StatelessTicketCache (Spring Security 4.2.4.RELEASE API)

All Known Implementing Classes:

EhCacheBasedTicketCache, NullStatelessTicketCache, SpringCacheBasedTicketCache
```
public interface StatelessTicketCache
```
Caches CAS service tickets and CAS proxy tickets for stateless connections.
When a service ticket or proxy ticket is validated against the CAS server, it is unable to be used again. Most types of callers are stateful and are associated with a given HttpSession. This allows the affirmative CAS validation outcome to be stored in the HttpSession, meaning the removal of the ticket from the CAS server is not an issue.

Stateless callers, such as remoting protocols, cannot take advantage of HttpSession. If the stateless caller is located a significant network distance from the CAS server, acquiring a fresh service ticket or proxy ticket for each invocation would be expensive.

To avoid this issue with stateless callers, it is expected stateless callers will obtain a single service ticket or proxy ticket, and then present this same ticket to the Spring Security secured application on each occasion. As no HttpSession is available for such callers, the affirmative CAS validation outcome cannot be stored in this location.

The StatelessTicketCache enables the service tickets and proxy tickets belonging to stateless callers to be placed in a cache. This in-memory cache stores the CasAuthenticationToken, effectively providing the same capability as a HttpSession with the ticket identifier being the key rather than a session identifier.

Implementations should provide a reasonable timeout on stored entries, such that the stateless caller are not required to unnecessarily acquire fresh CAS service tickets or proxy tickets.

Method Summary

All Methods Instance Methods Abstract Methods
Modifier and Type	Method and Description
`CasAuthenticationToken`	`getByTicketId(java.lang.String serviceTicket)` Retrieves the `CasAuthenticationToken` associated with the specified ticket.
`void`	`putTicketInCache(CasAuthenticationToken token)` Adds the specified `CasAuthenticationToken` to the cache.
`void`	`removeTicketFromCache(CasAuthenticationToken token)` Removes the specified ticket from the cache, as per `removeTicketFromCache(String)`.
`void`	`removeTicketFromCache(java.lang.String serviceTicket)` Removes the specified ticket from the cache, meaning that future calls will require a new service ticket.

- Method Detail
  - getByTicketId
```
CasAuthenticationToken getByTicketId(java.lang.String serviceTicket)
```
    Retrieves the CasAuthenticationToken associated with the specified ticket.
    If not found, returns a nullCasAuthenticationToken.
    
    Returns:
    
    the fully populated authentication token
  - putTicketInCache
```
void putTicketInCache(CasAuthenticationToken token)
```
    Adds the specified CasAuthenticationToken to the cache.
    The CasAuthenticationToken.getCredentials() method is used to retrieve the service ticket number.
    
    Parameters:
    
    token - to be added to the cache
  - removeTicketFromCache
```
void removeTicketFromCache(CasAuthenticationToken token)
```
    Removes the specified ticket from the cache, as per removeTicketFromCache(String).
    Implementations should use CasAuthenticationToken.getCredentials() to obtain the ticket and then delegate to the removeTicketFromCache(String) method.
    
    Parameters:
    
    token - to be removed
  - removeTicketFromCache
```
void removeTicketFromCache(java.lang.String serviceTicket)
```
    Removes the specified ticket from the cache, meaning that future calls will require a new service ticket.
    This is in case applications wish to provide a session termination capability for their stateless clients.
    
    Parameters:
    
    serviceTicket - to be removed

Interface StatelessTicketCache

Method Summary

Method Detail

getByTicketId

putTicketInCache

removeTicketFromCache

removeTicketFromCache