Package org.apereo.cas.configuration.model.support.cookie

Class PinnableCookieProperties

java.lang.Object
org.apereo.cas.configuration.model.support.cookie.CookieProperties
org.apereo.cas.configuration.model.support.cookie.PinnableCookieProperties
All Implemented Interfaces:
Serializable, CasFeatureModule
Direct Known Subclasses:
CookieSessionReplicationProperties, InterruptCookieProperties, MultifactorAuthenticationProviderSelectionCookieProperties, TicketGrantingCookieProperties, WsFederationDelegatedCookieProperties
@RequiresModule(name="cas-server-core-cookie", automated=true) public class PinnableCookieProperties extends CookieProperties
Base property class for cookies that can be pinned to the HTTP session. Pinned cookies are ignored if they arrive on a request with different attributes, such as IP address or user-agent, than what was present when the cookie was created.
Since:
6.4.0
See Also:

  • Constructor Details

    • PinnableCookieProperties

      public PinnableCookieProperties()

  • Method Details

    • isPinToSession

      public boolean isPinToSession()
      When generating cookie values, determine whether the value should be compounded and signed with the properties of the current session, such as IP address, user-agent, etc.

    • getAllowedIpAddressesPattern

      public String getAllowedIpAddressesPattern()
      A regular expression pattern that indicates the set of allowed IP addresses, when isPinToSession() is configured. In the event that there is a mismatch between the cookie IP address and the current request-provided IP address (i.e. network switches, VPN, etc), the cookie can still be considered valid if the new IP address matches the pattern specified here.

    • isGeoLocateClientSession

      public boolean isGeoLocateClientSession()
      When set to true and assuming isPinToSession() is also true, client sessions (using the client IP address) are geo-located using a geolocation service when/if configured. The resulting session is either pinned to the client geolocation, or the default client address.

    • setPinToSession

      public PinnableCookieProperties setPinToSession(boolean pinToSession)
      When generating cookie values, determine whether the value should be compounded and signed with the properties of the current session, such as IP address, user-agent, etc.
      Returns:
      this.

    • setAllowedIpAddressesPattern

      public PinnableCookieProperties setAllowedIpAddressesPattern(String allowedIpAddressesPattern)
      A regular expression pattern that indicates the set of allowed IP addresses, when isPinToSession() is configured. In the event that there is a mismatch between the cookie IP address and the current request-provided IP address (i.e. network switches, VPN, etc), the cookie can still be considered valid if the new IP address matches the pattern specified here.
      Returns:
      this.

    • setGeoLocateClientSession

      public PinnableCookieProperties setGeoLocateClientSession(boolean geoLocateClientSession)
      When set to true and assuming isPinToSession() is also true, client sessions (using the client IP address) are geo-located using a geolocation service when/if configured. The resulting session is either pinned to the client geolocation, or the default client address.
      Returns:
      this.