public class OJDBCRevocationRegistry extends AbstractJDBCRegistry implements RevocationRegistry
SecurityTokenRegistry
using JDBC
This is a working implementation implementation based on the plink JDBCRevocationRegistry which allows better jndi configuration
(eg global datasources under JBAS 7+ -- https://docs.jboss.org/author/display/AS71/JNDI+Reference) and serialization to blob
fields for Oracle (and other DBs) Initial implementation used a varchar for the serialized class.
This implementation uses a new set of tables..
Oracle create Script
ALTER TABLE STS_REVOCATION_REGISTRY DROP PRIMARY KEY CASCADE; DROP TABLE STS_REVOCATION_REGISTRY CASCADE CONSTRAINTS; CREATE TABLE STS_REVOCATION_REGISTRY ( TOKEN_ID VARCHAR2(1024) NOT NULL, TOKEN_TYPE VARCHAR2(2048) NOT NULL, CREATED_DATE TIMESTAMP(6) WITH TIME ZONE NOT NULL ); CREATE UNIQUE INDEX STS_REVOCATION_REGISTRY_PK ON STS_REVOCATION_REGISTRY (TOKEN_ID); ALTER TABLE STS_REVOCATION_REGISTRY ADD ( CONSTRAINT STS_REVOCATION_REGISTRY_PK PRIMARY KEY (TOKEN_ID) USING INDEX STS_REVOCATION_REGISTRY_PK );Picketlink.xml condfiguration:
<TokenProvider ... > ... <Property Key="RevocationRegistry" Value="OJDBC" /> <Property Key="RevocationRegistryJDBCNameSpace" Value="java:jboss" /> <!-- default value is java:jboss and can be ommited --> <Property Key="RevocationRegistryJDBCDataSource" Value="jdbc/picketlink-sts" /> <!-- default value is jdbc/picketlink-sts and can be ommited --> ... </TokenProvider>
dataSource, logger
Constructor and Description |
---|
OJDBCRevocationRegistry() |
OJDBCRevocationRegistry(String jndiName) |
OJDBCRevocationRegistry(String initial,
String jndiName) |
Modifier and Type | Method and Description |
---|---|
boolean |
isRevoked(String tokenType,
String tokenID)
Indicates whether the token with the specified id has been revoked or not.
|
void |
revokeToken(String tokenType,
String tokenID)
Adds the specified id to the revocation registry.
|
safeClose
public OJDBCRevocationRegistry()
public OJDBCRevocationRegistry(String jndiName)
public boolean isRevoked(String tokenType, String tokenID)
RevocationRegistry
Indicates whether the token with the specified id has been revoked or not.
isRevoked
in interface RevocationRegistry
tokenType
- a String
representing the token type.tokenID
- a String
representing the token id.true
if the specified id has been revoked; false
otherwise.RevocationRegistry.isRevoked(String, String)
public void revokeToken(String tokenType, String tokenID)
RevocationRegistry
Adds the specified id to the revocation registry. The security token type can be used to distinguish tokens that may have the same id but that are of different types.
revokeToken
in interface RevocationRegistry
tokenType
- a String
representing the security token type.tokenID
- the id to registered.RevocationRegistry.revokeToken(String, String)
Copyright © 2017. All rights reserved.