org.graylog2.shared.security

Class SessionCreator

java.lang.Object

org.graylog2.shared.security.SessionCreator

public class SessionCreator
extends Object

Constructor Summary

Constructors

Constructor and Description
SessionCreator(UserService userService, AuditEventSender auditEventSender)

Method Summary

Modifier and Type	Method and Description
Optional<org.apache.shiro.session.Session>	create(String currentSessionId, String host, ActorAwareAuthenticationToken authToken) Attempts to log the user in with the given authentication token and returns a new or renewed session upon success.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

SessionCreator

@Inject
public SessionCreator(UserService userService,
                              AuditEventSender auditEventSender)

Method Detail

create

public Optional<org.apache.shiro.session.Session> create(@Nullable
                                                         String currentSessionId,
                                                         String host,
                                                         ActorAwareAuthenticationToken authToken)
                                                  throws AuthenticationServiceUnavailableException

Attempts to log the user in with the given authentication token and returns a new or renewed session upon success.

Side effect: the user will be registered with the current security context.

Parameters:

currentSessionId - A session id, if one exists currently.

host - Host the request to create a session originates from.

authToken - Authentication token to log the user in.

Returns:

A session for the authenticated user wrapped in an Optional, or an empty Optional if authentication failed.

Throws:

AuthenticationServiceUnavailableException - If authenticating the user fails not due to an issue with the credentials but because of an external resource being unavailable