Package org.springframework.vault.authentication

Class LifecycleAwareSessionManagerSupport

java.lang.Object

org.springframework.vault.authentication.AuthenticationEventPublisher

org.springframework.vault.authentication.LifecycleAwareSessionManagerSupport

Direct Known Subclasses:

LifecycleAwareSessionManager, ReactiveLifecycleAwareSessionManager

public abstract class LifecycleAwareSessionManagerSupport
extends AuthenticationEventPublisher

Support class to build Lifecycle-aware Session Manager implementations, defining common properties such as the TaskScheduler and LifecycleAwareSessionManagerSupport.RefreshTrigger. Typically used within the framework itself.

Not intended to be used directly.

Since:

2.0

Author:

Mark Paluch

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	LifecycleAwareSessionManagerSupport.FixedTimeoutRefreshTrigger	LifecycleAwareSessionManagerSupport.RefreshTrigger implementation using a fixed timeout to schedule renewal before a LoginToken expires.
protected static class	LifecycleAwareSessionManagerSupport.OneShotTrigger	This one-shot trigger creates only one execution time to trigger an execution only once.
static interface	LifecycleAwareSessionManagerSupport.RefreshTrigger	Common interface for trigger objects that determine the next execution time of a refresh task.

Field Summary

Fields

Modifier and Type	Field	Description
protected final Log	logger	Logger available to subclasses.
static final int	REFRESH_PERIOD_BEFORE_EXPIRY	Refresh 5 seconds before the token expires.

Constructor Summary

Constructors

Constructor	Description
LifecycleAwareSessionManagerSupport(TaskScheduler taskScheduler)	Create a LifecycleAwareSessionManager given TaskScheduler.
LifecycleAwareSessionManagerSupport(TaskScheduler taskScheduler, LifecycleAwareSessionManagerSupport.RefreshTrigger refreshTrigger)	Create a LifecycleAwareSessionManager given TaskScheduler and LifecycleAwareSessionManagerSupport.RefreshTrigger.

Method Summary

Modifier and Type	Method	Description
protected LifecycleAwareSessionManagerSupport.RefreshTrigger	getRefreshTrigger()
protected TaskScheduler	getTaskScheduler()
protected boolean	isExpired(LoginToken loginToken)	Check whether the Token falls below its validity threshold.
protected boolean	isTokenSelfLookupEnabled()	Returns whether token self-lookup is enabled to augment VaultToken obtained from a ClientAuthentication.
void	setLeaseStrategy(LeaseStrategy leaseStrategy)	Set the LeaseStrategy for lease renewal error handling.
void	setTokenSelfLookupEnabled(boolean tokenSelfLookupEnabled)	Enables/disables token self-lookup.

Methods inherited from class org.springframework.vault.authentication.AuthenticationEventPublisher

addAuthenticationListener, addErrorListener, removeAuthenticationListener, removeErrorListener

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

REFRESH_PERIOD_BEFORE_EXPIRY

public static final int REFRESH_PERIOD_BEFORE_EXPIRY

Refresh 5 seconds before the token expires.

See Also:

• Constant Field Values

logger

protected final Log logger

Logger available to subclasses.

Constructor Details

LifecycleAwareSessionManagerSupport

public LifecycleAwareSessionManagerSupport(TaskScheduler taskScheduler)

Create a LifecycleAwareSessionManager given TaskScheduler. Using DEFAULT_TRIGGER to trigger refresh.

Parameters:

taskScheduler - must not be null.

LifecycleAwareSessionManagerSupport

public LifecycleAwareSessionManagerSupport(TaskScheduler taskScheduler,
 LifecycleAwareSessionManagerSupport.RefreshTrigger refreshTrigger)

Create a LifecycleAwareSessionManager given TaskScheduler and LifecycleAwareSessionManagerSupport.RefreshTrigger.

Parameters:

taskScheduler - must not be null.

refreshTrigger - must not be null.

Method Details

isTokenSelfLookupEnabled

protected boolean isTokenSelfLookupEnabled()

Returns whether token self-lookup is enabled to augment VaultToken obtained from a ClientAuthentication. Self-lookup determines whether a token is renewable and its TTL. Self lookup is skipped for LoginToken. Self-lookup requests decrement token usage count by one. Skipped for LoginToken.

Self-lookup for tokens without a permission to access auth/token/lookup-self will fail gracefully and continue without token renewal.

Returns:

true to enable self-lookup, false to disable self-lookup. Enabled by default.

setTokenSelfLookupEnabled

public void setTokenSelfLookupEnabled(boolean tokenSelfLookupEnabled)

Enables/disables token self-lookup. Self-lookup augments VaultToken obtained from a ClientAuthentication. Self-lookup determines whether a token is renewable and its TTL.

Parameters:

tokenSelfLookupEnabled - true to enable self-lookup, false to disable self-lookup. Enabled by default.

setLeaseStrategy

public void setLeaseStrategy(LeaseStrategy leaseStrategy)

Set the LeaseStrategy for lease renewal error handling.

Parameters:

leaseStrategy - the LeaseStrategy, must not be null.

Since:

2.2

getTaskScheduler

protected TaskScheduler getTaskScheduler()

Returns:

the underlying TaskScheduler.

getRefreshTrigger

protected LifecycleAwareSessionManagerSupport.RefreshTrigger getRefreshTrigger()

Returns:

the underlying LifecycleAwareSessionManagerSupport.RefreshTrigger.

isExpired

protected boolean isExpired(LoginToken loginToken)

Check whether the Token falls below its validity threshold. Typically used to discard a token.

Parameters:

loginToken - must not be null.

Returns:

true if token validity falls below validity threshold, false if still valid.