...
| Code Block | ||
|---|---|---|
| ||
public Interface Ticket {
/**
* Get a String uniquely identifying this Ticket within this instance of CAS Server.
* The id must contain a substring that is drawn uniformly at random from a large space --
* this is vital to the security of a CAS implementation.
*/
public String getId();
/**
* Get the GrantingTicket from which this Ticket was generated.
* Returns null in the case where this Ticket was not created from a GrantingTicket.
*/
public GrantingTicket getGrantor();
/**
* Get the Date at which this Ticket was created.
* It is not expected that ticket consumers will use this method to themselves calculate
* expiry. Rather, timestamp of creation is an attribute of tickets, made available for such purposes
* as logging, verification that expiry is behaving properly, etc.
*/
public Date getTimestamp();
/**
* Is this ticket expired?
*/
public boolean isExpired();
}
|
GrantingTickets add to Ticket an additional property: the immediate authenticated Principal to which the GrantingTicket was issued. This might be a user Principal, in the case of the GrantingTicket that is stored into a secure cookie in a user's web browser, or this might be a service Principal, in the case of a GrantingTicket that was issued by secure callback to an application or to an otherwise authenticated application out there on the Internet.
...