Class LifecycleAwareSessionManager

All Implemented Interfaces:
DisposableBean, AuthenticationEventMulticaster, SessionManager

public class LifecycleAwareSessionManager extends LifecycleAwareSessionManagerSupport implements SessionManager, DisposableBean
Lifecycle-aware Session Manager. This SessionManager obtains tokens from a ClientAuthentication upon request synchronizing multiple threads attempting to obtain a token concurrently.

Tokens are renewed asynchronously if a token has a lease duration. This happens 5 seconds before the token expires, see LifecycleAwareSessionManagerSupport.REFRESH_PERIOD_BEFORE_EXPIRY.

This SessionManager also implements DisposableBean to revoke the LoginToken once it's not required anymore. Token revocation will stop regular token refresh. Tokens are only revoked if the associated ClientAuthentication returns a service token.

If Token renewal runs into a client-side error, it assumes the token was revoked/expired. It discards the token state so the next attempt will lead to another login attempt.

By default, VaultToken are looked up in Vault to determine renewability, remaining TTL, accessor and type, see LifecycleAwareSessionManagerSupport.setTokenSelfLookupEnabled(boolean).

The session manager dispatches authentication events to AuthenticationListener and AuthenticationErrorListener. Event notifications are dispatched either on the calling Thread or worker threads used for background renewal.

This class is thread-safe.

Author:
Mark Paluch, Steven Swor, Iouri Goussev
See Also: