Module org.elasticsearch.security
Class CachingServiceAccountTokenStore
java.lang.Object
org.elasticsearch.xpack.security.authc.service.CachingServiceAccountTokenStore
- All Implemented Interfaces:
ServiceAccountTokenStore,CacheInvalidatorRegistry.CacheInvalidator
- Direct Known Subclasses:
FileServiceAccountTokenStore,IndexServiceAccountTokenStore
public abstract class CachingServiceAccountTokenStore
extends Object
implements ServiceAccountTokenStore, CacheInvalidatorRegistry.CacheInvalidator
-
Nested Class Summary
Nested classes/interfaces inherited from interface org.elasticsearch.xpack.security.authc.service.ServiceAccountTokenStore
ServiceAccountTokenStore.StoreAuthenticationResult -
Field Summary
Fields -
Method Summary
Modifier and TypeMethodDescriptionvoidauthenticate(ServiceAccountToken token, ActionListener<ServiceAccountTokenStore.StoreAuthenticationResult> listener) Verify the given token for encapsulated service account and credentialprotected Settingsprotected ThreadPoolfinal voidinvalidate(Collection<String> qualifiedTokenNames) Invalidate cache entries with keys matching to the specified qualified token names.final voidMethods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface org.elasticsearch.xpack.security.support.CacheInvalidatorRegistry.CacheInvalidator
shouldClearOnSecurityIndexStateChange
-
Field Details
-
CACHE_HASH_ALGO_SETTING
-
CACHE_TTL_SETTING
-
CACHE_MAX_TOKENS_SETTING
-
-
Method Details
-
authenticate
public void authenticate(ServiceAccountToken token, ActionListener<ServiceAccountTokenStore.StoreAuthenticationResult> listener) Description copied from interface:ServiceAccountTokenStoreVerify the given token for encapsulated service account and credential- Specified by:
authenticatein interfaceServiceAccountTokenStore
-
invalidate
Invalidate cache entries with keys matching to the specified qualified token names.- Specified by:
invalidatein interfaceCacheInvalidatorRegistry.CacheInvalidator- Parameters:
qualifiedTokenNames- The list of qualified toke names. If a name has trailing slash, it is treated as a prefix wildcard, i.e. all keys with this prefix are considered matching.
-
invalidateAll
public final void invalidateAll()- Specified by:
invalidateAllin interfaceCacheInvalidatorRegistry.CacheInvalidator
-
getSettings
-
getThreadPool
-