Package com.sun.identity.security

Class AdminTokenAction

  • All Implemented Interfaces:
    PrivilegedAction<SSOToken>
    public class AdminTokenAction
extends Object
implements PrivilegedAction<SSOToken>
    The class is used to perform privileged operations using java.security.AccessController.doPrivileged() when trying to get Application single sign on token. There are four approaches to get single sign on token. 1. Return the single sign on token of the administrator configured in serverconfig.xml if the code runs on server site. 2. If #1 fails, it implies the client is using remote SDK. If com.sun.identity.security.AdminToken is specified in AMConfig.properties, we will call this application token provider plug-in to retrieve the single sign on token. 3. If #2 fails, we look for com.sun.identity.agents.app.username and com.iplanet.am.service.password in AMConfig.properties, if so, we will generate single sign token of administrator based on the user name and password. 4. If #3 fails, we look for com.sun.identity.agents.app.username and com.iplanet.am.service.secret in AMConfig.properties. If so, we will generate single sign on token based on the user name and secret. Note: Java security permissions check for OpenAM can be enabled by setting the property com.sun.identity.security.checkcaller to true in AMConfig.properties file.

    • Method Detail

      • getInstance

        public static AdminTokenAction getInstance()
        Returns a cached instance AdminTokenAction.
        Returns:
        instance of AdminTokenAction.

      • authenticationInitialized

        public void authenticationInitialized()
        Informs AdminTokenAction that Authentication has been initialized This class will start using Authentication service to obtain SSOToken for admin users

      • invalid

        public static void invalid()
        Resets cached SSOToken. WITHOUT destroying. Called when we know the token is invalid

      • reset

        public static void reset()
        Resets cached SSOToken.