Package org.opensaml.storage.impl.client

Class ClientStorageService

java.lang.Object

net.shibboleth.shared.component.AbstractInitializableComponent

net.shibboleth.shared.component.AbstractIdentifiedInitializableComponent

net.shibboleth.shared.component.AbstractIdentifiableInitializableComponent

org.opensaml.storage.AbstractStorageService

org.opensaml.storage.AbstractMapBackedStorageService

org.opensaml.storage.impl.client.ClientStorageService

All Implemented Interfaces:

Filter, Component, DestructableComponent, IdentifiableComponent, IdentifiedComponent, InitializableComponent, EnumeratableStorageService, StorageCapabilities, StorageService

public class ClientStorageService
extends AbstractMapBackedStorageService
implements Filter, StorageCapabilities

Implementation of StorageService that stores data in-memory in a shared session attribute.

The data for this service is managed in a ClientStorageServiceStore object, which must be created by some operation within the container for this implementation to function. Actual load/store of the data to/from that object is driven via companion classes. The serialization of data is inside the storage object class, but the encryption/decryption is here.

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static enum	ClientStorageService.ClientStorageSource	Enumeration of possible sources for the data.

Field Summary

Fields

Modifier and Type	Field	Description
private Map<ClientStorageService.ClientStorageSource,Integer>	capabilityMap	Sizes to report for context, key, and value limits when particular sources are used.
private CookieManager	cookieManager	Manages creation of cookies.
private DataSealer	dataSealer	DataSealer instance to secure data.
private static final String	DEFAULT_STORAGE_NAME	Default label for storage tracking.
private NonnullSupplier<HttpServletRequest>	httpServletRequestSupplier	Servlet request Supplier.
private DataSealerKeyStrategy	keyStrategy	KeyStrategy enabling us to detect whether data has been sealed with an older key.
protected static final String	LOCK_ATTRIBUTE	Name of session attribute for session lock.
private final org.slf4j.Logger	log	Class logger.
protected static final String	STORAGE_ATTRIBUTE	Name of session attribute for storage object.
private String	storageName	Label used to track storage.
private ClientStorageServiceStore.Factory	storeFactory	Factory for backing store.

Constructor Summary

Constructors

Constructor	Description
ClientStorageService()	Constructor.

Method Summary

Modifier and Type	Method	Description
void	doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
protected void	doInitialize()
protected TimerTask	getCleanupTask()	Returns a cleanup task function to schedule for background cleanup.
protected Map<String,Map<String,MutableStorageRecord<?>>>	getContextMap()	Get the map of contexts to manipulate during operations.
int	getContextSize()	Gets max size of context labels in characters.
CookieManager	getCookieManager()	Get the CookieManager to use.
DataSealer	getDataSealer()	Get the DataSealer to use for data security.
private HttpServletRequest	getHttpServletRequest()	Get the current HTTP request if available.
int	getKeySize()	Gets max size of keys in characters.
protected ReadWriteLock	getLock()	Get the shared lock to synchronize access.
(package private) String	getLogPrefix()	Get a prefix for log messages.
(package private) ClientStorageService.ClientStorageSource	getSource()	Get the backing source of the loaded data.
String	getStorageName()	Get the label to use for storage tracking.
long	getValueSize()	Gets max size of values in characters.
void	init(FilterConfig filterConfig)
boolean	isClustered()	Returns true iff the storage implementation manages data independent of a single server node.
(package private) boolean	isLoaded()	Check whether data from the client has been loaded into the current session.
boolean	isServerSide()	Returns true iff the storage implementation manages data independent of the client.
(package private) void	load(String raw, ClientStorageService.ClientStorageSource source)	Reconstitute stored data and inject it into the session.
(package private) ClientStorageServiceOperation	save()	Serialize the stored data if it's in a "modified/dirty" state.
void	setCapabilityMap(Map<ClientStorageService.ClientStorageSource,Integer> map)	Set the map of storage sources to capability/size limits.
void	setCleanupInterval(Duration interval)	Sets the time between one cleanup and another.
void	setClientStorageServiceStoreFactory(ClientStorageServiceStore.Factory factory)	Set the backing store ClientStorageServiceStore.Factory to use.
void	setCookieManager(CookieManager manager)	Set the CookieManager to use.
void	setDataSealer(DataSealer sealer)	Set the DataSealer to use for data security.
protected void	setDirty()	A callback to indicate that data has been modified.
void	setHttpServletRequestSupplier(NonnullSupplier<HttpServletRequest> requestSupplier)	Set the Supplier for the servlet request in which to manage per-request data.
void	setKeyStrategy(DataSealerKeyStrategy strategy)	Set the DataSealerKeyStrategy to use for stale key detection.
void	setStorageName(String name)	Set the label to use for storage tracking.

Methods inherited from class org.opensaml.storage.AbstractMapBackedStorageService

create, delete, deleteContext, deleteImpl, deleteWithVersion, getContextKeys, read, read, readImpl, reap, reapWithLock, update, updateContextExpiration, updateExpiration, updateImpl, updateWithVersion

Methods inherited from class org.opensaml.storage.AbstractStorageService

create, create, delete, deleteWithVersion, doDestroy, getCapabilities, getCleanupInterval, getCleanupTaskTimer, read, setCleanupTaskTimer, setContextSize, setKeySize, setValueSize, update, update, updateExpiration, updateWithVersion, updateWithVersion

Methods inherited from class net.shibboleth.shared.component.AbstractIdentifiableInitializableComponent

setId

Methods inherited from class net.shibboleth.shared.component.AbstractIdentifiedInitializableComponent

ensureId, getId, ifDestroyedThrowDestroyedComponentException, ifInitializedThrowUnmodifiabledComponentException, ifNotInitializedThrowUninitializedComponentException

Methods inherited from class net.shibboleth.shared.component.AbstractInitializableComponent

checkComponentActive, checkSetterPreconditions, destroy, initialize, isDestroyed, isInitialized

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface jakarta.servlet.Filter

destroy

Methods inherited from interface net.shibboleth.shared.component.IdentifiedComponent

getId

Methods inherited from interface org.opensaml.storage.StorageService

create, create, delete, deleteWithVersion, getCapabilities, read, update, update, updateExpiration, updateWithVersion, updateWithVersion

Field Details

LOCK_ATTRIBUTE

@Nonnull
protected static final String LOCK_ATTRIBUTE

Name of session attribute for session lock.

See Also:

• Constant Field Values

STORAGE_ATTRIBUTE

@Nonnull
protected static final String STORAGE_ATTRIBUTE

Name of session attribute for storage object.

See Also:

• Constant Field Values

DEFAULT_STORAGE_NAME

@Nonnull
@NotEmpty
private static final String DEFAULT_STORAGE_NAME

Default label for storage tracking.

See Also:

• Constant Field Values

log

@Nonnull
private final org.slf4j.Logger log

Class logger.

capabilityMap

@Nonnull
@NotEmpty
private Map<ClientStorageService.ClientStorageSource,Integer> capabilityMap

Sizes to report for context, key, and value limits when particular sources are used.

httpServletRequestSupplier

@NonnullAfterInit
private NonnullSupplier<HttpServletRequest> httpServletRequestSupplier

Servlet request Supplier.

cookieManager

@NonnullAfterInit
private CookieManager cookieManager

Manages creation of cookies.

storageName

@Nonnull
@NotEmpty
private String storageName

Label used to track storage.

dataSealer

@NonnullAfterInit
private DataSealer dataSealer

DataSealer instance to secure data.

keyStrategy

@Nullable
private DataSealerKeyStrategy keyStrategy

KeyStrategy enabling us to detect whether data has been sealed with an older key.

storeFactory

@Nonnull
private ClientStorageServiceStore.Factory storeFactory

Factory for backing store.

Constructor Details

ClientStorageService

public ClientStorageService()

Constructor.

Method Details

setCleanupInterval

public void setCleanupInterval(@Nullable
 Duration interval)

Sets the time between one cleanup and another. A value of 0 indicates that no cleanup will be performed. This setting cannot be changed after the service has been initialized.

Overrides:

setCleanupInterval in class AbstractStorageService

Parameters:

interval - time between one cleanup and another

setCapabilityMap

public void setCapabilityMap(@Nonnull
 Map<ClientStorageService.ClientStorageSource,Integer> map)

Set the map of storage sources to capability/size limits.

The defaults include 4192 characters for cookies and 1024^2 characters for local storage.

Parameters:

map - capability map

isServerSide

public boolean isServerSide()

Returns true iff the storage implementation manages data independent of the client.

Specified by:

isServerSide in interface StorageCapabilities

Returns:

true iff the storage implementation manages data independent of the client

isClustered

public boolean isClustered()

Returns true iff the storage implementation manages data independent of a single server node.

Specified by:

isClustered in interface StorageCapabilities

Returns:

true iff the storage implementation manages data independent of a single server node

setHttpServletRequestSupplier

public void setHttpServletRequestSupplier(@Nonnull
 NonnullSupplier<HttpServletRequest> requestSupplier)

Set the Supplier for the servlet request in which to manage per-request data.

Parameters:

requestSupplier - supplier for the servlet request in which to manage data

getHttpServletRequest

@Nonnull
private HttpServletRequest getHttpServletRequest()

Get the current HTTP request if available.

Returns:

current HTTP request

getCookieManager

@NonnullAfterInit
public CookieManager getCookieManager()

Get the CookieManager to use.

Returns:

the CookieManager to use

setCookieManager

public void setCookieManager(@Nonnull
 CookieManager manager)

Set the CookieManager to use.

Parameters:

manager - the CookieManager to use.

getStorageName

@Nonnull
@NotEmpty
public String getStorageName()

Get the label to use for storage tracking.

Returns:

label to use

setStorageName

public void setStorageName(@Nonnull @NotEmpty
 String name)

Set the label to use for storage tracking.

Parameters:

name - label to use

getDataSealer

@NonnullAfterInit
public DataSealer getDataSealer()

Get the DataSealer to use for data security.

Returns:

DataSealer to use for data security

setDataSealer

public void setDataSealer(@Nonnull
 DataSealer sealer)

Set the DataSealer to use for data security.

Parameters:

sealer - DataSealer to use for data security

setKeyStrategy

public void setKeyStrategy(@Nullable
 DataSealerKeyStrategy strategy)

Set the DataSealerKeyStrategy to use for stale key detection.

Parameters:

strategy - DataSealerKeyStrategy to use for stale key detection

setClientStorageServiceStoreFactory

public void setClientStorageServiceStoreFactory(@Nonnull
 ClientStorageServiceStore.Factory factory)

Set the backing store ClientStorageServiceStore.Factory to use.

Parameters:

factory - factory to use

init

public void init(FilterConfig filterConfig)
          throws ServletException

Specified by:

init in interface Filter

Throws:

ServletException

doFilter

public void doFilter(ServletRequest request,
 ServletResponse response,
 FilterChain chain)
              throws IOException,
ServletException

Specified by:

doFilter in interface Filter

Throws:

IOException

ServletException

getContextSize

public int getContextSize()

Gets max size of context labels in characters.

Specified by:

getContextSize in interface StorageCapabilities

Overrides:

getContextSize in class AbstractStorageService

Returns:

max size of context labels in characters

getKeySize

public int getKeySize()

Gets max size of keys in characters.

Specified by:

getKeySize in interface StorageCapabilities

Overrides:

getKeySize in class AbstractStorageService

Returns:

max size of keys in characters

getValueSize

public long getValueSize()

Gets max size of values in characters.

Specified by:

getValueSize in interface StorageCapabilities

Overrides:

getValueSize in class AbstractStorageService

Returns:

max size of values in characters

doInitialize

protected void doInitialize()
                     throws ComponentInitializationException

Overrides:

doInitialize in class AbstractStorageService

Throws:

ComponentInitializationException

getCleanupTask

@Nullable
protected TimerTask getCleanupTask()

Returns a cleanup task function to schedule for background cleanup.

The default implementation does not supply one.

Overrides:

getCleanupTask in class AbstractStorageService

Returns:

a task object, or null

getLock

@Nonnull
protected ReadWriteLock getLock()

Get the shared lock to synchronize access.

Specified by:

getLock in class AbstractMapBackedStorageService

Returns:

shared lock

getContextMap

@Nonnull
@Live
protected Map<String,Map<String,MutableStorageRecord<?>>> getContextMap()
                                                                 throws IOException

Get the map of contexts to manipulate during operations.

This method is guaranteed to be called under cover the lock returned by {AbstractMapBackedStorageService.getLock().

Specified by:

getContextMap in class AbstractMapBackedStorageService

Returns:

map of contexts to manipulate

Throws:

IOException - to signal errors

setDirty

protected void setDirty()
                 throws IOException

A callback to indicate that data has been modified.

This method is guaranteed to be called under cover the lock returned by {AbstractMapBackedStorageService.getLock().

Overrides:

setDirty in class AbstractMapBackedStorageService

Throws:

IOException - to signal an error

getSource

@Nullable
ClientStorageService.ClientStorageSource getSource()
                                            throws IOException

Get the backing source of the loaded data.

This method should not be called while holding the session lock returned by getLock().

Returns:

the source of the loaded data

Throws:

IOException - to signal an error

isLoaded

boolean isLoaded()
          throws IOException

Check whether data from the client has been loaded into the current session.

This method should not be called while holding the session lock returned by getLock().

Returns:

true iff the HttpSession contains a storage object

Throws:

IOException - to signal an error

load

void load(@Nullable @NotEmpty
 String raw,
 @Nonnull
 ClientStorageService.ClientStorageSource source)

Reconstitute stored data and inject it into the session.

This method should not be called while holding the session lock returned by getLock().

Parameters:

raw - encrypted data to load as storage contents, or null if none

source - indicates source of the data for later use

save

@Nullable
ClientStorageServiceOperation save()

Serialize the stored data if it's in a "modified/dirty" state.

This method should not be called while holding the session lock returned by getLock().

Returns:

if dirty, the operation to perform, if not dirty, a null value

getLogPrefix

@Nonnull
@NotEmpty
String getLogPrefix()

Get a prefix for log messages.

Returns:

logging prefix