org.openid4java.consumer
Class JdbcNonceVerifier

java.lang.Object
  extended by org.springframework.dao.support.DaoSupport
      extended by org.springframework.jdbc.core.support.JdbcDaoSupport
          extended by org.openid4java.consumer.JdbcNonceVerifier
All Implemented Interfaces:
NonceVerifier, org.springframework.beans.factory.InitializingBean

public class JdbcNonceVerifier
extends org.springframework.jdbc.core.support.JdbcDaoSupport
implements NonceVerifier

JDBC implementation of a NonceVerifier.

The JdbcNonceVerifier requires a a javax.sql.DataSource to be configured and passed in to it with the setDataSource setter method. The table name also needs to be specified, either through the constructor, or through the setTableName setter.

Since the nonces are constructed on the web server and not on the shared database server, they may accidentally collide. Also, if the machines clocks are out of sync, the nonces from the machine that is behind may be removed prematurely from the database by the other machine.

The specified table must have the following structure:

Author:
Andrew Evenson, Graff Haley

Field Summary
 
Fields inherited from class org.springframework.dao.support.DaoSupport
logger
 
Fields inherited from interface org.openid4java.consumer.NonceVerifier
INVALID_TIMESTAMP, OK, SEEN, TOO_OLD
 
Constructor Summary
JdbcNonceVerifier(int maxAge)
           
JdbcNonceVerifier(int maxAge, java.lang.String tableName)
           
 
Method Summary
 int getMaxAge()
          Returns the expiration timeout for nonces, in seconds.
 java.lang.String getTableName()
           
 int seen(java.lang.String opUrl, java.lang.String nonce)
          Checks if a nonce was seen before.
 void setMaxAge(int ageSeconds)
          Sets the expiration timeout for nonces, in seconds.
 void setTableName(java.lang.String tableName)
           
 
Methods inherited from class org.springframework.jdbc.core.support.JdbcDaoSupport
checkDaoConfig, createJdbcTemplate, getConnection, getDataSource, getExceptionTranslator, getJdbcTemplate, initTemplateConfig, releaseConnection, setDataSource, setJdbcTemplate
 
Methods inherited from class org.springframework.dao.support.DaoSupport
afterPropertiesSet, initDao
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

JdbcNonceVerifier

public JdbcNonceVerifier(int maxAge)

JdbcNonceVerifier

public JdbcNonceVerifier(int maxAge,
                         java.lang.String tableName)
Method Detail

getMaxAge

public int getMaxAge()
Description copied from interface: NonceVerifier
Returns the expiration timeout for nonces, in seconds.

Specified by:
getMaxAge in interface NonceVerifier

setMaxAge

public void setMaxAge(int ageSeconds)
Description copied from interface: NonceVerifier
Sets the expiration timeout for nonces, in seconds.

Specified by:
setMaxAge in interface NonceVerifier

seen

public int seen(java.lang.String opUrl,
                java.lang.String nonce)
Description copied from interface: NonceVerifier
Checks if a nonce was seen before. It also checks if the time stamp at the beginning of the noce is valid. Also, if old nonces are discarded the it should check if the time stamp for this noce is still valid.

Specified by:
seen in interface NonceVerifier
Returns:
NonceVerifier.OK only if this nonce has a valid time stamp, the time stamp did not age and the nonce was not seen before.

getTableName

public java.lang.String getTableName()

setTableName

public void setTableName(java.lang.String tableName)


Copyright © 2012 Sxip. All Rights Reserved.