Package org.apache.rampart
Interface UniqueMessageAttributeCache
- All Known Implementing Classes:
AbstractUniqueMessageAttributeCache
,NonceCache
public interface UniqueMessageAttributeCache
An interface to cache nonce/sequence number values coming with messages.
This mainly helps to prevent replay attacks. There are few different ways to handle replay attacks.
1. Cache nonce values.
2. Use a sequence number.
"Web Services Security UsernameToken Profile 1.1 OASIS Standard Specification, 1 February 2006" specification only recommends
to cache nonce for a period. But there can be other mechanisms like using sequence number.
Therefore cache is implemented as an interface and later if we need to support sequence number scenario we can easily extend this.
User: aj
Date: Apr 30, 2010
Time: 12:15:52 PM
To change this template use File | Settings | File Templates.
-
Method Summary
Modifier and TypeMethodDescriptionvoid
addToCache
(String id, String userName) Add value to a cache.void
Clears all recorded nonce values/sequence numbers.int
Gets the maximum life time of a message id.void
setMaximumLifeTimeOfAnAttribute
(int maxTime) Sets the maximum life time of a message id.boolean
valueExistsInCache
(String id, String userName) Checks whether value already exists in the cache for a given user name.
-
Method Details
-
setMaximumLifeTimeOfAnAttribute
void setMaximumLifeTimeOfAnAttribute(int maxTime) Sets the maximum life time of a message id.- Parameters:
maxTime
- Maximum life time in seconds.
-
getMaximumLifeTimeOfAnAttribute
int getMaximumLifeTimeOfAnAttribute()Gets the maximum life time of a message id.- Returns:
- Gets message id life time in seconds.
-
addToCache
Add value to a cache. Value can be sequence or nonce value.- Parameters:
id
- - Nonce value or sequence number.userName
- - User name parameter value of the UserNameToken.
-
valueExistsInCache
Checks whether value already exists in the cache for a given user name.- Parameters:
id
- - Nonce or sequence id value of the newly received message.userName
- - User name parameter value of the UserName token.- Returns:
- Returns true if nonce or sequence id is already received for given user name. Else false.
-
clearCache
void clearCache()Clears all recorded nonce values/sequence numbers.
-