Package org.graylog2.shared.security

Class SessionCreator

java.lang.Object
org.graylog2.shared.security.SessionCreator
public class SessionCreator extends Object

  • Constructor Details

  • Method Details

    • login

      public Optional<org.apache.shiro.session.Session> login(@Nullable String currentSessionId, String host, ActorAwareAuthenticationToken authToken) throws AuthenticationServiceUnavailableException
      Attempts to log the user in with the given authentication token and returns a new or renewed session upon success.

      Side effect: the user will be registered with the current security context.

      Parameters:
      currentSessionId - A session id, if one exists currently.
      host - Host the request to create a session originates from.
      authToken - Authentication token to log the user in.
      Returns:
      A session for the authenticated user wrapped in an Optional, or an empty Optional if authentication failed.
      Throws:
      AuthenticationServiceUnavailableException - If authenticating the user fails not due to an issue with the credentials but because of an external resource being unavailable

    • create

      public Optional<org.apache.shiro.session.Session> create(org.apache.shiro.subject.Subject subject, String host)
      Attempts to create a new or renewed session.

      Side effect: the user will be registered with the current security context.

      Parameters:
      subject - The subject that should be associated with the session
      host - Host the request to create a session originates from.
      Returns:
      A session for the authenticated user wrapped in an Optional, or an empty Optional if authentication failed.