4.3.2. The CredentialStorage
interface
The
CredentialStorage
interface is essentially used to represent the state required to validate an account's credentials, and is persisted within the identity store. The base interface is quite simple and only declares two methods - getEffectiveDate()
and getExpiryDate()
:
public interface CredentialStorage { @Stored Date getEffectiveDate(); @Stored Date getExpiryDate(); }
The most significant thing to note above is the usage of the
@Stored
annotation. This annotation is used to mark the properties of the CredentialStorage
implementation that should be persisted. The only requirement for any property values that are marked as @Stored
is that they are serializable (i.e. they implement the java.io.Serializable
interface). The @Stored
annotation may be placed on either the getter method or the field variable itself. An implementation of CredentialStorage
will typically declare a number of properties (in addition to the effectiveDate
and expiryDate
properties) annotated with @Stored
. Here's an example of one of a CredentialStorage
implementation that is built into PicketLink - EncodedPasswordStorage
is used to store a password hash and salt value:
public class EncodedPasswordStorage implements CredentialStorage { private Date effectiveDate; private Date expiryDate; private String encodedHash; private String salt; @Override @Stored public Date getEffectiveDate() { return effectiveDate; } public void setEffectiveDate(Date effectiveDate) { this.effectiveDate = effectiveDate; } @Override @Stored public Date getExpiryDate() { return expiryDate; } public void setExpiryDate(Date expiryDate) { this.expiryDate = expiryDate; } @Stored public String getEncodedHash() { return encodedHash; } public void setEncodedHash(String encodedHash) { this.encodedHash = encodedHash; } @Stored public String getSalt() { return this.salt; } public void setSalt(String salt) { this.salt = salt; } }