org.openid4java.consumer
Class JdbcNonceVerifier
java.lang.Object
org.springframework.dao.support.DaoSupport
org.springframework.jdbc.core.support.JdbcDaoSupport
org.openid4java.consumer.JdbcNonceVerifier
- All Implemented Interfaces:
- NonceVerifier, org.springframework.beans.factory.InitializingBean
public class JdbcNonceVerifier
- extends org.springframework.jdbc.core.support.JdbcDaoSupport
- implements NonceVerifier
JDBC implementation of a NonceVerifier.
The JdbcNonceVerifier requires a a javax.sql.DataSource to be configured
and passed in to it with the setDataSource setter method. The table name
also needs to be specified, either through the constructor, or through the
setTableName setter.
Since the nonces are constructed on the web server and not on the shared
database server, they may accidentally collide. Also, if the machines
clocks are out of sync, the nonces from the machine that is behind may be
removed prematurely from the database by the other machine.
The specified table must have the following structure:
- opurl : string
- nonce : string
- date : date
- primary key : opurl, nonce
- Author:
- Andrew Evenson, Graff Haley
Fields inherited from class org.springframework.dao.support.DaoSupport |
logger |
Method Summary |
int |
getMaxAge()
Returns the expiration timeout for nonces, in seconds. |
java.lang.String |
getTableName()
|
int |
seen(java.lang.String opUrl,
java.lang.String nonce)
Checks if a nonce was seen before. |
void |
setMaxAge(int ageSeconds)
Sets the expiration timeout for nonces, in seconds. |
void |
setTableName(java.lang.String tableName)
|
Methods inherited from class org.springframework.jdbc.core.support.JdbcDaoSupport |
checkDaoConfig, createJdbcTemplate, getConnection, getDataSource, getExceptionTranslator, getJdbcTemplate, initTemplateConfig, releaseConnection, setDataSource, setJdbcTemplate |
Methods inherited from class org.springframework.dao.support.DaoSupport |
afterPropertiesSet, initDao |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
JdbcNonceVerifier
public JdbcNonceVerifier(int maxAge)
JdbcNonceVerifier
public JdbcNonceVerifier(int maxAge,
java.lang.String tableName)
getMaxAge
public int getMaxAge()
- Description copied from interface:
NonceVerifier
- Returns the expiration timeout for nonces, in seconds.
- Specified by:
getMaxAge
in interface NonceVerifier
setMaxAge
public void setMaxAge(int ageSeconds)
- Description copied from interface:
NonceVerifier
- Sets the expiration timeout for nonces, in seconds.
- Specified by:
setMaxAge
in interface NonceVerifier
seen
public int seen(java.lang.String opUrl,
java.lang.String nonce)
- Description copied from interface:
NonceVerifier
- Checks if a nonce was seen before. It also checks if the time stamp at the beginning of the noce is valid.
Also, if old nonces are discarded the it should check if the time stamp for this noce is still valid.
- Specified by:
seen
in interface NonceVerifier
- Returns:
NonceVerifier.OK
only if this nonce has a valid time stamp, the time stamp did not age and the nonce was not
seen before.
getTableName
public java.lang.String getTableName()
setTableName
public void setTableName(java.lang.String tableName)
Copyright © 2012 Sxip. All Rights Reserved.