|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||
public interface TokenService
Provides a mechanism to allocate and rebuild secure, randomised tokens.
Implementations are solely concern with issuing a new Token on demand. The
issued Token may contain user-specified extended information. The token also
contains a cryptographically strong, byte array-based key. This permits the token to be
used to identify a user session, if desired. The key can subsequently be re-presented
to the TokenService for verification and reconstruction of a Token
equal to the original Token.
Given the tightly-focused behaviour provided by this interface, it can serve as a building block for more sophisticated token-based solutions. For example, authentication systems that depend on stateless session keys. These could, for instance, place the username inside the user-specified extended information associated with the key). It is important to recognise that we do not intend for this interface to be expanded to provide such capabilities directly.
| Method Summary | |
|---|---|
Token |
allocateToken(String extendedInformation)
Forces the allocation of a new Token. |
Token |
verifyToken(String key)
Permits verification the < Token.getKey() was issued by this TokenService and
reconstructs the corresponding Token. |
| Method Detail |
|---|
Token allocateToken(String extendedInformation)
Token.
the - extended information desired in the token (cannot be null, but can be empty)
verifyToken(String) at any future time.Token verifyToken(String key)
Token.getKey() was issued by this TokenService and
reconstructs the corresponding Token.
key - as obtained from Token.getKey() and created by this implementation
null if the token was not issued by this TokenService
|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||