| Package | Description |
|---|---|
| com.iplanet.dpro.session |
This package contains classes that represents a session and its
all session related information
|
| com.iplanet.dpro.session.monitoring | |
| com.iplanet.dpro.session.operations | |
| com.iplanet.dpro.session.operations.strategies | |
| com.iplanet.dpro.session.service |
This package contains classes and interfaces that represent
methods to validate/update/destroy/persist/retrieve the internal session data
|
| com.iplanet.dpro.session.service.cluster | |
| com.iplanet.dpro.session.utils | |
| com.iplanet.services.naming | |
| com.iplanet.sso.providers.dpro |
This package contains classes that represent SSOProvider
|
| com.sun.identity.authentication.client | |
| com.sun.identity.authentication.service | |
| com.sun.identity.session.util |
This package contains session untility classes and the SSO (single Sign on )
token restrictions classes
|
| org.forgerock.openam.core | |
| org.forgerock.openam.core.rest.authn.core |
This package contains core classes and methods for starting and continuing the authentication process.
|
| org.forgerock.openam.core.rest.authn.core.wrappers |
This package contains wrapper class around core method calls.
|
| org.forgerock.openam.cts.api.tokens |
The Tokens of the Core Token Service.
|
| org.forgerock.openam.cts.utils |
Utilities and conversion functions to assist with the Core Token Service.
|
| org.forgerock.openam.dpro.session | |
| org.forgerock.openam.rest.resource |
This package contains classes for the handling of REST request to CREST Resource endpoints with the concept of realms
in OpenAM built in.
|
| org.forgerock.openam.session | |
| org.forgerock.openam.session.authorisation | |
| org.forgerock.openam.session.service |
Defines interfaces and classes for the Session Service.
|
| org.forgerock.openam.session.service.access.persistence |
Defines interfaces for handling session persistence.
|
| org.forgerock.openam.session.service.access.persistence.caching |
Defines an interface and implementations for handling session caching.
|
| org.forgerock.openam.session.service.access.persistence.watchers | |
| org.forgerock.openam.sso.providers.stateless |
| Modifier and Type | Method and Description |
|---|---|
SessionID |
SessionID.generateRelatedSessionID(SessionServerConfig serverConfig) |
static SessionID |
SessionID.generateSessionID(SessionServerConfig serverConfig,
String domain)
Generates new SessionID
|
static SessionID |
SessionID.generateStatelessSessionID(SessionServerConfig serverConfig,
String domain,
String jwt)
Generates a new stateless session ID.
|
SessionID |
Session.getID()
Returns the session ID.
|
SessionID |
Session.getSessionID() |
| Modifier and Type | Method and Description |
|---|---|
static Session |
Session.getSession(SessionID sid) |
static String |
SessionID.makeRelatedSessionID(String encryptedID,
SessionID prototype)
Generates encoded session id string which uses the same extensions and
tail part as prototype session id, but a different encrypted ID.
|
protected void |
Session.setID(SessionID sessionID)
Updates the ID of the session.
|
| Constructor and Description |
|---|
Session(SessionID sid)
Constructor used by this package only.
|
| Modifier and Type | Method and Description |
|---|---|
boolean |
MonitoredOperations.checkSessionExists(SessionID sessionId) |
String |
MonitoredOperations.deferenceRestrictedID(Session session,
SessionID restrictedID) |
String |
MonitoredOperations.getRestrictedTokenId(SessionID masterSid,
TokenRestriction restriction) |
SessionInfo |
MonitoredOperations.getSessionInfo(SessionID sid,
boolean reset) |
Session |
MonitoredOperations.resolveSession(SessionID sessionID) |
void |
MonitoredOperations.setExternalProperty(SSOToken clientToken,
SessionID sessionId,
String name,
String value) |
| Modifier and Type | Method and Description |
|---|---|
boolean |
SessionOperations.checkSessionExists(SessionID sessionId)
Check whether a session identified by {code sessionId} can be retrieved.
|
String |
SessionOperations.deferenceRestrictedID(Session session,
SessionID restrictedID)
Given a restricted token, returns the SSOTokenID of the master token
can only be used if the requester is an app token
|
SessionOperations |
SessionOperationStrategy.getOperation(SessionID sessionID)
Based on the Session, determine the appropriate SessionOperations strategy to select.
|
SessionOperations |
ClientSdkSessionOperationStrategy.getOperation(SessionID sessionID)
Provides a remote SessionOperation.
|
SessionOperations |
ServerSessionOperationStrategy.getOperation(SessionID sessionID)
Based on the Session, determine the appropriate SessionOperations strategy to select.
|
String |
SessionOperations.getRestrictedTokenId(SessionID masterSessionId,
TokenRestriction restriction)
Gets the restricted token ID for a session.
|
SessionInfo |
SessionOperations.getSessionInfo(SessionID sessionId,
boolean reset)
Get the Session Info Object from the Session ID.
|
Session |
SessionOperations.resolveSession(SessionID sessionID)
Retrieves the Session from the Session ID.
|
void |
SessionOperations.setExternalProperty(SSOToken clientToken,
SessionID sessionId,
String name,
String value)
Sets an external property in the session.
|
| Modifier and Type | Method and Description |
|---|---|
boolean |
LocalOperations.checkSessionExists(SessionID sessionId) |
boolean |
StatelessOperations.checkSessionExists(SessionID sessionId) |
boolean |
ClientSdkOperations.checkSessionExists(SessionID sessionId) |
String |
LocalOperations.deferenceRestrictedID(Session session,
SessionID restrictedID) |
String |
StatelessOperations.deferenceRestrictedID(Session session,
SessionID restrictedID) |
String |
ClientSdkOperations.deferenceRestrictedID(Session session,
SessionID restrictedID) |
String |
LocalOperations.getRestrictedTokenId(SessionID masterSessionId,
TokenRestriction restriction)
Returns the restricted token
|
String |
StatelessOperations.getRestrictedTokenId(SessionID masterSid,
TokenRestriction restriction) |
String |
ClientSdkOperations.getRestrictedTokenId(SessionID masterSid,
TokenRestriction restriction) |
SessionInfo |
LocalOperations.getSessionInfo(SessionID sessionID,
boolean reset) |
SessionInfo |
StatelessOperations.getSessionInfo(SessionID sid,
boolean reset) |
SessionInfo |
ClientSdkOperations.getSessionInfo(SessionID sid,
boolean reset) |
Session |
LocalOperations.resolveSession(SessionID sessionID) |
Session |
StatelessOperations.resolveSession(SessionID sessionID) |
Session |
ClientSdkOperations.resolveSession(SessionID sessionID) |
void |
LocalOperations.setExternalProperty(SSOToken clientToken,
SessionID sessionId,
String name,
String value) |
void |
StatelessOperations.setExternalProperty(SSOToken clientToken,
SessionID sessionId,
String name,
String value) |
void |
ClientSdkOperations.setExternalProperty(SSOToken clientToken,
SessionID sessionId,
String name,
String value) |
| Modifier and Type | Method and Description |
|---|---|
SessionID |
InternalSession.addRestrictedToken(SessionID newRestrictedTokenId,
TokenRestriction restriction)
Add new restricted token pointing at the same session to the list.
|
SessionID |
InternalSession.getID()
Returns the SessionID of this Internal Session.
|
SessionID |
InternalSession.getRestrictedTokenForRestriction(TokenRestriction restriction)
Returns the SessionID of the restricted token for the provided restriction for this session.
|
SessionID |
InternalSession.getSessionID()
Return the SessionID object which represents this InternalSession.
|
| Modifier and Type | Method and Description |
|---|---|
Set<SessionID> |
InternalSession.getRestrictedTokens()
Returns the set (possibly empty) of restricted session IDs associated with this session.
|
Map<String,Set<SessionID>> |
InternalSession.getSessionEventURLs()
Returns the URL of the Session events and the associated master and
restricted token ids.
|
| Modifier and Type | Method and Description |
|---|---|
SessionID |
InternalSession.addRestrictedToken(SessionID newRestrictedTokenId,
TokenRestriction restriction)
Add new restricted token pointing at the same session to the list.
|
void |
InternalSession.addSessionEventURL(String url,
SessionID sid)
Adds a listener for the associated session ID.
|
boolean |
SessionService.checkSessionExists(SessionID sessionId)
Check whether a session identified by {code sessionId} can be retrieved.
|
void |
SessionService.destroyAuthenticationSession(SessionID sessionID)
Destroy a Internal Session, whose session id has been specified.
|
void |
SessionService.destroySession(Session requester,
SessionID sessionToDestroy)
Destroy a Internal Session, depending on the value of the user's permissions.
|
TokenRestriction |
InternalSession.getRestrictionForToken(SessionID sid)
Returns the TokenRestriction for the given SessionID.
|
InternalSession |
AuthenticationSessionStore.getSession(SessionID sessionID)
Lookup the Session based on its Session ID.
|
SessionInfo |
SessionService.getSessionInfo(SessionID sid,
boolean reset)
Returns the Session information.
|
boolean |
SessionServerConfig.isLocalSite(SessionID sid)
Checks if server instance identified by serverID is the same as local
instance
|
void |
AuthenticationSessionStore.promoteSession(SessionID sessionID)
Moves the specified session out of this store and into the persistent store.
|
InternalSession |
AuthenticationSessionStore.removeSession(SessionID sessionID)
There are cases where an authentication session is created but never used.
|
void |
SessionService.setExternalProperty(SSOToken clientToken,
SessionID sessionId,
String name,
String value)
Sets external property in the Internal Session as long as it is not
protected
|
| Constructor and Description |
|---|
InternalSession(SessionID sid)
Creates a new InternalSession with the given Session ID.
|
| Modifier and Type | Method and Description |
|---|---|
String |
SingleServerClusterMonitor.getCurrentHostServer(SessionID sid)
Identify the host (aka home or authoritative) server for the provided session.
|
String |
ClusterMonitor.getCurrentHostServer(SessionID sessionId)
Identify the host (aka home or authoritative) server for the provided session.
|
String |
MultiServerClusterMonitor.getCurrentHostServer(SessionID sid)
Identify the host (aka home or authoritative) server for the provided session.
|
| Modifier and Type | Method and Description |
|---|---|
SessionInfo |
SessionInfoFactory.getSessionInfo(InternalSession internalSession,
SessionID sessionID)
Generates a SessionInfo which is a summary state of the Session used to
refresh remote instances of a Session.
|
SessionInfo |
SessionInfoFactory.makeSessionInfo(InternalSession internalSession,
SessionID sid)
Generates a SessionInfo object from the given InternalSession.
|
void |
SessionInfoFactory.validateSession(InternalSession internalSession,
SessionID sid)
Validates the state of an Internal Session against a Session ID.
|
| Modifier and Type | Method and Description |
|---|---|
static String |
WebtopNaming.mapSiteToServer(SessionID sid)
Return the mapped server URL if there is a site.
|
| Constructor and Description |
|---|
SSOTokenIDImpl(SessionID sid)
Creates a SSOTokenIDImpl object
|
| Modifier and Type | Method and Description |
|---|---|
static SessionID |
AuthClientUtils.getSessionIDFromRequest(javax.servlet.http.HttpServletRequest request)
Returns the Session ID for this request.
|
| Modifier and Type | Method and Description |
|---|---|
static String |
AuthClientUtils.getCookieURL(SessionID sessionID) |
static SSOToken |
AuthClientUtils.getExistingValidSSOToken(SessionID sessID) |
static javax.servlet.http.Cookie |
AuthClientUtils.getLogoutCookie(SessionID sid,
String cookieDomain)
Returns the Logout cookie.
|
static String |
AuthClientUtils.getLogoutCookieString(SessionID sid)
Returns the encrpted Logout cookie string .
|
static String |
AuthClientUtils.getOrigRedirectURL(javax.servlet.http.HttpServletRequest request,
SessionID sessID) |
static boolean |
AuthClientUtils.isTimedOut(SessionID sessID) |
| Modifier and Type | Method and Description |
|---|---|
SessionID |
LoginState.getSid()
Returns Session ID.
|
| Modifier and Type | Method and Description |
|---|---|
protected Subject |
DefaultSessionActivator.addSSOTokenPrincipal(Subject subject,
SessionID sid) |
static void |
AuthUtils.clearAllCookiesByDomain(SessionID sid,
String cookieDomain,
javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response) |
void |
AuthD.destroySession(SessionID sid)
Destroy sessionfor given
SessionID |
static AuthContextLocal |
AuthUtils.getAuthContext(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
SessionID sid,
boolean isSessionUpgrade,
boolean isBackPost)
Returns the authentication context for a request.
|
static AuthContextLocal |
AuthUtils.getAuthContext(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
SessionID sessionId,
boolean isSessionUpgrade,
boolean isBackPost,
boolean isLogout,
boolean isRestAuth)
Returns the authentication context for a request.
|
static InternalSession |
AuthD.getSession(SessionID sessionId)
Returns the session associated with a session ID.
|
static boolean |
AuthUtils.newSessionArgExists(Map<String,String> decodedRequestData,
SessionID sessionId) |
static void |
AuthUtils.removeAuthContext(SessionID sid)
Removes the AuthContextLocal object in the Session object identified
by the SessionID object parameter 'sid'.
|
| Modifier and Type | Method and Description |
|---|---|
static String |
SessionUtils.getEncryptedStorageKey(SessionID clear) |
| Modifier and Type | Method and Description |
|---|---|
SessionID |
CoreServicesWrapper.getSessionIDFromRequest(javax.servlet.http.HttpServletRequest request)
Gets the Session Id from the HttpServletRequest.
|
| Modifier and Type | Method and Description |
|---|---|
SSOToken |
CoreServicesWrapper.getExistingValidSSOToken(SessionID sessionID)
Gets the SSO Token for an existing valid session.
|
| Modifier and Type | Method and Description |
|---|---|
SessionID |
AuthenticationContext.getSessionID()
Returns the Session ID for the login process.
|
| Modifier and Type | Method and Description |
|---|---|
SessionID |
AuthContextLocalWrapper.getSessionID()
Returns the Session ID for the login process.
|
| Modifier and Type | Method and Description |
|---|---|
AuthContextLocalWrapper |
CoreServicesWrapper.getAuthContext(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
SessionID sessionID,
boolean isSessionUpgrade,
boolean isBackPost)
Will either create or retrieve an existing AuthContextLocal.
|
| Modifier and Type | Method and Description |
|---|---|
String |
TokenIdFactory.toSessionTokenId(SessionID sessionID)
Extract a suitable Id from the SessionId to use as the Token Id.
|
| Modifier and Type | Method and Description |
|---|---|
String |
KeyConversion.encryptKey(SessionID key)
Encrypt the Session key.
|
| Constructor and Description |
|---|
InvalidSessionIdException(SessionID sessionId)
Constructs a new exception object.
|
| Modifier and Type | Method and Description |
|---|---|
SessionID |
SubjectContext.getCallerSessionID()
Returns the session ID created from the token ID.
|
SessionID |
SSOTokenContext.getCallerSessionID() |
| Modifier and Type | Method and Description |
|---|---|
SessionID |
AMSession.getID()
Get the Id of the session.
|
| Modifier and Type | Method and Description |
|---|---|
String |
SessionCookies.getLBCookie(SessionID sid)
Returns load balancer cookie value for the Session.
|
Session |
SessionCache.getSession(SessionID sid)
Returns a session based on a Session ID object.
|
Session |
SessionCache.getSession(SessionID sessionID,
boolean allowInvalidSessions)
Returns a Session based on a Session ID object.
|
Session |
SessionCache.getSession(SessionID sessionID,
boolean allowInvalidSessions,
boolean possiblyResetIdleTime)
This function will get a session based on the session id.
|
URL |
SessionServiceURLService.getSessionServiceURL(SessionID sid)
Returns Session Service URL for a Session ID.
|
boolean |
SessionCache.hasSession(SessionID sessionID)
Checks for a Session in the Session cache.
|
Session |
SessionCache.readSession(SessionID sessionID)
Reads a Session from the Session table.
|
void |
SessionCache.removeSID(SessionID sid)
Removes the
SessionID from session table. |
| Modifier and Type | Method and Description |
|---|---|
void |
SessionChangeAuthorizer.checkPermissionToDestroySession(Session requester,
SessionID sessionId)
Checks if the requester has the necessary permission to destroy the provided session.
|
Set<String> |
SessionChangeAuthorizer.getSessionSubjectOrganisations(SessionID sessionID)
Gets the organisations assigned to the session subject
|
boolean |
SessionChangeAuthorizer.hasPermissionToDestroySession(Session requester,
SessionID sessionId)
Checks if the requester has the necessary permission to destroy the provided session.
|
boolean |
SessionChangeAuthorizer.hasTopLevelAdminRole(SessionID actorsSessionID)
Returns true if the subject has top level admin role
|
| Modifier and Type | Method and Description |
|---|---|
InternalSession |
SessionAccessManager.getByRestrictedID(SessionID sessionID)
Get a restricted session from a given SessionID.
|
String |
ServicesClusterMonitorHandler.getCurrentHostServer(SessionID sid)
This is a key method for "internal request routing" mode It determines
the server id which is currently hosting session identified by sid.
|
InternalSession |
SessionAccessManager.getInternalSession(SessionID sessionId)
Get the InternalSession based on the SessionId.
|
Session |
SessionAccessManager.getSession(SessionID sessionId)
Get the Session based on the SessionId.
|
void |
SessionAccessManager.removeSessionId(SessionID sessionID)
Removes a session from the session cache.
|
| Modifier and Type | Method and Description |
|---|---|
void |
SessionPersistenceStore.delete(SessionID sessionID)
Remove the provided session from the CTS.
|
InternalSession |
InternalSessionStore.getByRestrictedID(SessionID sessionID)
Gets a restricted session from a given SessionID.
|
InternalSession |
InternalSessionStoreChain.getByRestrictedID(SessionID sessionID) |
InternalSession |
InternalSessionPersistenceStore.getByRestrictedID(SessionID sessionID) |
InternalSession |
SessionPersistenceStore.getByRestrictedID(SessionID sessionID)
Get a restricted session from a given SessionID.
|
InternalSession |
InternalSessionStoreStep.getByRestrictedID(SessionID sessionID,
InternalSessionStore next)
Gets a restricted session from a given SessionID.
|
InternalSession |
TimeOutSessionFilterStep.getByRestrictedID(SessionID sessionID,
InternalSessionStore next) |
InternalSession |
SessionPersistenceManagerStep.getByRestrictedID(SessionID sessionID,
InternalSessionStore next) |
InternalSession |
AbstractInternalSessionStoreStep.getByRestrictedID(SessionID sessionID,
InternalSessionStore next) |
InternalSession |
InternalSessionStore.getBySessionID(SessionID sessionID)
Gets a session from a given SessionID.
|
InternalSession |
InternalSessionStoreChain.getBySessionID(SessionID sessionID) |
InternalSession |
InternalSessionPersistenceStore.getBySessionID(SessionID sessionID) |
InternalSession |
InternalSessionStoreStep.getBySessionID(SessionID sessionID,
InternalSessionStore next)
Gets a session from a given SessionID.
|
InternalSession |
TimeOutSessionFilterStep.getBySessionID(SessionID sessionID,
InternalSessionStore next) |
InternalSession |
SessionPersistenceManagerStep.getBySessionID(SessionID sessionID,
InternalSessionStore next) |
InternalSession |
AbstractInternalSessionStoreStep.getBySessionID(SessionID sessionID,
InternalSessionStore next) |
InternalSession |
SessionPersistenceStore.recoverSession(SessionID sessionID)
This will recover the specified session from the repository based on the provided session id.
|
| Modifier and Type | Method and Description |
|---|---|
InternalSession |
InMemoryInternalSessionCacheStep.getByRestrictedID(SessionID sessionID,
InternalSessionStore next) |
InternalSession |
InMemoryInternalSessionCacheStep.getBySessionID(SessionID sessionID,
InternalSessionStore next) |
void |
InMemoryInternalSessionCacheStep.invalidateCache(SessionID sessionID) |
| Modifier and Type | Method and Description |
|---|---|
void |
SessionModificationListener.sessionChanged(SessionID sessionID)
Called on session modification or deletion.
|
| Modifier and Type | Method and Description |
|---|---|
SessionID |
StatelessSession.getID() |
SessionID |
StatelessSession.getSessionID() |
| Modifier and Type | Method and Description |
|---|---|
boolean |
StatelessSessionManager.containsJwt(SessionID sid)
Determines whether the given session id contains a client-side JWT.
|
StatelessSession |
StatelessSessionManager.generate(SessionID sessionID) |
static String |
StatelessSessionManager.getJWTFromSessionID(SessionID sessionID,
boolean cleanupC66Encoding)
Understands the detail around extracting the encoded JWT from the SessionID.
|
SessionInfo |
StatelessSessionManager.getSessionInfo(SessionID sessionID)
Will create the SessionInfo from the JWT contained within the
SessionID.
|
| Constructor and Description |
|---|
StatelessSession(SessionID sid,
SessionInfo sessionInfo,
StatelessSessionManager statelessSessionManager)
Constructs the stateless session with the given ID, session state and session factory.
|
Copyright © 2010–2025 Open Identity Platform Community. All rights reserved.