, isInitialized
-
Field Details
-
log
@Nonnull private org.slf4j.Logger logClass logger. -
storageService
Optional storage service to backstop the cookie. -
usernameLookupStrategy
Lookup strategy for username. -
storageContext
Storage context based on fixed value and cookie attributes.
-
-
Constructor Details
-
StorageAwareCookieManager
public StorageAwareCookieManager()
-
-
Method Details
-
setStorageService
Sets theStorageServiceto read/write.- Parameters:
ss- storage service
-
getStorageContext
Get the storage context used to hold the cookies.- Returns:
- storage context
-
setUsernameLookupStrategy
Sets the lookup strategy to obtain the username for cookie partitioning.- Parameters:
strategy- lookup strategy
-
doInitialize
- Overrides:
doInitializein classCookieManager- Throws:
ComponentInitializationException
-
addCookie
- Overrides:
addCookiein classCookieManager
-
unsetCookie
- Overrides:
unsetCookiein classCookieManager
-
getCookieValue
- Overrides:
getCookieValuein classCookieManager
-
getPartitionedCookieName
Get cookie name as partitioned in storage by username.- Parameters:
cookieName- base cookie name- Returns:
- the storage key for the cookie
- Throws:
IOException- if unable to locate username for key
-