com.sun.identity.policy.plugins

Class SessionCondition

java.lang.Object

com.sun.identity.policy.plugins.SessionCondition

All Implemented Interfaces:

Condition, Cloneable

Deprecated.

Use SessionCondition instead.

@Deprecated
public class SessionCondition
extends Object
implements Condition

The class SessionCondition is a plugin implementation of Condition. This lets you define the maximum user session time during which a policy applies. There is an option to terminate the user session if the session time exceeds the maximum allowed.

Field Summary

Fields

Modifier and Type	Field and Description
static String	ADVICE_DENY Deprecated. Key that is used in the Advice to identify the condition decision is deny.
static String	ADVICE_TERMINATE_SESSION Deprecated. Key that is used in the Advice to identify the session was terminated.
static String	REQUEST_SESSION_CREATION_TIME Deprecated. Key that is used to define the user session creation time of the request.
static String	SESSION_CONDITION_ADVICE Deprecated. Key that is used to identify the advice messages from this condition.

Fields inherited from interface com.sun.identity.policy.interfaces.Condition

AM_IDENTITY_NAME, APPLICATION_IDLE_TIMEOUT, APPLICATION_NAME, AUTH_LEVEL, AUTH_LEVEL_CONDITION_ADVICE, AUTH_SCHEME, AUTH_SCHEME_CONDITION_ADVICE, AUTHENTICATE_TO_REALM, AUTHENTICATE_TO_REALM_CONDITION_ADVICE, AUTHENTICATE_TO_SERVICE, AUTHENTICATE_TO_SERVICE_CONDITION_ADVICE, DNS_NAME, END_DATE, END_DAY, END_IP, END_TIME, ENFORCEMENT_TIME_ZONE, INVOCATOR_PRINCIPAL_UUID, LDAP_FILTER, MAX_SESSION_TIME, REQUEST_AUTH_LEVEL, REQUEST_AUTH_SCHEMES, REQUEST_AUTHENTICATED_TO_REALMS, REQUEST_AUTHENTICATED_TO_SERVICES, REQUEST_DNS_NAME, REQUEST_IP, REQUEST_TIME_ZONE, START_DATE, START_DAY, START_IP, START_TIME, TERMINATE_SESSION, VALUE_CASE_INSENSITIVE

Constructor Summary

Constructors

Constructor and Description
SessionCondition() Deprecated. No argument constructor.

Method Summary

Modifier and Type	Method and Description
Object	clone() Deprecated. Creates and returns a copy of this object.
ConditionDecision	getConditionDecision(SSOToken token, Map env) Deprecated. Gets the decision computed by this condition object, based on the map of environment parameters or the user token.
String	getDisplayName(String property, Locale locale) Deprecated. Gets the display name for the property name.
Map	getProperties() Deprecated. Gets the properties of the condition.
List	getPropertyNames() Deprecated. Gets a list of property names for the condition.
Syntax	getPropertySyntax(String property) Deprecated. Gets the Syntax for a property name.
Set	getValidValues(String property) Deprecated. Gets a set of valid values given the property name.
void	setProperties(Map properties) Deprecated. Sets the properties of the condition.

Methods inherited from class java.lang.Object

equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

REQUEST_SESSION_CREATION_TIME

public static final String REQUEST_SESSION_CREATION_TIME

Deprecated.

Key that is used to define the user session creation time of the request. This is passed in to the env parameter while invoking getConditionDecision method of the SessionCondition. Value for the key should be a Long whose value is time in milliseconds since epoch.

See Also:

Constant Field Values

SESSION_CONDITION_ADVICE

public static final String SESSION_CONDITION_ADVICE

Deprecated.

Key that is used to identify the advice messages from this condition.

See Also:

Constant Field Values

ADVICE_TERMINATE_SESSION

public static final String ADVICE_TERMINATE_SESSION

Deprecated.

Key that is used in the Advice to identify the session was terminated.

See Also:

Constant Field Values

ADVICE_DENY

public static final String ADVICE_DENY

Deprecated.

Key that is used in the Advice to identify the condition decision is deny.

See Also:

Constant Field Values

Constructor Detail

SessionCondition

public SessionCondition()

Deprecated.

No argument constructor.

Method Detail

getPropertyNames

public List getPropertyNames()

Deprecated.

Gets a list of property names for the condition.

Specified by:

getPropertyNames in interface Condition

Returns:

list of property names

getPropertySyntax

public Syntax getPropertySyntax(String property)

Deprecated.

Gets the Syntax for a property name.

Specified by:

getPropertySyntax in interface Condition

Parameters:

property - property name

Returns:

Syntax for the property name

See Also:

Syntax

getDisplayName

public String getDisplayName(String property,
                             Locale locale)
                      throws PolicyException

Deprecated.

Gets the display name for the property name. The locale variable could be used by the plugin to customize the display name for the given locale. The locale variable could be null, in which case the plugin must use the default locale.

Specified by:

getDisplayName in interface Condition

Parameters:

property - property name

locale - locale for which the property name must be customized

Returns:

display name for the property name

Throws:

PolicyException - if unable to get the diplay name.

getValidValues

public Set getValidValues(String property)
                   throws PolicyException

Deprecated.

Gets a set of valid values given the property name. This method is called if the property Syntax is either the SINGLE_CHOICE or MULTIPLE_CHOICE.

Specified by:

getValidValues in interface Condition

Parameters:

property - property name

Returns:

set of valid values for the property

Throws:

PolicyException - if unable to get the Syntax

setProperties

public void setProperties(Map properties)
                   throws PolicyException

Deprecated.

Sets the properties of the condition. Evaluation of ConditionDecision is influenced by these properties.

Specified by:

setProperties in interface Condition

Parameters:

properties - the properties of the condition that governs whether a policy applies. The properties should define value for MAX_SESSION_TIME and optionally TERMINATE_SESSION. The value should be a Set of string values. The value for MAX_SESSION_TIME should be parse-able as an Integer

Throws:

PolicyException - if properties is null or does not contain valid value for MAX_SESSION_TIME

See Also:

ConditionDecision

getProperties

public Map getProperties()

Deprecated.

Gets the properties of the condition.

Specified by:

getProperties in interface Condition

Returns:

unmodifiable Map view of the properties that govern the evaluation of the condition. Please note that properties is not cloned before returning

See Also:

Condition.setProperties(java.util.Map<java.lang.String, java.util.Set<java.lang.String>>)

getConditionDecision

public ConditionDecision getConditionDecision(SSOToken token,
                                              Map env)
                                       throws PolicyException,
                                              SSOException

Deprecated.

Gets the decision computed by this condition object, based on the map of environment parameters or the user token. If the value of TERMINATE_SESSION is true and the condition evaluation is false, it terminates the user session.

Specified by:

getConditionDecision in interface Condition

Parameters:

token - single-sign-on token of the user

env - request specific environment map of key/value pair. This condition looks for value of key REQUEST_SESSION_CREATION_TIME in the map. And the value should be a Long. If the env is null of does not define value for REQUEST_SESSION_CREATION_TIME, the value will be obtained from SSO token of the user

Returns:

The condition decision. The condition decision encapsulates whether a policy applies for the request and advice messages generated by the condition. Policy framework continues evaluating a policy only if it applies to the request as indicated by the condition decision. Otherwise, further evaluation of the policy is skipped. However, the advice messages encapsulated in the condition decision are aggregated and passed up, encapsulated in the policy decision

Throws:

PolicyException - if the condition has not been initialized

SSOException - if the SSO token is invalid or there is error when trying to destroy the SSO token

See Also:

ConditionDecision

clone

public Object clone()

Deprecated.

Creates and returns a copy of this object.

Specified by:

clone in interface Condition

Overrides:

clone in class Object

Returns:

a copy of this object