Package jakarta.security.enterprise.identitystore

Interface RememberMeIdentityStore

public interface RememberMeIdentityStore
RememberMeIdentityStore is a mechanism for validating a caller's credentials and accessing a caller's identity attributes that's specifically tailored for the "remember me" feature.

This is not intended to be directly used by an authentication mechanism such as the Jakarta Security HttpAuthenticationMechanism or the Jakarta Authentication ServerAuthModule. Instead, the interceptor implementation backing the RememberMe annotation is intended to use this.

  • Method Details

    • validate

      CredentialValidationResult validate(RememberMeCredential credential)
      Validates the given credential.
      Parameters:
      credential - The credential to validate.
      Returns:
      The validation result, including associated caller groups.

    • generateLoginToken

      String generateLoginToken(CallerPrincipal callerPrincipal, Set<String> groups)
      Associates the given principal and groups with a token.

      The token generated by this method is intended to be used with the RememberMeCredential and passed into the validate(RememberMeCredential) method.

      Parameters:
      callerPrincipal - The principal to be associated.
      groups - The groups the principal is in.
      Returns:
      A token that can be used to get the principal and groups back at a later time.

    • removeLoginToken

      void removeLoginToken(String token)
      Dissociates the principal and groups that were associated with the token before and removes the token itself.

      If the token did not exist (i.e. no principal and groups were associated with that token) no exception will be thrown.

      Parameters:
      token - The token that is to be removed.