Class SimpleNonceManager

java.lang.Object
io.undertow.security.impl.SimpleNonceManager
All Implemented Interfaces:
NonceManager, SessionNonceManager

public class SimpleNonceManager extends Object implements SessionNonceManager
A default NonceManager implementation to provide reasonable single host management of nonces. This NonceManager manages nonces in two groups, the first is the group that are allocated to new requests, this group is a problem as we want to be able to limit how many we distribute so we don't have a DOS storing too many but we also don't a high number of requests to to push the other valid nonces out faster than they can be used. The second group is the set of nonces actively in use - these should be maintained as we can also maintain the nonce count and even track the next nonce once invalid. Maybe group one should be a timestamp and private key hashed together, if used with a nonce count they move to be tracked to ensure the same count is not used again - if successfully used without a nonce count add to a blacklist until expiration? A nonce used without a nonce count will essentially be single use with each request getting a new nonce.
Author:
Darran Lofthouse
  • Constructor Details

    • SimpleNonceManager

      public SimpleNonceManager()
    • SimpleNonceManager

      public SimpleNonceManager(String hashAlg)
  • Method Details

    • nextNonce

      public String nextNonce(String lastNonce, HttpServerExchange exchange)
      Description copied from interface: NonceManager
      Select the next nonce to be sent from the server taking into account the last valid nonce. It is both possible and likely that the nonce last used by the client will still be valid, in that case the same nonce will be returned.
      Specified by:
      nextNonce in interface NonceManager
      Parameters:
      lastNonce - - The last valid nonce received from the client or null if we don't already have a nonce.
      Returns:
      The next nonce to be sent in a challenge to the client.
      See Also:
    • validateNonce

      public boolean validateNonce(String nonce, int nonceCount, HttpServerExchange exchange)
      Description copied from interface: NonceManager
      Validate that a nonce can be used. If the nonce can not be used but the related digest was correct then a new nonce should be returned to the client indicating that the nonce was stale. For implementations of this interface this method is not expected by be idempotent, i.e. once a nonce is validated with a specific nonceCount it is not expected that this method will return true again if the same combination is presented. This method is expected to ONLY be called if the users credentials are valid as a storage overhead could be incurred this overhead must not be accessible to unauthenticated clients.
      Specified by:
      validateNonce in interface NonceManager
      Parameters:
      nonce - - The nonce received from the client.
      nonceCount - - The nonce count from the client or -1 of none specified.
      Returns:
      true if the nonce can be used otherwise return false.
      See Also:
    • associateHash

      public void associateHash(String nonce, byte[] hash)
      Description copied from interface: SessionNonceManager
      Associate the supplied hash with the nonce specified.
      Specified by:
      associateHash in interface SessionNonceManager
      Parameters:
      nonce - - The nonce the hash is to be associated with.
      hash - - The hash to associate.
    • lookupHash

      public byte[] lookupHash(String nonce)
      Description copied from interface: SessionNonceManager
      Retrieve the existing hash associated with the nonce specified. If there is no association then null should be returned.
      Specified by:
      lookupHash in interface SessionNonceManager
      Parameters:
      nonce - - The nonce the hash is required for.
      Returns:
      The associated hash or null if there is no association.