Package org.pac4j.saml.store

Class HttpSessionStore

  • All Implemented Interfaces:
    org.pac4j.core.store.Store<java.lang.String,​org.opensaml.core.xml.XMLObject>, SAMLMessageStore
    public class HttpSessionStore
extends java.lang.Object
implements SAMLMessageStore
    Class implements store of SAML messages and uses HttpSession as underlying dataStore. As the XMLObjects can't be serialized (which could lead to problems during failover), the messages are transformed into SAMLObject which internally marshalls the content into XML during serialization. Messages are populated to a Hashtable and stored inside HttpSession. The Hashtable is lazily initialized during first attempt to create or retrieve a message.
    Author:
    Vladimir Schäfer

    • Field Summary

      Fields 
      Modifier and Type Field Description
      protected org.slf4j.Logger log
      Class logger.

    • Constructor Summary

      Constructors 
      Constructor Description
      HttpSessionStore​(org.pac4j.core.context.WebContext context, org.pac4j.core.context.session.SessionStore sessionStore)
      Creates the store object.

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      java.util.Optional<org.opensaml.core.xml.XMLObject> get​(java.lang.String messageID)
      Returns previously stored message with the given ID or null, if there is no message stored.
      void remove​(java.lang.String key)  
      void set​(java.lang.String messageID, org.opensaml.core.xml.XMLObject message)
      Stores a request message into the repository.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Field Detail

      • log

        protected final org.slf4j.Logger log
        Class logger.

    • Constructor Detail

      • HttpSessionStore

        public HttpSessionStore​(org.pac4j.core.context.WebContext context,
                        org.pac4j.core.context.session.SessionStore sessionStore)
        Creates the store object. The session is manipulated only once caller tries to store or retrieve a message. In case request doesn't already have a started session, it will be created.
        Parameters:
        context - the web context
        sessionStore - the session store

    • Method Detail

      • set

        public void set​(java.lang.String messageID,
                org.opensaml.core.xml.XMLObject message)
        Stores a request message into the repository. RequestAbstractType must have an ID set. Any previous message with the same ID will be overwritten.
        Specified by:
        set in interface org.pac4j.core.store.Store<java.lang.String,​org.opensaml.core.xml.XMLObject>
        Parameters:
        messageID - ID of message
        message - message to be stored

      • get

        public java.util.Optional<org.opensaml.core.xml.XMLObject> get​(java.lang.String messageID)
        Returns previously stored message with the given ID or null, if there is no message stored.

        Message is stored in String format and must be unmarshalled into XMLObject. Call to this method may thus be expensive.

        Messages are automatically cleared upon successful reception, as we presume that there are never multiple ongoing SAML exchanges for the same session. This saves memory used by the session.

        Specified by:
        get in interface org.pac4j.core.store.Store<java.lang.String,​org.opensaml.core.xml.XMLObject>
        Parameters:
        messageID - ID of message to retrieve
        Returns:
        message found or null

      • remove

        public void remove​(java.lang.String key)
        Specified by:
        remove in interface org.pac4j.core.store.Store<java.lang.String,​org.opensaml.core.xml.XMLObject>