org.springframework.vault.authentication

Class LifecycleAwareSessionManagerSupport

java.lang.Object

org.springframework.vault.authentication.AuthenticationEventPublisher

org.springframework.vault.authentication.LifecycleAwareSessionManagerSupport

Direct Known Subclasses:

LifecycleAwareSessionManager, ReactiveLifecycleAwareSessionManager

public abstract class LifecycleAwareSessionManagerSupport
extends AuthenticationEventPublisher

Support class to build Lifecycle-aware Session Manager implementations, defining common properties such as the TaskScheduler and LifecycleAwareSessionManagerSupport.RefreshTrigger. Typically used within the framework itself.

Not intended to be used directly.

Since:

2.0

Author:

Mark Paluch

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	LifecycleAwareSessionManagerSupport.FixedTimeoutRefreshTrigger LifecycleAwareSessionManagerSupport.RefreshTrigger implementation using a fixed timeout to schedule renewal before a LoginToken expires.
protected static class	LifecycleAwareSessionManagerSupport.OneShotTrigger This one-shot trigger creates only one execution time to trigger an execution only once.
static interface	LifecycleAwareSessionManagerSupport.RefreshTrigger Common interface for trigger objects that determine the next execution time of a refresh task.

Field Summary

Fields

Modifier and Type	Field and Description
protected Log	logger Logger available to subclasses.
static int	REFRESH_PERIOD_BEFORE_EXPIRY Refresh 5 seconds before the token expires.

Constructor Summary

Constructors

Constructor and Description
LifecycleAwareSessionManagerSupport(TaskScheduler taskScheduler) Create a LifecycleAwareSessionManager given TaskScheduler.
LifecycleAwareSessionManagerSupport(TaskScheduler taskScheduler, LifecycleAwareSessionManagerSupport.RefreshTrigger refreshTrigger) Create a LifecycleAwareSessionManager given TaskScheduler and LifecycleAwareSessionManagerSupport.RefreshTrigger.

Method Summary

Modifier and Type	Method and Description
protected LifecycleAwareSessionManagerSupport.RefreshTrigger	getRefreshTrigger()
protected TaskScheduler	getTaskScheduler()
protected boolean	isExpired(LoginToken loginToken) Check whether the Token falls below its validity threshold.
protected boolean	isTokenSelfLookupEnabled() Returns whether token self-lookup is enabled to augment VaultToken obtained from a ClientAuthentication.
void	setLeaseStrategy(LeaseStrategy leaseStrategy) Set the LeaseStrategy for lease renewal error handling.
void	setTokenSelfLookupEnabled(boolean tokenSelfLookupEnabled) Enables/disables token self-lookup.

Methods inherited from class org.springframework.vault.authentication.AuthenticationEventPublisher

addAuthenticationListener, addErrorListener, removeAuthenticationListener, removeErrorListener

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

REFRESH_PERIOD_BEFORE_EXPIRY

public static final int REFRESH_PERIOD_BEFORE_EXPIRY

Refresh 5 seconds before the token expires.

See Also:

Constant Field Values

logger

protected final Log logger

Logger available to subclasses.

Constructor Detail

LifecycleAwareSessionManagerSupport

public LifecycleAwareSessionManagerSupport(TaskScheduler taskScheduler)

Create a LifecycleAwareSessionManager given TaskScheduler. Using DEFAULT_TRIGGER to trigger refresh.

Parameters:

taskScheduler - must not be null.

LifecycleAwareSessionManagerSupport

public LifecycleAwareSessionManagerSupport(TaskScheduler taskScheduler,
                                           LifecycleAwareSessionManagerSupport.RefreshTrigger refreshTrigger)

Create a LifecycleAwareSessionManager given TaskScheduler and LifecycleAwareSessionManagerSupport.RefreshTrigger.

Parameters:

taskScheduler - must not be null.

refreshTrigger - must not be null.

Method Detail

isTokenSelfLookupEnabled

protected boolean isTokenSelfLookupEnabled()

Returns whether token self-lookup is enabled to augment VaultToken obtained from a ClientAuthentication. Self-lookup determines whether a token is renewable and its TTL. Self lookup is skipped for LoginToken. Self-lookup requests decrement token usage count by one. Skipped for LoginToken.

Self-lookup for tokens without a permission to access auth/token/lookup-self will fail gracefully and continue without token renewal.

Returns:

true to enable self-lookup, false to disable self-lookup. Enabled by default.

setTokenSelfLookupEnabled

public void setTokenSelfLookupEnabled(boolean tokenSelfLookupEnabled)

Enables/disables token self-lookup. Self-lookup augments VaultToken obtained from a ClientAuthentication. Self-lookup determines whether a token is renewable and its TTL.

Parameters:

tokenSelfLookupEnabled - true to enable self-lookup, false to disable self-lookup. Enabled by default.

setLeaseStrategy

public void setLeaseStrategy(LeaseStrategy leaseStrategy)

Set the LeaseStrategy for lease renewal error handling.

Parameters:

leaseStrategy - the LeaseStrategy, must not be null.

Since:

2.2

getTaskScheduler

protected TaskScheduler getTaskScheduler()

Returns:

the underlying TaskScheduler.

getRefreshTrigger

protected LifecycleAwareSessionManagerSupport.RefreshTrigger getRefreshTrigger()

Returns:

the underlying LifecycleAwareSessionManagerSupport.RefreshTrigger.

isExpired

protected boolean isExpired(LoginToken loginToken)

Check whether the Token falls below its validity threshold. Typically used to discard a token.

Parameters:

loginToken - must not be null.

Returns:

true if token validity falls below validity threshold, false if still valid.