Interface which defines methods for caching assertion IDs so that the POST profile one-use policy can be enforced.
Classes implementing this interface must have a public no-arg constructor.
initCache(Properties prop ) initializes the cache. Although the cache will normally be instantiated and initialized only once, at server start time, an implementation should be robust in the face of multiple instantiations and multiple calls to init and release. The props parameter is a Properties object containing properties the cache needs to initialize. It can be empty or null.
flushCache() flushes all cache entries.
releaseCache() releases the cache. This method is not guaranteed to be called at server shutdown. Although the cache will normally be instantiated and initialized only once, at server start time, an implementation should be robust in the face of multiple instantiations and multiple calls to init and release.
cacheAssertion(String assertionId , String issuer , long expire)
caches the assertion ID and issuer of a consumed assertion. This method must return false if this ID/Issuer combination has already been cached (the one-use policy has failed for the referenced assertion). Otherwise, this method must cache the ID/Issuer and return true. The expire parameter is the NotOnOrAfter time of the to-be-cached assertion. After this time, the cache entry may be discarded, as the assertion is no longer valid and hence cannot be re-used. The method returns true if the referenced assertion was successfully cached; false if the referenced assertion was already in cache.
|