Package com.sun.identity.authentication.service

Class AuthUtils

    • Field Detail

      • REALM

        public static final int REALM
        Authentication type for Realm based authentication after Composite Advices
        See Also:
        Constant Field Values

      • SERVICE

        public static final int SERVICE
        Authentication type for Service based authentication after Composite Advices
        See Also:
        Constant Field Values

      • MODULE

        public static final int MODULE
        Authentication type for Module based authentication after Composite Advices
        See Also:
        Constant Field Values

      • FORCE_AUTH

        public static final String FORCE_AUTH
        Name of parameter used to indicate authn process MUST be run.
        See Also:
        Constant Field Values

    • Method Detail

      • getAuthContext

        public static AuthContextLocal getAuthContext​(jakarta.servlet.http.HttpServletRequest request,
                                              jakarta.servlet.http.HttpServletResponse response,
                                              SessionID sid,
                                              boolean isSessionUpgrade,
                                              boolean isBackPost)
                                       throws AuthException
        Returns the authentication context for a request.
        Parameters:
        request - HTTP Servlet Request.
        response - HTTP Servlet Response.
        sid - SessionID for this request.
        isSessionUpgrade - true if session upgrade.
        isBackPost - true if back posting.
        Returns:
        authentication context.
        Throws:
        AuthException

      • getAuthContext

        public static AuthContextLocal getAuthContext​(jakarta.servlet.http.HttpServletRequest request,
                                              jakarta.servlet.http.HttpServletResponse response,
                                              SessionID sessionId,
                                              boolean isSessionUpgrade,
                                              boolean isBackPost,
                                              boolean isLogout,
                                              boolean isRestAuth)
                                       throws AuthException
        Returns the authentication context for a request.
        Parameters:
        request - HTTP Servlet Request.
        response - HTTP Servlet Response.
        sessionId - SessionID for this request.
        isSessionUpgrade - true if session upgrade.
        isBackPost - true if back posting.
        isLogout - true for logout.
        isRestAuth - true if the request is coming from JSON REST/XUI.
        Returns:
        authentication context.
        Throws:
        AuthException

      • getCookieString

        public static jakarta.servlet.http.Cookie getCookieString​(AuthContextLocal ac,
                                                          String cookieDomain)
        Returns the Cookie object created based on the cookie name, Session ID and cookie domain. If Session is in invalid State then cookie is created with authentication cookie name , if Active/Inactive Session state AM Cookie Name will be used to create cookie.
        Parameters:
        ac - the AuthContext object
        cookieDomain - the cookie domain for creating cookie
        Returns:
        Cookie object.

      • getLogoutCookie

        public static jakarta.servlet.http.Cookie getLogoutCookie​(AuthContextLocal ac,
                                                          String cookieDomain)
        Returns the Logout cookie.
        Parameters:
        ac - the AuthContextLocal object
        cookieDomain - the cookieDomain
        Returns:
        Logout cookie .

      • getInetDomainStatus

        public static boolean getInetDomainStatus​(AuthContextLocal authContext)

      • newSessionArgExists

        public static boolean newSessionArgExists​(Map<String,​String> decodedRequestData,
                                          SessionID sessionId)

      • destroySession

        public static void destroySession​(AuthContextLocal authContext)

      • sessionTimedOut

        public static boolean sessionTimedOut​(AuthContextLocal authContext)
        Returns true if the session has timed out or the page has timed out.
        Parameters:
        authContext - the authentication context object for the request.
        Returns:
        true if timed out else false.

      • setlbCookie

        public static void setlbCookie​(AuthContextLocal authContext,
                               jakarta.servlet.http.HttpServletRequest request,
                               jakarta.servlet.http.HttpServletResponse response)
                        throws AuthException
        Throws:
        AuthException

      • getCompositeAdviceType

        public static int getCompositeAdviceType​(AuthContextLocal authContext)

      • getDefaultFileName

        public static String getDefaultFileName​(jakarta.servlet.http.HttpServletRequest request,
                                        String fileName)
        Returns the resource based on the default values.
        Parameters:
        request - HTTP Servlet Request.
        fileName - name of the file
        Returns:
        Path to the resource.

      • getAuthContext

        public static AuthContextLocal getAuthContext​(String orgName,
                                              String sessionID,
                                              boolean isLogout,
                                              jakarta.servlet.http.HttpServletRequest req)
                                       throws AuthException
        Returns the AuthContext Handle for the Request.
        Parameters:
        orgName - OrganizationName in request
        sessionID - Session ID for this request
        isLogout - a boolean which is true if it is a Logout request
        req - HttpServletRequest
        Returns:
        AuthContextLocal object
        Throws:
        AuthException

      • getAuthModules

        public static Set getAuthModules​(int authLevel,
                                 String organizationDN,
                                 String clientType)
        Returns a set of authentication modules whose authentication level equals to or greater than the specified authLevel. If no such module exists, an empty set will be returned.
        Parameters:
        authLevel - authentication level.
        organizationDN - DN for the organization.
        clientType - Client type, e.g. "genericHTML".
        Returns:
        Set of authentication modules whose authentication level equals to or greater that the specified authentication level.

      • isSessionUpgrade

        public static boolean isSessionUpgrade​(AuthContextLocal authContext)

      • setCookieSupported

        public static void setCookieSupported​(AuthContextLocal ac,
                                      boolean flag)

      • isCookieSupported

        public static boolean isCookieSupported​(AuthContextLocal ac)

      • checkForCookies

        public static boolean checkForCookies​(jakarta.servlet.http.HttpServletRequest req,
                                      AuthContextLocal ac)
        Returns true if cookies found in the request.
        Parameters:
        req - HTTP Servlet Request.
        ac - authentication context.
        Returns:
        true if cookies found in request.

      • getModuleServiceName

        public static String getModuleServiceName​(String moduleName)
        Get the module service name in either iplanet-am-auth formatService(old) or sunAMAuthService format(new).

      • getSuccessURL

        public static String getSuccessURL​(jakarta.servlet.http.HttpServletRequest request,
                                   AuthContextLocal authContext)
        Returns success URL for this request. If goto parameter is in the current request then returns the goto parameter else returns the success URL set in the valid session.
        Parameters:
        request - HTTP Servlet Request.
        authContext - authentication context for this request.
        Returns:
        success URL.

      • processCompositeAdviceXML

        public static Map processCompositeAdviceXML​(String xmlCompositeAdvice,
                                            String orgDN,
                                            String clientType)

      • removeAuthContext

        public static void removeAuthContext​(SessionID sid)
        Removes the AuthContextLocal object in the Session object identified by the SessionID object parameter 'sid'.

      • getOrgConfiguredAuthenticationChain

        public static String getOrgConfiguredAuthenticationChain​(String orgDN)
        Returns the authentication service or chain configured for the given organization.
        Parameters:
        orgDN - organization DN.
        Returns:
        the authentication service or chain configured for the given organization.

      • getRemoteSecurityEnabled

        public static String getRemoteSecurityEnabled()
                                       throws AuthException
        Returns true if remote Auth security is enabled and false otherwise
        Returns:
        the value of sunRemoteAuthSecurityEnabled attribute
        Throws:
        AuthException

      • isForwardSuccess

        public static boolean isForwardSuccess​(AuthContextLocal authContext,
                                       jakarta.servlet.http.HttpServletRequest req)
        Returns the flag indicating a request "forward" after successful authentication.
        Parameters:
        authContext - AuthContextLocal object
        req - HttpServletRequest object
        Returns:
        the boolean flag.

      • forwardSuccessExists

        public static boolean forwardSuccessExists​(jakarta.servlet.http.HttpServletRequest req)
        Returns true if the request has the forward=true query parameter.
        Parameters:
        req - HttpServletRequest object
        Returns:
        true if this parameter is present.

      • getGlobalAttributes

        public static Map getGlobalAttributes​(String serviceName)
        Returns Map attributes
        Parameters:
        serviceName - Service Name
        Returns:
        Map of global attributes.

      • clearAllCookies

        public static void clearAllCookies​(jakarta.servlet.http.HttpServletRequest request,
                                   jakarta.servlet.http.HttpServletResponse response)

      • clearAllCookiesByDomain

        public static void clearAllCookiesByDomain​(SessionID sid,
                                           String cookieDomain,
                                           jakarta.servlet.http.HttpServletRequest request,
                                           jakarta.servlet.http.HttpServletResponse response)

      • getPostProcessURL

        public static String getPostProcessURL​(jakarta.servlet.http.HttpServletRequest servletRequest,
                                       String attrName)

      • resetPostProcessURLs

        public static void resetPostProcessURLs​(jakarta.servlet.http.HttpServletRequest servletRequest)

      • getValidGotoURL

        public static String getValidGotoURL​(jakarta.servlet.http.HttpServletRequest request,
                                     String orgDN)
        Returns valid goto parameter for this request. Validate goto parameter set in the current request, then returns it if valid.
        Parameters:
        request - The HttpServletRequest.
        orgDN - Organization DN.
        Returns:
        The validated goto URL.

      • logout

        public static boolean logout​(String sessionID,
                             jakarta.servlet.http.HttpServletRequest request,
                             jakarta.servlet.http.HttpServletResponse response)
                      throws SSOException
        Performs a logout on a given token ensuring the post auth classes are called
        Parameters:
        sessionID - The token id to logout
        request - The HTTP request
        response - The HTTP response
        Returns:
        true if the token was still valid before logout was called
        Throws:
        SSOException - If token is null or other SSO exceptions

      • logout

        public static boolean logout​(InternalSession intSession,
                             SSOToken token,
                             jakarta.servlet.http.HttpServletRequest request,
                             jakarta.servlet.http.HttpServletResponse response)
                      throws SSOException
        Performs a logout on a given token ensuring the post auth classes are called
        Parameters:
        intSession - The InternalSession to logout
        token - The SSOToken to logout
        request - The HTTP request
        response - The HTTP response
        Returns:
        true if the token was still valid before logout was called
        Throws:
        SSOException - If token is null or other SSO exceptions

      • getZeroPageLoginConfig

        public static ZeroPageLoginConfig getZeroPageLoginConfig​(String realm)
                                                  throws SSOException,
                                                         SMSException
        Gets the ZPL configuration for the given realm.
        Parameters:
        realm - the realm to get the ZPL configuration for. Not null.
        Returns:
        the ZPL configuration object. Never null.
        Throws:
        SSOException - if there is a problem authenticating the configuration lookup.
        SMSException - if there is a problem fetching the configuration data.