/**
* Returns the resolved attributes associated with the session.
*
+ * @return an immutable array of attributes
+ */
+ virtual const std::vector<Attribute*>& getAttributes() const=0;
+
+ /**
+ * Returns the resolved attributes associated with the session, indexed by ID
+ *
* @return an immutable map of attributes keyed by attribute ID
*/
- virtual const std::multimap<std::string,Attribute*>& getAttributes() const=0;
+ virtual const std::multimap<std::string,const Attribute*>& getIndexedAttributes() const=0;
/**
* Returns the identifiers of the assertion(s) cached by the session.
* <dd>attribute containing maximum lifetime in seconds for unused sessions to remain in cache</dd>
* </dl>
*
- * @param e root of DOM tree to configure the cache
+ * @param e root of DOM tree to configure the cache
+ * @param defaultTimeout default cacheTimeout setting to use if none specified in DOM
*/
- SessionCache(const xercesc::DOMElement* e);
+ SessionCache(const xercesc::DOMElement* e, unsigned long defaultTimeout=3600);
- /** maximum lifetime in seconds for unused sessions to be cached */
+ /** Maximum lifetime in seconds for unused sessions to be cached. */
unsigned long m_cacheTimeout;
public:
* @param authncontext_class method/category of authentication event, if known
* @param authncontext_decl specifics of authentication event, if known
* @param tokens assertions to cache with session, if any
- * @param attributes optional map of resolved Attributes to cache with session
+ * @param attributes optional array of resolved Attributes to cache with session
* @return newly created session's key
*/
virtual std::string insert(
const XMLCh* authncontext_class=NULL,
const XMLCh* authncontext_decl=NULL,
const std::vector<const opensaml::Assertion*>* tokens=NULL,
- const std::multimap<std::string,Attribute*>* attributes=NULL
+ const std::vector<Attribute*>* attributes=NULL
)=0;
/**
- * Deletes an existing session or sessions.
+ * Returns active sessions that match particular parameters and records the logout
+ * to prevent race conditions.
+ *
+ * <p>On exit, the mapping between these sessions and the associated information MAY be
+ * removed by the cache, so subsequent calls to this method may not return anything.
+ *
+ * <p>Until logout expiration, any attempt to create a session with the same parameters
+ * will be blocked by the cache.
*
* @param issuer source of session(s)
* @param nameid name identifier associated with the session(s) to terminate
- * @param index index of session, or NULL for all sessions associated with other parameters
+ * @param indexes indexes of sessions, or NULL for all sessions associated with other parameters
+ * @param expires logout expiration
* @param application reference to Application that owns the session(s)
- * @param sessions on exit, contains the IDs of the matching sessions removed
+ * @param sessions on exit, contains the IDs of the matching sessions found
*/
- virtual void remove(
+ virtual std::vector<std::string>::size_type logout(
const opensaml::saml2md::EntityDescriptor* issuer,
const opensaml::saml2::NameID& nameid,
- const char* index,
+ const std::set<std::string>* indexes,
+ time_t expires,
const Application& application,
std::vector<std::string>& sessions
)=0;
+
+ /**
+ * Determines whether a given session (based on its ID) matches a set of input
+ * criteria.
+ *
+ * @param key session key to check
+ * @param issuer required source of session(s)
+ * @param nameid required name identifier
+ * @param indexes session indexes
+ * @param application reference to Application that owns the Session
+ * @return true iff the session matches the input criteria
+ */
+ virtual bool matches(
+ const char* key,
+ const opensaml::saml2md::EntityDescriptor* issuer,
+ const opensaml::saml2::NameID& nameid,
+ const std::set<std::string>* indexes,
+ const Application& application
+ )=0;
+
+ /**
+ * Executes a test of the cache's general health.
+ */
+ virtual void test()=0;
#endif
/**
projects / shibboleth / sp.git / blobdiff