| Package | Description |
|---|---|
| com.iplanet.dpro.session |
This package contains classes that represents a session and its
all session related information
|
| com.iplanet.dpro.session.monitoring | |
| com.iplanet.dpro.session.operations | |
| com.iplanet.dpro.session.operations.strategies | |
| com.iplanet.dpro.session.service |
This package contains classes and interfaces that represent
methods to validate/update/destroy/persist/retrieve the internal session data
|
| com.iplanet.dpro.session.service.cluster | |
| com.iplanet.dpro.session.share |
This package contains shared session classes that represent
session information,handle the session notification and process the
URL encoding
|
| com.iplanet.dpro.session.utils | |
| com.sun.identity.authentication.service | |
| com.sun.identity.session.util |
This package contains session untility classes and the SSO (single Sign on )
token restrictions classes
|
| org.forgerock.openam.authentication.service |
A collection of classes which support the authentication service.
|
| org.forgerock.openam.core.rest.session |
Session-resource specific classes.
|
| org.forgerock.openam.dpro.session | |
| org.forgerock.openam.session | |
| org.forgerock.openam.session.authorisation | |
| org.forgerock.openam.session.service |
Defines interfaces and classes for the Session Service.
|
| org.forgerock.openam.session.service.access |
Defines interfaces for handling session access.
|
| org.forgerock.openam.session.service.access.persistence |
Defines interfaces for handling session persistence.
|
| org.forgerock.openam.sso.providers.stateless |
| Modifier and Type | Class and Description |
|---|---|
class |
SessionTimedOutException
A
SessionTimedOutException is thrown if the Session has timed
out. |
| Modifier and Type | Method and Description |
|---|---|
void |
Session.addSessionListener(SessionListener listener)
Adds a session listener for session change events.
|
void |
Session.addSessionListener(SessionListener listener,
boolean force)
Adds a session listener for session change events.
|
String |
Session.dereferenceRestrictedTokenID(Session session,
String restrictedId)
Given a restricted token, returns the SSOTokenID of the master token
can only be used if the requester is an app token
This functionality is only available in server mode.
|
void |
Session.destroySession(Session session)
Destroys a session.
|
SessionID |
SessionID.generateRelatedSessionID(SessionServerConfig serverConfig) |
String |
SessionID.generateSessionHandle(SessionServerConfig serverConfig) |
static SessionID |
SessionID.generateSessionID(SessionServerConfig serverConfig,
String domain)
Generates new SessionID
|
static SessionID |
SessionID.generateStatelessSessionID(SessionServerConfig serverConfig,
String domain,
String jwt)
Generates a new stateless session ID.
|
long |
Session.getIdleTime()
Returns the session idle time in seconds.
|
String |
Session.getProperty(String name)
Gets the property stored in this session.
|
TokenRestriction |
Session.getRestriction() |
static Session |
Session.getSession(SessionID sid) |
URL |
Session.getSessionServiceURL()
Gets the Session Service URL for this session object.
|
SessionState |
Session.getState(boolean reset)
Returns the state of the session.
|
long |
Session.getTimeLeft()
Returns the time left for this session in seconds.
|
SearchResults<Session> |
Session.getValidSessions(String server,
String pattern)
Gets all valid sessions from the specified session server.
|
boolean |
Session.isRestricted()
Returns true if the SSOTokenID associated with this SSOToken is a
restricted token, false otherwise.
|
boolean |
Session.isTimedOut()
Returns true if the session has timed out.
|
void |
Session.logout()
Logs out a session.
|
static String |
SessionID.makeRelatedSessionID(String encryptedID,
SessionID prototype)
Generates encoded session id string which uses the same extensions and
tail part as prototype session id, but a different encrypted ID.
|
void |
Session.refresh(boolean reset)
Gets the latest session from session server and updates the local cache
of this session.
|
SessionResponse |
ClientSdkSessionRequests.sendRequest(URL svcurl,
SessionRequest sreq,
Session session)
Sends remote session request without retries.
|
void |
Session.setProperty(String name,
String value)
Sets a property for this session.
|
void |
Session.update(SessionInfo info)
Updates the session from the session information server.
|
void |
SessionID.validate()
This method validates that the received session ID points to an existing server ID, and the site ID also
corresponds to the server ID found in the session.
|
| Modifier and Type | Method and Description |
|---|---|
void |
MonitoredOperations.addSessionListener(Session session,
String url) |
boolean |
MonitoredOperations.checkSessionExists(SessionID sessionId) |
String |
MonitoredOperations.deferenceRestrictedID(Session session,
SessionID restrictedID) |
void |
MonitoredOperations.destroy(Session requester,
Session session) |
Collection<PartialSession> |
MonitoredOperations.getMatchingSessions(CrestQuery crestQuery) |
String |
MonitoredOperations.getRestrictedTokenId(SessionID masterSid,
TokenRestriction restriction) |
SessionInfo |
MonitoredOperations.getSessionInfo(SessionID sid,
boolean reset) |
SearchResults<SessionInfo> |
MonitoredOperations.getValidSessions(Session session,
String pattern) |
void |
MonitoredOperations.logout(Session session)
Performs the logout operation on the Session.
|
SessionInfo |
MonitoredOperations.refresh(Session session,
boolean reset)
Performs a refresh of the Session and return a summary of the Session information.
|
Session |
MonitoredOperations.resolveSession(SessionID sessionID) |
void |
MonitoredOperations.setExternalProperty(SSOToken clientToken,
SessionID sessionId,
String name,
String value) |
void |
MonitoredOperations.setProperty(Session session,
String name,
String value)
Assigns the property to the Session.
|
| Modifier and Type | Method and Description |
|---|---|
void |
SessionOperations.addSessionListener(Session session,
String url)
Add a session listener notification url.
|
boolean |
SessionOperations.checkSessionExists(SessionID sessionId)
Check whether a session identified by {code sessionId} can be retrieved.
|
String |
SessionOperations.deferenceRestrictedID(Session session,
SessionID restrictedID)
Given a restricted token, returns the SSOTokenID of the master token
can only be used if the requester is an app token
|
void |
SessionOperations.destroy(Session requester,
Session session)
Destroys the Session by removing it and moving it to the DESTROY state.
|
Collection<PartialSession> |
SessionOperations.getMatchingSessions(CrestQuery crestQuery)
Returns partial sessions from the session service backend that matches the provided CREST query.
|
String |
SessionOperations.getRestrictedTokenId(SessionID masterSessionId,
TokenRestriction restriction)
Gets the restricted token ID for a session.
|
SessionInfo |
SessionOperations.getSessionInfo(SessionID sessionId,
boolean reset)
Get the Session Info Object from the Session ID.
|
SearchResults<SessionInfo> |
SessionOperations.getValidSessions(Session session,
String pattern)
Returns all sessions which are accessible using the provided session for authorization, and which match the
provided filter.
|
void |
SessionOperations.logout(Session session)
Performs the logout operation on the Session.
|
SessionInfo |
SessionOperations.refresh(Session session,
boolean reset)
Performs a refresh of the Session and return a summary of the Session information.
|
Session |
SessionOperations.resolveSession(SessionID sessionID)
Retrieves the Session from the Session ID.
|
void |
SessionOperations.setExternalProperty(SSOToken clientToken,
SessionID sessionId,
String name,
String value)
Sets an external property in the session.
|
void |
SessionOperations.setProperty(Session session,
String name,
String value)
Assigns the property to the Session.
|
| Modifier and Type | Method and Description |
|---|---|
void |
ClientSdkOperations.addSessionListener(Session session,
String url) |
void |
StatelessOperations.addSessionListener(Session session,
String url) |
void |
LocalOperations.addSessionListener(Session session,
String url) |
boolean |
ClientSdkOperations.checkSessionExists(SessionID sessionId) |
boolean |
StatelessOperations.checkSessionExists(SessionID sessionId) |
boolean |
LocalOperations.checkSessionExists(SessionID sessionId) |
String |
ClientSdkOperations.deferenceRestrictedID(Session session,
SessionID restrictedID) |
String |
StatelessOperations.deferenceRestrictedID(Session session,
SessionID restrictedID) |
String |
LocalOperations.deferenceRestrictedID(Session session,
SessionID restrictedID) |
void |
ClientSdkOperations.destroy(Session requester,
Session session)
Destroys the Session via the Session remote service URL.
|
void |
StatelessOperations.destroy(Session requester,
Session session) |
void |
LocalOperations.destroy(Session requester,
Session session)
Destroy the Session using the SessionService.
|
Collection<PartialSession> |
StatelessOperations.getMatchingSessions(CrestQuery crestQuery)
This implementation will forward the query call to the local operations in order to allow the return of stateful
sessions even when the request was initiated using a stateless session.
|
Collection<PartialSession> |
LocalOperations.getMatchingSessions(CrestQuery crestQuery) |
String |
ClientSdkOperations.getRestrictedTokenId(SessionID masterSid,
TokenRestriction restriction) |
String |
StatelessOperations.getRestrictedTokenId(SessionID masterSid,
TokenRestriction restriction) |
String |
LocalOperations.getRestrictedTokenId(SessionID masterSessionId,
TokenRestriction restriction)
Returns the restricted token
|
SessionInfo |
StatelessOperations.getSessionInfo(SessionID sid,
boolean reset) |
SessionInfo |
LocalOperations.getSessionInfo(SessionID sessionID,
boolean reset) |
SearchResults<SessionInfo> |
ClientSdkOperations.getValidSessions(Session session,
String pattern) |
SearchResults<SessionInfo> |
StatelessOperations.getValidSessions(Session session,
String pattern) |
SearchResults<SessionInfo> |
LocalOperations.getValidSessions(Session s,
String pattern)
Gets all valid Internal Sessions, depending on the value of the user's
preferences.
|
void |
ClientSdkOperations.logout(Session session)
Performs a logout operation by making a remote request based
on the Sessions service URL.
|
void |
StatelessOperations.logout(Session session) |
void |
LocalOperations.logout(Session session) |
SessionInfo |
ClientSdkOperations.refresh(Session session,
boolean reset) |
SessionInfo |
StatelessOperations.refresh(Session session,
boolean reset) |
SessionInfo |
LocalOperations.refresh(Session session,
boolean reset)
Fetches the SessionInfo from the SessionService.
|
Session |
ClientSdkOperations.resolveSession(SessionID sessionID) |
Session |
StatelessOperations.resolveSession(SessionID sessionID) |
Session |
LocalOperations.resolveSession(SessionID sessionID) |
void |
ClientSdkOperations.setExternalProperty(SSOToken clientToken,
SessionID sessionId,
String name,
String value) |
void |
StatelessOperations.setExternalProperty(SSOToken clientToken,
SessionID sessionId,
String name,
String value) |
void |
LocalOperations.setExternalProperty(SSOToken clientToken,
SessionID sessionId,
String name,
String value) |
void |
ClientSdkOperations.setProperty(Session session,
String name,
String value)
Perform a remote setProperty on the Session using the remote Service URL.
|
void |
StatelessOperations.setProperty(Session session,
String name,
String value) |
void |
LocalOperations.setProperty(Session session,
String name,
String value)
Sets the property using the SessionService.
|
| Modifier and Type | Method and Description |
|---|---|
void |
SessionService.addSessionListener(Session session,
String url)
Adds listener to a Internal Sessions.
|
boolean |
SessionService.checkSessionExists(SessionID sessionId)
Check whether a session identified by {code sessionId} can be retrieved.
|
void |
SessionService.destroySession(Session requester,
SessionID sessionToDestroy)
Destroy a Internal Session, depending on the value of the user's permissions.
|
Collection<PartialSession> |
SessionService.getMatchingSessions(Session caller,
CrestQuery crestQuery)
Returns partial (stateful) sessions matching the provided CREST query.
|
String |
SessionService.getRestrictedTokenId(String masterSid,
TokenRestriction restriction)
Returns the restricted token
|
SessionInfo |
SessionService.getSessionInfo(SessionID sid,
boolean reset)
Returns the Session information.
|
SearchResults<SessionInfo> |
SessionService.getValidSessions(Session s,
String pattern)
Gets all valid Internal Sessions, depending on the value of the user's
preferences.
|
void |
SessionService.logout(Session session)
Logout the user.
|
void |
InternalSession.putExternalProperty(SSOToken clientToken,
String key,
String value)
Sets the key-value pair in the InternalSession property table if it is
not protected.
|
void |
SessionService.setExternalProperty(SSOToken clientToken,
SessionID sessionId,
String name,
String value)
Sets external property in the Internal Session as long as it is not
protected
|
| Modifier and Type | Method and Description |
|---|---|
String |
ClusterMonitor.getCurrentHostServer(SessionID sessionId)
Identify the host (aka home or authoritative) server for the provided session.
|
String |
MultiServerClusterMonitor.getCurrentHostServer(SessionID sid)
Identify the host (aka home or authoritative) server for the provided session.
|
| Modifier and Type | Method and Description |
|---|---|
static SessionResponse |
SessionResponse.parseXML(String xml)
This method is used primarily at the client side to reconstruct a
SessionResponse object based on the XML document received
from server. |
| Modifier and Type | Method and Description |
|---|---|
SessionInfo |
SessionInfoFactory.getSessionInfo(InternalSession internalSession,
SessionID sessionID)
Generates a SessionInfo which is a summary state of the Session used to
refresh remote instances of a Session.
|
SessionInfo |
SessionInfoFactory.makeSessionInfo(InternalSession internalSession,
SessionID sid)
Generates a SessionInfo object from the given InternalSession.
|
void |
SessionInfoFactory.validateSession(InternalSession internalSession,
SessionID sid)
Validates the state of an Internal Session against a Session ID.
|
| Modifier and Type | Method and Description |
|---|---|
protected boolean |
DefaultSessionActivator.activateSession(InternalSession session,
LoginState loginState) |
| Modifier and Type | Method and Description |
|---|---|
static void |
SessionUtils.checkPermissionToSetProperty(SSOToken clientToken,
String key,
String value)
Helper method to check if client has taken permission to
set value to it.
|
void |
SessionUtilsWrapper.checkPermissionToSetProperty(SSOToken clientToken,
String key,
String value)
Helper method to check if owner of
clientToken has permission to protected session properties. |
static boolean |
SessionUtils.isTrustedSource(InetAddress source)
Returns the remote IP address of the client is a trusted source
|
| Modifier and Type | Method and Description |
|---|---|
SSOToken |
AuthSessionFactory.getAuthenticationSession(String domain)
Returns the Internal Session used by the Auth Services.
|
void |
SessionPropertyUpgrader.populatePropertiesFromStateless(StatelessSession oldSession,
InternalSession newSession)
Entry point for LoginState.
|
| Modifier and Type | Method and Description |
|---|---|
void |
SessionUtilsWrapper.checkPermissionToSetProperty(SSOToken clientToken,
String key,
String value)
Delegate check permission to SessionUtils
|
| Modifier and Type | Class and Description |
|---|---|
class |
InvalidSessionIdException
This exception describes the case when a session is considered invalid, most likely because the session ID cannot be
found in the deployment.
|
| Modifier and Type | Method and Description |
|---|---|
String |
SessionCookies.getLBCookie(SessionID sid)
Returns load balancer cookie value for the Session.
|
String |
SessionCookies.getLBCookie(String sid)
Returns load balancer cookie value for the Session.
|
Session |
SessionCache.getSession(SessionID sid)
Returns a session based on a Session ID object.
|
Session |
SessionCache.getSession(SessionID sessionID,
boolean allowInvalidSessions)
Returns a Session based on a Session ID object.
|
Session |
SessionCache.getSession(SessionID sessionID,
boolean allowInvalidSessions,
boolean possiblyResetIdleTime)
This function will get a session based on the session id.
|
URL |
SessionServiceURLService.getSessionServiceURL(SessionID sid)
Returns Session Service URL for a Session ID.
|
URL |
SessionServiceURLService.getSessionServiceURL(String serverID)
Returns Session Service URL for a given server ID.
|
URL |
SessionServiceURLService.getSessionServiceURL(String protocol,
String server,
String port,
String uri)
Returns Session Service URL.
|
SessionResponse |
SessionPLLSender.sendPLLRequest(URL svcurl,
SessionRequest sreq)
Returns a Session Response object based on the XML document received from
remote Session Server.
|
| Modifier and Type | Method and Description |
|---|---|
void |
SessionChangeAuthorizer.checkPermissionToDestroySession(Session requester,
SessionID sessionId)
Checks if the requester has the necessary permission to destroy the provided session.
|
Set<String> |
SessionChangeAuthorizer.getSessionSubjectOrganisations(SessionID sessionID)
Gets the organisations assigned to the session subject
|
boolean |
SessionChangeAuthorizer.hasPermissionToDestroySession(Session requester,
SessionID sessionId)
Checks if the requester has the necessary permission to destroy the provided session.
|
boolean |
SessionChangeAuthorizer.hasTopLevelAdminRole(SessionID actorsSessionID)
Returns true if the subject has top level admin role
|
| Modifier and Type | Method and Description |
|---|---|
String |
ServicesClusterMonitorHandler.getCurrentHostServer(SessionID sid)
This is a key method for "internal request routing" mode It determines
the server id which is currently hosting session identified by sid.
|
Session |
SessionAccessManager.getSession(SessionID sessionId)
Get the Session based on the SessionId.
|
| Modifier and Type | Method and Description |
|---|---|
Map<String,Long> |
SessionQueryManager.getAllSessionsByUUID(String uuid)
Returns the expiration information of all sessions belonging to a user
(uuid).
|
Collection<PartialSession> |
SessionQueryManager.getMatchingValidSessions(CrestQuery crestQuery)
Return partial sessions matching the provided CREST query filter from the CTS servers.
|
SearchResults<SessionInfo> |
SessionQueryManager.getValidSessions(Session actingSession,
String pattern)
Gets all valid Internal Sessions, depending on the value of the user's
preferences.
|
| Modifier and Type | Method and Description |
|---|---|
Map<String,Long> |
SessionPersistenceStore.getAllSessionsByUUID(String uuid)
Returns the expiration information of all sessions belonging to a user
(uuid).
|
| Modifier and Type | Method and Description |
|---|---|
boolean |
StatelessSessionManager.containsJwt(javax.servlet.http.HttpServletRequest request) |
String |
StatelessSession.dereferenceRestrictedTokenID(Session session,
String restrictedId) |
StatelessSession |
StatelessSessionManager.generate(InternalSession internalSession) |
StatelessSession |
StatelessSessionManager.generate(SessionID sessionID) |
StatelessSession |
StatelessSessionManager.generate(SessionInfo info)
Generates a StatelessSession by converting the SessionInfo into a JWT token
which can then be used to build up the StatelessSession.
|
StatelessSession |
StatelessSessionManager.generate(String tokenId)
Generates a StatelessSession based on the String which is assumed to contain
a Jwt token.
|
String |
StatelessSession.getProperty(String name) |
SessionInfo |
StatelessSessionManager.getSessionInfo(SessionID sessionID)
Will create the SessionInfo from the JWT contained within the
SessionID.
|
SessionState |
StatelessSession.getState(boolean reset) |
boolean |
StatelessAdminRestriction.isRestricted(SSOToken token)
Indicates if a given SSOToken should be restricted when used in the
context of a Stateless Session.
|
void |
StatelessSession.setProperty(String name,
String value) |
| Constructor and Description |
|---|
StatelessSession(SessionID sid,
SessionInfo sessionInfo,
StatelessSessionManager statelessSessionManager)
Constructs the stateless session with the given ID, session state and session factory.
|
Copyright © 2010–2025 Open Identity Platform Community. All rights reserved.