Package com.sun.identity.plugin.session

Interface SessionProvider

    • Field Summary

      Fields 
      Modifier and Type Field Description
      static String ATTR_MAP
      The name of the request attribute under which the user attributes shall be stored.
      static String AUTH_INSTANT
      This constant string is used as a property name to indicate the authentication instant.
      static String AUTH_LEVEL
      This constant string is used in the implementation and calling of the first method for passing an authentication level in a map.
      static String AUTH_METHOD
      This constant string is used as a property name to indicate the authentication method.
      static String HOST
      This constant string is used as a property name to indicate the client host.
      static String HOST_NAME
      This constant string is used as a property name to indicate the client hostname.
      static String PRINCIPAL_NAME
      This constant string is used in the implementation and calling of the first method for passing a principal name in a map.
      static String REALM
      This constant string is used in the implementation and calling of the first method for passing a realm name in a map.

    • Field Detail

      • REALM

        static final String REALM
        This constant string is used in the implementation and calling of the first method for passing a realm name in a map.
        See Also:
        Constant Field Values

      • PRINCIPAL_NAME

        static final String PRINCIPAL_NAME
        This constant string is used in the implementation and calling of the first method for passing a principal name in a map.
        See Also:
        Constant Field Values

      • AUTH_LEVEL

        static final String AUTH_LEVEL
        This constant string is used in the implementation and calling of the first method for passing an authentication level in a map.
        See Also:
        Constant Field Values

      • AUTH_METHOD

        static final String AUTH_METHOD
        This constant string is used as a property name to indicate the authentication method. Typically it is used as the second name parameter in the getProperty method.
        See Also:
        Constant Field Values

      • AUTH_INSTANT

        static final String AUTH_INSTANT
        This constant string is used as a property name to indicate the authentication instant. Typically it is used as the second name parameter in the getProperty method.
        See Also:
        Constant Field Values

      • HOST

        static final String HOST
        This constant string is used as a property name to indicate the client host.
        See Also:
        Constant Field Values

      • HOST_NAME

        static final String HOST_NAME
        This constant string is used as a property name to indicate the client hostname.
        See Also:
        Constant Field Values

      • ATTR_MAP

        static final String ATTR_MAP
        The name of the request attribute under which the user attributes shall be stored. This is used by the Federation authentication module (hosted SP scenario) when dynamic account creation is enabled.
        See Also:
        Constant Field Values

    • Method Detail

      • createSession

        Object createSession​(Map info,
                     jakarta.servlet.http.HttpServletRequest request,
                     jakarta.servlet.http.HttpServletResponse response,
                     StringBuffer targetApplication)
              throws SessionException
        Meaningful only for Service Provider side, the implementation of this method will create a local session for the local user identified by the information in the map. The underline mechanism of the session creation and management is application specific. For example, it could be cookie setting or URL rewriting, which is expected to be done by the implementation of this method. Note that only the first input parameter is mandatory. Normally, at least one of the last two parameters should not be null
        Parameters:
        info - a Map with keys and values being of type String; The keys will include SessionProvider.PRINCIPAL_NAME (returned from SPAccountMapper), SessionProvider.REALM, SessionProvider.AUTH_LEVEL, SessionProvider.AUTH_INSTANT, and may include "resourceOffering" and/or "idpEntityID"; The implementation of this method could choose to set some of the information contained in the map into the newly created Session by calling setProperty(), later the target application may consume the information.
        request - the HttpServletRequesat the user made to initiate the Single Sign On; Note that it should be the initial request coming from the browser as opposed to the possible subsequent back-channel HTTP request for delivering SOAP message.
        response - the HttpServletResponse that will be sent to the user (for example it could be used to set a cookie).
        targetApplication - the original resource that was requested as the target of the Single Sign On by the end user; If needed, this String could be modified, e.g., by appending query string(s) or by URL rewriting, hence this is an in/out parameter.
        Returns:
        the newly created local user session.
        Throws:
        SessionException - if an error occurred during session creation.

      • getSession

        Object getSession​(String sessionID)
           throws SessionException
        Returns the corresponding session object. May be used by both SP and IDP side for getting an existing session given an session ID.
        Parameters:
        sessionID - the unique session handle.
        Returns:
        the corresponding session object.
        Throws:
        SessionException - if an error occurred during session retrieval.

      • getSession

        Object getSession​(jakarta.servlet.http.HttpServletRequest request)
           throws SessionException
        Returns the corresponding session object. May be used by both SP and IDP side for getting an existing session given a browser initiated HTTP request.
        Parameters:
        request - the browser initiated HTTP request.
        Returns:
        the corresponding session object.
        Throws:
        SessionException - if an error occurred during session retrieval.

      • invalidateSession

        void invalidateSession​(Object session,
                       jakarta.servlet.http.HttpServletRequest request,
                       jakarta.servlet.http.HttpServletResponse response)
                throws SessionException
        May be used by both SP and IDP side to invalidate a session. In case of SLO with SOAP, the last two input parameters would have to be null
        Parameters:
        session - the session to be invalidated
        request - the browser initiated HTTP request.
        response - the HTTP response going back to browser.
        Throws:
        SessionException - if an error occurred during session retrieval.

      • isValid

        boolean isValid​(Object session)
         throws SessionException
        Returns true if the session is valid. This is useful for toolkit clean-up thread.
        Parameters:
        session - Session object.
        Returns:
        true if the session is valid.
        Throws:
        SessionException

      • getSessionID

        String getSessionID​(Object session)
        Returns session ID. The returned session ID should be unique and not change during the lifetime of this session
        Returns:
        session ID.

      • getPrincipalName

        String getPrincipalName​(Object session)
                 throws SessionException
        Returns princiapl name, or user name given the session object.
        Parameters:
        session - Session object.
        Returns:
        principal name, or user name.
        Throws:
        SessionException - if getting the principal name causes an error.

      • rewriteURL

        String rewriteURL​(Object session,
                  String URL)
           throws SessionException
        Returns rewritten URL. Rewrites an URL with session information in case cookie setting is not supported.
        Parameters:
        session - the session object.
        URL - the URL to be rewritten.
        Returns:
        the rewritten URL.
        Throws:
        SessionException - if rewritting the URL causes an error.

      • setLoadBalancerCookie

        void setLoadBalancerCookie​(jakarta.servlet.http.HttpServletRequest request,
                           jakarta.servlet.http.HttpServletResponse response)
        Sets a load balancer cookie in the suppled HTTP response. The load balancer cookie's value is set per server instance and is used to support sticky load balancing.
        Parameters:
        response - the HttpServletResponse that will be sent to the user.

      • getTimeLeft

        long getTimeLeft​(Object session)
          throws SessionException
        Returns the time left for this session in seconds.
        Parameters:
        session - Session object.
        Returns:
        The time left for this session.
        Throws:
        A - SessionException is thrown if the session reached its maximum session time, or the session was destroyed, or there was an error during communication with session service.
        SessionException